BUILDING SECURITY IN: Learning Objectives for CS0, CS1, and CS2
Introduction
Security injections are “drop-in” modules designed to support minimally-invasive introduction of security to
Computer Science undergraduate classes. Specifically, we are focused on the first three introductory courses:

CS0: A gentle introduction to Computer Science. May present programming constructs and concepts
without necessarily requiring any programming. Often designed for students with no prior exposure to
programming. May or may not be required.

CS1: Introduction to Computer Science I: An introductory programming course, covering imperative
programming in a language such as C/C++ or Java. Generally required for CS majors.

CS2: Introduction to Computer Science II. Building upon CS1, this course will often introduce objectoriented programming, data structures and other topics that are fundamental, but more advanced than
those found in CS1.
The following descriptions provides objectives for security modules for each of those three courses, with
modules for each course covering the three major topics in secure programming: integer overflow, input
validation, and buffer overflow.
Our assumption is that modules for each of these three topics will be used in each of the three introductory
courses, thus providing students with repeated exposure to important concepts. The learning objectives reflect
greater expectations for more advanced students. As the modules progress from CS0 to CS1 and CS2, the
modules become more detailed and the problems become more challenging. Whereas students in CS0 might
be expected to identify a vulnerability in very simple code, CS2 students should be able to both identify and
remedy potential vulnerabilities in slightly longer programs.
The three-course model presented above is not universally used. Some institutions have three required courses,
perhaps spreading CS1 and CS2 over three semesters. Other schools may not have courses that are equivalent
to CS0. Instructors working with different models may need to revise both the modules and the objectives to
meet their unique needs.
Common objectives will be used for each class of vulnerability.
Objectives
Upon completion of a security injection module, the student should be able to:
CS0
CS1
CS2
Describe the vulnerability
X
X
X
Describe potential
problems that may result
from the vulnerability
X
X
X
Identify vulnerabilities in a X
simple program written in
the language of instruction
X
X
Discuss general strategies
for mitigating
vulnerabilities
X
X
Write code that uses
appropriate techniques to
mitigate or avoid the
vulnerability
X
X
Revise a program,
eliminating vulnerabilities
X
Discuss the impact of the
choice of programming
language on susceptibility
to the vulnerability
X
Mapping of Objectives to Module Contents
Integer Overflow
CS0
Describe the vulnerability:
Discussion question 1 : “What happens when you exceed the largest integer value? Why do you think
that is?”
Discussion question 2: How could assignment result in an integer overflow?
Discussion question 3: How could input result in an integer overflow?
Describe potential problems that may result from the vulnerability:
Discussion question 4 : “What sort of things might go wrong when an integer overflow happens?”
Identify vulnerabilities in a simple program written in the language of instruction:
Sample code & checklist completion
CS1
Describe the vulnerability:
Discussion question 1: “In your own words, describe an integer overflow”.
Discussion question 2: “How could an integer overflow occur in your program? “
Describe potential problems that may result from the vulnerability:
Discussion question 3: “What happens when an integer overflow occurs? “
Discussion question 4: “Why is multiplication particularly risk?
Identify vulnerabilities in a simple program written in the language of instruction:
Problem 1-3, Running a program, checklist
Discuss general strategies for mitigating vulnerabilities:
Discussion question 5: “Name three things that you might do in your next program to prevent an integer
overflow from occurring? “
Write code that uses appropriate techniques to mitigate or avoid the vulnerability :
Problem 3 – appropriate variable declarations for various values.
Problem 4 - write a program to force an overflow. Modify the data type to avoid the overflow.
CS2
Describe the vulnerability:
Discussion question 1: “In your own words, describe an integer overflow.”
Discussion question 2: “How could an integer overflow occur in your program?”
Discussion question 4: “Why is multiplication particularly risky?”
Describe potential problems that may result from the vulnerability
Discussion question 3: “What happens when an integer overflow occurs?”
Discussion question 4: “Why is multiplication particularly risk?
Identify vulnerabilities in a simple program written in the language of instruction:
Problem 3 - Sample code & checklist
Problem 1: “ Try this program out. What happens if you start with a population of 10,000 and a 10%
growth rate? How about 20,000? Find two combinations of starting populations and growth rates that
lead to overflows, and two that do not.”
Problem 2: Does a short seem like a good choice of data type for this program? Why or why not?
