An Investigation into Educational Process Models for Teaching Secure Programming

Abstract

Despite the many advantages that software applications provide in our daily lives, there are also numerous threats that target vulnerabilities in these applications. There is therefore a demand for new technologies and approaches to secure software development. Educational institutions are responsible for equipping computing graduates with the requisite secure programming knowledge, skills and abilities. However, despite various curricula guidelines being provided by the ACM and other professional bodies, many educational institutions have not successfully implemented such changes within their curricula. One of the problems is that the available curricula guidelines focus more on what secure programming concepts should be taught, rather than how. This paper therefore investigates how educational process models could be used for teaching secure programming. It further identifies various themes and sub-themes from different educational process models and argues how these can be used to teach secure programming.