New Perspectives on Computer Concepts 2011 Instructor’s Manual of
Chapter Twelve: Computer Programming
A Guide to this Instructor’s Manual:
We have designed this Instructor’s Manual to supplement and enhance your teaching experience through classroom activities and a cohesive chapter summary.
This document is organized chronologically, using the same heading in blue that you see in the textbook. Under each heading you will find (in order): Lecture Notes that summarize the section, Figures and Boxes found in the section (if any), Teacher Tips, Classroom Activities, and Lab Activities. Pay special attention to teaching tips, and activities geared towards quizzing your students, enhancing their critical thinking skills, and encouraging experimentation within the software.
In addition to this Instructor’s Manual, our Instructor’s Resources CD also contains PowerPoint Presentations, Test Banks, and other supplements to aid in your teaching experience.
For your students:
Our latest online feature, CourseCasts, is a library of weekly podcasts designed to keep your students up to date with the latest in technology news. Direct your students to http://coursecasts.course.com, where they can download the most recent CourseCast onto their mp3 player. Ken Baldauf, host of CourseCasts, is a faculty member of the Florida State University Computer Science Department, where he is responsible for teaching technology classes to thousands of FSU students each year. Ken is an expert in the latest technology and sorts through and aggregates the most pertinent news and information for CourseCasts so your students can spend their time enjoying technology, rather than trying to figure it out. Open or close your lecture with a discussion based on the latest CourseCast.
Students will have mastered the material in Chapter Twelve when they can answer the following questions:
How many lines of code are in a typical computer program?
Do the activities performed by computer programmers differ from those performed by software engineers and systems analysts?
What’s the best computer programming language?
What is a programming paradigm?
How is a computer program created?
What kinds of errors are discovered when programs are tested?
In addition to programming languages, what other tools do programmers use?
What is an algorithm?
What’s the point of flowcharts, pseudocode, and structured English?
How do programmers make programs do things in the right order?
How does object-oriented programming work?
How does declarative programming work?
Is it easy to write Prolog rules?
What makes computer programs vulnerable to hackers?
How can programmers produce more secure code?
Can consumers take steps to avoid vulnerabilities that exist in software with code defects?
READING ASSIGNMENT FASTPOLL T/F QUESTIONS
120100 A line of program code typically contains a keyword or command. (Answer: True) (676)
120200 BASIC, COBOL, and C are classified as third-generation languages. (Answer: True) (677)
120300 Programming paradigms include FORTRAN and Ada. (Answer: False) (679)
120400 In a program, a variable represents a value that can change. (Answer: True) (680)
120500 VDE is an example of an object-oriented programming language. (Answer: False) (683)
120600 A programmer who omits a command word from a line of code has made a logic error. (Answer: False) (685)
120700 Programmers use a tool called an errata to step through a program to locate syntax errors. (Answer: False) (685)
120800 Pseudocode is a bug or error in a line of program code. (Answer: False) (692)
120900 A control structure specifies the sequence in which a program is executed. (Answer: True) (695)
121000 FOR…NEXT and DO…WHILE are examples of commands for loops. (Answer: True) (698)
121100 A programmer could define a class called “pizza” to solve the pizza problem using object-oriented programming. (Answer: True) (702)
121200 Inheritance, methods, messages, and polymorphism are associated with the declarative paradigm. (Answer: False) (705)
121300 Goals, rules, and instantiation are associated with the agile paradigm. (Answer: False) (718)
121400 Java is a declarative programming language. (Answer: False) (712)
121500 Prolog facts contain an argument and a predicate. (Answer: True) (714)
121600 Buffer overflows are associated with security vulnerabilities. (Answer: True) (723)
121700 Programmers can use threat modeling and formal methods to create more secure programs. (T) 725
SECTION A: PROGRAMMING BASICS (674)
SECTION A OPENER QUESTION
122100 Computer programming languages have evolved through several generations. Experts are not in agreement about what constitutes a fifth-generation programming language. What is the controversy?
