Fwd: re-writing college books - erm.. ahm...

[james.walden at gmail.com (James Walden)]

On 11/7/06, Gadi Evron <ge at linuxbox.org> wrote:

> Well, I never recieved any replies here on what's already being done.. so
> now, I am asking for ideas on how we can approach schools. What's needed,
> in order for basic CS classes to have a security orientation?



Most CS professors have little awareness about security in general or secure
programming techniques in specific, so I think awareness is the place we
need to start.  I've been giving workshops in secure programming and
software security targeted at CS educators since 2005 and will be giving
workshops in both areas in March at the largest annual gathering of CS
educators, the ACM SIGCSE Conference (
http://www.cs.potsdam.edu/sigcse07/index.html).

Software security awareness is growing these days.  I've seen software
security and/or secure programming classes appear at a couple dozen security
focused CS departments in the last couple of years, including my own.  I
teach relevant software security topics in my classes, and I know professors
at a few universities who are working on a variety of approaches to
introducing secure programming into CS1 and CS2.

I'm currently surveying a variety of introductory CS textbooks in C, C++,
and Java to look for security errors in their examples.  If you know of any
such errors, I'd appreciate getting an e-mail from you with the information
about the error.  I plan to use the data as part of a paper on teaching
secure programming in early CS classes and will acknowledge any
contributions in the paper.

James Walden
Assistant Professor, NKU
http://www.nku.edu/~waldenj1/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://krvw.com/pipermail/sc-l/attachments/20061107/dd3b7583/attachment.html