CS2013-final-report

Recommendations

Info

IAS/Principles of Secure Design [1 Core-Tier1 hour, 1 Core-Tier2 hour] Topics: . [Core-Tier1] • Least privilege and isolation (cross-reference OS/Security and Protection/Policy/mechanism separation and SF/Virtualization and Isolation/Rationale for protection and predictable performance and PL/Language Translation and Execution/Memory management) • Fail-safe defaults (cross-reference SE/Software Construction/ Coding practices: techniques, idioms/patterns, mechanisms for building quality programs and SDF/Development Methods/Programming correctness) • Open design (cross-reference SE/Software Evolution/ Software development in the context of large, preexisting code bases) • End-to-end security (cross-reference SF/Reliability through Redundancy/ How errors increase the longer the distance between the communicating entities; the end-to-end principle) • Defense in depth (e.g., defensive programming, layered defense) • Security by design (cross-reference SE/Software Design/System design principles) • Tensions between security and other design goals [Core-Tier2] • Complete mediation • Use of vetted security components • Economy of mechanism (reducing trusted computing base, minimize attack surface) (cross-reference SE/Software Design/System design principles and SE/Software Construction/Development context: “green field” vs. existing code base) • Usable security (cross-reference HCI/Foundations/Cognitive models that inform interaction design) • Security composability • Prevention, detection, and deterrence (cross-reference SF/Reliability through Redundancy/Distinction between bugs and faults and NC/Reliable Data Delivery/Error control and NC/Reliable Data Delivery/Flow control) Learning outcomes: [Core-Tier1] 1. Describe the principle of least privilege and isolation as applied to system design. [Familiarity] 2. Summarize the principle of fail-safe and deny-by-default. [Familiarity] 3. Discuss the implications of relying on open design or the secrecy of design for security. [Familiarity] 4. Explain the goals of end-to-end data security. [Familiarity] 5. Discuss the benefits of having multiple layers of defenses. [Familiarity] 6. For each stage in the lifecycle of a product, describe what security considerations should be evaluated. [Familiarity] 7. Describe the cost and tradeoffs associated with designing security into a product. [Familiarity] [Core-Tier2] 8. Describe the concept of mediation and the principle of complete mediation. [Familiarity] 9. Describe standard components for security operations, and explain the benefits of their use instead of reinventing fundamentals operations. [Familiarity] 10. Explain the concept of trusted computing including trusted computing base and attack surface and the principle of minimizing trusted computing base. [Familiarity] - 103 -
11. Discuss the importance of usability in security mechanism design. [Familiarity] 12. Describe security issues that arise at boundaries between multiple components. [Familiarity] 13. Identify the different roles of prevention mechanisms and detection/deterrence mechanisms. [Familiarity] IAS/Defensive Programming [1 Core-Tier1 hour, 1 Core-Tier2 hour] Topics in defensive programming are generally not thought about in isolation, but applied to other topics particularly in SDF, SE and PD Knowledge Areas. Topics: [Core-Tier1] • Input validation and data sanitization (cross-reference SDF/Development Methods/Program Correctness) • Choice of programming language and type-safe languages • Examples of input validation and data sanitization errors (cross-reference SDF/Development Methods/Program Correctness and SE/Software Construction/Coding Practices) o Buffer overflows o Integer errors o SQL injection o XSS vulnerability • Race conditions (cross-reference SF/Parallelism/Parallel programming and PD/Parallel Architecture/Shared vs. distributed memory and PD/Communication and Coordination/Shared Memory and PD/Parallelism Fundamentals/Programming errors not found in sequential programming) • Correct handling of exceptions and unexpected behaviors (cross-reference SDF/Development Methods/program correctness) [Core-Tier2] • Correct usage of third-party components (cross-reference SDF/Development Methods/program correctness and Operating System Principles/Concepts of application program interfaces (APIs) • Effectively deploying security updates (cross-reference OS/Security and Protection/Security methods and devices) [Electives] • Information flow control • Correctly generating randomness for security purposes • Mechanisms for detecting and mitigating input and data sanitization errors • Fuzzing • Static analysis and dynamic analysis • Program verification • Operating system support (e.g., address space randomization, canaries) • Hardware support (e.g., DEP, TPM) - 104 -
Page 1 and 2:
Computer Science Curricula 2013 Cur
Page 3 and 4:
Computer Science Curricula 2013 Cop
Page 5 and 6:
CS2013 Steering Committee ACM Deleg
Page 7 and 8:
Chapter 5: Introductory Courses ...
