4TU.
Cyber Security
Part of the
4TU.
Cyber Security
TU DelftTU EindhovenUniversity of TwenteWageningen University
4TU.
Cyber Security
Close

4TU.Federation

+31(0)6 48 27 55 61

secretaris@4tu.nl

Website: 4TU.nl

4TU.Research
Applied Mathematics InstituteBuilt EnvironmentDesign UnitedEnergyEthics & TechnologyHealthHigh-Tech MaterialsHistory of TechnologyNIRICT (ICT)Resilience EngineeringResearchDataHTSF I (high tech research)HTSF II (high tech research)
4TU.Education
Centre for Engineering Education4TU.VO (secondary education)SAI (Engineering Doctorate)Education programmes
4TU.Valorisation
4TU.IMPACTThematic Technology TransferSpin-off Stories4TU Impact Challenge
View all

LBS

4TU.CybSec Syllabus Language-Based Software Security

Credits: 5EC

Delivery: This course is not tele-lectured.

Motivation: Security vulnerabilities often arise due to programming errors in the source code of an application. Recent programming errors with severe security implications include Heartbleed (buffer over-read), Shellshock (code injection), and goto-fail (ill-formated code). Programming languages can help developers to prevent programming errors like these by defining coding principles and detecting violations of those principles through dynamic and static code analysis. Such language-based countermeasures relieve software developers of part of the burden of ensuring software security. But how to select and apply language-based countermeasures?

Synopsis:

This course studies dynamic and static code analysis techniques as language-based countermeasures to security vulnerabilities. In particular, we will investigate and compare the trade-offs of the following countermeasures:

To facilitate a precise study and comparison, we will define the above techniques formally in class. To facilitate student experimentation and exploration of trade-offs, students will implement the above techniques in homework assignments.

Learning outcomes: The student will be able to:

Lecturers: Prof Dr Eelco Visser

Examination: Oral or written exam and homework assignments.

Contents:Language semantics: tracing semantics, interpretation, compilation; Dynamic-analysis countermeasures: monitoring, runtime instrumentation; Static-analysis countermeasures: type systems, data-flow analysis, abstract interpretation.

HomeCoursesLBS
4TU.
Cyber Security
Part of the 4TU.Federation
Close
4TU.Research
Applied Mathematics InstituteBuilt EnvironmentDesign UnitedEnergyEthics & TechnologyHealthHigh-Tech MaterialsHistory of TechnologyNIRICT (ICT)Resilience EngineeringResearchDataHTSF I (high tech research)HTSF II (high tech research)
4TU.Education
Centre for Engineering Education4TU.VO (secondary education)SAI (Engineering Doctorate)Education programmes
4TU.Valorisation
4TU.IMPACTThematic Technology TransferSpin-off Stories4TU Impact Challenge
TU DelftTU EindhovenUniversity of TwenteWageningen University
© 2024 4TU.Federation