Computer systems today are eminently hackable. However, the rise of entirely new classes of devices and programming models makes this a unique opportunity for high-impact research in systems security -- this course will give attendees some axes to think along as they attempt to build secure systems.
We will begin this course by reviewing how systems in cars, medical devices, mobile phones, and datacenters have been compromised, drawing out common themes in vulnerabilities across these domains.
We will then discuss security policies i.e. specific objectives for a system against a well-defined set of threats and discuss how these policies compose together to yield end-to-end objectives.
Mechanisms to implement these policies can then span the hardware-software boundary the goal here is to demonstrate trade-offs in general purpose v. embedded systems, enterprise v. datacenter networks, legacy software v. new application frameworks, etc where constraints such as economics, backward compatibility, or performance drives the implementation.
The course will close out with some open problems in systems security.
Mohit Tiwari is an Assistant Professor at University of Texas, Austin. His research on building information-leak free containers and detecting malware as anomalies has received the NSF Career award (2015), Best Paper awards (ASPLOS'15, PACT'09), IEEE Micro Top Picks (2010, 2014 Honorable Mention), and industry awards from Google and Qualcomm. Before joining UT, he received his PhD at UC-Santa Barbara in 2011 and worked with Krste Asanovic and Dawn Song as a post-doc at UC-Berkeley from 201113.