Advanced System Security Analysis and Testing2019HT
|
|
Course plan
Organization:
Lectures and in-class exercises, presentation and mini project. The course will focus on the latest development of security analysis and testing methods for mainstream, embedded and cyber-physical systems. Some basic knowledge on software testing is recommended, but no prior knowledge in system security is required
Recommended for:
PhD students interested in the latest development of security testing and analysis techniques. The course will follow the vision of security-by-design principle. This means that the objective of the course is not to teach various attack techniques to compromise a system. Instead, we will focus on methodologies to protect software systems from the advanced and vicious cyber attacks.
The course was last given:
This is a new course.
Goals:
The objective of the course is to learn and apply advanced methods for testing and analyzing software systems with a focus on their security properties. All the sessions will have a mix of lectures and hands-on exercises. Hence, it is expected that the participants always come prepared in the class with the content learned and actively participate in solving the in-class exercises, which could as well involve programming.
Content:
- Blackbox, greybox and whitebox fuzzing methods.
- Latest cyber attacks, including Spectre, Meltdown and Foreshadow and how they
can compromise software systems.
- Advanced security analysis methods such as taint analysis.
- Application-specific security analysis and testing methodologies, e.g., for
embedded and cyber-physical systems.
- Apply the knowledge learnt in a mini-project.
Literature:
To be announced.
Lecturer:
Sudipta Chattopadhyay, Singapore University of Technology and Design
Examiner:
Petru Eles
Examination:
- Active participation in the presentation and in-class exercises.
- Mini project
Credit:
6hp
Page responsible: Director of Graduate Studies