Students
COMP3310 – Secure Applications Development
2026 – Session 1, In person-scheduled-weekday, North Ryde
General Information
Download as PDF
| Unit convenor and teaching staff |
Unit convenor and teaching staff
Convenor and Lecturer
Natasha Fernandes
By appointment (via email)
Lecturer
Carl Svensson
By appointment (via email)
|
|---|---|
| Credit points |
Credit points
10
|
| Prerequisites |
Prerequisites
130cp at 1000 level or above, including COMP1010 and COMP1300 and (COMP2050 or COMP2110 or COMP2300)
|
| Corequisites |
Corequisites
|
| Co-badged status |
Co-badged status
|
| Unit description |
Unit description
This unit provides an introduction to the security consideration in application software development process in order to build secure applications. First, it introduces the basic concepts like software security risk and focuses on how to integrate security into different stages of application software development process, from requirement engineering and design, to code implementation and testing, to deployment and maintenance. Then, a range of typical implementation-level issues are discussed and the corresponding techniques and best practices are introduced, including topics like software auditing, buffer overflows, access control, password authentication, race conditions, input validation, database security, and client-side security, etc. Learning in this unit enhances student understanding of global challenges identified by the United Nations Sustainable Development Goals (UNSDGs) Industry, Innovation and Infrastructure; Peace, Justice and Strong Institutions |
Important Academic Dates
Information about important academic dates including deadlines for withdrawing from units are available at https://www.mq.edu.au/study/calendar-of-dates
Learning Outcomes
On successful completion of this unit, you will be able to:
- ULO1: Describe how security is integrated into different stages of the application development life cycle and explain the importance and the underlying logic.
- ULO2: Assess application software security and identify the common security issues in application development through auditing and analysing source code and other documents.
- ULO3: Understand and apply security related best practices to the application development process and address the common security issues for secure application development
- ULO4: Communicate professionally in written and oral with technical and non-technical audience such as software developers/testers, business analysts, security managers, users, etc.
General Assessment Information
Requirements to Pass this Unit
To pass this unit you must:
- Achieve a total mark equal to or greater than 50%
Late Submission Policy
-
5% penalty per day: If you submit your assessment late, 5% of the total possible marks will be deducted for each day (including weekends), up to 7 days.
-
Example 1 (out of 100): If you score 85/100 but submit 20 hours late, you will lose 5 marks and receive 80/100.
-
Example 2 (out of 30): If you score 27/30 but submit 1 day late, you will lose 1.5 marks and receive 25.5/30.
-
-
After 7 days: Submissions more than 7 days late will receive a mark of 0.
-
Extensions:
-
Automatic short extension: Some assessments are eligible for automatic short extension. You can only apply for an automatic short extension before the due date.
-
Special Consideration: If you need more time due to serious issues and for any assessments that are not eligible for Short Extension, you must apply for Special Consideration.
-
Need help? Review the Special Consideration page HERE
Late Submission
- Assignment - YES, standard Late Penalty applies.
- Group project - NO, unless Special Consideration is granted.
- Final Exam -NO, unless Special Consideration is granted.
Special Consideration
The Special Consideration Policy aims to support students who have been impacted by short-term circumstances or events that are serious, unavoidable, and significantly disruptive and may affect their performance in assessment. If you experience circumstances or events that affect your ability to complete the assessments in this unit on time, please inform the convenor and submit a Special Consideration request through https://connect.mq.edu.au.
Course Specific Guidelines
Your reports must be written in English. For full marks, your answers should be concise as well as accurate. Marks will be awarded for reasoning and method as well as correctness. Excessively verbose answers may be penalised.
Upload your reports as a single PDF document. Word documents are good for editing, but you should export or save the final version as a PDF. This is the format for reading.
Please state clearly on the first page of any written report, and in the comments of any program you write, who you work with. If we find that you copied work from others - people who are not on your team - it will be considered plagiarism.
If you have problems with your team member or partner please contact the unit convenor. If you have any other problem with the assignment or the course, feel free to contact the unit convenor.
Check regularly on iLearn for updates.
Release Dates
The individual assignment will be released in Week 3 of Semester.
The group project will be released prior to the mid-semester break.
Assessment Tasks
| Name | Weighting | Hurdle | Due | Groupwork/Individual | Short Extension | AI Approach |
|---|---|---|---|---|---|---|
| Assignment | 30% | No | 12/04/2026 | Individual | Yes | Open |
| Group project | 40% | No | Week 12 | Individual and Group | No | Open |
| Final exam | 30% | No | Exam Period | Individual | No | Observed |
Assignment
Assessment Type 1: Portfolio
Indicative Time on Task 2: 30 hours
Due: 12/04/2026
Weighting: 30%
Groupwork/Individual: Individual
Short extension 3: Yes
AI Approach: Open
You will choose appropriate code analysis and auditing tools to evaluate the security risks in the specified applications, and produce a report describing the analysis and auditing process with justification, the results of the identified security issues, and possible solutions.
On successful completion you will be able to:
- Describe how security is integrated into different stages of the application development life cycle and explain the importance and the underlying logic.
- Assess application software security and identify the common security issues in application development through auditing and analysing source code and other documents.
- Understand and apply security related best practices to the application development process and address the common security issues for secure application development
- Communicate professionally in written and oral with technical and non-technical audience such as software developers/testers, business analysts, security managers, users, etc.
Group project
Assessment Type 1: Portfolio
Indicative Time on Task 2: 45 hours
Due: Week 12
Weighting: 40%
Groupwork/Individual: Individual and Group
Short extension 3: No
AI Approach: Open
You will work in a group to develop an application with a focus on integrating security into your software development practice. You will present your finding in a group presentation and a report, describing the development process with decision-making justifications, source code, and the relevant technical details.
