11–12Software Engineering 11–12 Syllabus
The new Software Engineering 11–12 Syllabus (2022) is to be taught from 2024.
2023
- Plan and prepare to teach the new syllabus
2024, Term 1
- Start teaching new syllabus for Year 11
- Start implementing new Year 11 school-based assessment requirements
- Continue to teach the Software Design and Development Stage 6 Syllabus (2010) for Year 12
2024, Term 4
- Start teaching new syllabus for Year 12
- Start implementing new Year 12 school-based assessment requirements
2025
- First HSC examination for new syllabus
Content
Year 12
Describe the benefits of developing secure software
Including:- data protection
- minimising cyber attacks and vulnerabilities
Interpret and apply fundamental software development steps to develop secure code
Including:- requirements definition
- determining specifications
- design
- development
- integration
- testing and debugging
- installation
- maintenance
Describe how the capabilities and experience of end users influence the secure design features of software
Explore fundamental software design security concepts when developing programming code
Including:- confidentiality
- integrity
- availability
- authentication
- authorisation
- accountability
Apply security features incorporated into software including data protection, security, privacy and regulatory compliance
Use and explain the contribution of cryptography and sandboxing to the ‘security by design’ approach in the development of software solutions
Use and explain the ‘privacy by design’ approach in the development of software solutions
Including:- proactive not reactive approach
- embed privacy into design
- respect for user privacy
Test and evaluate the security and resilience of software by determining vulnerabilities, hardening systems, handling breaches, maintaining business continuity and conducting disaster recovery
Apply and evaluate strategies used by software developers to manage the security of programming code
Including:- code review
- static application security testing (SAST)
- dynamic application security testing (DAST)
- vulnerability assessment
- penetration testing
Design, develop and implement code using defensive data input handling practices, including input validation, sanitisation and error handling
Design, develop and implement a safe application programming interface (API) to minimise software vulnerabilities
Design, develop and implement code considering efficient execution for the user
Including:- memory management
- session management
- exception management
Design, develop and implement secure code to minimise vulnerabilities in user action controls
Including:- broken authentication and session management
- cross-site scripting (XSS) and cross-site request forgery (CSRF)
- invalid forwarding and redirecting
- race conditions
Design, develop and implement secure code to protect user file and hardware vulnerabilities from file attacks and side channel attacks
Apply and describe the benefits of collaboration to develop safe and secure software
Including:- considering various points of view
- delegating tasks based on expertise
- quality of the solution
Investigate and explain the benefits to an enterprise of the implementation of safe and secure development practices
Including:- improved products or services
- influence on future software development
- improved work practices
- productivity
- business interactivity
Evaluate the social, ethical and legal issues and ramifications that affect people and enterprises resulting from the development and implementation of safe and secure software
Including:- employment
- data security
- privacy
- copyright
- intellectual property
- digital disruption