In 2012 13th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing. Development of a software security learning environment. In 2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering Education and Training (ICSE-SEET).
Structuring a Comprehensive Software Security Course around the OWASP Application Security Verification Standard.
Sarah Elder, Nusrat Zahan, Valeri Kozarev, Rui Shu, Tim Menzies, and Laurie Williams.IEEE Computer Society, Washington, DC, USA. Guide to the Software Engineering Body of Knowledge, Version 3.0. Evaluating the Quality of Learning: The SOLO Taxonomy (Structure of the Observed Learning Outcome) (1st ed.). The paper then presents indications on the feasibility and success of the exercise design for teaching misuse cases to engineering students and sparking their interest in IT-Security. We evaluated the exercise design regarding the suitability of the design components, the learning content of misuse cases and the intended learning goals as well as its impact on students' motivation, and their interest in IT-security. We present the integration of the exercise design into a traditional SE course for engineering students and its evaluation to examine its suitability. The exercise is part of an educational design research investigating which learning content and teaching methods are suitable for integrating IT-Security and SecSE topics into traditional SE education of engineering students to convey factual knowledge as well as raise awareness and interest for both topics during software development. To narrow this gap, this paper contributes with the design and evaluation of an exercise on modeling misuse cases alongside use cases, based on the inductive teaching method problem-based learning (PBL). However, only little research exists on integrating these topics into traditional SE courses, especially for engineering students in non-computer science majors. This is not only important for computer science students, but also for engineering students studying topics of computing and SE.
To secure existing and future software systems, introducing concepts of IT-Security and Secure Software Engineering (SecSE) in Software Engineering (SE) courses is essential for academic education of future software engineers. Today's cyberphysical systems are increasingly prone to misuse.
0 kommentar(er)
