CS 5970 Embedded Systems Security

Spring 2021

(This page will be changed frequently. Please check before class.)

Instructor:

Dr. Song Fang

 

Meeting:

MW 7:45 pm - 9:00 pm in Sarkeys Energy Ctr, A0235

Office hours:

MW 2:00 pm - 3:00 pm in DEH 232

Email address:

songf at ou.edu

Homepage:

http://www.cs.ou.edu/~songf/

Teaching assistant:

Mr. Edwin Yang

 

Office hours:

By appointment

Email address:

edwiny at ou.edu

Syllabus

syllabus.pdf

Grading:

Quizzes: 10%; Labs: 20%; Paper Summary: 20%; Presentation: 20%; Project: 30%

Suggested textbook: David Kleidermacher and Mike Kleidermacher, Embedded Systems Security: Practical Methods for Safe and Secure Software and Systems Development, 1st Edition, Newnes, 2012.

Wenliang Du. Computer Security: A Hands-on Approach. 1st Edition, 2017.
Labs: Lab 1: Environment Variable and Set-UID Lab due on 02/17, extend to 02/20
Lab 2: Shellshock Attack Lab due on 03/10
Lab 3: Buffer-Overflow Vulnerability Lab due on 04/05
Lab 4: Exercise with OpenSSL due on 04/21
Project: Teams of students will work on a collaborative project for the duration of the semester. Students can form teams, each with up to three members, based on common interests and/or complementary skills. You get no extra credit for working alone.
Notes on submissions:

You must use a text editor (e.g., MS Word, Latex) to complete your homework. All submissions should be made via OU's Canvas.


Schedule of classes (Topics and dates may change as the semester progresses)

Date Reading Topics Slide
01/25 Kleidermacher Chapter 1 Introduction to embedded systems security Lec 1
01/27 Du Chapter 1 Software security (1): Set-UID programs Lec 2
02/01 Invoking programs
02/03 Du Chapter 2 Software security (2): Environment variables and shell variables Lec 3
02/08 Attack surface on environment variables
02/10 Lab session 1
02/15 Campus is closed due to inclement weather - No class
02/17 Campus is closed due to inclement weather - No class
02/22 Du Chapters 4 and 5 Software security (3): Shellshock attack Lec 4
02/24 Project discussion
03/01 Software security (4): Buffer overflow attack Lec 5
03/03 Software security (5): Buffer overflow mitigation
03/08 Kleidermacher Chapter 4 Embedded cryptography: secret key cryptography, hash Lec 6
03/10 Public key cryptography Lec 7
03/15 Introduction to wireless security Lec 8
03/17 Lab session 2
03/22 Wireless jamming attacks and countermeasures
03/24 IoT seucurity Lec 9
03/29 Student in-class presentation (1)
03/31 Student in-class presentation (2)
04/05 Student in-class presentation (3)
04/07 Term project lightning talk
04/12 Project progress check
04/14 Side-channel attacks (1) Lec 10
04/19 Side-channel attacks (2)
04/21 Individual meeting on projects
04/26 Student in-class presentation (4)
04/28 Student in-class presentation (5)
05/03 Student in-class presentation (6)
05/05 Final project demo



© 2021 Song Fang.