Some experts believe that assembly languages should be included, whereas other experts do not.
Some experts believe declarative languages are fifth-generation languages, whereas other experts believe that fifth-generation languages are those that allow programmers to use graphical tools to construct programs.
Most experts believe that languages like C, BASIC, and Java are fifth-generation languages, but programmers disagree because those languages follow the procedural paradigm.
A few experts don’t believe there is a fifth-generation of programming languages, but most experts think that Japanese computer scientists invented fifth-generation languages when they produced C++.
Computer Programming and Software Engineering (674)
Explain that a computer program is a set of step-by-step instructions that tell a computer how to solve a problem. Have the student create a set of step-by-step instructions to solve a very simple problem, like opening their book and finding this chapter.
Explain that the first computer programs were written in binary code, and thus, they are often referred to as code.
Use Figure 12-1 to discuss a simple computer program.
Have students calculate how many days of coding a program they would have to spend to write Vista with 50 million lines of code at 20 lines per day. Could it be written by one person in their lifetime?
Discuss the difference between computer programming and software engineering.
Figure 12-1, Figure 12-2
Assign a Project: Review binary code. Then, have students write their name in binary code to get an idea of the complexity of writing a program in binary.
On average, one person can write, test, and document only _________ lines of code in one day. (Answer: 20)
True/False: Software engineers have the skills to design, code, test, and document software- but they tend to focus on designing and testing activities. (Answer: True)
Programming Languages and Paradigms (676)
Discuss the definition of a programming language.
Using Figure 12-3, discuss keywords and parameters. Have the student imagine what other keywords there might be.
Discuss the categories of programming languages.
Discuss how languages are categorized by low-level and high-level. Ask the students to discuss the factors that place a language in one of these categories. Do the same for program generation.
Look at Figure 12-7 and discuss the various languages.
Discuss what a programming paradigm is using Figure 12-8.
Assign a Project: As an outside the class activity, have students categorize each language listed in Figure 12-7 by generation. Compare the categories in class.
Today, fourth-generation languages are typically used for _________ applications. (Answer: database)
Prolog is an example of a(n) _________ generation language. (Answer: fifth)
Program Planning (680)
Discuss how you must develop a method for solving a problem, whether it is by a computer or by a human.
Discuss the characteristics of a good problem statement.
Discuss the difference between an assumption, known information, a variable, and a constant.
Discuss the difference between predictive methodology and agile methodology.
Figure 12-9, Figure 12-10
Assign a Project: Have students write a problem statement for a problem of your choice. Perhaps use something that is happening on campus or on the news.
Program Coding (682)
Discuss a text editor. Talk about how a word processor and a text editor are not the same. Demonstrate how a text editor can be used to enter code. Show how the editor does not do any automatic indention or coloring.
Discuss a program editor and demonstrate it with the same program.
Discuss the features that a VDE (visual development environment) provides.
They think about how a task might be carried out manually and devise flowcharts, structured English, or pseudocode to describe the steps.
They first devise facts about the problem, then they come up with the steps based on rules.
Explain that algorithms are a series of steps for carrying out a task that can be written down and implemented.
Use Figure 12-20 to show the steps contained in one of the pizza program algorithms. Compare this to Figure 12-21, which extends these steps and provides more detail.
Figure 12-19, Figure 12-20, Figure 12-21
Group Activity: Divide the class into two groups and have each group write an algorithm for a simple task that can be completed in the classroom. Have the groups exchange algorithms and attempt to carry out each other’s instructions. Were any steps left out? Was each group able to successfully complete the algorithm?
A(n) _________ is a set of steps for carrying out a task that can be written down and implemented. (Answer: algorithm)
True/False: The traditional approach to programming uses a procedural paradigm. (Answer: True)
True/False: Algorithms are usually written in a format specific to a particular programming language. (Answer: False)
Expressing an Algorithm (692)
Introduce pseudocode using Figure 12-22, which shows the pizza problem algorithm expressed in pseudocode.