On successful completion you will be able to:
- Describe how security is integrated into different stages of the application development life cycle and explain the importance and the underlying logic.
- Assess application software security and identify the common security issues in application development through auditing and analysing source code and other documents.
- Understand and apply security related best practices to the application development process and address the common security issues for secure application development
- Communicate professionally in written and oral with technical and non-technical audience such as software developers/testers, business analysts, security managers, users, etc.
Final exam
Assessment Type 1: Examination
Indicative Time on Task 2: 10 hours
Due: Exam Period
Weighting: 30%
Groupwork/Individual: Individual
Short extension 3: No
AI Approach: Observed
The final exam assesses your knowledge and understanding on the importance and the process of secure applications development, as well as the security issues and techniques in secure applications development covered during the session.
On successful completion you will be able to:
- Describe how security is integrated into different stages of the application development life cycle and explain the importance and the underlying logic.
- Assess application software security and identify the common security issues in application development through auditing and analysing source code and other documents.
- Understand and apply security related best practices to the application development process and address the common security issues for secure application development
1 If you need help with your assignment, please contact:
- the academic teaching staff in your unit for guidance in understanding or completing this type of assessment
- Academic Success for academic skills support.
2 Indicative time-on-task is an estimate of the time required for completion of the assessment task and is subject to individual variation.
3 An automatic short extension is available for some assessments. Apply through the Service Connect Portal.
Delivery and Resources
Lectures
Lectures are pre-recorded and must be watched prior to attending your workshop for that week. There is also a weekly seminar which is an opportunity for students to ask questions or get clarification on lecture content, workshop tasks or assignments.
Week 1 Classes
Note that workshops, lecture material and the seminar begin in Week 1.
Workshops
Weekly workshops begin in Week 1. The weekly workshop will include practical exercises related to application development, as well as individual and group exercises related to the security context and best practices in software engineering. The practical component will require students to use a defined set of software development tools and services, and students are expected to become familiar with their use. The individual and group exercises on context and practices will require students to present their contribution orally and/or in writing.
Participation
We expect students to participate in workshops and seminars and be actively involved in group projects.
Communication
We will communicate with students through announcements on the iLearn page. Queries to convenors can be made via the iLearn discussion board or by email from your university email address.
Recommended Texts
The books and text that will be mainly used in the course will be announced in week 1. The course does not have a single textbook. For different topics and weeks, we will recommend texts for further study.
The projects and workshop may require students to find and study resources and texts themselves. In reports, students are expected to refer clearly to any resource or text that they are using.
The exam will only cover topics that have been explicitly covered during the workshops, earlier assessments, and during lectures.
Policies and Procedures
Macquarie University policies and procedures are accessible from Policy Central (https://policies.mq.edu.au). Students should be aware of the following policies in particular with regard to Learning and Teaching:
- Academic Appeals Policy
- Academic Integrity Policy
- Academic Progression Policy
- Assessment Policy
- Fitness to Practice Procedure
- Assessment Procedure
- Complaints Resolution Procedure for Students and Members of the Public
- Special Consideration Policy
Students seeking more policy resources can visit Student Policies (https://students.mq.edu.au/support/study/policies). It is your one-stop-shop for the key policies you need to know about throughout your undergraduate student journey.
To find other policies relating to Teaching and Learning, visit Policy Central (https://policies.mq.edu.au) and use the search tool.
Student Code of Conduct
Macquarie University students have a responsibility to be familiar with the Student Code of Conduct: https://students.mq.edu.au/admin/other-resources/student-conduct
Results
Results published on platform other than eStudent, (eg. iLearn, Coursera etc.) or released directly by your Unit Convenor, are not confirmed as they are subject to final approval by the University. Once approved, final results will be sent to your student email address and will be made available in eStudent. For more information visit connect.mq.edu.au or if you are a Global MBA student contact globalmba.support@mq.edu.au
Academic Integrity
At Macquarie, we believe academic integrity – honesty, respect, trust, responsibility, fairness and courage – is at the core of learning, teaching and research. We recognise that meeting the expectations required to complete your assessments can be challenging. So, we offer you a range of resources and services to help you reach your potential, including free online writing and maths support, academic skills development and wellbeing consultations.
Student Support
Macquarie University provides a range of support services for students. For details, visit http://students.mq.edu.au/support/
Academic Success
Academic Success provides resources to develop your English language proficiency, academic writing, and communication skills.
- Workshops
- Chat with a WriteWISE peer writing leader
- Access StudyWISE
- Upload an assignment to Studiosity
- Complete the Academic Integrity Module
The Library provides online and face to face support to help you find and use relevant information resources.
Student Services and Support
Macquarie University offers a range of Student Support Services including:
- IT Support
- Accessibility and disability support with study
- Mental health support
- Safety support to respond to bullying, harassment, sexual harassment and sexual assault
- Social support including information about finances, tenancy and legal issues
- Student Advocacy provides independent advice on MQ policies, procedures, and processes
Student Enquiries
Got a question? Ask us via the Service Connect Portal, or contact Service Connect.
IT Help
For help with University computer systems and technology, visit http://www.mq.edu.au/about_us/offices_and_units/information_technology/help/.
When using the University's IT, you must adhere to the Acceptable Use of IT Resources Policy. The policy applies to all who connect to the MQ network including students.
Changes from Previous Offering
Based on student experience and feedback, we have updated the course to include online workshop activities to practice secure application development principles. In addition, we have modified the course content to include more material related to software development practices as well as distributed application environments, reflecting industry best practices.
Changes since First Published
| Date | Description |
|---|---|
| 23/03/2026 | Date format updated |
Unit information based on version 2026.03 of the Handbook