Industry, Quality, and Social Issues (IQSI)

Permanent URI for this collection

Browse

Recent Submissions

Now showing 1 - 5 of 8
  • Item
    Using Cybersecurity Body of Knowledge (CyBOK) Case Studies to Enhance Student Learning
    ( 2022-01-04) Kohnke, Anne ; Tenbergen, Bastian ; Mead, Nancy
    One of the central aspects of specialization in modern software engineering is security engineering. With contemporary systems being networked and entrusted with mission-critical functionality, cybersecurity is an essential quality that must be developed into the system from the first moment. This comprises issues such as privacy, authentication, robustness against vulnerabilities, and hardness against external attacks. To do so, software engineering specialists with appreciation for the detailed intricacies of security engineering as well as broad experience are required. The Cybersecurity Body of Knowledge (CyBOK, [1]) has been developed to serve, among other uses, as an instructional reference for educators to prepare the next generation of security engineers in this respect. While the CyBOK describes the intricacies of security engineering in plentiful detail, it remains up to the instructor to convey this curriculum in a way that fosters understanding and forms experience as well as competencies in the learner. To aid the instructors who use the CyBOK, we have devised a library of 18 case studies that are specifically designed to target CyBOK knowledge areas. The case studies are sufficiently detailed to allow adoption with minimal overhead on the instructor. In this paper, we describe the case study mapping to the CyBOK, and classroom results of one exemplary case study, demonstrating improved understanding by students.
  • Item
    Using a CTF Activity to Teach Cloud and Web Security
    ( 2022-01-04) Coffman, Joel ; Romano, Zachary ; Windsor, Jennifer ; Vanderpol, Mathew
    While cloud computing is an attractive option in terms of price, availability, and scalability, cloud consumers must also weigh the security concerns of a cloud environment. In particular, security breaches due to misconfiguration are common, and this prevalence starts with inadequate education and training. Consequently, we incorporated a capture the flag (CTF) activity into an existing course to illuminate the potential pitfalls and consequences of cloud misconfiguration and to encourage participants to protect against such issues in their own applications. In this paper, we report on the effectiveness of the CTF activity to achieve these goals. Our evaluation specifically focuses on participants' interests, self-perceptions, and application of essential security practices (e.g., defensive programming techniques) to defend against common types of attacks. Our results indicate that the CTF activity was perceived favorably by students, but participants performed comparably to their peers on independent assessments, including test questions related to web security and securing a web application developed as part of a course project. We examine these issues and suggest a path forward to address them, particularly by better aligning the CTF activity with the stated course outcomes in conjunction with collecting additional data in future semesters.
  • Item
    Tools and Techniques Adapted for Teaching Software Engineering Topics Remotely during the COVID-19 Pandemic
    ( 2022-01-04) Bhuiyan, Md. Farhad Alam ; Rahman, Musfiqur ; Laila, Fairuza ; Ahmed, Sarker Tanveer ; Hussain, Ishtiaque
    To stop the spread of the COVID-19 virus, educational institutions abruptly switched from in-person to online, remote mode of teaching without giving educators the necessary tools and training. In this paper, we focus on the Software Engineering Education & Training (SEET) courses at the university levels and address questions like: What tools and techniques did they adapt to handle the modality transition challenges? What lessons they learned and what would they do differently the next time? What are the students' perspective on these, etc.? We interviewed 16 SEET educators from different countries around the world; followed by surveys of more than 300 educator and student participants. Our empirical study found some common themes of challenges, as well as suggestions on tools and techniques to overcome them.
  • Item
    ScaffoldSQL: Using Parson’s Problems to Support Database Pedagogy
    ( 2022-01-04) Borchert, Otto ; Walia, Gursimran
    This paper examines ScaffoldSQL, an interactive tool for helping students learn SQL through a system of interactive scaffolded exercises using Parson’s problems. In the system, students are posed with a problem to solve using SQL. They start by attempting to answer the question using free-form text. If they get the problem wrong, they can use a Parson’s problem interface to simplify the problem. After completing the problem, students are given one of two “secret words,” which allows instructors to track student progress without the need to install anything beyond their typical LMS. The system is designed to help instructors of flipped classrooms identify students who are struggling early, while simultaneously providing immediate feedback for students as they are learning. The system also provides tools for content creation and data gathering for research and development purposes.
  • Item
    Empirical study on the difficulties of software modeling through class diagrams
    ( 2022-01-04) Flores, Pamela ; Rodas, Carlos ; Torres, Jenny
    Software design is one of the stages of the software life cycle characterized as an activity of a creative nature, where software components and their relationships are identified, hence it is extremely important for constructing software efficiently. This research aims to explore the problems students at the undergraduate level face in their first attempts at modeling software. In this article we report the results of an empirical case study that analyzes class diagrams expressed in the Unified Modeling Language (UML) by students enrolled in lectures related to computer science at the undergraduate level. Additionally, we conducted a quantitative analysis that makes evident the most frequent problems the students faced while designing software. The results reveal that students show difficulties understanding multiplicity, assigning appropriate behavior to classes, distinguishing attributes from classes, and conceiving the problem from a holistic perspective.