A practical application of software security in an undergraduate software engineering course

Computer software is developed according to software engineering methodologies. However, as more of the economy and our social lives move online, software security has become a topic of increasing importance. Traditionally, courses in software security are offered at the graduate level or in a stand-alone course at the undergraduate level, with many undergraduate students being required to apply security principles to their software development processes as soon as they complete their degrees. Therefore, this paper posits that software security can be effectively introduced to undergraduate students in a traditionally taught software engineering course. The paper presents a modified software engineering course which introduces the secure development life cycle. Several traditional software development methodologies are presented which provide a foundation for introducing secure software principles. Additionally, the paper introduces collaborative learning and service-learning which are used in the practical application of software security concepts. Lastly, challenges and future work are presented.