Security at the Hardware Software Interface

Computer systems today are eminently hack-worthy. We will begin this course with how systems in cars, medical devices, phones, and datacenters can be compromised, and then study the principles and mechanisms for building secure systems. By the end of the course, you should be able to analyze real-world requirements and build a system whose security properties are well understood and well argued.

Course work comprises of a) critically reviewing classic and recent papers (30 points), b) completing three well-defined programming assignments (30 points), and c) a self-defined course project (40 points).

We will review and discuss one research paper per class. (Sample review template). The assignments will include a mix of analytical and programming tasks. The project starts after the third assignment. You will write a proposal describing related work, experimental setup, and results to be collected, and present an intermediate demo (or results) every 2 weeks until the end of semester.

Optional Research Track (70 points). If you have worked on research/security extensively, there is an optional research track with the goal of producing top-tier research papers. The Fall 2013 course led to 2 MICRO conference submissions in the Spring semester with one more paper under construction. However, I do not recommend this path unless you meet stringent requirements.

Reading Plan

Examples: how security breaks in systems [2 weeks] Defining Security Properties [2 weeks] Building blocks for Secure Systems [8 weeks] Review Other Security Topics and Resources (not covered in class) Books Security Engineering, by Ross Anderson. Lots of practical tips and examples. manuscripts/SEv1.pdf