Secure Coding mailing list archives

Where Does Secure Coding Belong In the Curriculum?

From: Stephan.Neuhaus at disi.unitn.it (Stephan Neuhaus)
Date: Tue, 25 Aug 2009 13:09:42 +0200


On Aug 25, 2009, at 02:35, Benjamin Tomhave wrote:

First, security in the software development concept is at least an
intermediate concept, if not advanced.


Not at all. That would be like saying that correctness is also an  
advanced concept, because it gets in the way of coding. Security is  
about exploiting assumptions (often hidden) that we make when we write  
and deploy software. I see no reason why teaching to think about  
assumptions should be deferred. You teach math students how to do  
proofs right from the beginning for essentially the same reasons :-)

Perhaps this means that the
language itself needs to require strong type checking that enforce
appropriate secure coding behavior?


Unfortunately, security assumptions are rarely written down so I don't  
see how they can be enforced at the language or compiler level.

Best,

Stephan

Current thread:

Where Does Secure Coding Belong In the Curriculum?, (continued)
- - - Where Does Secure Coding Belong In the Curriculum? Gunnar Peterson (Aug 21)
    - Where Does Secure Coding Belong In the Curriculum? McGovern, James F (HTSC, IT) (Aug 21)
    - Where Does Secure Coding Belong In the Curriculum? Wall, Kevin (Aug 21)
  - Where Does Secure Coding Belong In the Curriculum? Brad Andrews (Aug 21)
    - Where Does Secure Coding Belong In the Curriculum? Stephan Neuhaus (Aug 21)
    - Where Does Secure Coding Belong In the Curriculum? Brad Andrews (Aug 21)
    - Where Does Secure Coding Belong In the Curriculum? Gunnar Peterson (Aug 21)
    - Where Does Secure Coding Belong In the Curriculum? Brad Andrews (Aug 21)
    - Where Does Secure Coding Belong In the Curriculum? Mike Lyman (Aug 22)
    - Where Does Secure Coding Belong In the Curriculum? Benjamin Tomhave (Aug 24)
    - Where Does Secure Coding Belong In the Curriculum? Stephan Neuhaus (Aug 25)
    - Where Does Secure Coding Belong In the Curriculum? Benjamin Tomhave (Aug 25)
    - Where Does Secure Coding Belong In the Curriculum? Stephan Neuhaus (Aug 25)
    - Where Does Secure Coding Belong In the Curriculum? Brad Andrews (Aug 25)
    - Where Does Secure Coding Belong In the Curriculum? Wall, Kevin (Aug 26)
    - Where Does Secure Coding Belong In the Curriculum? Goertzel, Karen [USA] (Aug 26)
    - Where Does Secure Coding Belong In the Curriculum? Steven M. Christey (Aug 25)
    - Where Does Secure Coding Belong In the Curriculum? Jim Manico (Aug 25)
    - Where Does Secure Coding Belong In the Curriculum? Goertzel, Karen [USA] (Aug 26)
    - Where Does Secure Coding Belong In the Curriculum? McGovern, James F (HTSC, IT) (Aug 27)
    - Where Does Secure Coding Belong In the Curriculum? McGovern, James F (HTSC, IT) (Aug 26)

(Thread continues...)