Development and Transition of the SEI Software Assurance Curriculum

https://www.sei.cmu.edu/about/divisions/software-solutions-division/
https://www.sei.cmu.edu/about/divisions/software-solutions-division/

Posted: July 13, 2017 | By: Dr. Carol C. Woody, Nancy R. Mead

SwA Community College Curriculum Recommendations

In Volume IV [Mead 2011b], after studying related degree programs, we introduced a suite of six courses that could form part of a two-year degree program in software assurance. The first three courses modified existing courses from the ACM Committee for Computing Education in Community Colleges (CCECC) to add a security emphasis. The other three courses are more specialized. In the report, we included prerequisites, syllabi, sources, and Bloom’s taxonomy levels for each course.

The following is a list of the course names:

  • Computer Science I (modified from standard curricula)
  • Computer Science II (modified from standard curricula)
  • Computer Science III (modified from standard curricula)
  • Introduction to Computer Security (new course)
  • Secure Coding (new course)
  • Introduction to Assured Software Engineering (new course)

Subsequently, the project produced the Software Assurance (SwA) Competency Model [Hilburn 2013]. Two of the objectives of this model are listed below:

  • Enhance SwA curricula guidance by providing information about industry needs and expectations for competent SwA professionals.
  • Provide direction and a progression for the development and career planning of SwA professionals.

From the viewpoint of the curriculum project, the four curriculum documents and the competency model set the stage for transitioning the work to educational institutions that wished to offer software assurance concentrations or full-degree programs. Next, we discuss the ways we tried to meet these two objectives in a unique community college program.

The Illinois Central College Program

In September 2013, industry, government, and academic stakeholders met in Peoria, Illinois and proposed an initiative to create software developer jobs and make the Peoria area a national center of excellence for producing software that is secure from cyber attacks. The German apprenticeship model was proposed to create a skilled workforce that is trained, apprenticed, mentored, and certified in secure software production. (There is a growing awareness that the U.S. could reap substantial benefits from this model.)

Apprenticeships allow businesses to meet the growing demand for skilled workers and lead workers to higher wages and better employment outcomes. Furthermore, apprenticeships are a smart public investment. A recent study in Washington State found that for every $1 in state investment in apprenticeships, taxpayers received $23 in net benefits—a return that far exceeds that of any other workforce-training program in the state [State of Washington 2013, Olinsky 2013].

The initiative partnered with the school districts to encourage graduating high school seniors to pursue software development careers in the Peoria area. Ultimately the Central Illinois Center of Excellence for Secure Software (CICESS) was formed to collaborate on the community college/industry apprenticeship program.

Want to find out more about this topic?

Request a FREE Technical Inquiry!