Search result: Catalogue data in Autumn Semester 2020

Computer Science Master Information
Master Studies (Programme Regulations 2020)
Majors
Major in Secure and Reliable Systems
Core Courses
NumberTitleTypeECTSHoursLecturers
252-0237-00LConcepts of Object-Oriented Programming Information W8 credits3V + 2U + 2AP. Müller
AbstractCourse that focuses on an in-depth understanding of object-oriented programming and compares designs of object-oriented programming languages. Topics include different flavors of type systems, inheritance models, encapsulation in the presence of aliasing, object and class initialization, program correctness, reflection
ObjectiveAfter this course, students will:
Have a deep understanding of advanced concepts of object-oriented programming and their support through various language features. Be able to understand language concepts on a semantic level and be able to compare and evaluate language designs.
Be able to learn new languages more rapidly.
Be aware of many subtle problems of object-oriented programming and know how to avoid them.
ContentThe main goal of this course is to convey a deep understanding of the key concepts of sequential object-oriented programming and their support in different programming languages. This is achieved by studying how important challenges are addressed through language features and programming idioms. In particular, the course discusses alternative language designs by contrasting solutions in languages such as C++, C#, Eiffel, Java, Python, and Scala. The course also introduces novel ideas from research languages that may influence the design of future mainstream languages.

The topics discussed in the course include among others:
The pros and cons of different flavors of type systems (for instance, static vs. dynamic typing, nominal vs. structural, syntactic vs. behavioral typing)
The key problems of single and multiple inheritance and how different languages address them
Generic type systems, in particular, Java generics, C# generics, and C++ templates
The situations in which object-oriented programming does not provide encapsulation, and how to avoid them
The pitfalls of object initialization, exemplified by a research type system that prevents null pointer dereferencing
How to maintain the consistency of data structures
LiteratureWill be announced in the lecture.
Prerequisites / NoticePrerequisites:
Mastering at least one object-oriented programming language (this course will NOT provide an introduction to object-oriented programming); programming experience
252-0463-00LSecurity Engineering Information W7 credits2V + 2U + 2AD. Basin, S. Krstic
AbstractSubject of the class are engineering techniques for developing secure systems. We examine concepts, methods and tools, applied within the different activities of the SW development process to improve security of the system. Topics: security requirements&risk analysis, system modeling&model-based development methods, implementation-level security, and evaluation criteria for secure systems
ObjectiveSecurity engineering is an evolving discipline that unifies two important areas: software engineering and security. Software Engineering addresses the development and application of methods for systematically developing, operating, and maintaining, complex, high-quality software.
Security, on the other hand, is concerned with assuring and verifying properties of a system that relate to confidentiality, integrity, and availability of data.

The goal of this class is to survey engineering techniques for developing secure systems. We will examine concepts, methods, and tools that can be applied within the different activities of the software development process, in order to improve the security of the resulting systems.

Topics covered include

* security requirements & risk analysis,
* system modeling and model-based development methods,
* implementation-level security, and
* evaluation criteria for the development of secure systems
ContentSecurity engineering is an evolving discipline that unifies two important areas: software engineering and security. Software Engineering addresses the development and application of methods for systematically developing, operating, and maintaining, complex, high-quality software.
Security, on the other hand, is concerned with assuring and verifying properties of a system that relate to confidentiality, integrity, and availability of data.

The goal of this class is to survey engineering techniques for developing secure systems. We will examine concepts, methods, and tools that can be applied within the different activities of the software development process, in order to improve the security of the resulting systems.

Topics covered include

* security requirements & risk analysis,
* system modeling and model-based development methods,
* implementation-level security, and
* evaluation criteria for the development of secure systems

Modules taught:

