{"title":"程序设计课程中安全概念教学的系统映射研究","authors":"Alina Torbunova, Adnan Ashraf, Ivan Porres","doi":"arxiv-2407.07511","DOIUrl":null,"url":null,"abstract":"Context: To effectively defend against ever-evolving cybersecurity threats,\nsoftware systems should be made as secure as possible. To achieve this,\nsoftware developers should understand potential vulnerabilities and apply\nsecure coding practices. To prepare these skilled professionals, it is\nimportant that cybersecurity concepts are included in programming courses\ntaught at universities. Objective: To present a comprehensive and unbiased\nliterature review on teaching of cybersecurity concepts in programming courses\ntaught at universities. Method: We perform a Systematic Mapping Study. We\npresent six research questions, define our selection criteria, and develop a\nclassification scheme. Results and Conclusions: We select 24 publications. Our\nresults show a wide range of research contributions. We also outline guidelines\nand identify opportunities for future studies. The guidelines include coverage\nof security knowledge categories and evaluation of contributions. We suggest\nthat future studies should cover security issues, negative impacts, and\ncountermeasures, as well as apply evaluation techniques that examine students'\nknowledge. The opportunities for future studies are related to advanced\ncourses, security knowledge frameworks, and programming environments.\nFurthermore, there is a need of a holistic security framework that covers the\nsecurity concepts identified in this study and is suitable for education.","PeriodicalId":501197,"journal":{"name":"arXiv - CS - Programming Languages","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Systematic Mapping Study on Teaching of Security Concepts in Programming Courses\",\"authors\":\"Alina Torbunova, Adnan Ashraf, Ivan Porres\",\"doi\":\"arxiv-2407.07511\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Context: To effectively defend against ever-evolving cybersecurity threats,\\nsoftware systems should be made as secure as possible. To achieve this,\\nsoftware developers should understand potential vulnerabilities and apply\\nsecure coding practices. To prepare these skilled professionals, it is\\nimportant that cybersecurity concepts are included in programming courses\\ntaught at universities. Objective: To present a comprehensive and unbiased\\nliterature review on teaching of cybersecurity concepts in programming courses\\ntaught at universities. Method: We perform a Systematic Mapping Study. We\\npresent six research questions, define our selection criteria, and develop a\\nclassification scheme. Results and Conclusions: We select 24 publications. Our\\nresults show a wide range of research contributions. We also outline guidelines\\nand identify opportunities for future studies. The guidelines include coverage\\nof security knowledge categories and evaluation of contributions. We suggest\\nthat future studies should cover security issues, negative impacts, and\\ncountermeasures, as well as apply evaluation techniques that examine students'\\nknowledge. The opportunities for future studies are related to advanced\\ncourses, security knowledge frameworks, and programming environments.\\nFurthermore, there is a need of a holistic security framework that covers the\\nsecurity concepts identified in this study and is suitable for education.\",\"PeriodicalId\":501197,\"journal\":{\"name\":\"arXiv - CS - Programming Languages\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Programming Languages\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2407.07511\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Programming Languages","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2407.07511","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Systematic Mapping Study on Teaching of Security Concepts in Programming Courses
Context: To effectively defend against ever-evolving cybersecurity threats,
software systems should be made as secure as possible. To achieve this,
software developers should understand potential vulnerabilities and apply
secure coding practices. To prepare these skilled professionals, it is
important that cybersecurity concepts are included in programming courses
taught at universities. Objective: To present a comprehensive and unbiased
literature review on teaching of cybersecurity concepts in programming courses
taught at universities. Method: We perform a Systematic Mapping Study. We
present six research questions, define our selection criteria, and develop a
classification scheme. Results and Conclusions: We select 24 publications. Our
results show a wide range of research contributions. We also outline guidelines
and identify opportunities for future studies. The guidelines include coverage
of security knowledge categories and evaluation of contributions. We suggest
that future studies should cover security issues, negative impacts, and
countermeasures, as well as apply evaluation techniques that examine students'
knowledge. The opportunities for future studies are related to advanced
courses, security knowledge frameworks, and programming environments.
Furthermore, there is a need of a holistic security framework that covers the
security concepts identified in this study and is suitable for education.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