Explain that as with structured English, there are variations on the conventions used to write pseudocode, but one standard convention has the following features:
A limited set of non-computer language specific command words are used (e.g., display, input, IF...THEN, output).
The command words are often indicated in bold.
An arrow symbol () indicates that the value of a variable changes (e.g., SquareInches1 Size1 * Size1).
The = symbol is used in logical expressions (e.g., If Shape1 = “round”).
The commands associated with an IF...THEN statement or other control structures are indented.
Output messages are surrounded by quotes.
Figure 12-23 shows a flowchart for the pizza program. Review the flowchart symbols before you walk through the program flow.
Discuss what a walkthrough is and its importance.
Figure 12-24 shows how to conduct a walkthrough and check the pseudocode for the pizza program.
Figure 12-22, Figure 12-23, Figure 12-24
Assign a Project: Have students sketch a flowchart for the algorithm they created in the previous section. Make sure they correct any errors that were discovered.
_________ is a notational system for algorithms that has been described as a mixture of English and your favorite programming language. (Answer: Pseudocode)
Before finalizing the algorithm for a computer program, what should be performed? (Answer: A walkthrough)
Sequence, Selection, and Repetition Controls (695)
Discuss control structures.
Compare a sequence control (Figure 12-25) which changes the order of instructions the computer performs, to a selection control (Figure 12-27), which tells the computer what to do based on whether a condition is true or false.
Explain that repetition controls are also called loops or iterations, and repeat one or more instructions until a condition is met. The flowchart in Figure 12-28 demonstrates the looping process.
Discuss which types of controls you might use in the pizza program—sequence, selection, or repetition—and for what purpose. Students may need to use all types within the flowchart or program.
Students might need some help with the sections on control structures, depending on the depth of understanding you wish them to develop. The text is written with the goal that students will be able to list the three types of control structures (sequence, selection, and repetition controls) and describe the purpose of each.
During _________ the first instruction in the program is executed first, then the second instruction, and so on, to the last instruction in the program. (Answer: sequential execution)
True/False: Control structures are instructions that specify the sequence in which a program is executed. (Answer: True)
List at least two of the most frequently used repetition commands. (Answers: FOR…NEXT, DO…WHILE, DO…UNTIL, WHILE…WEND)
Procedural Languages and Applications (700)
Discuss what makes a program a procedural language.
List some of the most popular procedural languages.
Review the advantages and disadvantages of the procedural paradigm, as discussed on page 701.
There is a tendency to classify a computer language into a single category— statements such as “COBOL is a procedural language” and “BASIC is an interpreted language” are typical. However, a computer language has many characteristics. For example, BASIC provides high-level commands, is usually interpreted, and is procedural. The approach in Chapter 12 is to apply characteristics to computer languages, rather than to attempt to classify them into a single category. You should reinforce this idea to your students.
SECTION C: OBJECT-ORIENTED PROGRAMMING (702)
SECTION C OPENER QUESTION
122300 Object-oriented programming has become quite popular. Why?
It allows programmers to structure problems in a cognitively similar way as they perceive the real world.
Object-oriented programs are the fastest, most efficient type of programs for today’s computer hardware.
It creates the most secure programs, with the fewest security holes.
d. It is the best programming paradigm for working with words and concepts.
Objects and Classes (702)
Explain that the object-oriented paradigm is based on the idea that the solution for a problem can be visualized in terms of objects that interact with each other.
Point out that an object is defined as a unit of data that represents an abstract or real-world entity.
Examples of objects are shown in Figure 12-30.
Distinguish between an object and a class. There can be many objects, but in order to organize similar objects a class is created. A class is a template for a group of objects with similar characteristics.
Discuss class attributes and how they are used to describe the object. Review the examples in Figure 12-31. Discuss that any of these can be public or private, based on the availability of the object.
