|
As the world becomes increasingly connected and driven by computing, failures of secure design have tremendous real world impact. The Stuxnet worm, while a small piece of code, was designed to destroy centrifuges used for uranium enrichment. Infrastructure is tied to computing, and understanding how the practices of computer security have real-life, real-world implications is important to secure software and hardware design.
From lockpicking to cyber-physical systems, from cell phones to radios and telescopes, this seminar will examine recent work in security that influences a wide variety of physical world phenomena, sometimes in unexpected ways. We will focus primarily on papers from top security conferences that have explored these interactions.
A detailed list of topics and the papers to be discussed (subject to change as the term evolves) will be available on the course schedule.
Please contact the instructor if you have questions regarding the material or concerns about whether your background is suitable for the course.
The expectations for the course are that students will attend every class, do the readings assigned for class, and actively and constructively participate in class discussions. Students will be called upon to present some of the material for the class and to scribe notes. This is a pass/fail course. More than one undocumented absence, or failure to prepare for presentations or scribing, will result in a failing grade.
Class participation will be a measure of contributing to the discourse both in class, through discussion and questions, and outside of class through contributing and responding to the mailing list. I have little interest in having people spam the class or the list with content-free statements in the hopes of sounding like they are participating; this will be more a measure of engagement with the material.
Students are required to follow the university guidelines on academic conduct at all times. Students failing to meet these standards will automatically receive a 'F' grade for the course. The instructor carefully monitors for instances of offenses such as plagiarism and illegal collaboration, so it is very important that students use their best possible judgement in meeting this policy. The instructor will not entertain any discussion on the discovery of an offense, and will assign the 'F' grade and refer the student to the appropriate University bodies for possible further action.
This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class and possible more severe academic and legal sanctions.
When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor Butler.