This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Learning by Failing (and Fixing)
July/August 2008 (vol. 6 no. 4)
pp. 54-56
Lillian R?stad, Norwegian University of Science and Technology
Gunnar Ren? ?ie, Norwegian University of Science and Technology
Unfortunately, students can graduate with a software engineering degree without learning anything about building secure systems. However, for the past two years at the Norwegian University of Science and Technology, a software security course has been giving students the theoretical foundation and practical experience necessary to start comprehending software security issues.

1. Symantec Internet Security Threat Report, vol. XII, Semantec, Sept. 2007, www.symantec.com/businesstheme.jsp?themeid=threatreport .
2. G. McGraw, Software Security—Building Security In, Addison-Wesley, 2006.
3. M. Andrews and J.A. Whittaker, How to Break Web Software, Addison-Wesley, 2006.
4. J.C.H. Ryan, "Plagiarism, Education, and Information Security," IEEE Security &Privacy, vol. 5, no. 5, 2007, pp. 62–65.
5. M. Bishop, "About Penetration Testing," IEEE Security &Privacy, vol. 5, no. 6, 2007, pp. 84–87.

Index Terms:
software security, education, Norwegian University of Science and Technology
Citation:
Lillian R?stad, Inger Anne T?ndel, Per H?kon Meland, Gunnar Ren? ?ie, "Learning by Failing (and Fixing)," IEEE Security & Privacy, vol. 6, no. 4, pp. 54-56, July-Aug. 2008, doi:10.1109/MSP.2008.89
Usage of this product signifies your acceptance of the Terms of Use.