C. Wallace, T. Vosecky, L. Steinbacher, A. Mareck, R.R. Johnson, A. Brady
Producing software that lends itself to meaningful, productive use requires engagement with a wide array of stakeholders, few of whom speak the language of formal software documentation. To make students aware of the communication issues surrounding software development, and to instruct them in strategies for addressing these issues, we have been constructing online multimedia case studies, which draw from the real experiences of undergraduate students in their capstone projects. We report on the structure and content of these case studies, and on our approach to building them.
{"title":"Student-Based Case Studies in Software Communication","authors":"C. Wallace, T. Vosecky, L. Steinbacher, A. Mareck, R.R. Johnson, A. Brady","doi":"10.1109/CSEETW.2006.16","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.16","url":null,"abstract":"Producing software that lends itself to meaningful, productive use requires engagement with a wide array of stakeholders, few of whom speak the language of formal software documentation. To make students aware of the communication issues surrounding software development, and to instruct them in strategies for addressing these issues, we have been constructing online multimedia case studies, which draw from the real experiences of undergraduate students in their capstone projects. We report on the structure and content of these case studies, and on our approach to building them.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"265 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129112509","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Most industry software engineers have little experience designing and building secure systems; features and time-to-market have been their focus. With the rising demand for secure software, there is a corresponding increased need for continuing education classes to improve engineers’ skills. This type of course has different challenges from academic classes; these differences are because continuing education courses have no grades and they run all day for several consecutive days. This paper describes these classes and presents an overview of topics covered in the classes, providing example exercises. Challenges in offering such classes are discussed and solutions are presented.
{"title":"Implementing A Successful Secure Coding Continuing Education Curriculum For Industry: Challenges and Successful Strategies","authors":"K. Ingham","doi":"10.1109/CSEETW.2006.9","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.9","url":null,"abstract":"Most industry software engineers have little experience designing and building secure systems; features and time-to-market have been their focus. With the rising demand for secure software, there is a corresponding increased need for continuing education classes to improve engineers’ skills. This type of course has different challenges from academic classes; these differences are because continuing education courses have no grades and they run all day for several consecutive days. This paper describes these classes and presents an overview of topics covered in the classes, providing example exercises. Challenges in offering such classes are discussed and solutions are presented.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124178579","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The old saying "practice makes perfect" has been proven to be true in many fields when training new people to master the skills needed for a particular domain. It is even truer for software engineering education. Software engineering, by and large, is the application of engineering to software. Unlike other disciplines in the computer sciences, only by coupling theory and practice can students (who usually lack real-world working experience) understand some of the abstract concepts and principles taught in software engineering courses. This paper summarizes our experience in teaching software engineering courses in two different universities using a practice-oriented approach that guides students through learning the different, and yet abstract, aspects of the software engineering process.
{"title":"On Practice-Oriented Software Engineering Education","authors":"Shihong Huang, Damiano Distante","doi":"10.1109/CSEETW.2006.11","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.11","url":null,"abstract":"The old saying \"practice makes perfect\" has been proven to be true in many fields when training new people to master the skills needed for a particular domain. It is even truer for software engineering education. Software engineering, by and large, is the application of engineering to software. Unlike other disciplines in the computer sciences, only by coupling theory and practice can students (who usually lack real-world working experience) understand some of the abstract concepts and principles taught in software engineering courses. This paper summarizes our experience in teaching software engineering courses in two different universities using a practice-oriented approach that guides students through learning the different, and yet abstract, aspects of the software engineering process.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127410057","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Yamamoto, H. Tomiyama, S. Honda, N. Kaneko, K. Mase, Nobuo Kawaguchi, H. Takada, K. Agusa
Nagoya University has started an extension program on embedded software, called NEXCESS (Nagoya university EXtension Courses for Embedded Software Specialists). NEXCESS is targeted towards embedded software engineers in industry. In industry training on technical skills is very important. Practices are effective for training embedded software development skills. This paper describes the organization and course design of NEXCESS. Also, our analytical method of practices is reported.
{"title":"An analysis of learner’s activities in embedded software programming practices","authors":"M. Yamamoto, H. Tomiyama, S. Honda, N. Kaneko, K. Mase, Nobuo Kawaguchi, H. Takada, K. Agusa","doi":"10.1109/CSEETW.2006.5","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.5","url":null,"abstract":"Nagoya University has started an extension program on embedded software, called NEXCESS (Nagoya university EXtension Courses for Embedded Software Specialists). NEXCESS is targeted towards embedded software engineers in industry. In industry training on technical skills is very important. Practices are effective for training embedded software development skills. This paper describes the organization and course design of NEXCESS. Also, our analytical method of practices is reported.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130355093","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Tata Consultancy Services Ltd. (TCS) has been supporting the academic community across the globe, right from its inception three decades back. Over the last three years, a comprehensive Academic Interface Programme (AIP) has been institutionalized with defined processes, performance metrics and deployment structure. This has facilitated a robust, highquality, long- term relationship between TCS and Academia, leading to a win-win situation for both. This position paper shares the details of such a fruitful experience.
