Secure Programming (SP)

Response to 2016/17 survey feedback for SP.

I'm grateful to the students who responded to the survey to help make improvements for the next year. Besides the comments made in the survey, there were many useful comments made in person and some pleasant remarks in nominations for EUSA Teaching Awards.

  • The course is taken by a mix of students and tries to address software security as a broad area, including non technical as well as technical issues. The practical lab sessions are especially valuable for developing technical knowledge, they are difficult to run, so I'm glad they are mainly well appreciated.
  • Some students have no Computer Security background and are advised against taking SP but still do; others took our CS course immediately before SP. It is difficult to take account of the wide differences in background.
  • In 2016/17, as part of increasing our teaching in cyber security, the Computer Security course was significantly expanded (becoming a 20 credits course). It started to cover some of the same basic material as in Secure Programming (especially, easy stack overflow examples). Undergraduate students who took the course in a previous year did not see the overlap but students who took both courses in the same academic year did.
  • In future, will revise the SP course to avoid too much overlap, and introduce increasingly more advanced topics. This will be a delicate balance as it will make the learning curve for those without much security background harder.
  • I will try to speak less quickly in the action-packed lectures!

David Aspinall, September 2017