Incorporating Software Security into an Undergraduate Software Engineering Course

Abstract

Secure software development has become a topic of increasing importance, as a general fear rises due to security holes, vulnerabilities, and attacks. To ensure the security of information in a society of file sharing, on-line business transactions, and e-communication, undergraduate students will soon be required to implement software security concepts into their software development processes as soon as they complete their degrees. Consequently, it is imperative for graduates of computer science departments to be trained in the fundamentals of information security and to gain hands-on experience with secure software development. To address this issue computer science educators at the undergraduate level are turning their attentions to incorporating security issues within traditional computer science courses. The paper describes an existing undergraduate software engineering course that has been modified to include software security concepts. Challenges and future work are also presented.