Supported by
Microsoft Research
Faculty:
Kurt Stirewalt
Software Design (CSE 335) introduces students to issues in the development of large software products, libraries, and product families with emphasis on design concerns that dominate the development of such software. The course emphasizes explicit modeling and critical analysis of designs prior to implementation. Students learn heuristic methods to design for integration and changes in requirements, the fundamentals of software specification, and techniques for designing software to meet its specification.
The essential obstacle in teaching software design is the difficulty in imparting knowledge of "design methods" in any rigorous and assessable way. Such knowledge tends to be metaphorical rather than analytical and therefore only has meaning in the context of experience. Consequently, while it is easy to deliver lectures on such topics as object-oriented analysis, design for extension and contraction, or UML modeling; it is quite another to actually inculcate skill in applying such techniques. Recently, Professor Stirewalt developed an approach that has proved useful in imparting such knowledge.† The approach is based on putting students in an environment where they can attain enough experience to make the metaphorical knowledge meaningful. The approach relies on resources that make design problems tangible to students, who typically lack the experience necessary to really appreciate these issues. For example, to motivate the importance of well-factored and extensible class hierarchies, we developed a corpus of software that was intentionally not designed according to these principles. Exercises then require students to perform a maintenance task on this software—a task that would have been easy had these classes been designed for extension. After giving them time to achieve first-hand knowledge of the complexities, we ask them to refactor the poorly-designed software according to the design principle or method that is being covered in the lectures.
Currently, CSE 335 covers concerns such as design for reliability, verifiability, reusability, and ease of extension and contraction. Under the trustworthy computing project, we are extending this compendium to include security concerns. Specifically, we are developing a unit on threat modeling, which is a method for systematically identifying points of attack at the boundary of a system and informing the designer of potential vulnerabilities at these points. Commensurate with the nature of resources in CSE 335, the threat-modeling unit will include hands-on resources that are developed to motivate and inculcate skill in application. Because threat modeling applies to design models that are developed early in the software lifecycle, this unit will be delivered near the end of the course, following the introduction of life-cycle models and several weeks of training in analysis modeling and software architecture. Initially, the hands-on resources will extend an example system that is used throughout the course, namely a graphical browser that allows clients to interactively display and manipulate real-time streaming data that is generated by a distributed data server.
1 R. E. K. Stirewalt, " Teaching Software Engineering Bottom Up ," appears in Proc. of the ASEE Annual Symposium, Salt Lake City, 2004