Designing an Undergraduate Software Security Course

Software systems continue to become more complex. However, with this increased complexity, also comes an increased chance of malicious attacks resulting in system failures. Since 1988 statistics indicate that corresponding to the phenomenal growth of the Internet, the number of security incidents reported to the Computer Emergency Response Team has increased by 498%, and the number of Internet sites affected by security lapses worldwide has increased by 702%. Consequently, as computer science educators, we have been charged with the task of providing our students with the requisite skills and knowledge needed to design and develop secure software. However, a survey of software security courses found that the target audiences for many of the courses are either graduate students or software security professionals. The aim of this paper is to describe the development of an undergraduate software security course. The paper presents the motivation behind the course and describes challenges faced.