In the remainder of this article, we discuss our sources, the curriculum development process, our SwA education products, transition/adoption strategies, and adoption.
SwA Curriculum Development Process
We followed this eight-step process to develop the curriculum recommendations:
- Develop Project Guidelines: We adapted a set of guidelines similar to the GSwE2009 project to fit our needs. These adapted guidelines helped to direct our work, especially when we were developing Outcomes and the Body of Knowledge (see Step 6)
- Identify and Review Sources: We reviewed about 30 respected sources of security practices, including well-known textbooks and courses. These sources were particularly helpful in expanding details of the defined topics (see Step 3) and outcomes (see Step 6).
- Define Topics: We expanded on the main topics from [Allen 2008] to identify important topics and practices throughout the software development lifecycle (SDLC). These topics served as a first step toward organizing all the material needed in the curriculum.
- Define SDLC Practices and Categories: We expanded each topic (from the previous step) to the level of specific security practices used in industry, government, and academia. The sources identified in Step 2 were used to ensure that we included as many different practices as possible. Then we grouped related practices into higher level categories.
- Solicit External Feedback: At this point, we asked practitioners, managers, and educators for feedback on our content so far. We were particularly interested in knowing whether graduates who acquired the knowledge and skills we had described would be valuable in their assigned positions. Results from a three-page questionnaire were used to revise our practices and categories.
- Develop Outcomes, Body of Knowledge, Curriculum Architecture, Course Descriptions, and Implementation Guidance: We developed expected outcomes for graduates of a software assurance program starting with the categories we identified in Step 4. We also elaborated the categories and practices into a body of knowledge to be mastered by students. We developed a curriculum architecture and a set of example course outlines to be used in creating an academic program, and we produced some implementation guidance for faculty who might take on such a task.
- Compare Knowledge Units from the Body of Knowledge to SDLC Practices: We checked to see that all the practices identified in Step 4 were adequately covered by the knowledge units of our body of knowledge. This analysis led to some minor revisions in both the body of knowledge and the outcomes.
- Conduct External Reviews and Make Revisions: Finally, we solicited feedback from external reviewers in academia, industry, and government and made appropriate revisions.
Figure 1 shows the relationship of project artifacts to our process.
Figure 1. Relationship of Project Artifacts to Our Curriculum Development Process
As an example, an important artifact of the process was the body of knowledge, which included seven outcome areas. Brief descriptions of the outcomes follow:
|Volume I: Master of Software Assurance Reference Curriculum||Provides material for establishing or revising a Master of Software Assurance (MSwA) program: curriculum development guidelines, graduate student outcomes, recommended student preparation, an SwA body of knowledge, a high-level MSwA curriculum architecture, and implementation guidelines|
|Volume II: Undergraduate Course Outlines||Provides the syllabi for seven undergraduate SwA courses: Computer Science I and II, Introduction to Computer Security, Software Security Engineering, Software Quality Assurance, Software Assurance Analytics, and Software Assurance Capstone Project (Each syllabus contains a course description, prerequisite knowledge, a list of learning objectives/topics, sources for the course, course delivery features, and course assessment features.)|
|Volume III: Master of Software Assurance Course Syllabi||Provides the syllabi for nine graduate SwA courses: Assurance Management, System Operational Assurance, Assured Software Analytics, Assured Software Development 1, Assured Software Development 2, Assured Software Development 3, Assurance Assessment, System Security Assurance, and Software Assurance Capstone Experience (The syllabi are organized similar to those in Volume II but also include a schedule of weekly in-class activities, suggested readings, and out-of-class assignments.)|
|Volume IV: Community College Education||Provides the syllabi for six SwA courses appropriate for community college students: Computer Science I, II, and III; Introduction to Computer Security; Secure Coding; and Introduction to Assured Software Engineering|
Outcome 1. Assurance Across Lifecycles: Graduates will be able to incorporate assurance technologies and methods into lifecycle processes and development models for new or evolutionary system development, and for system or service acquisition.
Outcome 2. Risk Management: Graduates will be able to perform risk analysis, tradeoff assessment, and prioritization of security measures.
Outcome 3. Assurance Assessment: Graduates will be able to analyze and validate the effectiveness of assurance operations and create auditable evidence of security measures.
Outcome 4. Assurance Management: Graduates will be able to make a business case for software assurance, lead assurance efforts, understand standards, comply with regulations, plan for business continuity, and keep current in security technologies.
Outcome 5. System Security Assurance: Graduates will be able to incorporate effective security technologies and methods into new and existing systems.
Outcome 6. System Functionality Assurance: Graduates will be able to verify new and existing software system functionality for conformance to requirements and the absence of malicious content.
Outcome 7. System Operational Assurance: Graduates will be able to monitor and assess system operational security and respond to new threats.
Ultimately, the Software Assurance Curriculum Project developed the set of four volumes described in Table 1 [Mead 2010a, Mead 2010b, Mead 2011a, Mead 2011b].