Course description

The recent news of micro-architecture level security vulnerabilities and exploits like Spectre and Meltdown has highlighted the need to consider the full computer system stack when implementing performance or security concepts. In this project-based learning activity, we will cover: (i) application level security concepts such as control flow hijacking, return oriented programming vulnerabilities, code injection attacks, (ii) conventional processor organization and its vulnerabilities, and finally (iii) secure applications and processor design principles.

Objectives

The key learning outcomes are to provide junior and senior undergraduate students interested in cybersecurity with:

• a deeper understanding of computer organization - the von Neumann architecture - and its inherent vulnerabilities;
• approaches to distinguish between software and hardware security vulnerabilities;
• a greater insights into programming level vulnerabilities - e.g., dynamic memory allocation and guards;
• a fundamental understanding of side-channel effects;
• a hardware view of cybersecurity - process isolation, data integrity, and secure communication;

Textbook (No Textbook Required)

Office Hours

• Prof. Kinsy: I will be around each day after class from 12:00pm to 1:00pm to answer any question that you may have.