Secure and Dependable Systems
About
- Course: Secure and Dependable Systems (CO-566)
- Semester: Spring 2021
- Instructor: Jürgen Schönwälder
- Office Hours: Monday, 11:15-12:30, R.1-87
- TA: Rafey, Rafey Abdur
- Class: Tuesday, 15:45-17:00, R.3-51 Lecture Hall
- Class: Wednesday, 14:15-15:30, RLH-172 Conrad Naber Lecture Hall
- 1st Module Exam: Tuesday, 2021-05-18, 16:00-18:00, ICC-West Wing Conference Hall
- 2nd Module Exam: Tuesday, 2021-08-24, 14:00-16:00, R.1-53 Lecture Hall
Content and Educational Aims
This module introduces students to the fundamentals of computer security and techniques used to build and analyze dependable systems. This is an important topic given that computer systems are increasingly embedded in everyday objects (such as light bulbs) and taking over important control functions (such as driving cars). Furthermore, computer systems control complex communication systems that form critical infrastructure of the modern globalized world. Proper protection of information requires an applied understanding of cryptography and how cryptographic primitives are used to secure data and information exchanges. The aim of this module is to make students aware of what types of security vulnerabilities may arise in computing systems and how to prevent, identify, and fix them.
Intended Learning Outcomes
By the end of this module, students will be able to
- recall dependability terminology and concepts;
- explain control flow attacks and injection attacks and defense mechanisms;
- describe network data plane and control plane attacks and defense mechanisms;
- understand symmetric and asymmetric cryptographic algorithms;
- explain how digital signatures and public key infrastructures work;
- analyze key exchange protocols for weaknesses;
- describe secure network protocols (e.g., PGP, TLS, and SSH);
- recall anonymity terminology and concepts;
- discuss information hiding mechanisms (e.g., steganography, and watermarking);
- illustrate anonymization techniques (mixes, onion routing);
Resources
Books
- Bruce Schneier: Applied Cryptography, 20th Anniversary Edition, Wiley, 2015
- Wm.Arthur Conklin, Gregory White: Principles of Computer Security, 5th Edition, McGraw-Hill, 2018
- Simon Singh: The Code Book: Science of Secrecy from Ancient Egypt to Quantum Cryptography, Anchor Books, 2000
Schedule
| Tue 15:45 | Wed 14:15 | Fri 15:45 | Topics |
|---|---|---|---|
| 2021-02-02 | 2021-02-05 | Recent Computing Disasters and Dependability Concepts | |
| 2021-02-09 | 2021-02-10 | Software Engineering Aspects, Software Verification | |
| 2021-02-16 | 2021-02-17 | Software Testing and Software Security by Design | |
| 2021-02-23 | 2021-02-24 | Software Vulnerabilities, Control Flow Exploits | |
| 2021-03-02 | Software and Network Vulnerabilities, Denial of Service | ||
| 2021-03-09 | 2021-03-10 | Network Vulnerabilities, Data and Control Plane Vulnerabilities | |
| 2021-03-16 | 2021-03-17 | Cryptography, Block Ciphers, Symmetric Encryption Algorithms | |
| 2021-03-23 | 2021-03-24 | Asymmetric Encryption Algorithms, Cryptographic Hash Functions | |
| [Spring Break] | |||
| 2021-04-06 | 2021-04-07 | Digital Signatures, Certificates, Key Exchange Schemes | |
| 2021-04-13 | 2021-04-14 | Pretty Good Privacy, Transport Layer Security | |
| 2021-04-20 | 2021-04-21 | Transport Layer Security, Secure Shell | |
| 2021-04-27 | 2021-04-28 | Steganography, Covert Channels, Anonymity | |
| 2021-05-04 | 2021-05-05 | Mix Networks and Onion Routing, Authentication, Authorization | |
| 2021-05-11 | 2021-05-12 | 2021-05-14 | Auditing, Isolation, Trusted Computing, Exam Preparation |
Assignments
| Date/Due | Name | Topics |
|---|---|---|
| 2021-02-19 | Sheet #01 | defensive programming, unit testing, and test coverage (stack and rpn calculator) rpn-stack.h rpn.h |
| 2021-02-26 | Sheet #02 | defensive programming, unit testing, test coverage, afl fuzzying (infix calculator) infix.h |
| 2021-03-05 | Sheet #03 | system reliability calculation, test coverage criteria |
| 2021-03-12 | Sheet #04 | x86_64 assembly and stack frames |
| 2021-03-19 | Sheet #05 | network exploration and moodle strangeness virtual machine |
| 2021-03-26 | Sheet #06 | simple symmetric encryption algorithm (scrypt) p06-scrypt.zip |
| 2021-04-09 | Sheet #07 | decryption of an RSA encrypted message, cryptographic puzzle (proof of work) |
| 2021-04-16 | Sheet #08 | X.509 certificates, diffie-hellman key exchange |
| 2021-04-23 | Sheet #09 | pretty good privacy, transport layer security |
| 2021-04-30 | Sheet #10 | password cracking, simple steganographic text hiding (pnmhide) virtual machine, p10-pnmhide.zip |
Rules
The final grade is determined by a final exam (100%). There will be marked homework assignments but the homework assignments do not impact the final grade.
Electronic submission is the preferred way to hand in homework solutions. Please submit documents (plain ASCII/UTF-8 text or PDF, no Word) and your source code (packed into a tar or zip archive after removing all binaries and temporary files) via the online submission system. If you have problems, please contact one of the TAs.
For any questions stated on assignment sheets, quiz sheets, exam sheets or during makeups, we by default expect a reasoning for the answer given, unless explicitly stated otherwise.
Any programs, which have to be written, will be evaluated based on the following criteria:
- correctness including proper handling of error conditions
- proper use of programming language constructs
- clarity of the program organization and design
- readability of the source code and any output produced
Source code must be accompanied by a README file providing an overview of the source files and giving instructions how to build the programs. A suitable Makefile is required if the build process involves more than a single source file.