Looking for input on security course design
As part of my masters degree capstone project I'm putting together outlines of all the courses that we would consider core and elective. SU had a 3-course computer security / information assurance track. We were looking over the "catalog" yesterday and realized that we still had a class called "Software Security". It's description talked about how to write secure code. Well, this is a software engineering program and we assume that students want to know more than implementation details.
We have a number of topics that we'd like to cover in 10 sessions (30 hours). But, we're still trying to get a better idea about what industry might want to see. Here's the list so far. If you have any thoughts, add it as a comment. I really appreciate any input.
Information Assurance
Encryption
Writing secure code
Standardization
Processes
Designing for security