| NSF Org: |
DUE Division Of Undergraduate Education |
| Recipient: |
|
| Initial Amendment Date: | September 6, 2010 |
| Latest Amendment Date: | September 15, 2011 |
| Award Number: | 1022557 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Victor Piotrowski
vpiotrow@nsf.gov (703)292-5141 DUE Division Of Undergraduate Education EDU Directorate for STEM Education |
| Start Date: | October 1, 2010 |
| End Date: | September 30, 2015 (Estimated) |
| Total Intended Award Amount: | $493,712.00 |
| Total Awarded Amount to Date: | $493,712.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
2550 NORTHWESTERN AVE # 1100 WEST LAFAYETTE IN US 47906-1332 (765)494-1055 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
2550 NORTHWESTERN AVE # 1100 WEST LAFAYETTE IN US 47906-1332 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): |
S-STEM-Schlr Sci Tech Eng&Math, CCLI-Type 2 (Expansion) |
| Primary Program Source: |
1300XXXXDB H-1B FUND, EDU, NSF |
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.076 |
ABSTRACT
Computing - Other (35)
This project is designing and building a serious game prototype for use in helping students to develop secure coding abilities, and is developing high-quality introductory computing laboratory exercises that incorporate game activities as part of laboratory assignments. A serious game has been chosen because the playing of a game allows students to explore topics more sophisticated than they would normally be able to program from scratch as part of an introductory programming class, and because many students enjoy playing video games. Increasingly, there is awareness that security needs to be considered as a design criterion for software development. Its introduction cannot be delayed until students are upperclassmen when they are taught a class in secure coding. Rather than introduce secure coding as a stand-alone topic into an already over-crowded introductory computing class, this project's vision is to integrate it into the laboratory exercises within the course, treating security as a context within which students learn traditional programming/problem solving components. The merits of this project are: 1) teaching beginning programmers about secure coding, and to develop a mechanism to have them programming securely from the start; 2) building a serious game to augment the teaching of secure coding practices and principles; 3) creating high-quality laboratory materials using the context of security as a means of teaching traditional object-oriented programming and problem solving topics; and 4) assessing the effectiveness of this game and these laboratory materials.
This project works with two of the NSF Advanced Technological Education Centers, the Cybersecurity Education Consortium and the CyberWatch Center. These centers are piloting the materials and serving as dissemination vehicles. The results of this work are presented at the Colloquium for Information System Security Education, as well as at more traditional computing education conferences.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Outcome 1: A fully functional, usable and engaging serious game for undergraduate students’ learning of secure coding (including 6 game levels and 6 accompanying lab modules) is available to the public on the project websites for free.
We have collected data that support the usability, perceived usefulness and appeal of the game through formative evaluations with undergraduate students and faculty. Findings are reported in (Adamo-Villani, N., Oania, M. & Cooper, S. 2012); (Adamo-Villani, N., Oania, M., Brown, J. Whittinghill, D. & Cooper, S. 2012); (Adamo-Villani, N., Cutler, R. & Haley-Hermiz, T. 2013)
Outcome 2: Undergraduate students can improve their knowledge of secure coding principles and practices as a result of using the serious game and accompanying lab modules. We have collected data that support the educational effectiveness of the game and lab modules for students’ learning of secure coding concepts, specifically operator precedence, buffer overflow, input validation, and arithmetic overflow. Findings of the summative studies are currently in press and in review (Adamo-Villani and Ansingaraju, S. in press); (Adamo-Villani and Zheng, H. in review). A summary of the findings is reported below.
We conducted two summative evaluations with undergraduate students. The goal of the summative evaluations was to provide an indication of whether using the serious game and accompanying lab modules affects students’ content learning.
Study 1. Study 1 focused on operator precedence and buffer overflow. Subjects: 63 undergraduate students.
Findings: Results show that playing the game and completing the accompanying lab modules led to an increase in subjects’ content learning by 25%. In particular, students who played the game increased their declarative knowledge by 23% and procedural knowledge by 34%. Findings also show that there are differences in learning gains between Group A (control - traditional learning methods) and Group B (experimental - game and lab modules). Overall, playing the game and completing the accompanying labs led to higher learning gains than traditional learning methods. Three two-sample t-tests were performed to determine if the difference in total learning gains, the difference in procedural knowledge gains and the difference in declarative knowledge gains between the control and experimental group were statistically significant. Results of the statistical analysis show that the difference in total learning gains between the control and the experimental group is not statistically significant (P-value= 0.096; M (group A) = 21.93 SD (group A) = 4.68; M (group B) = 27.11; SD (group B) = 4.02); the difference in procedural knowledge gains is statistically significant (P-value = 0.034; M (group A) = 25.84 SD (group A) = 8.03; M (group B) = 36.87; SD (group B) = 6.87); the difference in declarative knowledge is not statistically significant (P-value = 0.610; M (group A) = 21.12 SD (group A) = 7.13; M (group B) = 23.08; SD (group B) = 4.97).
Study 2. Study 2 focused on input validation and arithmetic overflow. Subjects: 54 undergraduate students.
Findings: Results show that playing the game and completing the accompanying lab modules led to an increase in subjects’ content learning by 22%. In particular, students who played the game increased their declarative knowledge by 21% and procedural knowledge by 32%. Findings also show that there are differences ...
Please report errors in award information by writing to: awardsearch@nsf.gov.
