Development of Secure Software Systems

Course schedule overview

The scheduling and selection of lecture topics is subject to minor adjustment as the semester progresses, but the assignment and exam dates are not expected to change.

Date	Lecture topic	Assignments due
Tuesday 1/17	Introduction and logistics
Thursday 1/19	Intro to memory safety
Tuesday 1/24	More memory safety
Thursday 1/26	Threat modeling 1
Tuesday 1/31	Memory safety attacks
Thursday 2/ 2	Memory safety attacks 2
Tuesday 2/ 7	ROP and more threat modeling
Thursday 2/ 9	Threat modeling example
Tuesday 2/14	Memory safety mitigations, fuzzing
Thursday 2/16	Access control and the Unix filesystem
Friday 2/17		Problem set 1
Tuesday 2/21	Midterm 1
Thursday 2/23	More Unix permissions
Tuesday 2/28	OS-level attacks
Thursday 3/ 2	OS protection and isolation
Tuesday 3/ 7	Spring break, no class
Thursday 3/ 9	Spring break, no class
Tuesday 3/14	Web security, server side	Wheeler reading quiz
Thursday 3/16	Web security, client side
Tuesday 3/21	Cryptography, general principles
Thursday 3/23	Cryptography, symmetric-key encryption
Tuesday 3/28	Cryptography, hashing and MACs
Thursday 3/30	Cryptography, public-key primitives
Tuesday 4/ 4	Networks and security	OWASP reading quiz
Wednesday 4/ 5		Project 0.5
Thursday 4/ 6	Cryptographic protocols
Tuesday 4/11	Midterm 2
Thursday 4/13	Practical encrypted protocols
Monday 4/17		Project 1 part 1
Tuesday 4/18	User authentication
Thursday 4/20	Ethical concerns in security
Tuesday 4/25	Laws and usability principles
Thursday 4/27	Usable security case studies, crypto failure
Friday 4/28		Project 1 part 2

Detailed reading and lecture schedule

Tuesday, January 17th (8-up slides): High level overview, course assignments and grading logistics. No readings.
Thursday, January 19th (8-up slides): Introduction to memory safety vulnerabilities. No readings.
Tuesday, January 24th (8-up slides, updated with stack diagrams): More memory safety vulnerabilities. No readings. overflow-eg.c (updated with more error messages)
Thursday, January 26th (8-up slides): Code auditing and threat modeling. No readings.
Tuesday, January 31st (8-up slides): STRIDE, attacks against memory safety vulnerabilities. No readings.
Thursday, February 2nd (8-up slides, with final announcements): More memory-safety attacks, W xor X and ROP. No readings.
Tuesday, February 7th (8-up slides): ROP with an exercise (instructions PDF, editable SVG), more perspectives on threat modeling. No readings.
Thursday, February 9th (8-up slides, updated with answers and announcements): Threat modeling with a print server exercise, return address protections. No readings.
Tuesday, February 14th (8-up slides): More low-level defenses: return address protection, ASLR. Testing and fuzzing. No readings.
Thursday, February 16th (8-up slides): Operating systems access control. The Unix filesystem and its permissions. No readings.
Tuesday, February 21st: Midterm exam 1 in class. The spring 2022 and fall 2022 midterms available for comparison, as well as the spring 2022 solutions and fall 2022 solutions.
Thursday, February 23rd (8-up slides): More on Unix permissions, shell injection attacks. Held on Zoom due to weather, recording available on Canvas. No readings.
Tuesday, February 28th (8-up slides): Shell injection attacks, race conditions, and preventing them. Reading: David A. Wheeler, Secure Programming HOWTO. Chapters 3, Summary of Linux and Unix Security Features, and 7, Design Your Program for Security, skipping section 7.16. (Quiz due 3/14)
Thursday, March 2nd (8-up slides): Safer OS programming, OS protection and isolation mechanisms. Optional bonus reading: Daniel J. Bernstein, Some thoughts on security after ten years of qmail 1.0, CSAW 2007.
Tuesday, March 14th (8-up slides, with announcements): Web security 1: introduction and server-side. Reading: OWASP Top 10:2021: The Ten Most Critical Web Application Security Risks. Follow one level of links to the pages about the 10 categories A01 through A10.
Thursday, March 16th (8-up slides): Web security 2: XSS, privacy, and other risks. No readings.
Tuesday, March 21st (8-up slides): Other web security risks, introduction to cryptography. No readings.
Thursday, March 23rd (8-up slides, with project 0.5 announcement): Cryptography 2: stream ciphers, block ciphers. No readings.
Tuesday, March 28th (8-up slides): Cryptography 3: more on block ciphers, hash functions and MACs. Reading: "Cryptography", chapter 5 of Ross Anderson, Security Engineering, third edition. Available via the campus libraries through Wiley Online, here. The same chapter from the previous edition is available free for anyone from the author's web site and has most of the same content.
Thursday, March 30th (8-up slides): Cryptography 4: public key primitives. No readings.
Tuesday, April 4th (8-up slides): Networks and classic network attacks. No readings.
Thursday, April 6th (8-up slides): Networks, attacks, and protocols. No readings.
Tuesday, April 11th: Midterm exam 2 in class. The spring 2022 and fall 2022 midterms available for comparison, as well as the spring 2022 solutions.
Thursday, April 13th (8-up slides): Practical encrypted network protocols. No readings.
Tuesday, April 18th (8-up slides, with midterm statistics): User authentication and error tradeoffs. No readings.
Thursday, April 20th (8-up slides): More authentication, ethics perspectives. No readings.
Tuesday, April 25th (8-up slides): Legal perspectives, usability principles. Optional readings: “System Administration as a Criminal Activity or, the Strange Case of Randal Schwartz” (Internet Archive, local copy); and class action complaint against Sony BMG.
Thursday, April 27th (8-up slides): Usability examples, and examples of cryptographic failure. No readings.