Xiaohong (Dorothy) Yuan North Carolina A&T State University 11/16/2017

Slides:

Advertisements

Similar presentations

Two e-Learning elective seminars in Novi Sad Putnik Z., Komlenov Ž., Budimac Z. DMI, Faculty of Science University of Novi Sad.

Advertisements

The Blackboard Project EDIT 652 Fall 2005 Dr. Mike Uttendorfer.

SOFTWARE ENGINEERING for REAL-TIME SYSTEMS (© J.E.Cooling 2003) Software design - core concepts - slide 1 Software engineering for real-time systems Section.

1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Creation of Policies, Part.

Security administrators The experts need better tools too!

How to Create a Lesson Plan. What is a Lesson Plan? n A lesson plan is a teacher's detailed description of the course of instruction for an individual.

 An Overview of IE 4382/5382 Cybersecurity for Information Systems Susan D. Urban, Ph.D Department of Industrial Engineering Texas Tech University Lubbock,

Technical Guidelines for Digital Learning Content: A Tool for Development, Evaluation and Selection Liz Johnson Advanced Learning Technologies Board of.

CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

Learning Unit Documents and Examples. Learning Units - basic building block of a course For iGETT a Learning Unit consists of –Three parts Instructor.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+

CS 352 Introduction to Usability Engineering Class Size: Winter 2014: 53 Spring 2014: 89 Summer 2014: 72.

07 HCI Final Project. Outline Recap of exam rules Definition of “Final Project” Domains Technologies Materials for exemplification and discussion What.

1 FlexTraining in a Nutshell Welcome to a brief introduction of the FlexTraining Total e- Learning Solution. This short sample course will outline the.

Software Specification and Design Sirisin Kongsilp & James Brucker.

IRM304 CDR Course Manager: Denny Involved Competency Leads: 26 (Cybersecurity)-Denman, 19 (Measurement)-Denny, 7 (DBS)-Corcoran [Capability Planning],

A program of ITEST (Information Technology Experiences for Students and Teachers) funded by the National Science Foundation Lesson Plan Title: Subtitle.

Course Syllabus. What is a course syllabus? An outline and summary of topics to be covered in an education or training course.

Information Systems Ethics (Cyberethics) Dr. Robert Chi Department of Information Systems California State University, Long Beach.

Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.

Instructional Plan | Slide 1 CIS 295 Network Security M. Sue Fuentes.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

Creating an Online Tutorial on TUSK Workshop 6 th Annual Health Sciences Mini-Symposium for Teaching and Learning Innovative Teaching with Technology at.

Successes and Failures applying to SaTC/TWC/TC/CT Nikita Borisov University of Illinois at Urbana- Champaign.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

South-Western | Delmar | Course Technology | Gale Adobe Photoshop CS4: Comprehensive Concepts and Techniques Authors: Gary B. Shelly Joy L. Starks Copyright.

Blackboard Advanced: Creating and Using Narrated PowerPoint Presentations Helen Keier Office of Distance Education John Jay College of Criminal Justice.

Guidelines: Prepare at most 20 slides Headwords, no sentences A title for every slide Contents Title Overview Background Approach Summary.

IAEA International Atomic Energy Agency PREVENTION OF ACCIDENTAL EXPOSURE IN RADIOTHERAPY Part 0: Introduction IAEA Training Course.

SEC835 Security in Databases and Web applications Presentation.

Web-based Tools for Supporting Health Education William B. Hansen, Ph.D. Tanglewood Research Greensboro, North Carolina.

How to learn online Meeting #1 August 1, ERB.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Multiplication Basic Facts Strategies (Colors match up with strategies on slide 12 of Power Point presentation titled Basic Fact Instruction.)

Module 10: Windows Firewall and Caching Fundamentals.

Building Security In January 2009 Workshop Harry Hochheiser, Building Security In: January 2009 Workshop Harry Hochheiser Towson.

A Software Engineering Model Based Curriculum Development Approach Leon Pan University of the Fraser Valley.

Wendy Heck Grillo North Carolina Central University Dept. of Biology Biology Scholars 2009.

Introduction Software Project Management Plan Software Requirements Specifications Software Design Description Software Test Result.

Sample Title Panel (2 line option) Sample Subtitle Panel (Multiple line option)

Design Evaluation Overview Introduction Model for Interface Design Evaluation Types of Evaluation –Conceptual Design –Usability –Learning Outcome.