Page 9 and 10:
CC152: Computer Architecture and En
Page 11 and 12:
Programming Languages and Technique
Page 13 and 14:
Chapter 1: Introduction ACM and IEE
Page 15 and 16:
KA subcommittee Chairs (as members
Page 17 and 18:
Knowledge Areas The CS2013 Body of
Page 19 and 20:
of the implications of social respo
Page 21 and 22:
Manaris (College of Charleston), Sa
Page 23 and 24:
Chapter 2: Principles Early in its
Page 25 and 26:
novel, interesting, and effective w
Page 27 and 28:
Appreciation of the interplay betwe
Page 29 and 30:
to be able to communicate with, and
Page 31 and 32:
● The learning outcomes and hour
Page 33 and 34:
● Many strong computer-science cu
Page 35 and 36:
include appropriate elective materi
Page 37 and 38:
We use three levels of mastery, def
Page 39 and 40:
Parallel and Distributed Computing
Page 41 and 42:
select topics from Tier-2 (to inclu
Page 43 and 44:
common“CS0” courses: precursor
Page 45 and 46:
Tradeoffs: A programming-focused in
Page 47 and 48:
Parallel Processing Traditionally,
Page 49 and 50:
Chapter 6: Institutional Challenges
Page 51 and 52:
Computer Science Across Campus An a
Page 53 and 54:
programs do not have an explicit li
Page 55 and 56: accessible, building interdisciplin
Page 57 and 58: provide for assessing the effective
Page 59 and 60: AL. Algorithms and Complexity (19 C
Page 61 and 62: [Core-Tier2] 7. Describe various he
Page 63 and 64: Learning Outcomes: 1. Define the cl
Page 65 and 66: Architecture and Organization (AR)
Page 67 and 68: 7. Evaluate the functional and timi
Page 69 and 70: AR/Interfacing and Communication [1
Page 71 and 72: Computational Science (CN) Computat
Page 73 and 74: CN/Introduction to Modeling and Sim
Page 75 and 76: CN/Processing [Elective] The proces
Page 77 and 78: CN/Data, Information, and Knowledge
Page 79 and 80: Discrete Structures (DS) Discrete s
Page 81 and 82: DS/Basic Logic [9 Core-Tier1 hours]
Page 83 and 84: DS/Graphs and Trees [3 Core-Tier1 h
Page 85 and 86: Graphics and Visualization (GV) Com
Page 87 and 88: GV/Fundamental Concepts [2 Core-Tie
Page 89 and 90: GV/Geometric Modeling [Elective] To
Page 91 and 92: GV/Visualization [Elective] Visuali
Page 93 and 94: HCI/Foundations [4 Core-Tier1 hours
Page 95 and 96: HCI/User-Centered Design and Testin
Page 97 and 98: Learning Outcomes: 1. Explain basic
Page 99 and 100: o Game engines o Mobile augmented r
Page 101 and 102: IAS. Information Assurance and Secu
Page 103 and 104: OS/Concurrency 1.5 OS/Scheduling an
Page 105: SP/Social Context 0.5 SP/Analytical
Page 109 and 110: Learning outcomes: [Core-Tier2] 1.
