Feeds

Leeds Uni, MS teach undergrads to write secure code

Course work

  • alert
  • submit to reddit

Securing Web Applications Made Simple and Scalable

Microsoft has teamed up with the University of Leeds to develop the UK's first undergraduate computer security module to focus on the skills which developers need write secure code.

The course kicks off in January 2004. Students will get hands-on experience of writing secure code and will learn to appreciate the fundamental role of security in software engineering. In addition to standard security topics, the module will cover threat modelling and basic security analysis of code, teaching students to identify potential weaknesses within their programs that could be exploited by unscrupulous crackers or virus writers.

Microsoft UK Chief Security Officer Stuart Okin said: "We are working with the University of Leeds because until now Computer Science graduates in this country were not obtaining adequate theoretical or practical experience. For instance, the module will educate students about buffer over-runs and how to avoid the pitfalls such as those exposed in the recent Slammer virus outbreak."

Professor Tony Cohn, Head of the School of Computing at the University of Leeds said he hoped the module help students to write better code while helping to give them an edge in the employment market on graduation.

John Harrison, an executive committee member of SAINT (Security Alliance for the Internet and New Technologies), has been working closely with the University of Leeds to promote information security within the curriculum.

"This is a very important step towards introducing security engineering into mainstream computer science and software engineering," said Harrison. "It is a serious omission that we have been training the next generation of software developers without this emphasis on security design principles and I hope other universities will follow this lead."
Microsoft is partly funding a Fellowship at the University. It is also working with the University of Leeds to develop the curriculum's content, which will "highlight the lessons learned from Microsoft's Trustworthy Computing initiative".

The company hopes to team up with other colleges and universities to offer similar courses worldwide.

Microsoft's recently announced a deal with Hull University to develop the UK's first postgraduate course in .NET. ®

Related Stories

Win a computer science bursary at Queen Mary
Cost of securing Windows Server 2003? Nearly $200m
Trustworthy Computing does Moon Walk (but not yet)
Microsoft outlines 3D progress to Trustworthiness
Open and closed security are roughly equivalent

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.