1. Introduction
- Introduction of Infsec group and speakers
- Security meets SW engineering: an introduction
- The activities of SW engineering, and where security fits in
- Overview of this class
2. Requirements Engineering: Security Requirements and some Analysis
- overview: functional and non-functional requirements
- use cases, misuse cases, sequence diagrams
- safety and security
- FMEA, FTA, attack trees
3. Modeling in the design activities
- structure, behavior, and data flow
- class diagrams, statecharts
4. Model-driven security for access control (design)
- SecureUML as a language for access control
- Combining Design Modeling Languages with SecureUML
- Semantics, i.e., what does it all mean,
- Generation
- Examples and experience
5. Model-driven security (Part II)
- Continuation of above topics
6. Security patterns (design and implementation)
7. Implementation-level security
- Buffer overflows
- Input checking
- Injection attacks
8. Testing
- overview
- model-based testing
- testing security properties
9. Risk analysis and management 1 (project management)
- "risk": assets, threats, vulnerabilities, risk
- risk assessment: quantitative and qualitative
- safeguards
- generic risk analysis procedure
- The OCTAVE approach
10. Risk analysis: IT baseline protection
- Overview
- Example
11. Evaluation criteria
- CMMI
- systems security engineering CMM
- common criteria
12. Guest lecture
- TBA
Literature- Ross Anderson: Security Engineering, Wiley, 2001.
- Matt Bishop: Computer Security, Pearson Education, 2003.
- Ian Sommerville: Software Engineering, 6th ed., Addison-Wesley, 2001.
- John Viega, Gary McGraw: Building Secure Software, Addison-Wesley, 2002.
- Further relevant books and journal/conference articles will be announced in the lecture.
Prerequisites / NoticePrerequisite: Class on Information Security
252-1414-00LSystem Security Information W7 credits2V + 2U + 2AS. Capkun, A. Perrig
AbstractThe first part of the lecture covers individual system aspects starting with tamperproof or tamper-resistant hardware in general over operating system related security mechanisms to application software systems, such as host based intrusion detection systems. In the second part, the focus is on system design and methodologies for building secure systems.
ObjectiveIn this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems, and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met.
ContentThe first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc.

In the second part, the focus is on system design and methodologies for building secure systems. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, language-supported security, logging and auditing (BSM audit, dtrace, ...), cryptographic support, and trustworthy computing (TCG, SGX).

Along the lectures, model cases will be elaborated and evaluated in the exercises.
263-2800-00LDesign of Parallel and High-Performance Computing Information W9 credits3V + 2U + 3AT. Hoefler, M. Püschel
AbstractAdvanced topics in parallel and high-performance computing.
ObjectiveUnderstand concurrency paradigms and models from a higher perspective and acquire skills for designing, structuring and developing possibly large parallel high-performance software systems. Become able to distinguish parallelism in problem space and in machine space. Become familiar with important technical concepts and with concurrency folklore.
ContentWe will cover all aspects of high-performance computing ranging from architecture through programming up to algorithms. We will start with a discussion of caches and cache coherence in practical computer systems. We will dive into parallel programming concepts such as memory models, locks, and lock-free. We will cover performance modeling and parallel design principles as well as basic parallel algorithms.
Prerequisites / NoticeThis class is intended for the Computer Science Masters curriculum. Students must have basic knowledge in programming in C as well as computer science theory. Students should be familiar with the material covered in the ETH computer science first-year courses "Parallele Programmierung (parallel programming)" and "Algorithmen und Datenstrukturen (algorithm and data structures)" or equivalent courses.
263-4640-00LNetwork Security Information W8 credits2V + 2U + 3AA. Perrig, S. Frei, M. Legner
AbstractSome of today's most damaging attacks on computer systems involve
exploitation of network infrastructure, either as the target of attack
or as a vehicle to attack end systems. This course provides an
in-depth study of network attack techniques and methods to defend
against them.
Objective- Students are familiar with fundamental network security concepts.
- Students can assess current threats that Internet services and networked devices face, and can evaluate appropriate countermeasures.
- Students can identify and assess known vulnerabilities in a software system that is connected to the Internet (through analysis and penetration testing tools).
- Students have an in-depth understanding of a range of important security technologies.
- Students learn how formal analysis techniques can help in the design of secure networked systems.
ContentThe course will cover topics spanning five broad themes: (1) network
defense mechanisms such as secure routing protocols, TLS, anonymous
communication systems, network intrusion detection systems, and
public-key infrastructures; (2) network attacks such as denial of
service (DoS) and distributed denial-of-service (DDoS) attacks; (3)
analysis and inference topics such as network forensics and attack
economics; (4) formal analysis techniques for verifying the security
properties of network architectures; and (5) new technologies related
to next-generation networks.
Prerequisites / NoticeThis lecture is intended for students with an interest in securing
Internet communication services and network devices. Students are
assumed to have knowledge in networking as taught in a Communication
Networks lecture. The course will involve a course project and some
smaller programming projects as part of the homework. Students are
expected to have basic knowledge in network programming in a
programming language such as C/C++, Go, or Python.
Elective Courses
NumberTitleTypeECTSHoursLecturers
252-1411-00LSecurity of Wireless Networks Information W6 credits2V + 1U + 2AS. Capkun, K. Kostiainen
AbstractCore Elements: Wireless communication channel, Wireless network architectures and protocols, Attacks on wireless networks, Protection techniques.
ObjectiveAfter this course, the students should be able to: describe and classify security goals and attacks in wireless networks; describe security architectures of the following wireless systems and networks: 802.11, GSM/UMTS, RFID, ad hoc/sensor networks; reason about security protocols for wireless network; implement mechanisms to secure
802.11 networks.
ContentWireless channel basics. Wireless electronic warfare: jamming and target tracking. Basic security protocols in cellular, WLAN and
multi-hop networks. Recent advances in security of multi-hop networks; RFID privacy challenges and solutions.
263-2400-00LReliable and Interpretable Artificial Intelligence Information W6 credits2V + 2U + 1AM. Vechev
AbstractCreating reliable and explainable probabilistic models is a fundamental challenge to solving the artificial intelligence problem. This course covers some of the latest and most exciting advances that bring us closer to constructing such models.
ObjectiveThe main objective of this course is to expose students to the latest and most exciting research in the area of explainable and interpretable artificial intelligence, a topic of fundamental and increasing importance. Upon completion of the course, the students should have mastered the underlying methods and be able to apply them to a variety of problems.

