Microsoft funds secure code-writing course

Summary:Leeds University is linking up with Microsoft to offer undergraduates what it says will be the UK's first computing module on writing secure code

In the second of a string of collaborations between Microsoft and universities in the UK, the University of Leeds has received partial funding to teach would-be developers to write secure code.

The module will be available to 100 undergraduates at Leeds from January 2004. Dr Nick Efford, who is designing the syllabus, said it will differ from modules at other universities. "They have traditionally emphasised network security, cryptography and things like that," he said. "Our course is emphasising secure coding and software security. We will still cover cryptography but that will not be our focus."

Efford said the course will cover areas such as modelling threats and vulnerabilities of software, design principles and coding techniques. "We will illustrate all of these with case studies, classic security problems that have emerged... for example Melissa and Slammer... looking in each case at what gave rise to the problem in the first place and how it was dealt with."

Microsoft's UK chief security officer, Stuart Okin, said: "Regardless of which vendor's product you use, or which industry you are in, computer security and privacy is probably today's top concern." He said Microsoft's Secure Windows Initiative, which was highlighted in January last year by Bill Gates' email to employees, resulted in 11,000 Microsoft developers being trained to write secure code.

"It occurred to me last year when I took on the role to see what courses were out there in writing secure code," he said. "Leeds was interested and we had the material. A lot of it is very generic and doesn't have to apply to Microsoft technology." The course is based on a methodology that Microsoft uses, called "stride", said Okin. He said the methodology is based Michael Howard's book, Writing secure code.

Efford backed up Okin's claims of impartiality, saying that at Leeds they have a completely free hand to use any technology in their teaching. "Our systems run both Windows and Linux and like many universities we are involved in both camps. We use whatever tools are appropriate to the case in hand. That applies also with Unix security issues."

The plan is that the material from the new module will be made available for other universities to use. Depending on how the course develops, it could be expanded to a masters degree and developing distance-learning variations.

The Leeds module follows Microsoft's support of the UK's first postgraduate course in .Net at Hull university, starting in September 2003.

Dr Stuart Neilsen-Marsh, .Net academia manager at Microsoft, told ZDNet UK that future courses supported by Microsoft are likely to include e-learning, pen-based devices, gaming, mobile and wireless technologies.


ZDNet UK's Developer News Section delivers the latest headlines together with the best UK jobs, right to your browser.

Have your say on all developer topics. From j2ee, to C++, from Visual Basic to Javascript plus much more. Share your experience with others on the Developers Forum.


For all job and work-related news, or to search for a job and get information on training, go to ZDNet Jobs.

If you have something to say about work and employment issues say it here at the Jobs Forum.

Let the editors know what you think in the Mailroom.

Topics: Apps, Software Development

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.