Designing an Undergraduate Software Security Course

Lester, Cynthia Y.; Jamerson, Frank E.

doi:10.1109/securware.2008.20

Cited by 3 publications

(2 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The tools include a packet sniffer simulator, a Simulation of Kerberos Authentication Architecture, and a Visualization tool for Wireless Network Attacks. An undergraduate software security course described in [12] introduces a security development lifecycle model, and tools and techniques for designing trustworthy software.…”

Section: Security Coursesmentioning

confidence: 99%

A method for incorporating usable security into computer security courses

George

Klems

Valeva

2013

Proceeding of the 44th ACM Technical Symposium on Computer Science Education

View full text Add to dashboard Cite

Since human factor security exploits are on the rise, ensuring Usable Security has become extremely important for the overall security of computer systems. However, traditional undergraduate computer security curriculum focuses heavily on technical aspects of security and generally ignores Usable Security. To address this problem, we developed a new 3P Learning Method that encourages students to view security problems from three different perspectives (i.e. 3P), namely: Defense, Offense, and Use. The 3P Method lets us incorporate Usable Security into the existing curriculum and helps students to consider Usable Security as an integral part of secure system design rather than an optional add-on.

show abstract

Section: Security Coursesmentioning

confidence: 99%

A method for incorporating usable security into computer security courses

George

Klems

Valeva

2013

Proceeding of the 44th ACM Technical Symposium on Computer Science Education

View full text Add to dashboard Cite

show abstract

“…An informal survey of the top fifteen computer science universities revealed only four to include a software security course designed specifically for undergraduates [14]. Those colleges that did offer software security education did so through a focused technical elective [11].…”

Section: Prior Workmentioning

confidence: 99%

Training ≠ education

Stamat

Humphries

2009

Proceedings of the 14th Western Canadian Conference on Computing Education

View full text Add to dashboard Cite

In the world of software engineering, security remains a critical issue. Companies lose billions each year because commercial vendors continue to produce exploitable applications. Over 8,000 vulnerabilities were cataloged by the Computer Emergency Response Team in 2006 alone. Despite this alarming statistic, companies still grip the same train-and-certify approach for cultivating security-minded programmers. However, exhibited by the prevalent vulnerabilities still appearing in cyberspace, a new ambitious plan for robust software development must be implemented. This paper addresses the inadequacy of training and encourages the academic community to adopt modern software security essentials into the undergraduate computer science curriculum. This paper also proposes a unique software engineering course targeted to senior-level computer science students that underlines design methods, tools, and standards applicable to writing secure code.

show abstract