Another lurker revealing himself ... my name is Matt Bishop, and I
lurk at the University of California at Davis where I teach and do
research in lots of areas of computer security, including (surprise!)
what is traditionally called "secure programming" and "secure software
development". For what it's worth, I don't like the use of the term
"secure" because it's too vague -- I'd prefer "robust" or something
related to assurance, but I can't come up with a short term. Oh, well.
I've been working with "secure coding" for many years. I'm
particularly interested in the interaction between coding and policy,
and also in how to teach this stuff. I've done some training (long
ago, with SANS), but now I focus on college/university education (for
the most part).
I get lots of good examples and ideas from this list, and sometimes
the postings challenge me to think about different perspectives. In
particular, the discussions of how people use these techniques, and
the ones people find the most pernicious and troubling, help me give
realistic examples when I teach students how to write good code. So
Ken, thank you for starting and maintaining this list -- I think
you've done the community a great service.
A thought about Rob Floodeen's comment:
2. How to incorporate the concept of secure coding and new
techniques/tools to do so. This should be a minor objective through
our academic curriculum as well. Just like advanced math skills, we
should have advanced secure coding skills for Software Engineers.
My own feeling is that this should be a basic skill for people who
program, not just software engineers. But the level at which
practitioners (for want of a better term) need to know this varies
depending on what they do. An occasional programmer (a physicist, for
example) probably doesn't need to know about race conditions and,
indeed, about security in general -- but she would need to know how to
write a program that checks its input (lest the results be invalid --
GIGO), which is "security" from her point of view. A software engineer
darn well better know about race conditions, though!
So I agree with what Rob posted, and I did have one thought. Is
writing good English a "minor" objective of an English major?
Probably, in the sense English curricula focus on interpretation of
literature, literary criticism, and other aspects of literature. But
it's an essential one. So perhaps "incidental and important" describes
how I feel better than "minor".
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.