Cybersecurity educationCybersecurity cracks the undergraduate curriculum

Published 17 May 2016

In a time when million-dollar security breaches of household name corporations regularly make headlines and complicate lives, computer science undergraduates at America’s universities remain surprisingly underexposed to basic cybersecurity tactics. the Software Assurance Marketplace (SWAMP), a national cybersecurity facility housed at the Morgridge Institute for Research in Madison, Wisconsin, has been working to address this skills gap by offering a suite of software security tools that Bowie State has been integrating into undergraduate coding courses, giving students a way to examine and rid their code of security weaknesses.

In a time when million-dollar security breaches of household name corporations regularly make headlines and complicate lives, computer science undergraduates at America’s universities remain surprisingly underexposed to basic cybersecurity tactics.

The Morgridge Institute says that the Software Assurance Marketplace (SWAMP), a national cybersecurity facility housed at the Morgridge Institute for Research in Madison, Wisconsin, has been working to address this skills gap through a partnership with Bowie State University in Maryland. The SWAMP offers a suite of software security tools that Bowie State has been integrating into undergraduate coding courses, giving students a way to examine and rid their code of security weaknesses.

The partnership offers a national model for integrating cybersecurity into the curriculum.

Funded by the Science and Technology Directorate of the Department of Homeland Security (DHS), the SWAMP is designed to give software code developers a simple, one-stop resource to examine code with a multitude of both open-source and commercial assessment tools. Now in its second year, the SWAMP plans to expand its current suite of nineteen assurance tools covering five common software languages to thirty tools covering eleven languages by the end of 2016.

The academic benefits of this resource have been transformational for students of Dr. Lethia Jackson, a Bowie State professor of computer science who is implementing the assurance testing in four of the school’s sophomore- and junior-level coding courses that attract 50-75 students per semester.

Jackson established a code review process in the classes, where graduate and undergraduate researchers submit student-produced code into the SWAMP continuous assurance pipeline. The team, called the Forensic Technology Information Cyber Squad, works with students to identify where and why code is vulnerable, and determines a path to correction. This process is repeated until the team is reasonably assured the code is free of weaknesses.

“My research students are becoming what I consider to be prolific programmers by using the SWAMP,” Jackson says. “Now they not only write code, but they can read and interpret other people’s code for errors, which will be necessary for any job in this field.”