Secure Modules for Undergraduate Software Engineering Courses

Yang, Jeong; Lodgher, Akhtar; Lee, Young

doi:10.1109/fie.2018.8658433

Cited by 9 publications

(7 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Literature Review a Cybersecurity In Computer Sciencementioning

confidence: 99%

“…Programming concepts must be taught to novice programmers from a security perspective throughout the software development process, as careless software design and implementation can lead to numerous vulnerabilities and attacks in the application itself [20], [21]. For example, defensive secure programming, secure coding, and secure software development could be valuable instructional practices [20], [22]. This is reflected in the establishment of the new knowledge area 'Information Assurance and Security (IAS)' and curricula designed to better explain software security education at various universities [23].…”

Section: Literature Review a Cybersecurity In Computer Sciencementioning

confidence: 99%

See 1 more Smart Citation

Assessing Cybersecurity Problem-Solving Skills and Creativity of Engineering Students Through Model-Eliciting Activities Using an Analytic Rubric

Kim,

Yang,

Lee

et al. 2024

IEEE Access

Self Cite

View full text Add to dashboard Cite

This study aims to address a research gap concerning valid and reliable analytic rubrics for assessing students' performance on Model-Eliciting Activities (MEAs), an extensively researched category of well-structured modeling activities, with a specific focus on evaluating creativity-a fundamental element in engineering-in a consistent and transparent manner. In this empirical study, we present the design and validation process for an analytic rubric intended to assess the cybersecurity problem-solving skills and creativity of engineering students in computer science courses. To gauge the reliability of the rubric, a statistical method was used to measure consistency and agreement among four raters when evaluating the performance of 28 undergraduates on the Cipher Algorithm MEA by using the analytic rubric, specifically in terms of cybersecurity problem-solving and creativity. The results demonstrate a good overall level of interrater agreement across the evaluation criteria and illustrate how the analytic rubric with the MEA can be used consistently and transparently to assess the cybersecurity problem-solving skills and creativity of engineering students. Our analytic rubric, designed to address challenges in assessing and grading modeling problems, is expected to contribute by providing a demonstration for instructors interested in incorporating MEAs into their toolkit, aiming to enhance conceptual understanding, problem-solving skills, and creativity in students and facilitate formative assessments that offer precise feedback for improvement across various performance areas.

show abstract

Section: Literature Review a Cybersecurity In Computer Sciencementioning

confidence: 99%

Section: Literature Review a Cybersecurity In Computer Sciencementioning

confidence: 99%

Assessing Cybersecurity Problem-Solving Skills and Creativity of Engineering Students Through Model-Eliciting Activities Using an Analytic Rubric

Kim,

Yang,

Lee

et al. 2024

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…The results showed that the two samples differed, with the MOOC reaching a more diverse set of students than the on-campus version, but the scores of the on-campus course students were better than those in the MOOC version. Yang et al [37] presented software security units developed to be included in undergraduate software engineering courses. The objective of the units was to teach the student to construct reliable software with the practice and requirements of coding and testing security.…”

Section: Introductionmentioning

confidence: 99%

“…In conclusion, most available works have not given course content much attention compared with other aspects of software security education, such as focusing on the security of coding [18,32] or the importance of software security in academic programs [20,38]. Some researchers discussed the integration of software security with other courses [17,37]. Others investigated the impact of teaching software security on the student's level through a MOOC-based course [33] or the effect of culture on cybersecurity training programs [21].…”

Section: Introductionmentioning

confidence: 99%

What topics should or should not be included in software security education—Qualitative content analysis

Ebad

2022

Comp Applic In Engineering

View full text Add to dashboard Cite

Software security education is still not preparing students for the types of high‐skilled technical roles that represent the most severe workforce shortage. Recognizing this, academia has begun redefining the knowledge area concepts of software security curricula to meet the current workforce shortage. This article studies the software security courses in Arab Gulf academic programs and benchmarks their descriptions with the corresponding knowledge area from cybersecurity Curricula (CSEC). 2017, the first set of global cybersecurity curricular guidelines. Using content analysis, six concepts or essentials are investigated: security requirements, secure design principles, secure source code, analysis and testing, patch, and ethics. It was found that no course follows all the CSEC. 2017 essentials. The analysis and testing essential were considered by all courses, and security after deployment, including the patch essential, needs more attention because it was not included in any course. Similarly, the security requirements and ethics essentials were also considered by a few courses. However, software success depends on requirements, and ethics has become critical in the cybersecurity and information assurance fields that depend on law and forensics. The secure source code essential was covered by most courses. The well‐known types of code attacks were covered, and over half of the courses discussed secure design principles essential. However, security by design is an emerging development philosophy. The article discussed observations and recommendations that will assist program managers and their staff in making effective decisions about the essentials and concepts that should be included when they are developing the software security curriculum.

show abstract

“…They stressed that security must be considered throughout the software development process. Toward secure software assurance, programming concepts must be taught to beginning programmers from a security perspective [4,5]. This could be exercised through defensive secure programming, secure coding, and secure software development practices [5,6].…”

Section: Introductionmentioning

confidence: 99%

Implementation of Security Modules with Model-Eliciting Activities in Computer Science Courses

Yang¹,

Earwood²,

Kim³

et al.

2020 ASEE Virtual Annual Conference Content Access Proceedings

Self Cite

View full text Add to dashboard Cite

Antonio. She earned her Ph.D. in Computer Science and Software Engineering from Auburn University. Her current research interests include secure code analysis and visualization, and software security on various platforms such as stand-alone software systems and cloud-based or mobile applications. Her research also focuses on computing and cybersecurity education including the participation of women. She is an author or co-author of over 30 peer-reviewed journals and conference proceedings in these areas. She is a member of the IEEE Computer Society, ACM, ACM-W, Women in Cyber Security (WiCys), SWE(Society of Women Engineers), and NCWIT(National Center of Women in Technology).

show abstract

Secure Modules for Undergraduate Software Engineering Courses

Cited by 9 publications

References 3 publications

Assessing Cybersecurity Problem-Solving Skills and Creativity of Engineering Students Through Model-Eliciting Activities Using an Analytic Rubric

Assessing Cybersecurity Problem-Solving Skills and Creativity of Engineering Students Through Model-Eliciting Activities Using an Analytic Rubric

What topics should or should not be included in software security education—Qualitative content analysis

Implementation of Security Modules with Model-Eliciting Activities in Computer Science Courses

Contact Info

Product

Resources

About