Developing Instructional Laboratories for Computer SEcurity EDucation

Project Summary


The importance of experiental learning has long been recognized in the learning theory literature. Dewey (1938) pointed out that learning must be grounded in experience; Lewin (1951) claimed that learning is attained through active participation in the learning process; Piaget (1952) stated that learning occurs as a result of the interaction between the individual and the environment. Peter Denning also indicated that if we adopt a picture that ignores practice, our field (computing) will end up like the failed "new math" of the 1960s--all concepts, no practice, lifeless; dead.

The objective of the SEED project is to develop an instructional laboratory environment and laboratory exercises (called labs) for computer system security education. Our approach is motivated by the traditional mature courses, such as Operating Systems (OS), Compilers, and Networking. In OS courses, a widely adopted successful practice is using an instructional OS (e.g. Minix, Nachos, and XINU) as a framework and ask students to write significant portions of each major piece of a modern OS. The Compiler and Network courses adopted a similar approach. Inspired by the success of the instructional OS strategy, we adapt it to our computer security courses. Namely, we use an instructional operating system (Minix) as our basis, and develop lab exercises on this instructional system.

The goal of our labs is to help students focus on (1) grasping security principles, concepts, and technologies, (2) applying security principles to design and implement security mechanisms, (3) analyzing and testing systems for security properties. (4) applying security principles to solve real-world problems. To meet this goal, we have designed a number of labs. Since 2002, we have been experimenting with some of these labs in both undergraduate and graduate courses, including Introduction to Computer Security, Computer Security, and Internet Security.

Open Source Design

These lab documents are released as open source documents. Permission is granted to copy, distribute and/or modify these documents under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. A copy of the license can be found at



  • (New) NSF Capacity Building: Spreading SEEDs: Large-Scale Dissemination of Hands-on Labs for Security Education. ($827,385, 09/2014 - 08/2018. Grant No. 1303306).
  • NSF TUES/CCLI: SEED: Developing Instructional Laboratories for Computer SEcurity EDucation ($451,682, 01/2007-12/2011. Grant No. 0618680).
  • NSF CCLI: Designing Laboratory Materials for Computer System Security Courses Using Minix Instructional Operating System ($74,984, 01/03-12/05. Grant No. 0231122).
  • Syracuse University Vision Fund ($5000, 01/2003-12/2003)


  • (New) September 30, 2014: We have developed a new lab to give students a first-hand experience on the recently discovered Shellshock vulnerability.
  • (New) Through a recent grant, NSF will provide money for us to organize workshops, which are intended to provide training for instructors to use the SEED labs. All the cost will be covered by the grant. The application process will start in Spring 2015, so stay tuned.
  • January 15, 2014: After 6 months of testing, we now officially release a new VM image (SEEDUbuntu12.04) for SEED labs. This image replaces the previous SEEDUbuntu11.04 image. You can get the new VM from the Lab Setup page.
  • January 2, 2014: The SEED Labs are being adopted by many schools worldwode. See this map for details.
  • April 12, 2011: Several SEED labs are linked to the web site of the textbook, Introduction to Computer Security by Michael T. Goodrich and Roberto Tamassia (follow the "Projects" link).
  • September 21, 2010: The SEED project is in a news published by the American Association for the Advancement of Science (AAAS).
  • September 2010: The SEED project is highlighted by TUES/CCLI in a report titled New Challenges, New Strategies: Building Excellence in Undergraduate STEM Education (Page 16). The report, sent to Congress recently, "highlights 17 projects that represent cutting-edge creativity in undergraduate STEM classes nationwide".


Security Lab Development Efforts at Other Places