{"title":"TCS Academic Interface Program (AIP) A symbol of industry - academia cooperation","authors":"R. Narayanan","doi":"10.1109/CSEETW.2006.17","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.17","url":null,"abstract":"Tata Consultancy Services Ltd. (TCS) has been supporting the academic community across the globe, right from its inception three decades back. Over the last three years, a comprehensive Academic Interface Programme (AIP) has been institutionalized with defined processes, performance metrics and deployment structure. This has facilitated a robust, highquality, long- term relationship between TCS and Academia, leading to a win-win situation for both. This position paper shares the details of such a fruitful experience.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132724306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Revisiting material previously presented and successfully assessed can lead to much frustration among teaching staff and students. Despite this, it is often a requirement due to the time lag between the point at which a student begins a module and the time when they successfully passed a prerequisite module. Also, students who successfully pass a module fit into a number of categories, from those who were successful in all components of the assessment to those who displayed the minimum level of competence required for satisfaction of the learning outcomes. We introduce a novel instructional model which we predict will be instrumental in assisting our undergraduate Software Engineers who have displayed medium levels of competence in passing practical modules. The R-CUBE recognizes the importance of three dimensions to revisiting material - review, reinforce and reward. Our initial implementation of instruction using the model employs novel teaching and learning methods closely tied to our experience with service learning projects. We expect to fully evaluate the effectiveness of the model when the first students pass through a project that employs it at the end of this academic year.
{"title":"The R-CUBE: Reviewing, Reinforcing and Rewarding after SuccessfulModule Completion","authors":"C. O'Leary","doi":"10.1109/CSEETW.2006.20","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.20","url":null,"abstract":"Revisiting material previously presented and successfully assessed can lead to much frustration among teaching staff and students. Despite this, it is often a requirement due to the time lag between the point at which a student begins a module and the time when they successfully passed a prerequisite module. Also, students who successfully pass a module fit into a number of categories, from those who were successful in all components of the assessment to those who displayed the minimum level of competence required for satisfaction of the learning outcomes. We introduce a novel instructional model which we predict will be instrumental in assisting our undergraduate Software Engineers who have displayed medium levels of competence in passing practical modules. The R-CUBE recognizes the importance of three dimensions to revisiting material - review, reinforce and reward. Our initial implementation of instruction using the model employs novel teaching and learning methods closely tied to our experience with service learning projects. We expect to fully evaluate the effectiveness of the model when the first students pass through a project that employs it at the end of this academic year.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123103591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The interactions between Industry and Universities are examined in this open event with the aim of producing inputs to an international project that is concerned with gaining knowledge of industrial Software Engineering (SE) practices together with the development of a framework that will assist in the classification and evaluation of such practices. The key objectives for the workshop are to (i) identify the types and range of interaction between industry and academia, which enable knowledge to be gained of industrial SE practices, (ii) identify those areas in SE where best practices are most likely to be found, (iii) identify the mechanisms which could be used in the analysis of the interactions between industry and academia and which would assist in the classification and evaluation of industrial SE practices, and (iv) produce a prototype framework which would support these evaluation activities.
{"title":"Overview and Introduction to the Workshop on Best Practice in Software Engineering: The Role of Industry in Software Engineering","authors":"J. B. Thompson, H. Edwards","doi":"10.1109/CSEETW.2006.12","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.12","url":null,"abstract":"The interactions between Industry and Universities are examined in this open event with the aim of producing inputs to an international project that is concerned with gaining knowledge of industrial Software Engineering (SE) practices together with the development of a framework that will assist in the classification and evaluation of such practices. The key objectives for the workshop are to (i) identify the types and range of interaction between industry and academia, which enable knowledge to be gained of industrial SE practices, (ii) identify those areas in SE where best practices are most likely to be found, (iii) identify the mechanisms which could be used in the analysis of the interactions between industry and academia and which would assist in the classification and evaluation of industrial SE practices, and (iv) produce a prototype framework which would support these evaluation activities.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128154715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The subject matter for this one-day workshop is the experience, current situation, and future of education and training in software engineering of (more) secure software. This is a workshop for those from education, government, and industry at all levels doing education or training in secure software engineering and for those who would like to – as well as others interested in the subject of secure software engineering or the required workforce.
