Secure Programming (SP)

Response to 2015/16 survey feedback

 

I'm very grateful to students who responded in the course survey. The responses are invaluable to help improve the course, particularly one which is still in its early stages and on a fast-moving topic.

  • A number of replies mentioned how the practical elements of the course were particularly valuable, but also sometimes difficult. We will continue to prioritise the lab sessions and develop relevant and engaging examples, as well as maintaining a ramped difficulty level, so there are still some challenging parts.
  • Despite the interest in exploitation techniques, the course title suggests a focus on programming techniques to prevent insecure code. We plan to develop better coverage of this aspect of the course, although both aspects are important to understanding how to make a system secure. A better course title might be Software Security. I will explain this balance more clearly at the start of the course this year.

It was very nice to see a couple of students rate this as the best course they had studied while at Edinburgh.

David Aspinall, October 2016