Discuss the data types associated with the class and review the UML (unified modeling language) diagram in Figure 12-32. The class is named, the data types are defined, and the type of attribute is designated.
Figure 12-30, Figure 12-31, Figure 12-32
Class Discussion: Display the class attribute data types on an overhead monitor or whiteboard and have students describe each. Be sure to provide an example of each one. Refer to Figure 12-31 if necessary. Discuss what kinds of attributes the pizza program might have and what type of variables those would be.
A(n) _________ is a unit of data that represents an abstract or real-world entity (such as a person, place, or thing). (Answer: object)
True/False: The object-oriented paradigm is based on the idea that the solution for a problem can be visualized in terms of objects that interact with each other. (Answer: True)
In terms of object-oriented programming, what is a class? (Answer: A template for a group of objects with similar characteristics)
Explain that in object-oriented terms, inheritance refers to passing certain characteristics from one class to other classes. Compare this to passing genes from a parent to a child. For example, ask where they got the color of their eyes. Ask if they have any special talents that one of their parents has (such as swimming or playing ball). Inheritance in object-oriented terms produces new classes with inherited attributes, creating a superclass and subclasses.
Review the hierarchical structure in Figure 12-33.
Consider using examples other than the pizza program to demonstrate the use of inheritance. For example, if a program needs to compute a shipping cost based on the weight of items, they will need the item and its weight. This weight is then added to the weight of other items, producing a total weight. This total weight will then be used in a calculation to determine the shipping cost.
Figure 12-33, Figure 12-34
_________ refers to passing certain characteristics from one class to other classes. (Answer: Inheritance)
True/False: A subclass is any class from which attributes can be inherited. (Answer: False)
True/False: A subclass is any class that inherits attributes from a superclass. (Answer: True)
What is the set of superclasses and subclasses that are related to each other called? (Answer: Class hierarchy)
Methods and Messages (705)
Explain that a method is a segment of code that defines an action.
A method can perform a variety of tasks (such as exiting a program, a calculation or producing output).
Point out that methods can be defined along with the class they affect.
Discuss that methods are activated by call statements.
Define polymorphism and review the diagram in Figure 12-37 to identify the use of polymorphism. Explain that Java knows which method to use based on the type of pizza or class.
This section uses Java programming code as examples. Most students at this level have not had any programming experience, so this may be difficult for them to understand at this time.
Assign a Project: Using the algorithm the student’s developed in the earlier section, ask them to identify what actions need to take place and what methods might be used.
A(n) _________ is a segment of code that defines an action. (Answer: method)
True/False: A method can perform only one task. (Answer: False)
What is a method activated by? (Answer: A message)
Object-Oriented Program Structure (709)
Discuss the use of classes and methods.
In Figure 12-39, the structure of the program is given with the definitions, methods, calculations, and outputs.
Use Figure 12-40 to identify each part of the program structure using Java code.
Explain that the final step in the program structure is to run the program and display the output.
When discussing classes, objects, and methods, consider comparing the class to a manufacturing plant and the object to the widget. The method then is the action that the widget can perform.
Figure 12-39, Figure 12-40, Figure 12-41
Object-Oriented Languages and Applications (711)
Discuss the origin of object-oriented languages, including SmallTalk.
Discuss some object-oriented languages in use today. These include C++, Visual Basic, and Java.
Point out that advantages of object-oriented languages include an approach that is cognitively similar to the way humans perceive their world, and encapsulation, which allows objects to be reused in different ways.
Class Discussion: Have students review sample Java code, identifying methods and classes.
_________ refers to the process of hiding the internal details of objects and their methods. (Answer: Encapsulation)
True/False: Polymorphism provides OO programs with easy extensibility and can help simplify program code. (Answer: True)
True/False: Procedural programs tend to require more memory and processing resources than object-oriented programs. (Answer: False)
SECTION D: DECLARATIVE PROGRAMMING (713)
SECTION D OPENER QUESTION
122400 Declarative languages, such as Prolog, are very powerful for programs that involve words, concepts, and complex logic, but why aren’t these languages a first choice for programming computer games?
