Shostack + Friends Blog Archive

TRUSTing Mary Ann Davidson

Yesterday, Mary Ann Davidson had a fascinating post [link to http://blogs.oracle.com/maryanndavidson/2006/09/27#a60 no longer works] about the classics of Western literature. As usual for Mary Ann, the apparent basis of the post is really just exposition for her main point. In this case, the thrust of her post is the need for developers to have more training in secure coding at the university level. Mary Ann and several others have started working with several universities (including UC Berkeley, Stanford and CMU) and corporations (including GE, Sun and Visa) to produce such a curriculum. They are calling this program “The Team for Research in Ubiquitous Secure Technology” or TRUST and have bunch of resources and information [link to http://trust.eecs.berkeley.edu/ no longer works] online.
[Edit: Gunnar Peterson over at 1 Raindrop points out that: Ken Van Wyk and John Steven have an article “Essential Factors for Successful Software Security Awareness Training” [link to http://www.computer.org/portal/site/security/menuitem.6f7b2414551cb84651286b108bcd45f3/index.jsp?&pName=security_level1_article&TheCat=1001&path=security/2006/v4n5&file=bsi.xml& no longer works] in the current issue of IEEE Security and Privacy, that is also relevant to the general issue.]

Originally published by arthur on 29 Sep 2006
Last modified on 29 Sep 2006
Categories:   information security   Software Engineering   Uncategorized