As the majority of jobs in Computer Science are software development oriented, Computer Science curricula have shifted towards producing software more efficiently. As a result, low-level concepts such as computer instructions, assembly programming and calling conventions that are fundamental to cyber security are only covered marginally. Ultimately the security of cyberspace depends on the programs we use; increasing their robustness to vulnerabilities will enhance cyber security greatly. How to engage software developers in secure coding and other cyber security practices becomes a fundamental challenge. At the same time, in order to handle the everincreasing complexity of malware and other programs, cyber security analysts heavily depend on specialized tools. This makes it even more difficult for typical software developers to comprehend the cyber security impacts. Without an intuitive grasp of the impacts of software vulnerabilities, it is difficult for software developers to get interested in the inherent cyber security threats. To overcome the challenges, we have developed universally applicable small programs that illustrate the importance of cyber security mechanisms. The programs are designed so that they can be tried using only commonly available tools such as compliers to maximize their reach. These simple programs overcome the barriers to most cyber security issues that rely on specialized tools. By relating these programs to fundamental issues in cyber security, software developers gain first-hand experience of the potential impacts of cyber attacks and therefore increase the awareness of cyber security importance. To illustrate the effectiveness of the approach, we have developed several examples. We have used variations of the tools in intro-level computer organization and programming courses, that have raised curiosity and interests to cyber security substantially
Xiuwen Liu, Mike Burmester