SEED:

Project Summary

The importance of experiental learning has long been recognized in the learning theory literature. Dewey (1938) pointed out that learning must be grounded in experience; Lewin (1951) claimed that learning is attained through active participation in the learning process; Piaget (1952) stated that learning occurs as a result of the interaction between the individual and the environment. Peter Denning also indicated that if we adopt a picture that ignores practice, our field (computing) will end up like the failed "new math" of the 1960s--all concepts, no practice, lifeless; dead.

The objective of the SEED project is to develop an instructional laboratory environment and laboratory exercises (called labs) for computer system security education. Our approach is motivated by the traditional mature courses, such as Operating Systems (OS), Compilers, and Networking. In OS courses, a widely adopted successful practice is using an instructional OS (e.g. Minix, Nachos, and XINU) as a framework and ask students to write significant portions of each major piece of a modern OS. The Compiler and Network courses adopted a similar approach. Inspired by the success of the instructional OS strategy, we adapt it to our computer security courses. Namely, we use an instructional operating system (Minix) as our basis, and develop lab exercises on this instructional system.

The goal of our labs is to help students focus on (1) grasping security principles, concepts, and technologies, (2) applying security principles to design and implement security mechanisms, (3) analyzing and testing systems for security properties. (4) applying security principles to solve real-world problems. To meet this goal, we have designed a number of labs. Since 2002, we have been experimenting with some of these labs in both undergraduate and graduate courses, including Introduction to Computer Security, Computer Security, and Internet Security.

Open Source Design

These lab documents are released as open source documents. Permission is granted to copy, distribute and/or modify these documents under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. A copy of the license can be found at http://www.gnu.org/licenses/fdl.html.

SEED Labs

• All the labs we have developed
• Environment setup for the labs
• Supporting materials and documentations
• People involved in this project
• Amount of downloads for SEED labs
• Guidelines for instructors who are interested in adopting some of the SEED labs
• For textbook authors and publishers
• Evaluation results of SEED labs

Sponsors

• NSF CCLI: Course, Curriculum, and Laboratory Improvement program (Phase-II: $451,682, 01/2007-12/2010. Grant No. 0618680)
• NSF CCLI: Course, Curriculum, and Laboratory Improvement program (Phase-I: $74,984, 01/2003-12/2005. Grant No. 0231122)
• Syracuse University Vision Fund ($5000, 01/2003-12/2003)

News

• April 12, 2011: Several SEED labs are linked to the web site of the textbook, Introduction to Computer Security by Michael T. Goodrich and Roberto Tamassia (follow the "Projects" link).
• September 21st, 2010: The SEED project is in a news published by the American Association for the Advancement of Science (AAAS).
• September 2010: The SEED project is highlighted by TUES/CCLI in a report titled New Challenges, New Strategies: Building Excellence in Undergraduate STEM Education (Page 16). The report, sent to Congress recently, "highlights 17 projects that represent cutting-edge creativity in undergraduate STEM classes nationwide".

Publications

• For Textbook Authors, Publishers, and Users:
  • Mapping to Textbooks: We have mapped SEED labs to the chapters of 7 textbooks on Computer Security. November 2011.
  • Summary of SEED Labs: We have created this summary document for textbook authors to include in their books. November 2011.

• Instructor Manual: Wenliang Du. Only the cover page. We picked the best student reports over the last few years, and put them together to produce this instructor manual. The cover page of this manual is put here. If you are an instructor and want to get a copy, please send me an email (wedu@syr.edu) with your mailing address and the evidence that you are an instructor, and I will mail you a hardcopy. I will also mail to oversea instructors.

• New Version: Wenliang Du. A collection of all 28 SEED Labs (January 2011). This version was made in January 2011. In addtion to the labs, it includes the guidelines for instructors who are interested in adopting some of the labs; this version also includes the evaluation results, which show how students evaluate our labs.

• Wenliang Du. A collection of all 21 SEED Labs (October 2009). This version was made in October 2009.

• Chinese Version: Wenliang Du, Jianchun Jiang, and Weiping Wen. Chinese version of SEED labs (October 2009). We translated 17 of our labs to Chinese, so they can be adopted by universities and training programs in China.

• Wenliang Du. A collection of 17 Labs (in a single pdf file). Distributed at The Secure Coding Faculty Workshop, April 14-15, 2008, Orlando, FL. (Presentation Slides)

• Journal: Wenliang Du. The SEED Project: Providing Hands-on Lab Exercises for Computer Security Education. In IEEE Security and Privacy Magazine, September/October, 2011. Invited paper.

• Journal: Wenliang Du and Ronghua Wang SEED: A Suite of Instructional Laboratories for Computer Security Education (Extended Version). In The ACM Journal on Educational Resources in Computing (JERIC), Volume 8, Issue 1, March 2008.

• Journal: Wenliang Du, Mingdong Shang, and Haizhi Xu. A Novel Approach for Computer Security Education using Minix Instructional Operating System. In Computer & Security, Volume 25, Issue 3, 2006. Pages 190-200.
• Wenliang Du, Karthick Jayaraman, and Noreen B. Gaubatz. Enhancing Security Education with Hands-on Laboratory Exercises. In Proceedings of the 5th Annual Symposium on Information Assurance (ASIA '10). June 16-17, 2010, Albany, New York. Best Paper Award.

• Wenliang Du. SEED: 25 Hands-on Labs for Information Assurance Education. A short topic presentation at the The Colloquium for Information Systems Security Education (CISSE). June 7-9, 2010. Baltimore, Maryland.

• Wenliang Du, Zhouxuan Teng, and Ronghua Wang. SEED: A Suite of Instructional Laboratories for Computer Security Education. In Proceedings of the SIGCSE Technical Symposium on Computer Science Education. March 7-10, 2007, Covington, Kentucky, USA. (Slides)

• Wenliang Du. Developing an Instructional Operating System for Computer Security Education . In 7th Colloquium for Information Systems Security Education (CISSE). June 3-5, 2003, Washington DC. 2003.
• Tutorial: Using Instructional Operating System to Teach Computer Security Courses. In the 11th ACM Conference On Computer And Communication Security (CCS). Alexandria, VA, November 10, 2005.

Security Lab Development Efforts at Other Places

• Secure Web Development Teaching Modules (PI: Dr. Li-Chiou Chen at Pace University).
• Security Injection (PI: Dr. Blair Taylor at Towson University).