Response to 2016/17 survey feedback for SP.
I'm grateful to the students who responded to the survey to help
make improvements for the next year. Besides the comments made in
the survey, there were many useful comments made in person and some
pleasant remarks in nominations for EUSA Teaching Awards.
- The course is taken by a mix of students and tries to address
software security as a broad area, including non technical as well
as technical issues. The practical lab sessions are especially
valuable for developing technical knowledge, they are difficult to
run, so I'm glad they are mainly well appreciated.
- Some students have no Computer Security background and are
advised against taking SP but still do; others took our CS
course immediately before SP. It is difficult to take
account of the wide differences in background.
- In 2016/17, as part of increasing our teaching in cyber
security, the Computer Security course was significantly expanded
(becoming a 20 credits course). It started to cover some of the
same basic material as in Secure Programming (especially, easy
stack overflow examples). Undergraduate students who took the
course in a previous year did not see the overlap but students who
took both courses in the same academic year did.
- In future, will revise the SP course to avoid too much overlap,
and introduce increasingly more advanced topics. This will be a
delicate balance as it will make the learning curve for those
without much security background harder.
- I will try to speak less quickly in the action-packed lectures!
David Aspinall, September 2017