Moodle Quizzes – Workshop Outline Example of a Moodle Quiz. Features of the Quiz. Setting up a Quiz. Sharing a Quiz.

1 IT/Cybersecurity - ICRDCE Conference Day Aligning Program, Course, and Class Objectives / Outcomes.

Overview of E-Learning Authoring Software

Internal security consulting, reviews and penetration testing at CERN

Tech Level 3 Cyber Security

Cybersecurity Trends for 2018

Hazard Mitigation Planning VII

DT249/4 Information Systems Engineering Lecture 0

Instructional Strategies

Off-line Risk Assessment of Cloud Service Provider

CMGT 582 Competitive Success/tutorialrank.com

NTC 324 RANK Lessons in Excellence-- ntc324rank.com.

CMGT 582 STUDY Lessons in Excellence--cmgt582study.com.

NSG 4028 Enthusiastic Studysnaptutorial.com.

CyberPaths Interdisciplinary Modules

ISMS Information Security Management System

Li Yang, Carson Woods (University of Tennessee at Chattanooga

Engineering Secure Software

Team Members: Member1, … Spring 2013

Chemical Security Engagement Program Chemical Safety and Security Officer Workshop Place Dates.

Chapter 27 Security Engineering

Exploring Captivate Presented by: iTeam 2008.

CyberPaths Interdisciplinary Modules

Requirements engineering in Cloud Computing

Presentation transcript:

Developing Course Modules on Cybersecurity Software and Product Development Xiaohong (Dorothy) Yuan North Carolina A&T State University 11/16/2017 Cybersecurity Education Workshop at New Orleans

Developing course modules in 3 areas: Cybersecurity Fundamentals Secure Software Development Cybersecurity Product Development

Course Modules on Cybersecurity Fundamentals Module I: Authentication Module II: Authorization Module III: Intrusion Detection

Course Modules on Secure Software Development Module 1: Software Vulnerability Module 2: Secure Software Development Lifecycle Module 3: Software Risk Management Module 4: Security Requirements Module 5: Secure Coding Module 6: Security Testing

Course Modules on Cybersecurity Product Development Module 1: Users and Cognitive Models Module 2: Field Studies of Security or Privacy Technology Module 3: Usability Evaluation of New or Existing Security or Privacy Features

Security Requirements Module: Learning Outcomes Remember and Understand (Match): The different security requirements and the description of them. Remember and Understand (Define): What is an abuse case? Evaluate and Synthesize (Create): Create abuse cases based on CAPEC attack patterns. Apply and Analyze (Analyze): Considering an attack scenario of an application, what are the security requirements the application should have to prevent the attack from succeeding? Apply and Analyze (Apply): Considering an attack scenario of an application, what are some mitigation strategies to prevent the attack from succeeding?

Content Lecture (Power Point Slides) Quizzes (multiple choice questions) Project (or hands-on lab) Cases for Discussion Sample Solution for Case Discussion Questions

Lecture Content Security Requirements Security Goals Different Security Requirements Importance of Security Requirements Abuse Cases Abuse Case Development

Project Provide a method for developing abuse cases based on use cases and CAPEC attack patterns Provide a requirements specification for a web application Students will develop abuse cases for the given application

Cases for Discussion Provide description of 6 short cases of attacks on applications Students will disucss: What are the security requirements the application should have to prevent the attack from succeeding? What are some mitigation strategies to prevent the attack from succeeding?

Module Details: Interconnections Lessons Presentations Activity/Lab Title and Number of Exercises Advanced Challenges Security Requirements X “Attack Scenarios” 1 exercise N/A Abuse Case “Abuse Cases Development”

Module Details: Files and Resources Instructional Files and Online Resources that are Needed: Lesson 1: Security Requirements Basics SecReq_Lesson1_ Basics_Presentation.pptx SecReq_Lesson1_Basics_Activity.docx SecReq_Lesson1_Basics_ActivityFiles Lesson 2: Abuse Cases SecReq_Lesson2_ AbuseCase_Presentation.pptx SeS_Lesson2_AbuseCase_Lab.docx SecReq_Lesson2_AbuseCase_LabFiles

Module Details: Assessment 1 2 3 4 5 6 7 8 9 10 11 12 1.1 X 1.2 1.3 2.1 2.2