Modules

A draft of the lecture slides for each module will be made available the evening before the module begins. The final version of the lecture slides will be made available after the module is completed and replaces the draft. Use of the draft is at your own risk!

Readings marked as mandatory contain required material for the course, and must be read before the date of the corresponding lecture.

Module - Introduction to Software and System Security

May 06

Lecture: Course logistics

Lecture: Basis concepts in security

Module - A Recap of Background Information

May 08

Lecture: Basics of cryptography

May 13

Lecture: Abstraction in OS, PL, and SE

Module - An In-depth Study of Memory Errors

May 15

Lecture: Exploiting memory error vulnerabilities

May 20

Lecture: Mitigating exploits on memory errors

May 22

Lecture: Eliminating memory errors

Module - Other Common Vulnerability Types

May 27

Lecture: Race condition and data race

May 29

Lecture: Undefined behaviors

Jun 03

Lecture: Information leaks via side-channels

Module - Finding Bugs and Vulnerabilities in Software

Jun 05

Lecture: Dynamic analysis

Jun 10

Lecture: Static analysis

Jun 12

Lecture: Symbolic execution

Module - Operating System Security

Jun 17

Lecture: Malware and its defenses

Jun 19

Lecture: Compartmentalization / sandboxing

Jun 24

Lecture: Access control policies and architectures

Module - Usable Security

Jun 26

Lecture: Authentication and attestation

Jul 08

Lecture: Software supply chain attacks

Module - Hardware & Mobile Security

Jul 10

Lecture: Trusted platform module (TPM)

Jul 15

Lecture: Intro to Trusted execution environments (TEEs) & Intel SGX

Jul 17

Lecture: ARM TrustZone & Android security

Jul 22

Lecture: Side-channel attacks and transient-execution attacks

Module - Non-technical Aspects in Security

Jul 24

Lecture: Ethics, legal issues, regulation, and compliance

Module - Research Presentation

Jul 29

Lecture: Research in Software and Systems Security