Secure Coding ACM CS2013 & NSA CAE - Computer and ...

shoulderslyricalAI and Robotics

Nov 21, 2013 (3 years and 6 months ago)

78 views



ACM/IEEE
-
CS


Computer Science
Curriculum

www.cs2013.org


Approximately
every
decade since “Curriculum ’68”


ACM & IEEE
-
CS

jointly publish curricular guidance
for

computer science




18 Knowledge Areas




New

KA Information Assurance and Security (IAS)


~21 Core Tier
-
1 Learning Outcomes


~25 Core Tier
-
2 Learning Outcomes


~59 elective Learning Outcomes



CS2013 Body of Knowledge



“In CS2013, the Information Assurance and Security
(IAS) KA is added to the Body of Knowledge in
recognition of the world’s reliance on information
technology and its critical role in computer science
education …


Information assurance and security education includes
all efforts to prepare a workforce with the needed
knowledge, skills, and abilities to protect our
information systems…“


IAS Knowledge Area



Knowledge Unit

Foundational Concepts in Security

Principles of Secure Design

Defensive Programming

Threats and Attacks

Network Security

Cryptography

Web Security

Platform Security

Security Policy and Governance

Digital Forensics

Secure Software Engineering

IAS Knowledge Area



Total Core

Hours

IAS KA


9

17 Other

KAs

63.5


Total Security Hours in
BoK

72.5

Security Core
in
BoK




Table
of information assurance and security distributed
throughout
Body
of
Knowledge


www.cs2013.org




Introductory Programming Course



Comprised of several Knowledge Areas



e.g.,
SDF + IAS + PL +
Platform
-
based Development
(web, game)



Focus of “Security Injections” is
core Learning Outcomes
for introductory programming courses


www.towson.edu/securityinjections


KA = Course



NSA/DHS


CAE.* Designations

National Centers
of Academic
Excellence (CAE)

in Information Assurance & Cyber
Defense

www.nsa.gov/ia/academic_outreach/nat_cae/


Towson
University
Security Injections
listed as resource