Page 113 and 114: Learning outcomes: 1. Describe the
Page 115 and 116: Information Management (IM) Informa
Page 117 and 118: • Design of core DBMS functions (
Page 119 and 120: 3. Demonstrate use of the relationa
Page 121 and 122: IM/Physical Database Design [Electi
Page 123 and 124: • Presentation, rendering, synchr
Page 125 and 126: IS/Fundamental Issues [1 Core-Tier2
Page 127 and 128: 4. Describe over-fitting in the con
Page 129 and 130: IS/Agents [Elective] Cross-referenc
Page 131 and 132: Learning Outcomes: 1. Explain the d
Page 133 and 134: Networking and Communication (NC) T
Page 135 and 136: NC/Networked Applications [1.5 Core
Page 137 and 138: NC/Social Networking [Elective] Top
Page 139 and 140: OS/Overview of Operating Systems [2
Page 141 and 142: OS/Memory Management [3 Core-Tier2
Page 143 and 144: OS/File Systems [Elective] Topics:
Page 145 and 146: Platform-Based Development (PBD) Pl
Page 147 and 148: Learning Outcomes: 1. Design and im
Page 149 and 150: Because the terminology of parallel
Page 151 and 152: PD/Parallelism Fundamentals [2 Core
Page 155 and 156: • Topologies o Interconnects o Cl
Page 157 and 158:
o Software as a service o Security
Page 159 and 160:
PL. Programming Languages (8 Core-T
Page 161 and 162:
PL/Functional Programming [3 Core-T
Page 163 and 164:
o o o Enforce invariants during cod
Page 165 and 166:
PL/Compiler Semantic Analysis [Elec
Page 167 and 168:
• Metaprogramming: Macros, Genera
Page 169 and 170:
PL/Language Pragmatics [Elective] T
Page 171 and 172:
emphasize formal analysis (e.g., Bi
Page 173 and 174:
Learning Outcomes: 1. Analyze and e
Page 175 and 176:
Software Engineering (SE) In every
Page 177 and 178:
such system are assigned to the cor
Page 179 and 180:
Learning Outcomes: [Core-Tier1] 1.
Page 181 and 182:
SE/Tools and Environments [2 Core-T
Page 183 and 184:
SE/Software Design [3 Core-Tier1 ho
Page 185 and 186:
[Elective] • Potential security p
Page 187 and 188:
o o o o Code segments Libraries and
Page 189 and 190:
Systems Fundamentals (SF) The under
Page 191 and 192:
2. Describe how hardware, VM, OS, a
Page 193 and 194:
2. Describe the scheduling algorith
Page 195 and 196:
Social Issues and Professional Prac
Page 197 and 198:
understanding of our commitment to
Page 199 and 200:
Learning Outcomes: 1. Evaluate stak
Page 201 and 202:
Learning Outcomes: [Core-Tier1] 1.
Page 203 and 204:
[Elective] 8. Discuss ways to influ
Page 205 and 206:
• Differences in access to comput
Page 207 and 208:
Appendix B: Migrating to CS2013 A g
Page 209 and 210:
and are treated as a topic geared t
Page 211 and 212:
GV The storage of analog signals in
Page 213 and 214:
SDF This new knowledge area pulls t
Page 215 and 216:
Table B-3: Core Learning Topics and
Page 217 and 218:
Table B-4: New and Expanded Core Le
Page 219 and 220:
IAS Core-Tier1: • Analyze the tra
Page 221 and 222:
IS NC Core-Tier2: • Translate a n
Page 223 and 224:
• Describe at least one design te
Page 225 and 226:
• Explain why the creation of cor
Page 227 and 228:
• Use refactoring in the process
Page 229 and 230:
• Apply simple algorithms for exp
Page 231 and 232:
Appendix C: Course Exemplars While
Page 233 and 234:
IS U. San Francisco Artificial Inte
Page 235 and 236:
ACM/IEEE-CS CS2013 Course-Exemplar
Page 237 and 238:
CSCI 140: Algorithms, Pomona Colleg
Page 239 and 240:
AL PD advanced data structures algo
Page 241 and 242:
What is the format of the course Th
Page 243 and 244:
CS 256 Algorithm Design and Analysi
Page 245 and 246:
and other applications including Ba
Page 247 and 248:
• Data races and higher-level rac
Page 249 and 250:
CS/ECE 552: Introduction to Compute
Page 251 and 252:
Body of Knowledge coverage KA Knowl
Page 253 and 254:
AR Assembly Level Machine Organizat
Page 255 and 256:
Page 257 and 258:
Altruism/Collaboration/Competition,
Page 259 and 260:
everyday lives, and therefore at le
Page 261 and 262:
COSC/MATH 201: Modeling and Simulat
Page 263 and 264:
ehaviors, simplifying assumptions;
Page 265 and 266:
MAT 267: Discrete Mathematics, Unio
Page 267 and 268:
Identify a problem and analyze it i
Page 269 and 270:
CS109 covers: • Counting • Comb
Page 271 and 272:
CS 250 - Discrete Structures I, Por
Page 274 and 275:
CS 251 - Discrete Structures II, Po
Page 276 and 277:
DS Graphs and Trees Tree, tree trav
Page 278 and 279:
The course gives an overview to a v
Page 280 and 281:
CS371: Computer Graphics, Williams
Page 282 and 283:
Texture mapping, including minifica
Page 284 and 285:
Other materials are: R and RStudio
Page 286 and 287:
3. Assignment (20% + 10%) Due in we
Page 288 and 289:
CO328: Human Computer Interaction,
Page 290 and 291:
Human Computer Interaction, Univers
Page 292 and 293:
Human-Computer Interaction, Stanfor
Page 294 and 295:
Human Information Processing (HIP),
Page 296 and 297:
Software and Interface Design, Univ
Page 298 and 299:
Computer Systems Security (CS-475),
Page 300 and 301:
Page 302 and 303:
Ullman and Widom, 2 nd edition, Pre
Page 304 and 305:
Technology, Ethics, and Global Soci
Page 306 and 307:
SP Professional Communication These
Page 308 and 309:
Page 310 and 311:
Why do you teach the course this wa
Page 312 and 313:
search, probabilistic reasoning, lo
Page 314 and 315:
Students are expected to spend abou
Page 316 and 317:
CS188: Artificial Intelligence, Uni
Page 318 and 319:
Introduction to Artificial Intellig
Page 320 and 321:
Page 322 and 323:
Page 324 and 325:
Page 326 and 327:
Computer Networks, Williams College
Page 328 and 329:
NC Introduction All 1.5 NC Networke
Page 330 and 331:
CSCI 432 Operating Systems, William
Page 332 and 333:
OS Security and Protection Access c
Page 334 and 335:
Assignment Five: Memory management
Page 336 and 337:
Page 338 and 339:
Page 340 and 341:
Programming Language: C Assignment
Page 342 and 343:
Parallel Programming Principle and
Page 344 and 345:
PD Parallel Algorithms, Analysis, a
Page 346 and 347:
• Grama, A., Gupta, A., Kumar V.
