安全软件工程教学:编写安全代码

2011 7th Central and Eastern European Software Engineering Conference (CEE-SECR) Pub Date : 2011-10-31 DOI:10.1109/CEE-SECR.2011.6188473

Huiming Yu, Nadia Jones, G. Bullock, Xiaohong Yuan

{"title":"安全软件工程教学:编写安全代码","authors":"Huiming Yu, Nadia Jones, G. Bullock, Xiaohong Yuan","doi":"10.1109/CEE-SECR.2011.6188473","DOIUrl":null,"url":null,"abstract":"Writing secure code is critical because a large fraction of security incidents result from flaws in the code. In order to effectively teaching knowledge of secure software engineering we have developed a course module titled “Introduction to Writing Secure Code”. This paper presents the content of this module and reports our teaching experiences. This module has been successfully taught in GEEN 163 Introduction to Java Programming class and GEEN 165 Computer Programming Design class in Spring 2011 in the Department of Computer Science at xxx University. Our experience exhibits that teaching this module in freshman and sophomore levels help students not only understand the impacts of insecure code, but also gain significant knowledge of safe programming practice. Students' survey and feedback reflected that this module is very valuable in their educational experience. This module could be taught in first year freshman and second year sophomore classes of software engineering, computer science and information technology.","PeriodicalId":131009,"journal":{"name":"2011 7th Central and Eastern European Software Engineering Conference (CEE-SECR)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"Teaching secure software engineering: Writing secure code\",\"authors\":\"Huiming Yu, Nadia Jones, G. Bullock, Xiaohong Yuan\",\"doi\":\"10.1109/CEE-SECR.2011.6188473\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Writing secure code is critical because a large fraction of security incidents result from flaws in the code. In order to effectively teaching knowledge of secure software engineering we have developed a course module titled “Introduction to Writing Secure Code”. This paper presents the content of this module and reports our teaching experiences. This module has been successfully taught in GEEN 163 Introduction to Java Programming class and GEEN 165 Computer Programming Design class in Spring 2011 in the Department of Computer Science at xxx University. Our experience exhibits that teaching this module in freshman and sophomore levels help students not only understand the impacts of insecure code, but also gain significant knowledge of safe programming practice. Students' survey and feedback reflected that this module is very valuable in their educational experience. This module could be taught in first year freshman and second year sophomore classes of software engineering, computer science and information technology.\",\"PeriodicalId\":131009,\"journal\":{\"name\":\"2011 7th Central and Eastern European Software Engineering Conference (CEE-SECR)\",\"volume\":\"39 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-10-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 7th Central and Eastern European Software Engineering Conference (CEE-SECR)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CEE-SECR.2011.6188473\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 7th Central and Eastern European Software Engineering Conference (CEE-SECR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CEE-SECR.2011.6188473","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

摘要

编写安全的代码是至关重要的，因为大部分安全事件都是由代码中的缺陷造成的。为了有效地教授安全软件工程知识，我们开发了一个名为“安全代码编写导论”的课程模块。本文介绍了该模块的内容，并报告了我们的教学经验。该模块已于2011年春季在xxx大学计算机科学系GEEN 163 Java程序设计导论课和GEEN 165计算机程序设计课中成功授课。我们的经验表明，在大一和大二阶段教授这个模块不仅可以帮助学生理解不安全代码的影响，还可以获得安全编程实践的重要知识。学生的调查和反馈反映出该模块在他们的教育经历中非常有价值。本模块可在软件工程、计算机科学与信息技术专业大一、大二的课程中讲授。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Teaching secure software engineering: Writing secure code

Writing secure code is critical because a large fraction of security incidents result from flaws in the code. In order to effectively teaching knowledge of secure software engineering we have developed a course module titled “Introduction to Writing Secure Code”. This paper presents the content of this module and reports our teaching experiences. This module has been successfully taught in GEEN 163 Introduction to Java Programming class and GEEN 165 Computer Programming Design class in Spring 2011 in the Department of Computer Science at xxx University. Our experience exhibits that teaching this module in freshman and sophomore levels help students not only understand the impacts of insecure code, but also gain significant knowledge of safe programming practice. Students' survey and feedback reflected that this module is very valuable in their educational experience. This module could be taught in first year freshman and second year sophomore classes of software engineering, computer science and information technology.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2011 7th Central and Eastern European Software Engineering Conference (CEE-SECR)

自引率

0.00%

发文量