1st Edition

Security for Software Engineers

By James N. Helfrich Copyright 2019
    350 Pages
    by Chapman & Hall

    350 Pages 50 B/W Illustrations
    by Chapman & Hall

    350 Pages 50 B/W Illustrations
    by Chapman & Hall

    Security for Software Engineers is designed to introduce security concepts to undergraduate software engineering students. The book is divided into four units, each targeting activities that a software engineer will likely be involved in within industry.

    The book explores the key areas of attack vectors, code hardening, privacy, and social engineering. Each topic is explored from a theoretical and a practical-application standpoint.


    • Targets software engineering students - one of the only security texts to target this audience.

    • Focuses on the white-hat side of the security equation rather than the black-hat side.

    • Includes many practical and real-world examples that easily translate into the workplace.

    • Covers a one-semester undergraduate course.

    • Describes all aspects of computer security as it pertains to the job of a software engineer and presents problems similar to that which an engineer will encounter in the industry.

    This text will equip students to make knowledgeable security decisions, be productive members of a security review team, and write code that protects a user’s information assets.

    Introduction to Security 0: Security for Software Engineers 1: Roles Unit 1: Attack Vectors 2: Classification of Attacks 3: Software Weapons 4: Social Engineering Unit 2: Code Hardening 5: Command Injection 6: Script Injection 7: Memory Injection 8: Threat Modeling 9: Mitigation  Unit 3: Privacy 10: Authentication 11: Access Control 12: Encryption Appendices A: Arrays B: Function Pointers C: V-Tables D: Integers E: The Callstack F: The Heap G: Further Reading H: Works Cited I: Glossary J: Index


    James Helfrich earned his BS and MS in Computer Science from the University of Pennsylvania, and his PhD from Idaho State University. After working as a Software Development Engineer and a Program Manager at Microsoft on the Office family of products, he has been teaching Computer Science at BYU-Idaho since 2006. His specialties include software development, humancomputer interaction, and security.