Software Compliance Continuous Assignment 1 – Bug Analysis Report

Software Compliance CA1 – Bug Analysis Report

Module: Software Compliance

Assignment Title: Bug Report

Weighting: 40%

Word Count: 2,500 – 3,000 words

Submission Format: Word document via Blackboard

Referencing: Harvard style (Harvard UL)

Writing Style: Narrative form only (no bullet points)

Overview

The purpose of the case study project is to get you acquainted with the security challenges in the real word. In class, you will learn about security ideals, common mistakes, and best practices. In the case study, you will see how those ideals are applied (or not applied!) to actual problems.

This case study is designed to help you in the investigation of security issues. The project will help you to learn about software projects from the outside in. This means reading bug reports, documentation, tracking issues and code changes and anything else you can get your hands on, to understand what’s going on.

Remember: This is a research project as much as it is a writing project. Plan on taking a lot of time researching and understanding vulnerabilities and security risks.

Case Study Instructions:

You must choose a case study yourself. Choosing a vulnerability/bug from a project may take some effort, as not every vulnerability/bug out there will make a good candidate for your report. Here are some requirements to make ensure you choose a good case study:

• Must have a domain that has significant security risks (This is important)
  • EG: Healthcare, Finance, , Education, any system with data or money.
• Non-trivial. It should be vulnerability/bug that is of security
• It should be a recent issue (last 10 years).
• If possible, an open-source project with a vulnerability/bug, so you can access the
• There should be records of the reported The more detailed the records, the better.
• You need to report on a specific example of a vulnerability/bug/issue, not just on

A few notes:

• Use your own You may “quote” a product’s website but be sure to cite it and reference it – otherwise it is plagiarism.
• You need to report on a specific example of a vulnerability/bug/issue, not just on
• There is a sample report on

Submission And Deadlines

• All of the work on the case study will be submitted through Blackboard by 23:59 on Sunday 1^st
• This is your first piece of CA and is worth 40% of the overall mark. It must be submitted by the due date. Late submissions will lose marks.

Formatting

Please use following formatting throughout your paper.

• Word Doc ONLY
• 12pt font
• Justified text (no ragged edges)
• Headers have a maximum size of 16pt font
• Tables and figures must have their caption below the table/figure
• References should use the Harvard UL Referencing

Plagiarism

Stealing someone else’s writing will not be tolerated. Do not copy text from other sources. For example, do not simply copy the project website’s description into your description. The use of AI generated text will not be marked.

You must reference your work.

Places to start

• Known Exploited Vulnerabilities Catalog
• NATIONAL VULNERABILITY DATABASE
• Vulnerability-Lookup Service
• News

Software Compliance CA1 Marking Scheme