Context: To effectively defend against ever-evolving cybersecurity threats, software systems should be made as secure as possible. To achieve this, software developers should understand potential vulnerabilities and apply secure coding practices. To prepare these skilled professionals, it is important that cybersecurity concepts are included in programming courses taught at universities. Objective: To present a comprehensive and unbiased literature review on teaching of cybersecurity concepts in programming courses taught at universities. Method: We perform a Systematic Mapping Study. We present six research questions, define our selection criteria, and develop a classification scheme. Results and Conclusions: We select 24 publications. Our results show a wide range of research contributions. We also outline guidelines and identify opportunities for future studies. The guidelines include coverage of security knowledge categories and evaluation of contributions. We suggest that future studies should cover security issues, negative impacts, and countermeasures, as well as apply evaluation techniques that examine students' knowledge. The opportunities for future studies are related to advanced courses, security knowledge frameworks, and programming environments. Furthermore, there is a need of a holistic security framework that covers the security concepts identified in this study and is suitable for education.

翻译：背景：为有效抵御不断演变的网络安全威胁，软件系统应尽可能确保安全。为实现这一目标，软件开发人员需理解潜在漏洞并应用安全编码实践。为培养此类专业人才，将网络安全概念纳入大学编程课程至关重要。目标：针对大学编程课程中网络安全概念教学进行系统全面的文献综述。方法：我们开展系统性映射研究，提出六个研究问题，定义文献筛选标准，并构建分类框架。结果与结论：共筛选出24篇文献。研究结果显示该领域存在广泛的研究贡献。我们同时提出指导原则并指出未来研究方向。指导原则涵盖安全知识分类体系及研究成果评估方法。建议未来研究应覆盖安全问题、负面影响及应对措施，并采用检验学生知识掌握程度的评估技术。未来研究机遇涉及高级课程、安全知识框架及编程环境。此外，亟需构建涵盖本研究所识别安全概念且适用于教育场景的整体性安全框架。