Strategies for teaching secure coding practices

["Carl G. Alphonce" <alphonce () cse Buffalo EDU>]

The editor of the list has expressed a desire that the discussion move
away from "away from a discussion of the merits and !merits of a
particular operating system", so here's a contribution in a different
vein.

I am a recent subscriber to this list and also an educator.  I teach
primarily undergraduate courses, often the first and second semester
courses, and I am very interested to hear from the list what you all
consider to be important "secure coding" topics to cover in these
first-year classes.  Also, what topics to you feel should be covered
in an undergraduate curriculum but later than the first year?

To give you some context, our first-year sequence currently takes an
OO approach, incorporating design patterns and discussions of the
merits of alternative designs.  We also introduce some team-based work
in the second semester, and I am will begin to incorporate test-first
practices (using JUnit) this coming spring semester.

-- 
Carl Alphonce                             email: [EMAIL PROTECTED]
Dept of Computer Science and Engineering  phone: (716) 645-3180 x115
University at Buffalo                       fax: (716) 645-3464
Buffalo, NY 14260-2000                     http://www.cse.buffalo.edu/~alphonce