CSEP590B: PMP Special Topics: Security Engineering
Administrative
Autumn 2023
Time: Mondays 6:30-9:20 PM
Location: G10
Instructor: Adam Shostack
Teaching assistant: TBD
Office hours: by appointment (please do ask to chat!)
Please do not hesitate to write to the instructor about any accommodations or questions related to readings or course material.
Description
Developing secure systems requires an understanding of the failure modes, and also how to build security into systems. That involves an understanding of security as a feature and security as a systems property, as well as the economic, political, and organizational factors that contribute to security being built, and market, usability, and network effects that lead to security being either part of or an obstacle to market success.
Complementing the 564 course, Security Engineering (SE) will rely on existing understanding of security flaws and how they work, and focus on the engineering techniques that students can bring to bear in delivering secure products and services. Unlike 564, which is a broad tour through computer security and which has a deep emphasis on learning from attack methodologies, SE will focus on engineering processes and techniques that produce systems that defenders can operate safely. So where 564 covers memory safety by writing a buffer overflow, SE will cover selecting safer languages, and techniques for safer parsing with untrusted languages, such as sandbox architectures. The course uses a “read, discuss and explore” approach more than coding assignments, or ‘configure this tool’ assignments.
Objectives
The course will give students an overarching view of security, and how and why to build it into products, via a mix of readings, lectures, interactive discussion and project work. Students will be able to consider both specific appropriate defenses for a system, and engineering techniques that ensure those defenses are considered in structured, systematic and comprehensive ways.
Syllabus
The formal syllabus is available in Canvas. A draft is here. The textbook is Threat Modeling: Designing for Security. (Royalties are donated to UW.) Week 1 reading includes Chapters 1-3.
Syllabus themes, by week:
- Intro, security and insecurity
- Principles and Design
- Human factors
- Human problems
- Economics
- Law
- Standards and compliance
- Ethics; Machine learning
- Conflict and war
- Final paper