The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Understanding How Students Approach Code Review

Research Areas: Human Centric Security

Principal Investigator: Mary Anne Smart

While computer science students receive extensive instruction, training, and practice in writing code, code review—another essential skill—does not always receive the same attention. Therefore, even students who are confident in their programming abilities may struggle with code review. In particular, students often struggle to identify security issues in code that they are asked to review. In this project, we seek to learn more about how students approach code review through online surveys and interviews with computer science majors. By learning more about factors that shape students’ perceptions of the code they are tasked with reviewing and about the resources to which students turn for support, we may be able to develop better tools or instructional techniques to help students improve their code review skills in general and their security evaluation skills in particular.