CMSC 838G, Spring 2011

Software Security


Instructor Michael Hicks
CSI 2107 Tues/Thurs 2:00-3:15pm
Office Hours By appointment AVW 4131
Syllabus | Schedule | Project

Syllabus

OS-level and hardware protection cannot solve the security problem alone.  We need ways to establish the trustworthiness of software, to augment or even replace these mechanisms.  For example, OS-level mechanisms fail to protect against SQL injections, cross-site scripting, stack smashing, and other attacks.

In this class we consider how programming language techniques can be used to fill the security gap.  In particular, we will consider novel programming languages, programming language analyses (both on the source code, and as instrumentation on the running program), and programming tools that can be used to address security issues. As possible examples (which we may or may not go over, depending on time constraints, class interests, etc.), we might study various instantiations of the Jif programming language, the ProVerif verification tool, the Fine programming language, the Rubyx security-oriented symbolic executor, to name a few.

Grading: Most of the class will consist of reading and discussing papers in the research literature. Graded work will make up the final grade as follows:

Prerequisite: We will be reading technical papers in the programming language research literature, so CMSC 631 or CMSC 630 are expected prerequisites, or equivalent. An undergraduate programming languages class (like a compilers class or semantics class) may suffice; contact the instructor.

Presentations: Students making presentations will be graded on the following criteria:

Remember that you will likely be able to explain more detail than you can hope to cover in a single lecture. This is one reason that it's hard work to prepare a good presentation: not only do you need to understand the paper, but you need to filter out the irrelevant details and amplify the key arguments. You'll probably have omit entire sections of the paper from your talk -- don't worry about it. Simply mimicking the structure of the paper ("regurgitating it") tends to produce a disconnected sequence of boring facts. A good talk should tell a story; every idea should be motivated, and all facts should fit together in a coherent picture. Telling such a story in a short time often requires creating your own explanations, motivation, and examples. I would recommend reading some advice by Simon Peyton Jones on giving good presentations.

Academic Dishonesty: The university policy on academic dishonesty is strictly followed. All graded materials (whether exams, summaries, presentations, or projects) must be strictly individual efforts. In the case of a group project or assignment, only collaborations within the group are permitted.

Schedule