Using a Serious Game Approach to Teach Secure Coding in Introductory Programming: Development and Initial Findings

We report the development and initial evaluation of a serious game that, in conjunction with appropriately designed matching laboratory exercises, can be used to teach secure coding and Information Assurance (IA) concepts across a range of introductory computing courses. The IA Game is a role-playing serious game (RPG) in which the student travels through seven computer techno-inspired environments (IA concept rooms); in each environment he/she learns a different IA concept. After playing each level, the student completes a related CS educational module comprised of a theory lesson and a lab assignment. The game is being created with a user-centered iterative approach that includes two forms of evaluation: formative and summative. In this article we describe the design and development of the first four levels of the game, and report the findings of an initial formative evaluation of two game levels with a group of undergraduate students.

[1]  Andrew Blyth,et al.  Secure coding — principles and practices , 2004 .

[2]  Christopher Spencer,et al.  Learning a new area with and without the use of tactile maps: a comparative study , 1985 .

[3]  Robert C. Seacord The CERT C Secure Coding Standard , 2008 .

[4]  Jon Erickson,et al.  Hacking: The Art of Exploitation , 2008 .

[5]  Mark Guzdial,et al.  Computer science is more important than calculus: the challenge of living up to our potential , 2003, SGCS.

[6]  Ximena López,et al.  Beyond Nintendo: design and assessment of educational video games for first and second grade students , 2003, Comput. Educ..

[7]  Hua Wang,et al.  Serious video game effectiveness , 2007, ACE '07.

[8]  Janet L. Kolodner,et al.  Problem-Based Learning Meets Case-Based Reasoning in the Middle-School Science Classroom: Putting Learning by Design(tm) Into Practice , 2003 .

[9]  Richard Blunt,et al.  Do Serious Games Work? Results from Three Studies , 2009, ELERN.

[10]  J. Bransford,et al.  How People Learn: Bridging Research and Practice , 2013 .

[11]  U. Wilensky Abstract Meditations on the Concrete and Concrete Implications for Mathematics Education , 1991 .

[12]  J. Bruer Schools for Thought: A Science of Learning in the Classroom , 1993 .

[13]  Frank L. Greitzer,et al.  Cognitive science implications for enhancing training effectiveness in a serious gaming context , 2007, JERC.

[14]  Marina Papastergiou,et al.  Digital Game-Based Learning in high school Computer Science education: Impact on educational effectiveness and student motivation , 2009, Comput. Educ..

[15]  Brianno Coller,et al.  Video Game-Based Education in Mechanical Engineering: A Look at Student Engagement* , 2009 .

[16]  B. D. Coller,et al.  Effectiveness of using a video game to teach a course in mechanical engineering , 2009, Comput. Educ..

[17]  Robert C. Seacord,et al.  Secure coding in C and C , 2005 .

[18]  Debbie Denise Reese,et al.  First steps and beyond: Serious games as preparation for future learning , 2007 .

[19]  Jon Erickson Hacking: The Art of Exploitation, 2nd Edition , 2008 .

[20]  Michael Zyda,et al.  From visual simulation to virtual reality to games , 2005, Computer.

[21]  Mark Guzdial,et al.  Teaching the Nintendo generation to program , 2002, CACM.

[22]  K. Squire,et al.  HARNESSING THE POWER OF GAMES IN EDUCATION , 2003 .

[23]  Randy F. Pausch,et al.  Teaching objects-first in introductory computer science , 2003, SIGCSE.