Introduction to Software Security

Barton P. Miller and Elisa Heymann

Contacts: bart@cs.wisc.edu and elisa@cs.wisc.edu.

© 2023-2026 Barton P. Miller and Elisa Heymann All rights reserved.
Instructors may link to this page and students are free to use these resources for their personal use.

Instructors: You can find the Instructors' Page with teaching information and directions to access the active learning exercises and quizzes. You will need to request access permission from us for these resources.

The book is now in print!
		You can now get the entire book in one volume! It is available on Amazon in most countries, such as amazon.com, amazon.es, amazon.de, amazon.co.uk, amazon.co.jp. Note that even with the book published, we are committed to keeping the individual chapters freely available on this website.

Module 1: Introduction

Chapter 1 Introduction 2 Introduction (part 1) Basic Terminology English, Español 2 Introduction (part 2) Threats English, Español 2 Introduction (part 3) Risks and Basic Concepts English, Español 3 Thinking Like an Attacker: Owning the Bits English, Español

Module 2: Thinking Like a Designer

4 Secure Design Principles 5 Overview of Threat Modeling 6 Microsoft Security Design Lifecycle and Threat Modeling Methodology 7 Microsoft DREAD Threat Categories 8 PASTA Threat Modeling Methodology

Module 3: Thinking Like a Programmer: Secure Programming

9 Pointers and Strings English, Español 10 Numeric Errors: Integers English, Español 11 Numeric Errors: Floating Point 12 Directory Traversal English, Español 13 Exceptions English, Español 14 Serialization English, Español 15 Introduction to Injection Attacks English, Español 16 SQL Injections English, Español 17 Command Injections English, Español 18 Code Injections English, Español 19 XML Injections English, Español 20 Web Attacks: Background English, Español 21 Web Attacks: Cross Site Scripting (XSS) English, Español 22 Web Attacks: Cross Site Request Forgery (CSRF) English, Español 23 Web Attacks: Session Management English, Español 24 Web Attacks: CORS English 25 Server Side Request Forgery (SSRF) Web Attacks: Redirection English, Español Mobile: Background English, Español Mobile: Attacks English, Español

Module 4: Defensive Techniques

26 Address Space Layout Randomization (ASLR) English 27 Memory Safety Checks English 28 Control Flow Integrity Checks

Module 5: Thinking Like an Analyst: In-Depth Vulnerability Assessment

29 Introduction to FPVA, First Principles Vulnerability Assessment English 30 FPVA Step 1: Architectural Analysis (part 1) English 30 FPVA Step 1: Architectural Analysis (part 2) English 31 FPVA Step 2: Resource Identification English 32 FPVA Step 3: Trust and Privilege Analysis English 33 FPVA Step 4: Component Analysis (part 1) English 33 FPVA Step 4: Component Analysis (part 2) English 33 FPVA Step 4: Component Analysis (part 3) English 34 FPVA Step 5: Dissemination of Results 35 The Manager's Point of View: Responding to a Vulnerability English

Module 6: Thinking Like an Analyst: Automated Assessment Tools

36 Static Analysis Tools Concepts English 37 Dependency Analysis Tools: Conceptual Background English 37 Dependency Tools: How to Use the Tools English

Module 7: Dynamic Techniques (Fuzz Testing and Other Checkers)

38 Introduction to Fuzz Testing English Classic Fuzz Testing: Background English 39 Classic Fuzz Testing: The Command Line Studies English 40 Classic Fuzz Testing: The GUI-Based Studies English 41 Classic Fuzz Testing: Other Studies English 42 Fuzz Testing with AFL++ English 43 Memory Error Checking Tools Classic Fuzz Web Resources English

Module 8: Secure Use of Cryptography

Basic Cryptography Concepts English Java Crypto API Misuses and Cryptoguard English

Supplementary Sections

Glossary of Terms

Last modified: Wed May 20 01:14:28 PM CDT 2026 by bart