Integrating Security Concepts Into Introductory Programming Courses

Alina Torbunova; Ivan Porres

doi:10.1007/978-3-031-94924-1_15

Integrating Security Concepts Into Introductory Programming Courses

Alina Torbunova, Ivan Porres

Information Technology

Research output: Chapter in Book/Conference proceeding › Published conference proceeding › Scientific › peer-review

21 Downloads (Pure)

Abstract

This article proposes a method to help students develop a security mindset by incorporating security concepts into a university-level introductory programming course. The method is based on a mapping of introductory programming topics to relevant security concepts. The mapping is used to modify lecture materials and programming projects to incorporate security-related information and requirements. These modifications are added gradually, with minimal impact on existing learning outcomes and expected student effort. We evaluated our method in a case study on the introduction of security concepts in an introductory programming course in Python. For this, we analyzed student programming projects and conducted a post-course survey. The results show improved security implementation in student projects and increased awareness of the importance of security in programming.

Original language	English
Title of host publication	Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings
Editors	Lynette Drevin, Wai Sze Leung, Suné von Solms
Publisher	Springer
Pages	217-233
Number of pages	16
ISBN (Electronic)	978-3-031-94924-1
ISBN (Print)	978-3-031-94923-4
DOIs	https://doi.org/10.1007/978-3-031-94924-1_15
Publication status	Published - 26 Jul 2025
MoE publication type	A4 Article in a conference publication
Event	IFIP World Conference on Information Security Education - Duration: 21 May 2025 → 23 May 2025

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	742 IFIPAICT
ISSN (Print)	1868-4238
ISSN (Electronic)	1868-422X

Conference

Conference	IFIP World Conference on Information Security Education
Period	21/05/25 → 23/05/25

Funding

This work has received funding from the Finnish Ministry of Education and Culture under grant agreement OKM/60/522/2022. We would like to thank Annamari Soini for providing the opportunity to perform a case study on the method proposed in this paper.

Access to Document

10.1007/978-3-031-94924-1_15

Integrating_security_concepts_FINALAccepted author manuscript, 290 KBLicence: Publisher rights policy

https://urn.fi/URN:NBN:fi-fe2025081382394

Cyber security training cooperation network
Porres Paltor, I. (Principal Investigator), Walden, M. (Principal Investigator), Torbunova, A. (Project staff), Nybom, K. (Project staff) & Truscan, D. (Project staff)
01/02/23 → 31/12/25
Project: Ministry / Government Agency

Cite this

Torbunova, A., & Porres, I. (2025). Integrating Security Concepts Into Introductory Programming Courses. In L. Drevin, W. S. Leung, & S. von Solms (Eds.), Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings (pp. 217-233). (IFIP Advances in Information and Communication Technology; Vol. 742 IFIPAICT). Springer. https://doi.org/10.1007/978-3-031-94924-1_15

Torbunova, Alina ; Porres, Ivan. / Integrating Security Concepts Into Introductory Programming Courses. Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings. editor / Lynette Drevin ; Wai Sze Leung ; Suné von Solms. Springer, 2025. pp. 217-233 (IFIP Advances in Information and Communication Technology).

@inproceedings{504a85d760a44af98e8a196f420e1945,

title = "Integrating Security Concepts Into Introductory Programming Courses",

abstract = "This article proposes a method to help students develop a security mindset by incorporating security concepts into a university-level introductory programming course. The method is based on a mapping of introductory programming topics to relevant security concepts. The mapping is used to modify lecture materials and programming projects to incorporate security-related information and requirements. These modifications are added gradually, with minimal impact on existing learning outcomes and expected student effort. We evaluated our method in a case study on the introduction of security concepts in an introductory programming course in Python. For this, we analyzed student programming projects and conducted a post-course survey. The results show improved security implementation in student projects and increased awareness of the importance of security in programming.",

author = "Alina Torbunova and Ivan Porres",

year = "2025",

month = jul,

day = "26",

doi = "10.1007/978-3-031-94924-1\_15",

language = "English",

isbn = "978-3-031-94923-4",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer",

pages = "217--233",

editor = "Lynette Drevin and Leung, \{Wai Sze\} and \{von Solms\}, Sun{\'e}",

booktitle = "Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings",

note = "IFIP World Conference on Information Security Education ; Conference date: 21-05-2025 Through 23-05-2025",

}

Torbunova, A & Porres, I 2025, Integrating Security Concepts Into Introductory Programming Courses. in L Drevin, WS Leung & S von Solms (eds), Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings. IFIP Advances in Information and Communication Technology, vol. 742 IFIPAICT, Springer, pp. 217-233, IFIP World Conference on Information Security Education, 21/05/25. https://doi.org/10.1007/978-3-031-94924-1_15

Integrating Security Concepts Into Introductory Programming Courses. / Torbunova, Alina ; Porres, Ivan.
Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings. ed. / Lynette Drevin; Wai Sze Leung; Suné von Solms. Springer, 2025. p. 217-233 (IFIP Advances in Information and Communication Technology; Vol. 742 IFIPAICT).

Research output: Chapter in Book/Conference proceeding › Published conference proceeding › Scientific › peer-review

TY - GEN

T1 - Integrating Security Concepts Into Introductory Programming Courses

AU - Torbunova, Alina

AU - Porres, Ivan

PY - 2025/7/26

Y1 - 2025/7/26

N2 - This article proposes a method to help students develop a security mindset by incorporating security concepts into a university-level introductory programming course. The method is based on a mapping of introductory programming topics to relevant security concepts. The mapping is used to modify lecture materials and programming projects to incorporate security-related information and requirements. These modifications are added gradually, with minimal impact on existing learning outcomes and expected student effort. We evaluated our method in a case study on the introduction of security concepts in an introductory programming course in Python. For this, we analyzed student programming projects and conducted a post-course survey. The results show improved security implementation in student projects and increased awareness of the importance of security in programming.

AB - This article proposes a method to help students develop a security mindset by incorporating security concepts into a university-level introductory programming course. The method is based on a mapping of introductory programming topics to relevant security concepts. The mapping is used to modify lecture materials and programming projects to incorporate security-related information and requirements. These modifications are added gradually, with minimal impact on existing learning outcomes and expected student effort. We evaluated our method in a case study on the introduction of security concepts in an introductory programming course in Python. For this, we analyzed student programming projects and conducted a post-course survey. The results show improved security implementation in student projects and increased awareness of the importance of security in programming.

U2 - 10.1007/978-3-031-94924-1_15

DO - 10.1007/978-3-031-94924-1_15

M3 - Published conference proceeding

SN - 978-3-031-94923-4

T3 - IFIP Advances in Information and Communication Technology

SP - 217

EP - 233

BT - Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings

A2 - Drevin, Lynette

A2 - Leung, Wai Sze

A2 - von Solms, Suné

PB - Springer

T2 - IFIP World Conference on Information Security Education

Y2 - 21 May 2025 through 23 May 2025

ER -

Torbunova A , Porres I. Integrating Security Concepts Into Introductory Programming Courses. In Drevin L, Leung WS, von Solms S, editors, Information Security Education. Empowering People Through Information Security Education - 17th IFIP WG 11.8 World Conference, WISE 2025, Proceedings. Springer. 2025. p. 217-233. (IFIP Advances in Information and Communication Technology). doi: 10.1007/978-3-031-94924-1_15

Integrating Security Concepts Into Introductory Programming Courses

Abstract

Publication series

Conference

Funding

Access to Document

Projects

Cyber security training cooperation network

Cite this