Security and performance are critical software non-functional requirements. Therefore, verification activities should be included in the development process to identify related defects, avoiding failures after deployment. However, there is a lack of understanding on factors moderating security verification, which jeopardizes organizations improve their assure releasing fulfilling these To moder...

Software dynamic translation (SDT) is a technology that allows programs to be modified as they are running. Researchers have used SDT with good success to build a variety of useful software tools (e.g., binary translators, operating system simulators, low-overhead profilers, and dynamic optimizers). In this paper, we describe how SDT can be used to address the critical problem of providing soft...

Security should be considered throughout a software development process to develop secure applications. This security engineering effort is restricted due to the complexity and diffusion of todays security knowledge. Approaches, such as misuse cases for threat specification and patterns for security functionality modeling, try to use and integrate security into software development, but their c...

Each year the reported number of security vulnerabilities increases as does the sophistication of attacks to exploit these vulnerabilities. Most security vulnerabilities are the result of insecure coding practices. There is a critical need to increase the security education of computer science students, particularly in software security. We are designing course modules, to be used at the underg...