Teaching secure software engineering: Writing secure code

Writing secure code is critical because a large fraction of security incidents result from flaws in the code. In order to effectively teaching knowledge of secure software engineering we have developed a course module titled “Introduction to Writing Secure Code”. This paper presents the content of this module and reports our teaching experiences. This module has been successfully taught in GEEN 163 Introduction to Java Programming class and GEEN 165 Computer Programming Design class in Spring 2011 in the Department of Computer Science at xxx University. Our experience exhibits that teaching this module in freshman and sophomore levels help students not only understand the impacts of insecure code, but also gain significant knowledge of safe programming practice. Students´ survey and feedback reflected that this module is very valuable in their educational experience. This module could be taught in first year freshman and second year sophomore classes of software engineering, computer science and information technology.