Page 348 and 349:
Body of Knowledge coverage For each
Page 350 and 351:
1: Map-reduce for CS1/WMR 2: Multic
Page 352 and 353:
What is the format of the course Co
Page 354 and 355:
Csc 453: Translators and Systems So
Page 356 and 357:
CSCI 434T: Compiler Design, William
Page 358 and 359:
AR Machine-level representation of
Page 360 and 361:
Page 362 and 363:
Languages and Compilers, Utrecht Un
Page 364 and 365:
COMP 412: Topics in Compiler Constr
Page 366 and 367:
separate compilation is the key fea
Page 368 and 369:
programming languages. A major them
Page 370 and 371:
CSCI 1730: Introduction to Programm
Page 372 and 373:
CSC 2/454: Programming Language Des
Page 374 and 375:
PL Runtime Systems Data layout; sto
Page 376 and 377:
How are students assessed Over 10 w
Page 378 and 379:
Page 380 and 381:
Programming Languages and Technique
Page 382 and 383:
Page 384 and 385:
esults from programming language th
Page 386 and 387:
PL Event-driven and Reactive Progra
Page 388 and 389:
Overall, students learn the followi
Page 390 and 391:
PL Type systems Compositional type
Page 392 and 393:
What is the format of the course Th
Page 394 and 395:
Introduction to Computer Science, H
Page 396 and 397:
PD PD/Parallelism Fundamentals Para
Page 398 and 399:
• Analytical Reasoning: Assertion
Page 400 and 401:
CS1101: Introduction to Program Des
Page 402 and 403:
Finally, the design process from
Page 404 and 405:
documentation activity that occurs
Page 406 and 407:
Page 408 and 409:
SE Software Validation and Verifica
Page 410 and 411:
Cloud computing and the shift in th
Page 412 and 413:
SE-2890 Software Engineering Practi
Page 414 and 415:
Software Development, Quinnipiac Un
Page 416 and 417:
Page 418 and 419:
• Networking subsystem focusing o
Page 420 and 421:
SF Input/output Programmed data tra
Page 422 and 423:
Page 424 and 425:
◦ C preprocessors, multifile prog
Page 426 and 427:
Ethics in Technology (IFSM304), Uni
Page 428 and 429:
Analyze basic logical fallacies in
Page 430 and 431:
Specific topics include: • Capaci
Page 432 and 433:
Additional topics The sustainabilit
Page 434 and 435:
How are students assessed The basic
Page 436 and 437:
Ethics & the Information Age (CSI 1
Page 438 and 439:
SP Intellectual Property Overview a
Page 440 and 441:
privacy. Students are asked to shar
Page 442 and 443:
The Digital Age, Grinnell College G
Page 444 and 445:
AR Digital logic and digital system
Page 446 and 447:
COS 126: General Computer Science,
Page 448 and 449:
Prospective computer science majors
Page 450 and 451:
CSCI 0190: Accelerated Introduction
Page 452 and 453:
An Overview of the Two-Course Intro
Page 454 and 455:
Course textbooks and materials Free
Page 456 and 457:
programming (scripting) is covered
Page 458 and 459:
One way to document this spiral app
Page 460 and 461:
3. Data types and structures 1. pri
Page 462 and 463:
Page 464 and 465:
◦ Comparison of results for small
Page 466 and 467:
Appendix D: Curricular Exemplars Th
Page 468 and 469:
Bluegrass Community and Technical C
Page 470 and 471:
Knowledge Units in a Typical Major
Page 472 and 473:
Notation: < 25% of KU covered # 25-
Page 474 and 475:
Appendix: Information on Individual
Page 476 and 477:
Curricular Analysis The Knowledge U
Page 478 and 479:
Page 480 and 481:
Page 482 and 483:
management, the Internet, e-mail, t
Page 484 and 485:
Mathematical Foundations (two desig
Page 486 and 487:
Multi-paradigm, Introductory Sequen
Page 488 and 489:
Page 490 and 491:
Page 492 and 493:
Additional Comments Although the ex
Page 494 and 495:
CSC 312 - Implementation of Program
Page 496 and 497:
• Biocomputation • Unspecialize
Page 498 and 499:
Page 500 and 501:
Page 502 and 503:
Additional Comments We instituted a
Page 504 and 505:
CS 145: Introduction to Databases T
Page 506 and 507:
Williams College Department of Comp
Page 508 and 509:
Page 510 and 511:
Page 512 and 513:
Possible Curricular Revisions Note
Page 514 and 515:
CSCI 237 - Computer Organization Th
Page 516 and 517:
surface scattering functions, binar
Page 518:
A Cooperative Project of
show all

CS2013-final-report

Create successful ePaper yourself

Delete template?

Save as template?