CSC News

CSC News CSC eNewsletter Department Publications Featured News Graduate News Research News Undergraduate News In the News Lectures & Seminars Faculty & Staff Awards College of Engineering News NC State News OIT News NC State SYS News Research Newsletter News Archives

Williams’ NSF CAREER award aims to help advance test-driven software development

Helping software developers check for potential security flaws as part of the code-writing process – rather than waiting until a product is finished – is the goal of Laurie Williams’ recently announced $400,000 National Science Foundation CAREER award project.

Williams, assistant professor of computer science, is the 13th computer science faculty member to receive an NSF award in the past eight years. Her project builds on her previous work in software security, including test-driven development (TDD), and a concept called pair programming in which she explores the merits of having software developers work in pairs rather than in isolation.

TDD – a technique in which developers incrementally test and implement software in tight feedback loops as it is being developed – is just starting to catch on, she says.

“Most people simulate an attack on the software once the product is finished,” she says. “Our goal is to simulate security break attempts at the lowest level – the unit level.” The TDD software development technique uses tight verification and validation feedback loops to allow software developers to build security into the product from the beginning, rather than fixing problems that show up later.

“Our nation's critical infrastructure demands that our current and future IT professionals have the knowledge, tools, and techniques to produce reliable and trustworthy software,” Williams says.

Toward that end, Williams aims to extend, validate, and disseminate the TDD technique to aid in the prevention of computer-related disasters. As part of her project, she will provide a supportive open-source catalog of security testing patterns resulting from her study via the Internet.

Williams will also be incorporating her work on pair programming/pair testing as part of this project, looking at the security and reliability enhancing value of having people work in pairs to program and test software. She also will examine the potential of pair programming/pair testing for improving the success and retention of socially oriented women, men, and minorities in the IT workforce.

On another NSF-sponsored pair programming project, Williams is working with Neha Katira, a student in the master of science program. Katira is running an extensive study examining ways in which to increase the chances that the two programmers in the pair will be compatible with each other – allowing them to be more productive and produce code of higher quality.

NSF CAREER awards always include an educational as well as a research component. Williams will be bringing her research into the classroom via a student competition initially offered through her new software reliability and testing course.

As part of the course, the students will develop a software project. “At the end of the semester, they will try to break into each others’ projects,” she says. Ultimately, she hopes to extend the competition to include students taking similar courses at other universities.

The student competition was designed to help build excitement about developing secure and reliable software applications, she says. She also will develop a revised undergraduate software engineering textbook, integrating security and reliability topics.

Her project is particularly relevant in today’s cyber-intensive world. “There is so much concern today about the cyber trust and security problems,” she says. “From national security to our power grids, so much depends on systems that currently may be subject to attack. However, much security is applied like a band aid, after a system is broken. We are trying to get it right from the onset, to avoid the need for the band aid.”

- rzewnicki -