2020: Secure Programming is not running this year, but please enjoy the materials here. University of Edinburgh students should be able to access 2019 lecture recordings on Learn.
The course lecturer is David Aspinall.
Lectures were held:
The final 2019 lecture was on Thu 21st Nov.
The course is aimed at MSc students and 4th/5th year undergraduates. You will need background from a previous course in Computer Security, such as our courses Computer Security or Research Methods in Security, Privacy and Trust.
The course considers on software security broadly, discussing attacks as well as defensive programming. A good programming and systems background will be necessary.
Lecture slides and other materials appear here as the course goes along. There is no fixed text book. Reading recommendations will be given in lectures and slides. See the links in the first lecture for some starting points.
All course content will be published on this web page. On Learn (UoE only) you can access the lecture recordings.
You can ask questions and discuss the course on Piazza Q&A. Please do not disclose any coursework answers in any public questions.
To preview likely upcoming material, please see the previous session of this course.
|4.||MC: Stacks & Heaps||view||more|
|10.||Web I (authentication)||view||more|
|11.||Web II (urls,xss,authr’n)||view||more|
|12.||Web Apps III (leakage +)||view||more|
|14.||Static Analysis II||view||more|
There will 4 main lab sessions in the course, consisting of guided exercises with checkpoint questions. You are encouraged to take brief notes as answers to checkpoints which you may submit to us for additional feedback. The final lab session in Week 11 is optional and not a formal part of the course.
Labs will be held in AT 5.05 West Lab, on:
|1. (4th Oct)||Env & SUID (+overflows)|
|2. (18th Oct)||Injection|
|3. (1st Nov)||Race Conditions (+shellshock)|
|4. (15th Nov)||XSS (+CSRF)|
|4. (22nd Nov)||Session by SIGINT|
The labs are an essential part of the delivery of the course and supported by hands-on demonstrators. You may undertake labs in your own time but you will not have access to the lab demonstrators.
There is one assessed coursework for the course, split into two halves.
The combined deadline is 5pm 15th Nov.
Informatics Forum, 10 Crichton Street, Edinburgh, EH8 9AB, Scotland, UK
Tel: +44 131 651 5661, Fax: +44 131 651 1426, E-mail: email@example.com
Please contact our webadmin with any comments or corrections. Logging and Cookies
Unless explicitly stated otherwise, all material is copyright © The University of Edinburgh