A New Programming Environment for Teaching Secure C Programming and Assessment Dieter Pawelczak a Institute of Software Engineering, University of the Bundeswehr München, Germany Keywords: Tool based Learning, Teaching Programming, Secure Programming, Programming Environments, Automated Assessment System, Computer-supported Collaborative Learning, Computer Science Education. Abstract: Learning programming is a barrier for many students enrolled in engineering degree programs. In addition, students need to develop an awareness of security aspects in programming, especially with respect to robustness and correctness. Professional integrated development environments might overwhelm students with many options and features and distract them from learning. In order to lower the burden for novice programmers, we developed the Virtual-C IDE, a programming environment designed for programming beginners, which embeds some rules of the CERT secure C coding standard, provides memory visualizations to foster the students’ understanding of the memory model of C and integrates a testing framework that enables programming exercises and automated assessment. The paper shows the benefits of learning and teaching with the Virtual-C IDE, describes our experience with integrating secure coding in an introductory course and presents the students’ evaluation of that course. 1 INTRODUCTION Virtual-C IDE1, which runs C programs in a virtual machine, allows to easily include secure program- Many students enrolled in our electrical engineering ming aspects in our introductory course, and supports bachelor’s degree program struggle with learning teaching by visualizing many concepts during the programming. Independent from our university, these execution of a C program. The main requirements for difficulties are widespread and range from lack of un- developing a new IDE were: derstanding syntax to conceptual and strategic mis- a single installation without any configuration, conceptions (Qian and Lehman, 2017). In addition, same behavior on different computer systems, new challenges arrive with our emergent technolo- easy to use for students and teachers, gies: learning programming requires addressing secu- support for secure programming aspects, rity aspects (Tabassum et al., 2018). integration of exercises with direct feedback Although modern integrated development for individual learning, environments (IDE) support software developers automatic assessment for lab work, with template-based programming and code support for collaborative learning, completion (Vihavainen et al., 2014), the high available for standard computer platforms. number of features, menus and dialogs in those IDEs Other aspects for creating our own programming en- might overburden students and divert effort from the vironment were changes in license models of existing actual learning target (Dillon et al., 2012). professional IDEs as well as platform specific beha- Furthermore, modern IDEs print many notifications viour or fast-moving modifications from one version on errors or give advice for alternations during the to the next version of an IDE. editing, which might irritate novice programmers. We have been using the Virtual-C IDE in the To lower the burden for our students we introductory programming course for more than 5 developed a programming environment called the years now and are continuously developing it further. a https://orcid.org/0000-0002-1742-2520 1 The IDE is freely available for Windows, macOS and Linux at: https://sites.google.com/site/virtualcide/ 374 Pawelczak, D. A New Programming Environment for Teaching Secure C Programming and Assessment. DOI: 10.5220/0009354003740381 In Proceedings of the 12th International Conference on Computer Supported Education (CSEDU 2020) - Volume 1, pages 374-381 ISBN: 978-989-758-417-6 Copyright c 2020 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved A New Programming Environment for Teaching Secure C Programming and Assessment This paper discusses related work (Section 2), the be- introducing security aspects already in introductory nefits for teaching and learning (Section 3), a short programming courses. These aspects mainly focus on evaluation of the IDE and the new course design with robustness and correctness. It is important to teach respect to secure C coding (Section 4) and concludes students programming with security awareness from with an outlook (Section 5). the beginning, because it is difficult to adapt bad ha- bits or to eliminate misunderstandings later. In ad- dition, many textbooks on programming provide little 2 RELATED WORK information on security or may even contain vulner- abilities (Zhu et al., 2013). In addition, more and more compilers print warnings about security issues, so stu- 2.1 Educational Programming dents need to learn how to deal with them. ASIDE - Environments an eclipse plugin for secure coding in Java addresses this subject by explaining such compiler warnings Many educational programming environments have and showing proper solutions to fix the code (Zhu et evolved to counteract the difficulties for program- al., 2013). 2 ming beginners. The most common are BlueJ, Alice Of course, dealing with security aspects in the 3 4 and Scratch . BlueJ allows users to write Java code introductory programming course cannot replace an by guiding the programmer with a model of the pro- advanced course on IT security (Bandi et al., 2019). gram structure; thus, focusing on the modelling as- The security subjects have to be carefully chosen, to pect during learning programming. Alice and Scratch fit in with the scope of known concepts for the novice are block-based and more designed for children’s programmers. Although previous research reports on education. Block-based programming is performed successful integration of secure coding into introduc- visually by drag and drop of specific blocks and there- tory courses (Williams et al., 2014), even without fore does not require any knowledge about a language changing the workload of the students (Bandi et al., syntax, which is a typical barrier for learning pro- 2019), we propose that some security issues might gramming (Lahtinen et al., 2005). Block-C incorpo- even help with understanding the execution of a rates this idea for an introductory C course: programs computer program. can be dragged together on a block base, the resulting functions can be exported to C program code, edited and reversely translated back to blocks (Kyfonidis et al., 2017). Although this concept sounds promising, 3 BENEFITS OF THE IDE we prefer students to work with an IDE, which differs not too much from available professional IDEs (com- 3.1 Benefits for Teaching pare Vihavainen et al., 2014). Another interesting project is ICE, an automated 3.1.1 Usability and Scalability tool for teaching advanced programming with an integrated assessment system, which provides quite The Virtual-C IDE starts with a clearly arranged set similar functionality compared to the Virtual-C IDE, of windows for editing and debugging C programs. yet with the focus on advanced topics (Gonzalez, Each view has a zoom-in and zoom-out option and is 2017). Other introductory courses use professional freely locatable to easily fit to different video beamer IDEs configured or modified by plugins. An solutions. Window arrangements can be stored for extensive overview is found in (Luxton-Reilly, 2018). different applications or varying lecture rooms. Compiler, linker and debugger are configured for 2.2 Integration of Secure Coding Rules instant debugging – thus a lecturer can directly debug a correct C program without the need for a project Since the turn of the millennium, the ACM (Associa- configuration. While for many examples in introduc- tion for Computing Machinery) has been calling for tory programming a single source file is sufficient, the Virtual-C IDE also supports projects with multiple computer science education to be adapted to secure software development. Usually, this takes place in ad- files. We use the IDE for beginners and advanced pro- vanced courses such as IT security or secure software gramming courses, as well as for the compiler con- struction course. Therefore, the compiler generators engineering (ACM, 2016). Due to the high impor- tance of the topic (Williams et al., 2014) suggest flex and bison can be directly integrated. The IDE 2 https://www.alice.org/ 4 https://bluej.org 3 https://scratch.mit.edu 375 CSEDU 2020 - 12th International Conference on Computer Supported Education supports platform independent ISO C18, including to fit the requirements from (Cert, 2016) by enabling C18 threads and provides a subset of the Simple the checks, which are reported as warnings (compare DirectMedia Layer to work with hardware access Figure 2). (graphics, keyboard and mouse events). Therefore, it offers a wide variety of possibilities for course design. 3.1.2 Memory Visualization Understanding different memory segment types is far more important for learning C as compared to other programming languages like e.g. Java or Python, which hide low level memory operations from the Figure 2: Security warning example for STR31-C and programmer or provide a garbage collector. FIO47-C (Cert, 2016). 3.1.4 Simple Exercises The Virtual-C IDE integrates a testing framework which allows lecturers to hand out simple exercises to their students. The testing framework is adapted from the Google C++ Testing Framework5 for C and pro- vides additional test methods to simplify writing