By Topic

Security testing in software engineering courses

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Wang, A.J.A. ; Dept. of Software Eng., Southern Polytech. State Univ., Marietta, GA, USA

Writing secure code is at the heart of computing security. Unfortunately traditional software engineering textbooks failed to provide adequate methods and techniques for students and software engineers to bring security engineering approaches to software development process generating secure software as well as correct software. This paper argues that a security testing phase should be added to software development process with systematic approach to generating and conducting destructive security test sets following a complete coverage principle. Software engineers must have formal training on writing secure code. The security testing tasks include penetrating and destructive tests that are different from functional testing tasks currently covered in software engineering textbooks. Systematic security testing approaches should be seamlessly incorporated into software engineering curricula and software development process. Moreover, component-based development and formal methods could be useful to produce secure code, as well as automatic security checking tools. Some experience of applying security testing principles in our software engineering course teaching is reported.

Published in:

Frontiers in Education, 2004. FIE 2004. 34th Annual

Date of Conference:

20-23 Oct. 2004