NSF Grant Awarded on Teaching Security

The National Science Foundation (NSF) has awarded a grant of $299,901 to University of Washington for support of the project, entitled "Building Instructional Capacity for Instructors Unfamiliar with Security." The grant is under the direction of Barbara Endicott-Popovsky and Sam Chung from the Institute of Technology at UWT.

Recognizing the need for college-level, secure coding curriculum, the University of Washington’s Center for Information and Cybersecurity, an NSA/DHS Center of Academic Excellence in Information Assurance Education and Research, will pilot a program that will train a group of select faculty members each year for two years who are estimated to reach over 1200 students in the Puget Sound area. The project takes a unique, software reengineering-based, thread approach developed by Dr. Chung. Eight curriculum modules will be built around a concept such as input validation and representation, encapsulation, errors, code quality, security features, API abuse, time and state, environment. A software engineering case study will be developed for each module that will produce code the traditional way without regard to security, then re-engineer the code to transform it to include security concepts. The problem of developing secure code is well known to high-tech sector companies. Some have found it necessary to establish ongoing security training for their developers to make up for the absence of college-level, secure coding curriculum. This project will address this gap.

top