Secure Application Development and Deployment
Secure Application Development and Deployment
Table of contents
Study facts
- Prog. CodePSAD
- NQF Level5.1
- Credits30
- Valid fromH24
- Study modeFull-time, Part-time
- Program manager
Secure Application Development and Deployment (SADD) is a comprehensive approach that integrates security and privacy considerations into every phase of the software development lifecycle. From the initial concept to deployment and ongoing operation, SADD involves assessing security requirements, integrating them into system design and implementation, and rigorously testing the system for vulnerabilities. Identified security and privacy issues are addressed before deployment, ensuring a robust defence against potential threats. Furthermore, SADD includes ongoing maintenance to adapt to evolving security needs over time, making it a dynamic and proactive safeguard for software products.
In the digital transformation era, cybercriminals’ relentless activities pose a significant threat to the widespread adoption of digital technologies, essential for accelerated growth across various sectors. This programme equips individuals with the necessary knowledge, skills, and competence to combat these threats effectively. By empowering software developers and other stakeholders in the digital technology ecosystem with security expertise, we pave the way for a cultural shift towards security and privacy awareness. This, in turn, ensures that security and privacy become integral components of digital systems, promoting their safe and secure operation within society’s evolving needs.
Applicants to a Secure Application Development and Deployment (SADD) vocational school programme often come from diverse educational and professional backgrounds but typically share common interests and qualities. Those interested in SADD are often passionate about technology, cyber security, and problem-solving. Applicants with upper secondary education, Norwegian vocational upper secondary education or applicants with prior learning and working experience in computer science, software engineering, or related fields can be advantageous, and the programme also attracts individuals with a strong desire to learn and protect digital systems. A penchant for detail, analytical thinking, and a commitment to ensuring the security and privacy of software applications resonate well with the programme’s learning outcomes.
The digital classroom
All students at Noroff have access to a digital classroom, referred to as the learning platform. Here the student can access relevant academic and practical information about the study programme. The learning platform also contains learning content, activities, delivery deadlines, work requirements and assessments for every course.
Online
Online studies are flexible since students can study from anywhere and at their own pace according to the academic progression and scheduled deadlines. Students access their learning material for each course through the learning platform, and discussion forums are used for communication between fellow students and teachers.
Campus
As part of the campus community, students will have access to on-site teachers, guest lecturers, and other students during their learning journey. Students on campus study in modern working environments and have access to professional equipment for practical training.
Vocational education at Noroff can expand career opportunities and lay lifelong learning foundations. Throughout the programme, students will familiarise themselves with key competencies relevant to industry employment.
Career opportunities
After graduation, the candidate may qualify for work within these areas:
- Web Application Security: Graduates can work on securing web applications, ensuring that online services and websites are protected against common threats like SQL injection, cross-site scripting (XSS), and more.
- Mobile Application Security: With the proliferation of mobile apps, there’s a growing need for experts in securing iOS and Android applications against vulnerabilities and data breaches.
- Financial and E-commerce Application Security: Secure development is critical for financial institutions and e-commerce platforms to safeguard sensitive financial and customer data.
- Healthcare Application Security: The healthcare industry relies heavily on electronic health records and digital patient data, making security crucial.
- Government and Defense: Graduates can work on secure applications for government agencies and the defence sector, where sensitive data and national security are top priorities.
- Fintech: The financial technology sector often deals with online payments, personal financial data, and banking applications, making security expertise essential.
- Gaming and Entertainment: Game developers need security professionals to protect against cheating, data breaches, and unauthorised access to online gaming platforms.
- Automotive Security: With the rise of connected and autonomous vehicles, experts need to secure automotive software and prevent potential cyberattacks on vehicles.
- Critical Infrastructure: Protecting critical infrastructure such as power plants, healthcare systems, water treatment facilities, and transportation systems from cyber threats is paramount.
- Consulting and Compliance: Some may work as consultants, helping organisations comply with industry-specific security regulations and standards.
- Incident Response and Cybersecurity Operations: Graduates can work in cyber security operations and incident response teams to detect, mitigate, and respond to security incidents.
The Norwegian Qualifications Framework for lifelong learning (NQF) defines the levels of qualifications in the Norwegian educational system. These levels because of a learning process. Categories in NQF are defined as:
Knowledge: Understanding theories, facts, principles, procedures in the discipline, subject area and/or occupation.
