Secure Software Engineering Education: Knowledge Area, Curriculum and Resources

This paper reviews current efforts and resources in secure software engineering education, with the goal of providing guidance for educators to make use of these resources in developing secure software engineering curriculum. These resources include Common Body of Knowledge, reference curriculum, sample curriculum materials, hands-on exercises, and resources developed by industry and open source community. The relationship among the Common Body of Knowledge proposed by the Department of Homeland Security, the Software Engineering Institute at Carnegie Mellon University, and ACM/IEEE are discussed. The recent practices on secure software engineering education, including secure software engineering related programs, courses, and course modules are reviewed. The course modules are categorized into four categories to facilitate the adoption of these course modules. Available hands-on exercises developed for teaching software security are described and mapped to the taxonomy of coding errors. The rich resources including various secure software development processes, methods and tools developed by industry and open source community are surveyed. A road map is provided to organize these resources and guide educators in adopting these resources and integrating them into their courses

Development of a Master of Software Assurance Reference Curriculum

The Next Generation Air Traffic Management system (NextGen) is a blueprint of the future National Airspace System. Supporting NextGen is a nation-wide Aviation Simulation Network (ASN), which allows integration of a variety of real-time simulations to facilitate development and validation of the NextGen software by simulating a wide range of operational scenarios. The ASN system is an environment, including both simulated and human-in-the-loop real-life components (pilots and air traffic controllers).Real Time Distributed Simulation (RTDS) developed at Embry-Riddle Aeronautical University, a suite of applications providing low and medium fidelity en-route simulation capabilities, is one of the simulations contributing to the ASN. To support the interconnectivity with the ASN, we designed and implemented a dedicated gateway acting as an intermediary, providing logic for two-way communication and transfer messages between RTDS and ASN and storage for the exchanged data. It has been necessary to develop and analyze safety/security requirements for the gateway software based on analysis of system assets, hazards, threats and attacks related to ultimate real-life future implementation. Due to the nature of the system, the focus was placed on communication security and the related safety of the impacted aircraft in the simulation scenario. To support development of safety/security requirements, a well-established fault tree analysis technique was used. This fault tree model-based analysis, supported by a commercial tool, was a foundation to propose mitigations assuring the gateway system safety and security

The Development of a Graduate Curriculum for Software Assurance

One of our challenges as educators is timely incorporation of research into curricula that can be adopted by universities toultimately improve software engineering practice. In this paper, we describe the work of the Master of Software Assurancecurriculum project. This includes our sources, process, products, adoption strategies, and early adoption experiences. Theproject used research results, prior curricula, and documented bodies of knowledge to develop a new curriculum. We arenow working with early adopters and employing a number of transition mechanisms as part of our strategy to furtheradoption in this critical area

Recruitment, Preparation, Retention: A case study of computing culture at the University of Illinois at Urbana-Champaign

Computer science is seeing a decline in enrollment at all levels of education, including undergraduate and graduate study. This paper reports on the results of a study conducted at the University of Illinois at Urbana-Champaign which evaluated students attitudes regarding three areas which can contribute to improved enrollment in the Department of Computer Science: Recruitment, preparation and retention. The results of our study saw two themes. First, the department's tight research focus appears to draw significant attention from other activities -- such as teaching, service, and other community-building activities -- that are necessary for a department's excellence. Yet, as demonstrated by our second theme, one partial solution is to better promote such activities already employed by the department to its students and faculty. Based on our results, we make recommendations for improvements and enhancements based on the current state of practice at peer institutions.Comment: 37 pages, 13 figures. For better quality figures, please download the .pdf from http://www.cs.uiuc.edu/research/techreports.php?report=UIUCDCS-R-2007-281

Enhancing the social issues components in our computing curriculum: Computing for the social good

The acceptance and integration of social issues into computing curricula is still a work in progress twenty years after it was first incorporated into the ACM Computing Curricula. Through an international survey of computing instructors, this paper corroborates prior work showing that most institutions include the societal impact of ICT in their programs. However, topics often concentrate on computer history, codes of ethics and intellectual property, while neglecting broader issues of societal impact. This paper explores how these neglected topics can be better developed through a subtle change of focus to the significant role that ICT plays in addressing the needs of the community. Drawing on the survey and a set of implementation cases, the paper provides guidance by means of examples and resources to empower teaching teams to engage students in the application of ICT to bring about positive social outcomes – computing for the social good

The Rise of Innovation Districts: A New Geography of Innovation in America

As the United States slowly emerges from the great recession, a remarkable shify is occurring in the spatial geogrpahy of innovation. For the past 50 years, the landscape of innovation has been dominated by places like Silicon Valley - suburban corridors of spatially isolated corporate campuses, accessible only by car, with little emphasis on the quality of life or on integrating work, housing, and recreation. A new complementary urban model is now emerging, giving rise to what we and others are calling "innovation districts." These districts, by our definition, are geographic areas where leading-edge anchor institutions and companies cluster and connect with start-ups, business incubators, and accelerators. They are also physically compact, transit-accessible, and technicall