This course mainly deals with engineering techniques for developing secure software systems. It covers Security fundamentals of Information assurance concepts (confidentiality, integrity, and availability); Nature of threats (e.g., natural, intentional, and accidental); Encryption, digital signatures, message authentication, and hash functions; Common cryptographic protocols (applications, strengths, and weaknesses) relevant to buffer overflows, SQL injections, format string bugs, integer overflows, heap attacks, race conditions, concurrency vulnerabilities, access control, and malicious code; and Nontechnical security issues (e.g., social engineering). The course also covers Computer and Network security issues relevant to Network security threats and attacks; Use of cryptography for network security; and Protection and defense mechanisms and tools. Furthermore, the course focuses on developing secure software by covering topics such as Building security into the software development life cycle, Security in requirements analysis and specification, Secure design principles and patterns, and Secure software construction techniques. A course project is included in a demonstration of different techniques.