To facilitate deeper understanding, an important part of the course will be a group hands-on programming project where students will build a system based on the learned material.
ContentThe course covers some of the latest research (over the last 2-3 years) underlying the creation of safe, trustworthy, and reliable AI (more information here: https://www.sri.inf.ethz.ch/teaching/riai2020):

* Adversarial Attacks on Deep Learning (noise-based, geometry attacks, sound attacks, physical attacks, autonomous driving, out-of-distribution)
* Defenses against attacks
* Combining gradient-based optimization with logic for encoding background knowledge
* Complete Certification of deep neural networks via automated reasoning (e.g., via numerical abstractions, mixed-integer solvers).
* Probabilistic certification of deep neural networks
* Training deep neural networks to be provably robust via automated reasoning
* Understanding and Interpreting Deep Networks
* Probabilistic Programming
Prerequisites / NoticeWhile not a formal requirement, the course assumes familiarity with basics of machine learning (especially probability theory, linear algebra, gradient descent, and neural networks). These topics are usually covered in “Intro to ML” classes at most institutions (e.g., “Introduction to Machine Learning” at ETH).

For solving assignments, some programming experience in Python is excepted.
227-0579-00LHardware Security Restricted registration - show details W6 credits4GK. Razavi
AbstractThis course covers the security of commodity computer hardware (e.g., CPU, DRAM, etc.) with a special focus on cutting-edge hands-on research. The aim of the course is familiarizing the students with hardware security and more specifically microarchitectural and circuit-level attacks and defenses through lectures, reviewing and discussing papers, and executing some of these advanced attacks.
ObjectiveBy the end of the course, the students will be familiar with the state of the art in commodity computer hardware attacks and defenses. More specifically, the students will learn about:

- security problems of commodity hardware that we use everyday and how you can defend against them.
- relevant computer architecture and operating system aspects of these issues.
- hands-on techniques for performing hardware attacks.
- writing critical reviews and constructive discussions with peers on this topic.

This is the course where you get credit points by building some of the most advanced exploits on the planet! The luckiest team will collect a Best Demo Award at the end of the course.
LiteratureSlides, relevant literature and manuals will be made available during the course.
Prerequisites / NoticeKnowledge of systems programming and computer architecture is a plus.
  •  Page  1  of  1