Skills: Ability to utilise knowledge to solve problems or tasks (cognitive, practical, creative and communication skills).
General Competence: Ability to independently utilise knowledge and skills in different situations.
After graduation from this programme, students have acquired the following learning outcomes:
The candidate:
- has knowledge of concepts, processes and tools used in application lifecycle management, full-stack web application development and microservices architecture.
- has insight into regulations, standards, agreements, and quality requirements for secure software development and deployment.
- has knowledge of the industry and application lifecycle management and is familiar with aligning programming and IT operations.
- can update their vocational knowledge of application lifecycle management based on DevOps practices.
- understands the importance of following an integrated software governance, development, maintenance, and decommissioning approach.
- understands the importance of structuring complex monolithic applications as microservices.
The candidate:
- can apply vocational knowledge to create an automated CI/CD pipeline for deploying secure microservices.
- can apply vocational knowledge to build lightweight, secure, full-stack web applications based on a Software Requirements Specifications (SRS) document.
- masters relevant tools and techniques to break down large, monolithic software into multiple component services that can be developed, deployed, and maintained independently.
- masters relevant front-end frameworks to automate the overhead of developing single-page applications.
- masters relevant tools and techniques to write server-side code that can process user input, interact with databases, and serve content in response to client requests.
- can find, evaluate, and use information relevant to application lifecycle management, full-stack web application development and microservices architecture.
- can study software applications to identify performance and security issues and make changes based on client needs.
- can study an SRS document and implement a secure full-stack solution based on client needs.
The candidate:
- understands the ethical principles that apply in software development and IT operations.
- has developed an ethical attitude in relation to coding, testing, releasing, and monitoring software solutions.
- can carry out coding based on the functional and non-functional requirements captured in an SRS document.
- can build relations with fellow software developers and cloud engineers, also across discipline boundaries and with external stakeholders.
| Course code | Course name | Semester | Weeks | Hours | Credits |
|---|---|---|---|---|---|
| FSD1-SA03 | Secure Application Lifecycle Management | 1 | 3 | ||
| FSD1-BP06 | Backend Programming | 1 | 6 | ||
| FSD1-FP06 | Frontend Programming | 1 | 6 | ||
| FSD1-SM06 | Secure Microservices | 2 | 6 | ||
| FSD1-BC09 | Full-stack Business Case | 2 | 9 | ||
| Total | 30 | ||||
Noroff offers an engaging and student-active learning experience that prepares candidates for professional working life through unique and industry-relevant teaching and learning activities governed by the current learning outcomes. Teaching and learning engage students in the learning process by promoting a holistic understanding of the different issues and challenges relevant to the subject areas. By fostering critical thinking, creativity, collaboration, and communication, students will develop lifelong learning skills.
Activities can vary for campus and online delivery and are composed of theoretical and practical approaches, providing students with the best possible outcome for each course. Noroff distinguishes between teacher and student-led activities. Both are equally important and tailored to each course’s educational approach. Teaching and Learning activities used in the courses are outlined in the course descriptions.
For all online studies, English is the primary language for teaching. English can also be used as the teaching language on some campuses.
Assessment impacts the student’s learning significantly and concludes if the student has achieved the intended learning outcome and, if so, at what level. Assessments include summative and formative methods depending on the content of the learning outcome of each course.
A course usually consists of one or more work requirements. The most common is compulsory course assignments that assess the acquired competencies outlined in the course learning outcomes. Course assignments are assessed as Passed/Failed or graded from A to F, after which verbal or written feedback is provided. Tests can also evaluate students’ achievements and are usually used in combination with compulsory assignments.
Online studies may also require students to deliver one or more compulsory module assignments during a course. This is to follow up and support the online students’ learning path. Module assignments can be used as learning activities for campus students.
Work requirements and assessment methods for each course are described in the course descriptions.
Information about equipment requirements is available here: Programme information.
Online students are required to purchase and maintain their equipment.
There are three ways to meet the admission criteria and be enrolled as a student:
1. By upper secondary education (videregående skole)
- Higher education entrance qualification from Norway or abroad
2. By Norwegian vocational upper secondary education
- Documented relevant vocational qualifications diploma (yrkeskompetanse)
Documented relevant craft certificate (fag og svennebrev)
3. Prior learning and work experience
More information about admission requirements is available on our webpage under Admission Requirements.