Discuss general strategies for mitigating vulnerabilities:
Discussion Question 5 “Name three things that you might do in your next program to prevent an integer
overflow from occurring? “
Write code that uses appropriate techniques to mitigate or avoid the vulnerability:
Problem 5 “Write a version of this program that uses still uses short variables to store results and
appropriate error and result handling to respond to overflows. You may use the technique of storing
values in temporary variables before assigning them to the short variables”
Revise a program, eliminating vulnerabilities:
Problem 4: “ Write a corrected version of this program that uses appropriate data types that will make
this program run correctly for calculating population growths for any university and any country in the
world.”
Discuss the impact of the choice of programming language on susceptibility to the vulnerability
Discussion Question 6: How would these strategies differ if you were using a different language (perhaps
C++) as opposed to Java?
Input Validation
CS0
Describe the vulnerability:
Discussion Question 1: Describe either an example of an input validation problem that you may have
encountered or an interface that was particularly good about handling input validation. If you can't
remember having any sort of problem, try some web pages or online systems and see if you can dig one
up.
Describe potential problems that may result from the vulnerability:
Problem 3: What happens if you type non-numeric characters (letters or symbols) for the age?
Problem 4: What happens if you type a negative number for the number to count up to?
Identify vulnerabilities in a simple program written in the language of instruction:
Problem 1: Complete the following checklist for this program.
Problem 2: List the potential input validation errors
CS1
Describe the vulnerability:
Discussion Question 1: Describe either an example of an input validation problem that you may have
encountered or an interface that was particularly good about handling input validation. If you can't
remember having any sort of problem, try some web pages or online systems and see if you can dig one
up.
Describe potential problems that may result from the vulnerability:
Problem 3: Provide example inputs that might cause validation problems and describe the problems that
they might cause.
Problem 4: What happens if you type non-numeric characters for the starting position?
Identify vulnerabilities in a simple program written in the language of instruction:
Problem 1: Complete the following checklist for this program.
Problem 2: List the potential input validation errors.
Discuss general strategies for mitigating vulnerabilities:
Discussion Question 2: Imagine having the chance to talk to the folks who built the system that you
identified (in question 1) as having an input validation problem. What might you suggest that they do to
fix this problem? Are there multiple approaches that they might use?
Discussion Question 3: In problem 5 above, you were asked to validate the year of an individual's birth.
What assumptions does your code make about birthdates? How would your program differ if you were
dealing with historical figures, or people who lived more than two thousand years ago?
Write code that uses appropriate techniques to mitigate or avoid the vulnerability :
Problem 5: Write a program that asks a user for their day, month, and year of birth. Make sure that each
of these values are validated appropriately.
CS2
Describe the vulnerability
Discussion question 1: Describe either an example of an input validation problem that you may have
encountered. If you can't remember having any sort of problem, try some web pages or other software
tools – try to find a system that fails to validate input data correctly.
Describe potential problems that may result from the vulnerability
Problem 4: What happens if you type non-numeric characters for either the number of names or which
name you wanted to retrieve?
Identify vulnerabilities in a simple program written in the language of instruction
Problem 1: Complete the following checklist for this program.
Problem 2: List the potential input validation errors.
Problem 3: Provide example inputs that might cause validation problems.
Discuss general strategies for mitigating vulnerabilities
Discussion Question 1:You're writing a program that asks the user to type in a telephone number. How
might you validate that the characters that they've typed represent a legal telephone number? You
should assume that you're only concerned about phone numbers from the US, but you want to give
users as much flexibility as possible, in terms of spaces and punctuation characters. List some rules
that you might use. Make sure that you complete this question before moving on to question #2.
Discussion Question 2: Find an example of a phone number that doesn't fit your rules.
Discussion question 4: If input is sufficiently cryptic, it might be hard to provide useful error messages in
responses to invalid input. Describe some strategies that might be used to help users recover from
invalid input.
Write code that uses appropriate techniques to mitigate or avoid the vulnerability
Problem 6: Input validation can often be particularly challenging for personal information. Imagine you're
writing a program that will help users of a web site make a purchase. To do this, your program will ask
them for their name, address, zip, and credit card information. The credit card information will contain a
16 digit credit card number, the month and date of expiration, and a three-digit verification code. Write a
program that will ask the user to type all of these values. Your program should validate each piece of
input provided.
Revise a program, eliminating vulnerabilities
Problem 5: Revise the program to properly validate errors and gracefully recover from invalid input.
