In 1994, Urs von Matt from ETH Zürich published a paper describing Kassandra [24], an automatic grading system initially designed for Maple or Matlab code in a scientific computing course. Kassandra is implemented as a network service to which students may submit attempted solutions to programming problems to have them tested against a suite of test cases for each problem. Kassandra reports results back to the student. As it is designed to be publicly available throughout the term, rather than run by a grader after the due date, security becomes of even higher concern here. Malicious student programs should not be able to retrieve the reference solution from Kassandra's internals. To deal with this, and the prime reason for Kassandra being implemented as a network service, the system is split into client and server systems. Students submit their code to their local client, which is responsible for connecting to the server, thereby initiating tests on the student code and reporting results. At no time is the client code able to access the reference implementation, the stored test cases, or the graded results. While there are certainly some security concerns raised by introducing the added complexity of the network, it seems that this is an admirable solution to the problem of restricting access to the solutions.
In terms of actual grading, this is another instance of testing for precise output, but it also requires students to be explicitly aware of Kassandra by making (generally uninvasive) changes to their code. This is perfectly acceptable in the domain of scientific computing, much like compilers or in many cases operating systems. Specs can easily be made strict enough to require precise output for a given input. This does leave great difficulties for any assignments that are not strictly testing the functional behavior of an assignment, or for which such testing is difficult. While interesting as a good approach to dealing with the security problems inherent in a CAA framework, Kassandra doesn't necessarily give us any further insight into guidelines for the design of such a system.