Secure Programming [CSCI 8245]

This is a special course I teach at the University of Georgia every Spring semester. This is a senior grad class. In this course, students will first learn about security threats of unsafe language and program analysis methods to identify software vulnerabilities. Later, the class will continue based on the fastest-growing memory-safe language (i.e. Rust) and explore how it guarantees memory, thread, and type safety besides some of the advanced features. Please, take a look at the syllabus for details. An expected class schedule can be found here.

Schedule

WeeksLecture
1Introduction
2Memory Corruption
2-3Race Condition
3-4Program Analysis
5Introduction to Rust
5Rust Basics
6Ownership Model
7Structs
7Enums
8Collections
9File Management and Error Handling
10Rust I/O Handling
10-11Rust Functional Programming Features
12-13Generics, Traits, and Lifetime
14Concurrency
15Crates and Modules
15Is Rust OOP?
16Smart Pointers
17Advanced Features

Group Project

TitleDescription
File Server
Group Chat
Network Simulator
Code Processor
Health Database

Assignments

TitleDeadline
PalindromeWeek 7
ConflictWeek 10
BubbleWeek 13
DeadlockWeek 15
ShortestWeek 17

Presentation

TitleCategory
How Do Programmers Use Unsafe Rust?L2
Is Rust Used Safely by Software Developers?L1
Memory-Safety Challenge Considered Solved? An In-Depth Study with All Rust CVEsL2
System Programming in Rust: Beyond SafetyL1
Towards Memory Safe Enclave Programming with Rust-SGXL2
Sandcrust: Automatic Sandboxing of Unsafe Components in RustL1
RustBelt: securing the foundations of the rust programming languageL2
Exploring Rust for Unikernel DevelopmentL1
Fuzzing the Rust Typechecker Using CLP (T)L2
RusTEE: Developing Memory-Safe ARM TrustZone ApplicationsL1
Securing unsafe rust programs with XRustL2