Discuss the impact of the choice of programming language on susceptibility to the vulnerability
Discussion Question 5: Some friends of yours, are discussing the merits of using Java as opposed
to C++ for input validation. Jane says that the availability of built-in functions that avoid input validation
problems makes Java an attractive choice, while Bob argues that freely-available open-source libraries
for C++ can provide the same features. Mary counters by saying that Java's features and these open
source libraries can lead to trouble, as they may lead some programmers to think that the language will
take care of things for them. Who do you agree with, and why? If you had to choose between C++ and
Java, would you be agree with – Bob or Jane?
Buffer Overflow
CS0
Describe the vulnerability:
Discussion Question 1: Describe the buffer overflow problem
Discussion Question 2: Give three real life examples of buffer overflow attacks (research on the web).
Discussion Question 4: List three ways you could potentially overflow a buffer in your program.
Discussion Question 5: How could you prevent a buffer overflow from occurring in your program?
Describe potential problems that may result from the vulnerability:
Discussion Question 3: What can result from a buffer overflow?
Identify vulnerabilities in a simple program written in the language of instruction:
Problem 1: Complete the following checklist for this program.
Problem 2: The V indicates where the potential buffer could occur. How could we prevent this?
Problem 3: Revise the program to eliminate potential buffer overflow problems.
Problem 4: Turn in program (marked after completing checklist), output, and questions.
CS1
Describe the vulnerability:
Discussion Question 1: Describe the buffer overflow problem.
Discussion Question 2: Give three real life examples of buffer overflow attacks (research on the web).
Discussion Question 6: Buffer overflows can be troublesome if they are used by hackers to run their
own code. What sort of things might a hacker try to do if he or she were able to run any code they
wanted on a computer?
Describe potential problems that may result from the vulnerability:
Discussion Question 3: What can result from a buffer overflow?
Identify vulnerabilities in a simple program written in the language of instruction:
Problem 1: Complete checklist for this program.
Problem 2.1-2.3 Write a menu driven program, complete checklist , list potential buffer overflow errors,
and provide example inputs that might cause buffer overflow problems.
Discuss general strategies for mitigating vulnerabilities:
Discussion Question 4: List three ways you could potentially overflow a buffer in your program.
Discussion Question 5: How could you prevent a buffer overflow from occurring in your program?
Problem 2.4: What strategies might you use to remove potential buffer overflow
vulnerabilities from this program?
Write code that uses appropriate techniques to mitigate or avoid the vulnerability :
Problem 2.5: Revise the program to eliminate potential buffer overflow problems. You should
be able to do this without adding any exception handling code.
CS2
Describe the vulnerability
Discussion Question 2: Countless currently running programs were built using C and C++. Buffer
overflow vulnerabilities are often found in these programs, often after they have been in use for many
years. Why should it be so difficult to find and fix buffer overflow flaws in software?
Discussion Question 3: Text input boxes in graphical user interfaces present the possibility of a different
kind of buffer overflow. Specifically, users input can fill the box and (in some cases) cause some of the
input to be obscured. What are the possible problems that this type of overflow might cause? How do
they differ from the problems associated with a buffer overflow?
Describe potential problems that may result from the vulnerability
Discussion Question 4: Buffer overflows can be troublesome if they are used by hackers to run their own
code. What sort of things might a hacker try to do if he or she were able to run any code they wanted on
a computer?
Identify vulnerabilities in a simple program written in the language of instruction
Problem 1: Complete the following checklist for this program.
Problem 2: List the potential buffer overflow errors.
Problem 3: Provide example inputs that might cause buffer overflow problems.
Discuss general strategies for mitigating vulnerabilities
Problem 4: What strategies might you use to remove potential buffer overflow vulnerabilities from this
program?
Write code that uses appropriate techniques to mitigate or avoid the vulnerability
Problem 6: Write a procedure that will copy an arbitrary subrange of one array of integers into an other
array. Your procedure will take four arguments:
1. The source array of integers
2. A starting point and ending point in the source array
3. The destination array of integers – the array that you will be copying number sto
4. An integer indicating the index of the position in the destination array where copying should
start.
Be sure to validate all input, responding appropriately to any validation problems.
Revise a program, eliminating vulnerabilities
Problem 5. Revise the program to eliminate potential buffer overflow problems. You should be able to do
this without adding any exception handling code.
Discuss the impact of the choice of programming language on susceptibility to the vulnerability
Discussion Question 1: Buffer overflows are more troublesome for some programming languages than
for others. For example, C and C++ lack the built-in bounds checking facilities that Java provides. Some
people have argued that this is a good reason to avoid C and C++ in favor of Java or other “safer”
languages. Do you think this is a good idea? Why or why not?