Secure Programming Techniques Project
- Code: MTAT.07.016 (3 EAP)
- Meetings: Fri 14-16 Liivi 2 - 202 (only on pre-announced weeks - see below)
- Lecturer: Meelis Roos
- Goal: find and fix a new security problem in real software.
- Grading comes 90% from the result of final presentation and report of the project and 10% from keeping up with the in-term deadlines
- Questions: mroos at ut dot ee
First meeting is on 16.02.2018 14-16 Liivi 2-402.
Outline
- Ideas for projects
- Simple projects are for one person only
- 2-3 person projects are possible, but you need to plan work distribution ahead and show that it seems possible without one student blocking the other
- Incomprehensive list of source code Scanners
- Find a opensource project for scanning
- Find suitable tools for first steps, use them
- Search for security holes manually
- Find another project if nothing has been found (no later then end of March)
- Document the bug
- Fix the bug
- Fix all bugs of the same kind if possible
- Test and document the fixes
- Send a patch upstream, rewriting it if asked, until the patch is merged
- Give a presentation
Planned meetings
- 16.02.2018 14-16 room 402 - First meeting, intro
- 23.02.2018 14-16 room 402 - Code auditing demo with scanners (screencast with audio)
- 30.03.2018 14-16 room 402 - Midterm meeting: how you have succeeded in finding the bugs
- 01.06.2018 14-16 room 402 - Final presentations