Winter 2024
This course covers software system reliability engineering and computer security basics. The goal is to build an understanding of common reliability and security measures in software and hardward systems. Given the fault-proneness of modern software systems, there is a pressing need for programmers and software engineers to grasp reliability issues. Understanding computer system insecurity is also emphasized in the modern web landscape.
Course content
We will cover both the basics and the latest advancements in reliability and security. Broadly speaking, the topics of this course break into four modules:
- Module 1: Software engineering practices
- Module 2: Reliable and fault-tolerant design
- Module 3: Security principles
- Module 4: Developing areas in reliability and security
Topics include: DevOps, SRE, fault-tolerant design, information redundancy, consensus mechanism, race condition, automated testing, fault localization, authentication, access control, encryption, digital signature, web vulnerabilities, injection, same-origin policy, cross site scripting, and blockchain technologies.
To facilitate the understanding of these topics, we will apply game theory (e.g., Byzantine General problem, Dining philosophers problem). For the pratical portion of this course, we will apply the Agile methodology and implement emerging reliability and security state-of-the-arts.
Prerequisite
- CMPUT 301
- Corequisite: ECE 487
Class time and location
- Monday, Wednesday, Friday 12:00-12:50
- ETLC E2-002
Grading
- Midterm (25%)
- Final Exam (30%)
- Project 1: Auto-Scaling for Cloud Microservices (20%)
- Project 2: Secure File System (25%)
Module 1: Software engineering practices
Week 1
- Lecture 1: Introduction to ECE 422
- Lecture 2: DevOps
- Lecture 3: Site Reliability Engineering
Module 2: Reliable and fault-tolerant design
Week 2
- Lecture 4: Fault-Tolerant Design
- Lecture 5: Fault Removal
- Lecture 6: Fault localization
Week 3
- Lecture 7: Error detection and correction code
- Lecture 8: Hamming codes
- Lecture 9: Cyclic codes
Week 4
- Lecture 10: Cyclic codes
- Lecture 11: Byzantine Fault Tolerance
- Lecture 12: Byzantine Gnerals Problem
Week 9
- Lecture 20: The Dining Philosophers Problem
- Lecture 21: Deadlocks
Module 3: Security principles
Week 5
- Lecture 13: CIA triad
- Lecture 14: Hash function and digital signature
- Lecture 15: Authentication
Week 6
- Lecture 16: Access control
- Lecture 17: Encryption
- Lecture 18: Midterm review
Week 7
- Reading week
Week 8
- Midterm
- Lecture 19: Diffie-Hellman Key Exchange
Week 10
- Lecture 22: Cookies and Sessions
- Lecture 23: Cross Site Scripting
- Lecture 24: Cross Site Scripting Prevention
Week 11
- Lecture 25: Content Security Policy
- Lecture 26: CPS nonce and strict-dynamic
- Lecture 27: Phishing and Denial-of-Service
Module 4: Developing areas in reliability and security
Week 12
- Lecture 28: Blocks and blockchain
- Lecture 29: Mining principles
- Lecture 30: Digital Signature and Double Spending Problem
Week 13
- Lecture 31: Selenium
- Lecture 32: Selenium demo
Week 14
- Lecture 33: Review session I
- Lecture 34: Review session II
Week 15
- No class
Week 16
- Final Exam