Skip to main content

Unit information: Systems and Software Security (Teaching Unit) in 2020/21

Unit name Systems and Software Security (Teaching Unit)
Unit code COMSM0049
Credit points 0
Level of study M/7
Teaching block(s) Teaching Block 1 (weeks 1 - 12)
Unit director Dr. Rawat
Open unit status Not open
Pre-requisites

COMS10016 Imperative and Functional Programming and COMS10017 Object Oriented Programming and Algorithms I or equivalent

COMS10015 Computer Architecture and COMS10012 Software Tools or equivalent.

COMS20008 Computer Systems A and COMS20012 Computer Systems B or equivalent.

COMS20007 Programming Languages and Computation or equivalent.

Understanding and ability to work with:

  • C Programming
  • Computer Architecture
  • Software Development Tools
  • Compiler
  • Operating Systems
  • Networking
Co-requisites

EITHER COMSM0050 Systems and Software Security (Exam assessment, 10 credits)

OR COMSM0051 Systems and Software Security (Coursework assessment, 15 credits).

Please note:

COMSM0049 is the Teaching Unit for the Systems and Software Security option.

Single Honours Computer Science students can choose to be assessed by either examination (10 credits, COMSM0050) or coursework (15 credits, COMSM0051) by selecting the appropriate co-requisite assessment unit.

Any other students that are permitted to take the Systems and Software Security option are assessed by examination (10 credits) and should be enrolled on the co-requisite exam assessment unit (COMSM0050).

School/department Department of Computer Science
Faculty Faculty of Engineering

Description

Modern computer systems are large and complex and built over decades of technology and innovation. Vulnerabilities emerges from a combination of those properties. In this unit, we study how to identify such vulnerabilities and how to protect computer systems & software. This unit is intended for students with a strong computer science background and build on knowledge about computer architecture, networking, operating systems design, programming and compilation.

We explore Systems & Software Security from two complementary perspective: defensive and offensive techniques. Firstly, we will study the following defensive techniques:

  • Automated vulnerability detection/analysis;
  • Advanced Mitigation Techniques;
  • Intrusion Detection Systems;
  • Operating Systems Hardening;
  • Hardware-based Security.

Understanding an attacker and methods is important to design secure software and systems. Secondly, we will study the following topics:

  • Advanced Software Exploitation Techniques;
  • Hardware side-channels Exploitation;
  • Network Attacks.

Intended learning outcomes

General ILOs

On successful completion of this unit, students will be able to:

  1. Recognise and describe offensive techniques used in the wild.
  2. Demonstrate understanding of how systems and software can be engineered to protect against offensive techniques.
  3. Critically analyse software and systems design from a security perspective.
  4. Become a better system and software engineer.
  5. Gain comprehension of the complexity of modern computer systems.
  6. Learn to communicate about complex technical topics.

When assessed by Coursework, in addition to the General ILOs above, students will be able to:

  1. Gain hands on experience in exploiting software/systems vulnerabilities in practice.

Teaching details

Teaching will be delivered through a combination of synchronous and asynchronous sessions, including lectures, practical activities supported by drop-in sessions, problem sheets and self-directed exercises.

Teaching will take place over Weeks 1-7, with coursework support in Weeks 8-10 and for students assessed by examination, consolidation and revision sessions in Weeks 11 and 12.

Assessment Details

Examination details:

2 hour examination (100%, 10 credits).

OR

Coursework details:

Hands-on vulnerability exploitation and study of some advanced mitigation techniques. This will be completed over Weeks 9-11 (15 credits).

Reading and References

  • Anderson, Ross, Security Engineering, A Guide to Building Dependable Distributed Systems, 2nd Edition (2008, Wiley) ISBN 978-0-470-06852-6
  • Andriesse, Dennis, Practical Binary Analysis: Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly (2018, No Starch Press) ISBN: 978-1-593-27912-7

Feedback