Speaking about online secure programming materials, I'd love to hear any 
feedback, positive or negative, about the course materials I posted 
online years ago at http://projects.cerias.purdue.edu/secprog/, or the 
more recent derived versions at http://www.cs.purdue.edu/homes/cs390s/

Did anyone use them at all?  What could I do to improve them?

Pascal Meunier
Purdue University CERIAS

> I recently completed a lecture on secure software engineering,
> and I guess there a quite a few people on this list who could
> make use of some of the material, whether for their own presentations
> or simply for teaching themselves.
> The lecture was given at Kaiserslautern University of Technology as 
> 12 lessons of 90 minutes (each comprising about 35 slides) in English; 
> note that the accompanying student exercise problems are in German,
> however. 
> The chapters (of varying length, as indicated by their mapping to
> lessons) 
> are as follows:
> 01    IT Security and Software Security
> 02    Fundamental Notions and Definitions
> 03a   Vulnerabilities and Attacks (Part 1)
> 03b   Vulnerabilities and Attacks (Part 2) 
> 04    Security in the Software Development Process
> 05    Security Requirements Elicitation 
> 06    Threat Analysis
> 07a   Security in Architecture and Design (Part 1)
> 07b   Security in Architecture and Design (Part 2)
> 08a   Secure Coding (Part 1) 
> 08b   Secure Coding (Part 2)
> 09    Quality Assurance
> 10, 11, 12 Process Models, Usability, and Conclusions 
> You can find all the material at
> http://www.iese.fraunhofer.de/lectures/peine/materialcourse/
> This was the first iteration of my first self-designed lecture; it is 
> certainly not perfect yet (in fact I already have some improvements
> sketched for the next iteration, such as reorganizing the process
> material), so criticism is welcome. 
> I know of few comparable lectures world-wide, i.e. university lectures
> covering 
> security specifically from a software engineering viewpoint; so far, I'm
> aware of the lectures by Pascal Meunier at Purdue and by Dieter Gollmann
> at Hamburg-Harburg;  if you know of any others, I'd be glad to hear
> about 
> those, too.
> Kind regards from Germany,
> Holger Peine

Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.

Reply via email to