They don’t execute as fast as programs written with procedural languages.
They are too difficult to learn.
They have too many security holes.
They require expensive compilers.
The Declarative Paradigm (713)
Explain that unlike procedural languages (which tell the computer how to solve a problem), a declarative language describes the problem.
Point out that declarative languages are useful for programs that manipulate ideas and concepts, rather than numbers.
Discuss the decision table in Figure 12-43. Talk about how it would help to decide which pizza is the best choice.
122500 Consumers are told to use security software because their computers are vulnerable to security exploits, but what is the source of security vulnerabilities?
Most security vulnerabilities are the fault of the user.
Threat modeling causes many of the vulnerabilities in today’s software.
Faulty programming that allows buffer overflows is one of the main causes of security vulnerabilities.
Operating system patches and DREAD categories are the source of the security vulnerabilities that affect most consumers.
Black Hat Exploits (723)
Explain buffer overflow (i.e., buffer overrun).
Discuss the error message in Figure 12-54 and why it is problematic.
Consider having students compare their experiences with black-hat exploits. What steps have they taken to prevent them?
Figure 12-53, Figure 12-54
Class Discussion: Ask students what types of black hat exploits they have heard of or dealt with.
A(n) _________ is a condition in which data in memory exceeds its expected boundaries and flows into memory areas intended for use by other data. (Answer: buffer overflow or buffer overrun)
What are the two languages most commonly used for professional software development? (Answers: C, C++)
True/False: Today’s operating systems, utilities, and application software are impervious to black-hat exploits. (Answer: False)
Secure Software Development (725)
Discuss formal methods and the fact that they are necessary for security and safety crucial applications. Talk about the added cost and time for development that causes them not to be used for every application.
Explain that a threat model defines a set of possible attacks to consider.
Discuss STRIDE and how it can help software developers anticipate threats from attackers.
Point out that a threat model allows you to assess the probability, potential harm, priority, etc. of attacks. From this point on try to minimize or eradicate the threats.
Use Figure 12-56 to explain what an attack tree is.
Discuss defensive programming and the techniques associated with it.
Figure 12-57 shows a digital certificate. Ask students if they’ve encountered certificates like the one shown. If possible, demonstrate one to the class.
Figure 12-55, Figure 12-56, Figure 12-57
Assign a Project: Ask students to sketch an attack tree illustrating a potential attack intended to steal passwords.
_________ is a technique that can be used to identify potential vulnerabilities by listing the key assets of an application, categorizing the threats to each asset, ranking the threats, and developing threat mitigation strategies that can be implemented during coding. (Answer: Threat modeling)
_________ categories help software developers anticipate threats from attackers. (Answer: STRIDE)
True/False: Offensive programming is an approach to software development in which programmers anticipate what might go wrong as their programs run and steps to smoothly handle those situations. (Answer: False)
Explain what can happen when bugs are discovered.
Ask students if they have ever entered “yes” when asked if they want to debug.
Review the use of patches.
Discuss the steps consumers can take to avoid security problems, as listed on page 729.
Survey students about their experience with software patches. Are they tolerant of (or exasperated by) the need to install patches to keep their computers safe from security threats?
Assign a Project: Have students design an attack tree for accessing a password-protected Web site, use the attack tree shown in Figure 12-56.
True/False: Before being posted for users, patches should be thoroughly tested. (Answer: True)
True/False: Formal methods add little to the cost and time of software development, so they tend to be used very often. (Answer: False)
Proprietary software can benefit from a(n) _________ with other in-house programmers.
c. input filtering
WHAT DO YOU THINK?
123100 Can you think of a specific instance when you have become frustrated with a software user interface?
123200 Is it possible to make computer software significantly easier to use?
123300 Would you agree that programmers do not understand the viewpoint of a typical computer user and consequently produce bad software?