Software Assurance Curriculum Project Volume II: Undergraduate Course Outlines

Abstract : Modern society depends on software systems of ever-increasing scope and complexity. Virtually every sphere of human activity is impacted by these systems, from social interaction in our personal lives to business, energy, transportation, education, communication, government, and defense. Because the consequences of failure can be severe, dependable functionality and security are essential. As a result, software assurance is emerging as an important discipline for the development, acquisition, and operation of software systems and services that provide requisite levels of dependability and security. This report is the second volume in the Software Assurance Curriculum Project sponsored by the Department of Homeland Security. The first volume, the Master of Software Assurance Reference Curriculum (CMU/SEI-2010-TR-005), presented a body of knowledge from which to create a Master of Software Assurance degree program, as both a standalone offering and as a track within existing software engineering and computer science master's degree programs. This report focuses on an undergraduate curriculum specialization for software assurance. The seven courses in this specialization are intended to provide students with fundamental skills for either entering the field directly or continuing with graduate-level education.

[1]  Nancy R. Mead,et al.  Software Security Engineering: A Guide for Project Managers , 2004 .

[2]  Benjamin S. Bloom,et al.  Taxonomy of Educational Objectives: The Classification of Educational Goals. , 1957 .

[3]  Mark Guzdial,et al.  Computer Science Curriculum 2008: An Interim Revision of CS 2001 , 2008 .

[4]  Silvan S. Tomkins,et al.  Exploring affect: The cognitive system , 1995 .

[5]  Nancy R. Mead,et al.  Software Assurance Curriculum Project Volume I: Master of Software Assurance Reference Curriculum , 2010 .

[6]  Elfriede Dustin,et al.  The Art of Software Security Testing: Identifying Software Security Flaws , 2006 .

[7]  Marie A. Wright,et al.  Information security - contemporary cases , 2006 .

[8]  Gary McGraw,et al.  The Building Security in Maturity Model ({BSIMM}) , 2009 .

[9]  Nancy R. Mead,et al.  Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.

[10]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[11]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[12]  Alan D. Ross,et al.  Network Security Essentials , 2003 .

[13]  Michael Howard,et al.  The security development lifecycle : SDL, a process for developing demonstrably more secure software , 2006 .

[14]  Nancy R. Mead,et al.  Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.

[15]  Robert C. Seacord The CERT C Secure Coding Standard , 2008 .

[16]  B. Bloom Taxonomy of educational objectives , 1956 .

[17]  Robert C. Seacord,et al.  Secure coding in C and C , 2005 .

[18]  FrippeMax Warriors of the Net , 2011 .