Visualization for secure coding in C

Authors

James Walker, Michigan Technological UniversityFollow
Jean Mayo, Michigan Technological UniversityFollow
Ching-Kuang Shene, Michigan Technological UniversityFollow
Steven Carr, Western Michigan University

Document Type

Article

Publication Date

7-3-2017

Department

Department of Cognitive and Learning Sciences

Abstract

This paper describes a pedagogical system to visualize program execution.1 The visualization is designed to help students understand how to develop more secure and robust C programs. The system provides several perspectives on the execution including: the values of registers and the logical address space, a call graph, the file descriptor and inode tables, and the handling of sensitive data like passwords and keys. These visualizations are designed to help students understand fundamental concepts such as: buffer overflows, integer overflows, proper handling of sensitive data and application of the principle of least privilege in several contexts including file operations, secure SUID programming, and use and management of the process environment.

Publisher's Statement

©2017 Copyright held by the owner/author(s). Publisher's version of record: https://doi.org/10.1145/3059009.3072990

Publication Title

Proceedings of the 2017 ACM Conference on Innovation and Technology in Computer Science Education

Recommended Citation

Walker, J., Mayo, J., Shene, C., & Carr, S. (2017). Visualization for secure coding in C. Proceedings of the 2017 ACM Conference on Innovation and Technology in Computer Science Education. http://doi.org/10.1145/3059009.3072990
Retrieved from: https://digitalcommons.mtu.edu/michigantech-p/607