ECE 422 - Reliable and Secure Systems Design

Winter 2024

This course covers software system reliability engineering and computer security basics. The goal is to build an understanding of common reliability and security measures in software and hardward systems. Given the fault-proneness of modern software systems, there is a pressing need for programmers and software engineers to grasp reliability issues. Understanding computer system insecurity is also emphasized in the modern web landscape.

Course content

We will cover both the basics and the latest advancements in reliability and security. Broadly speaking, the topics of this course break into four modules:

  • Module 1: Software engineering practices
  • Module 2: Reliable and fault-tolerant design
  • Module 3: Security principles
  • Module 4: Developing areas in reliability and security

Topics include: DevOps, SRE, fault-tolerant design, information redundancy, consensus mechanism, race condition, automated testing, fault localization, authentication, access control, encryption, digital signature, web vulnerabilities, injection, same-origin policy, cross site scripting, and blockchain technologies.

To facilitate the understanding of these topics, we will apply game theory (e.g., Byzantine General problem, Dining philosophers problem). For the pratical portion of this course, we will apply the Agile methodology and implement emerging reliability and security state-of-the-arts.

Prerequisite

  • CMPUT 301
  • Corequisite: ECE 487

Class time and location

  • Monday, Wednesday, Friday 12:00-12:50
  • ETLC E2-002

Grading

  • Midterm (25%)
  • Final Exam (30%)
  • Project 1: Auto-Scaling for Cloud Microservices (20%)
  • Project 2: Secure File System (25%)

Module 1: Software engineering practices

Week 1

  • Lecture 1: Introduction to ECE 422
  • Lecture 2: DevOps
  • Lecture 3: Site Reliability Engineering

Module 2: Reliable and fault-tolerant design

Week 2

  • Lecture 4: Fault-Tolerant Design
  • Lecture 5: Fault Removal
  • Lecture 6: Fault localization

Week 3

  • Lecture 7: Error detection and correction code
  • Lecture 8: Hamming codes
  • Lecture 9: Cyclic codes

Week 4

  • Lecture 10: Cyclic codes
  • Lecture 11: Byzantine Fault Tolerance
  • Lecture 12: Byzantine Gnerals Problem

Week 9

  • Lecture 20: The Dining Philosophers Problem
  • Lecture 21: Deadlocks

Module 3: Security principles

Week 5

  • Lecture 13: CIA triad
  • Lecture 14: Hash function and digital signature
  • Lecture 15: Authentication

Week 6

  • Lecture 16: Access control
  • Lecture 17: Encryption
  • Lecture 18: Midterm review

Week 7

  • Reading week

Week 8

  • Midterm
  • Lecture 19: Diffie-Hellman Key Exchange

Week 10

  • Lecture 22: Cookies and Sessions
  • Lecture 23: Cross Site Scripting
  • Lecture 24: Cross Site Scripting Prevention

Week 11

  • Lecture 25: Content Security Policy
  • Lecture 26: CPS nonce and strict-dynamic
  • Lecture 27: Phishing and Denial-of-Service

Module 4: Developing areas in reliability and security

Week 12

  • Lecture 28: Blocks and blockchain
  • Lecture 29: Mining principles
  • Lecture 30: Digital Signature and Double Spending Problem

Week 13

  • Lecture 31: Selenium
  • Lecture 32: Selenium demo

Week 14

  • Lecture 33: Review session I
  • Lecture 34: Review session II

Week 15

  • No class

Week 16

  • Final Exam