Carnegie Mellon University

Electrical and Computer Engineering

College of Engineering

Course Information

18-732: Secure Software Systems

Units:

12

Description:

Poor software design and engineering are the root causes of most security vulnerabilities in deployed systems today. Moreover, with code mobility now commonplace--particularly in the context of web technologies and digital rights management--system designers are increasingly faced with protecting hosts from foreign software and protecting software from foreign hosts running it. This class takes a close look at software as a mechanism for attack, as a tool for protecting resources, and as a resource to be defended. Topics covered include the software design process; choices of programming languages, operating systems, databases and distributed object platforms for building secure systems; common software vulnerabilities, such as buffer overflows and race conditions; auditing software; proving properties of software; software and data watermarking; code obfuscation; tamper resistant software; and the benefits of open and closed source development.

Students in 18-335 will share lectures and homeworks with students in 18-732. However, 18-732 has additional requirements not shared by 18-335, including the requirement to produce scribe notes and to practice and demonstrate the ability to read and summarize scientific papers on the topics covered by the course. Senior or graduate standing required.


Last Modified: 2024-01-19 12:22PM

Current session:

This course is currently being offered.

Semesters offered:

  • Spring 2024
  • Spring 2023
  • Summer-1/All 2022
  • Spring 2022
  • Spring 2021
  • Spring 2020
  • Spring 2019
  • Spring 2018
  • Spring 2017
  • Spring 2016
  • Spring 2015
  • Spring 2014
  • Spring 2013
  • Spring 2012
  • Fall 2011
  • Fall 2010
  • Spring 2010
  • Fall 2009
  • Fall 2008
  • Fall 2006
  • Spring 2006
  • Fall 2005
  • Spring 2005
  • Fall 2004
  • Spring 2004