192.112 Systems and Applications Security
This course is in all assigned curricula part of the STEOP.
This course is in at least 1 assigned curriculum part of the STEOP.

2021W, VU, 4.0h, 6.0EC

TUWEL course

Properties

Semester hours: 4.0
Credits: 6.0
Type: VU Lecture and Exercise
Format: Online

Learning outcomes

After successful completion of the course, students are able to understand common errors and security vulnerabilities as well as to deploy ways to detect and avoid them. Students are further able to conduct planning, testing and development of secure software applications. They gain a deeper understanding about the root causes of those errors and vulnerabilities by exploiting them themselves in a controlled environment, as well as apply principles of secure programming in practical examples. As a result, students are able to actively avoid these vulnerabilities and implement appropriate security measures in security relevant projects.

Subject of course

The lecture deals with common errors and vulnerabilities across OS and application layers as well as ways to detect and avoid them. Examples are used to highlight the general error classes and how they can be abused. Furthermore, software security testing techniques and binary analysis techniques are presented to detect vulnerabilities in applications and protocols and secure the development process.

In order to teach the subject in the most authentic way, the lecture uses a mostly "offensive approach": Security-related topics are viewed from an attacker's perspective and possible attack scenarios are shown. In practical challenges the students need to exploit previously discussed security vulnerabilities inside a controlled challenge-environment. This improves the students' understanding of the handled topics and helps them to prevent similar mistakes in own projects and allows them to actively take security measures when handling security relevant projects.

Please note that this course substitutes the two previous courses Advanced Internet Security as well as Software Security. In case you already finished both of these courses, you can not use Systems- and Application-Security for your degree.

Teaching methods

Lectures with slides and live demonstrations
Live online discussions of course topics
Accompanying challenges as homework assignments

Mode of examination

Immanent

Additional information

ECTS Breakdown (6 ECTS = 150 hours)

Lectures (20h)
Online Discussions, Self-studies (38h)
Challenges (90h)
Exam (2h)

Lecturers

Lindorfer, Martina
Bleier, Jakob
Ullrich, Johanna Maria Magdalena
Kudera, Christian
Merzdovnik, Georg
Garn, Bernhard
Squarcina, Marco

Institute

E192 Institute of Logic and Computation

Course dates

Day	Time	Date	Location	Description
Tue	10:00 - 11:00	05.10.2021	https://tuwien.zoom.us/j/96778878067?pwd=QkE1cUZxM1ZqTGtmNXhvOXJWSXNOZz09 (LIVE)	Overview of the security courses offered at TU Wien (optional)
Thu	15:00 - 16:00	14.10.2021	https://tuwien.zoom.us/j/98242051433?pwd=bTNzOGgyYzBvS1U2dkxtVXdqcWZDQT09 (LIVE)	Introductory Meeting
Thu	15:00 - 17:00	21.10.2021 - 20.01.2022	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09 (LIVE)	Online Lecture
Thu	15:00 - 17:00	02.12.2021	Online via TUWEL (LIVE)	Exam for First Part
Thu	15:00 - 17:00	27.01.2022	Online via TUWEL (LIVE)	Exam for Second Part

Show single appointments

Systems and Applications Security - Single appointments

Day	Date	Time	Location	Description
Tue	05.10.2021	10:00 - 11:00	https://tuwien.zoom.us/j/96778878067?pwd=QkE1cUZxM1ZqTGtmNXhvOXJWSXNOZz09	Overview of the security courses offered at TU Wien (optional)
Thu	14.10.2021	15:00 - 16:00	https://tuwien.zoom.us/j/98242051433?pwd=bTNzOGgyYzBvS1U2dkxtVXdqcWZDQT09	Introductory Meeting
Thu	21.10.2021	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	28.10.2021	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	11.11.2021	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	25.11.2021	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	02.12.2021	15:00 - 17:00	Online via TUWEL	Exam for First Part
Thu	09.12.2021	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	16.12.2021	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	13.01.2022	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	20.01.2022	15:00 - 17:00	UPDATE https://tuwien.zoom.us/j/93192267029?pwd=ckpPVmlIeTlQWTVtL2NWOHhnU3dodz09	Online Lecture
Thu	27.01.2022	15:00 - 17:00	Online via TUWEL	Exam for Second Part

Examination modalities

Written exam and practical exercises (challenges).

Course registration

Begin	End	Deregistration end
26.09.2021 00:00	28.10.2021 23:59	28.10.2021 23:59

Curricula

Study Code	Obligation	Semester	Precon.	Info
066 645 Data Science	Mandatory elective
066 926 Business Informatics	Mandatory elective
066 937 Software Engineering & Internet Computing	Mandatory elective

Literature

No lecture notes are available.

Previous knowledge

Programming experience in C/C++ and/or Python would be helpful.

Preceding courses

Language

English