Skip to main content

Some “Secure Programming” Exercises for an Introductory Programming Class

  • Conference paper
  • 1683 Accesses

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT,volume 406)

Abstract

Ideally, computer security should be an integral part of all programming courses. Beginning programming classes pose a particular challenge, because the students are learning basic concepts of programming. Thus, teaching them about buffer overflows as security problems, requiring an explanation of concepts such as “smashing the stack,” will confuse students more than motivate them to check array bounds. Advanced concepts such as race conditions require more background than the students have, or will have, when taking introductory programming classes. An alternate approach is to teach the underlying concepts of robust programming; preventing crashes or errors is central to such a course. This paper presents some exercises that illustrate this approach, and some thoughts on what constitutes “secure programming”.

Keywords

  • secure programming
  • robust programming
  • introduction to programming

References

  1. Christey, S.: CWE/SANS Top 25 Most Dangerous Programming Errors (March 10, 2009), http://cwe.mitre.org/top25

  2. Williams, J.,Wichers, D.: Top 10 2007 (2007), http://www.owasp.org/index.php/Top_10_2007

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2013 IFIP International Federation for Information Processing

About this paper

Cite this paper

Bishop, M. (2013). Some “Secure Programming” Exercises for an Introductory Programming Class. In: Dodge, R.C., Futcher, L. (eds) Information Assurance and Security Education and Training. WISE WISE WISE 2013 2011 2009. IFIP Advances in Information and Communication Technology, vol 406. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39377-8_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39377-8_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39376-1

  • Online ISBN: 978-3-642-39377-8

  • eBook Packages: Computer ScienceComputer Science (R0)