TDDC90 Software Security
Sign up for the labs at latest November 5!
Each lab group in Webreg has assigned lab hours according to the schedule below. Both labs must be finished before the end of the course. Both labs must be totally finished (and passed by the lab assistant) at December 14. You will work at your own pace and may work from home, but we reccommend that you visit the lab sessions and try to finish part 1-4 of lab1 during session 1, part 5 during session 2 and so on (see the column to the right in the table below).
|Mon 5 nov 15-17||SU00, SU02, SU03||Group A+B||Lab1: part 1-3. Start with part 4. Setup + manual code review|
|Fri 9 nov 15-17||SU15-16||Group A+B||Lab1: part 4-5. Manual + automatic code review|
|Mon 12 nov 13-15||SU15-16||Group A+B||Lab1: start with part 6. Exploits|
|Wed 14 nov 8-10||SU15-16||Group A+B||Lab1: finish part 6. Exploits|
|Wed 21 nov 8-10||SU15-16||Group A+B||Lab1: part 7: Mitigations, part 8: Fix Pong|
|Mon 26 nov 13-15||SU00-02||Group A+B||Lab2: Security modeling
(Try to finish at least half of the lab before the lab session.)
There is an additional lab session at December 4, 10-12 in SU02, 03 and 04. Both lab assistants will be there to help you.
Lab description: LAB1-PONG-2012.pdf
This is the largest lab in the course. You will be working with several aspects of software security using the same codebase throughout. The following sections contain resources that might be useful when doing the lab. Additional material will be posted throughout the course.
Group number: If you are in group A, use your group number from webreg as your group number in setup. If you are in group B, then add 20 to your group number from webreg, and use that in setup (e.g., if you are in group B12, then enter 32 as your group number in setup).
Copy files: To copy files from the UML without using the /host directory you can use scp. The following command does the job: scp USER@ADDR:FILE . Replace USER with the username shown when you ran setup. Replace ADDR with the IP address of the UML (which you can find using the command "/sbin/ip addr list" -- it should be 10.20.x.y). Replace FILE with the full path to the file you want to copy. The file will be copied to your current working directory.
Manual code review
Here are some papers and other resources on manual code inspection. They are provided as starting points for you; you are not required to read them all. The library also has a number of useful resources.
The following links to catalogs of vulnerability types may be helpful when trying to figure out what to look for in code reviews.
|CWE - Common Weakness Enumeration|
|CLASP Vulnerability view|
Finally, two reports on security reviews conducted on electronic voting machine software. These reviews used a combination of methods to arrive at the results.
|H. Chen, D. Wagner, D. Dean: Setuid Demystified (11th Usenix Security Symposium, 2002)|
In this lab you will work with security modeling and risk analysis.
Lab description: LAB2-MODEL-2012.pdf
The following papers are used in the lab:
Page responsible: Nahid Shahmehri
Last updated: 2012-12-11