CSCI 4907/6545 Software Security
| Instructor | Jie Zhou |
|---|---|
| jie.zhou@gwu.edu | |
| Office | SEH 4000 |
| Lectures | TR 09:35--10:50 a.m. at MON 110 |
| Office Hours | TBD |
| TA | TBD |
Description
Software security plays an invisible yet critical role in ensuring reliable and trustworthy services for modern computing systems. However, we are facing significant challenges in engineering secure software systems. This course will explore these challenges, with an emphasis on low-level software security. It will examine the root causes and exploitation techniques of common software vulnerabilities. It will also discuss the countermeasures, including both classic defenses deployed in production software as well as cutting-edge and experimental mechanisms. This course will combine regular lectures with seminar-style paper readings and discussions.
Prerequisites
The core prerequisite is a solid background in computer systems and low-level programming. Computer Architecture (CSCI 6461) and Systems Programming (CSCI 2410), or equivalent courses, are required. Operating Systems (CSCI 3411) is a strong plus but not strictly necessary. If you do not meet the prerequisites yet are still interested, please check with the instructor.
Learning Goals
Upon completion of this course, student are expected to:
- Understand the fundamental security threats to software systems.
- Understand the common defenses against software vulnerability exploitations.
- Have developed a secure programming mindset for software development.
For a more detailed outline of the topics covered in this course, see the syllabus and the schedule.
Grading (Tentative)
Grading is based on programming assignments, writing summaries and answering questions about readings, and a students-led discussion of a research paper (group work). In addition, class participation is valued, particularly asking questions in class and office hours. There will be no exams.
| Programming Assignments | 45% |
|---|---|
| Reading Comprehension | 40% |
| Paper Discussion | 10% |
| Class Participation | 5% |
Academic Integrity
Students who take this course must strictly adhere to GW's Code of Academic Integrity.
Use of generative AI: Tools such as ChatGPT are permitted for learning purposes, such as generating explanations for concepts or sample code snippets. However, they are strictly prohibited from generating content for your writing and programming assignments. The teaching staff will test students with oral questions about their submissions. Failures to answer consistently and clearly will be considered as a violation of academic honesty.
If you are uncertain about what is permitted and what is not, please ask the instructor.