COMPGS10 - Language Based Security
This database contains the 2016-17 versions of syllabuses. Syllabuses from the 2015-16 session are available here.
Note: Whilst every effort is made to keep the syllabus and assessment records correct, the precise details must be checked with the lecturer(s).
|Code||COMPGS10 (Also taught as: COMPM028)|
|Prerequisites||An understanding of the basics of programming and software engineering.|
|Taught By||David Clark (50%), Jens Krinke(50%)|
|Aims||The aim of this module is to provide students with specialist knowledge and understanding to solve software related problems associated with the security of software systems.|
|Learning Outcomes||Successful completion of this module will provide students with an understanding of the relationship between computer program design and security, how variousl security-related properties of computer programs are formulated and guaranteed, and in-depth knowledge of a variety of contexts in which understanding can be applied.|
The course covers in depth major issues in computer security related to computer programming, in particular it provides a detailed treatment of theory and practice for:
- Vulnerabilities and faults
- Secure information flow
- Semantics based malware detection
Students will be introduced to removal of vulnerabilities of code via fault detection. Topics covered will include Data Flow Analysis, Buffer OVerruns and Fuzz Testing.
The bulk of the course will be devoted to theory and practice of secure inforamtion flow. First sutdents will learn how to use dependence analysis extracted via a slicing tool to do practical information flow control. Subsequently they will be taught some underlying theory and then examine more advanced topics such as flow sensitive type systems, information erasure, declassification and measuring information flow. This will be supported by tools such as JIF, PARAGON, a bounded model checker and the QIF Analyser.
The final part of the course will look at issues in semantics based malware detection, particularly at the limitations of such an approach with respect to semantic decidability and encryption/ packing techniques.
Method of Instruction
Delivery will be via a combination of lectures, problem solving sessions and traning on laboratory tools. Students will be given weekly exercises to explore and practice new techniques and tools.
The course has the following assessment components:
- Unseen written examination (2.5 hours, 70%)
- 2 pieces of coursework (15% each)
To pass the module students must:
- Obtain an overall pass mark of 50%.
Provided on Moodle