|
This project will develop a software assurance education artifact repository, designed for use across numerous computer science programs and institutions. The repository will help students to obtain a firm understanding of the software assurance process and necessary skills to develop highly assured software. The team will also create instructional materials for effective software artifact use.
The project transitions recent software assurance research to education domain including highly effective techniques for finding security defects. Artifacts will represent typical interdependent software assurance activity results in areas such as security requirements analysis, access control policy analysis, threat modeling and verification, and security testing and assessment. Specifically, the proposed repository will include seven types of software artifacts for several carefully selected and widely used open source security-critical software applications: security requirement specifications, security policies, threat models, security test models, security test cases, vulnerability models, and security mutants.
The proposed efforts will help with a critical shortage of software assurance workforce and will also raise software security awareness among a broad audience by introducing the topic to high school computer teachers. This will be done in collaboration with an NSF CS10K project preparing 30-40 high school teachers to teach Computer Science Principles courses at regional high schools. The project will collaborate with Florida A&M, Monmouth University and Gannon University. The project will develop a web application enabling public access to artifacts and instructional materials.
|
EDU: Developing a Software Artifact Repository for Software Assurance Education