{"title":"Welcome from General Chair Workshop on Secure Software Engineering Education and Training","authors":"S. Redwine","doi":"10.1109/CSEETW.2006.23","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.23","url":null,"abstract":"The subject matter for this one-day workshop is the experience, current situation, and future of education and training in software engineering of (more) secure software. This is a workshop for those from education, government, and industry at all levels doing education or training in secure software engineering and for those who would like to – as well as others interested in the subject of secure software engineering or the required workforce.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123787042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Software engineering currently takes an activity-oriented view of development. Our approach to achieving qualities is rooted in process engineering: identifying and performing a set of requirements, design and construction activities, with testing to inspect if the desired product has been obtained, and relying on process optimization over time to help us in defining the right set of activities. In contrast, design in other engineering disciplines is centered on product engineering, systematically engineering in desired qualities through successive stages of development. Process engineering is then applied to this conceptually sound fundamental structure to optimize process performance parameters. This paper asserts that software development can and should be grounded in product engineering, and presents a conceptual model that enables a systematic approach to achieving qualities. Key enablers for this are a clear separation of quality concerns and the use of analysis to validate designs. Analysis techniques for software qualities have been available for many years, yet they are not viewed as basic knowledge in Computer Science and Software Engineering curricula. We argue that to put software engineering education on a firm footing, it is necessary to shift our conceptual basis for software development from process engineering to product engineering.
{"title":"A Product Engineering Approach to Software Development","authors":"K. Nori, N. Swaminathan","doi":"10.1109/CSEETW.2006.2","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.2","url":null,"abstract":"Software engineering currently takes an activity-oriented view of development. Our approach to achieving qualities is rooted in process engineering: identifying and performing a set of requirements, design and construction activities, with testing to inspect if the desired product has been obtained, and relying on process optimization over time to help us in defining the right set of activities. In contrast, design in other engineering disciplines is centered on product engineering, systematically engineering in desired qualities through successive stages of development. Process engineering is then applied to this conceptually sound fundamental structure to optimize process performance parameters. This paper asserts that software development can and should be grounded in product engineering, and presents a conceptual model that enables a systematic approach to achieving qualities. Key enablers for this are a clear separation of quality concerns and the use of analysis to validate designs. Analysis techniques for software qualities have been available for many years, yet they are not viewed as basic knowledge in Computer Science and Software Engineering curricula. We argue that to put software engineering education on a firm footing, it is necessary to shift our conceptual basis for software development from process engineering to product engineering.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127128858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A good percentage of the software deployed in industrial/commercial applications is of poor quality, it is unnecessarily complex, and contains numerous flaws that can be exploited by attackers. Every day the press reports of attacks to web sites or databases around the world, resulting in millions of dollars in direct or indirect losses. This situation does not appear to improve. There are several reasons for this situation, including the pressure to bring products to the market quickly, the complexity of modern software, the lack of knowledge about security of most developers, and others. Until recently the only vendors' response to problems of security was to provide patches to fix the latest vulnerability found. However, patches are clearly not the best solution: it is hard for system administrators to keep up with the latest patches and the patch itself may open new possibilities for attack. There are two basic approaches to improve application security: 1) examine final production code and look for possible problems, e.g., buffer overflow conditions [How03] or 2) plan for security from the beginning. We believe that the solution lies in developing secure software from the beginning, applying security principles along the whole lifecycle. As indicated, a good part of the problem is that developers are not, in general, acquainted with security development methods. We see the use of patterns as a fundamental way, even for developers with little experience, to implicitly apply security principles.
{"title":"A set of courses for teaching secure software development","authors":"E. Fernández, Shihong Huang, M. Larrondo-Petrie","doi":"10.1109/CSEETW.2006.4","DOIUrl":"https://doi.org/10.1109/CSEETW.2006.4","url":null,"abstract":"A good percentage of the software deployed in industrial/commercial applications is of poor quality, it is unnecessarily complex, and contains numerous flaws that can be exploited by attackers. Every day the press reports of attacks to web sites or databases around the world, resulting in millions of dollars in direct or indirect losses. This situation does not appear to improve. There are several reasons for this situation, including the pressure to bring products to the market quickly, the complexity of modern software, the lack of knowledge about security of most developers, and others. Until recently the only vendors' response to problems of security was to provide patches to fix the latest vulnerability found. However, patches are clearly not the best solution: it is hard for system administrators to keep up with the latest patches and the patch itself may open new possibilities for attack. There are two basic approaches to improve application security: 1) examine final production code and look for possible problems, e.g., buffer overflow conditions [How03] or 2) plan for security from the beginning. We believe that the solution lies in developing secure software from the beginning, applying security principles along the whole lifecycle. As indicated, a good part of the problem is that developers are not, in general, acquainted with security development methods. We see the use of patterns as a fundamental way, even for developers with little experience, to implicitly apply security principles.","PeriodicalId":325998,"journal":{"name":"19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133555909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: