Development of a Master of Software Assurance Reference Curriculum

Background

As is typical in a project of this nature, a good bit of time is spent deciding how to tackle the project. The team members all had expertise in software engineering. In addition, some had experience in curriculum design, software assurance, or both. However, many decisions had to be made at the outset to get the project off the ground. One of our challenges was to decide how we would operate as a team with members in geographically dispersed locations. Not all of the team members had worked together before, but we quickly coalesced into an effective unit. For the most part, we held weekly telecoms, and occasional face-to-face work sessions when we needed a concentrated block of time. This worked remarkably well.

At the outset, we needed to define software assurance, examine recent curriculum and body of knowledge efforts to see which ones would apply, identify the audience for our work, and highlight ways in which our work was unique.

One of our first tasks was to examine existing definitions of software assurance, select a candidate definition from the literature, and assess whether it met our needs. Initially we selected the definition of the Committee on National Security Systems, as this definition was in wide use and used by our Department of Homeland Security sponsor:

Software assurance (SwA) is the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, and that the software functions in the intended manner. (Committee on National Security Systems, 2009)

As we got further into the project, we found that the definition needed to be extended slightly for our purposes:

The extended definition emphasizes the importance of both technologies and processes in software assurance, notes that computing capabilities may be acquired through services as well as new development, acknowledges the need for correct functionality, recognizes that security capabilities must be appropriate to the threat environment, and identifies recovery from intrusions and failures as an important capability for organizational continuity and survival.

After examining the earlier Master of Software Engineering curriculum documents (Ardis & Ford, 1989; Ford, 1991), we concluded that the Graduate Software Engineering 2009 (GSwE2009) Curriculum Guidelines for Graduate Degree Programs in Software Engineering (Pyster, 2009) was the most relevant recent curriculum work to build on. We also drew on work done by Carnegie Mellon University’s Software Engineering Institute in support of the U.S. Department of Homeland Security Build Security In website (DHS, 2010a). We found that both the Software Assurance Curriculum Body of Knowledge (SwACBK) (DHS, 2010b) and the SWEBOK (IEEE-CS, 2004) were relevant as well.

We then considered the audience, and quickly concluded that the primary audience for the MSwA2010 curriculum is faculty who are responsible for designing, developing, and maintaining graduate programs that have a focus on software assurance knowledge and practices. However, we expect that the document will be read by other educators and trainers with an interest in this area, as well as industry and government executives and practitioners.

Finally, we identified what was different about this curriculum compared to traditional software engineering and computer science programs. Areas of special emphasis and unique properties that distinguish this curriculum (shown in italics) from others are the following:

• • software and services

• • development and acquisition

• • security and correct functionality

• • software analytics

• • system operations

• • auditable evidence

• • organizational continuity