Secure Programming Techniques Project
- Code: MTAT.07.016 (3 EAP)
- Meetings: Fri 14-16 Narva 18 - 2048 (only on pre-announced weeks - see below)
- Lecturer: Meelis Roos
- Goal: find and fix a new security problem in real software.
- Grading comes 90% from the result of final presentation and report of the project and 10% from keeping up with the in-term deadlines
- Questions: mroos at ut dot ee
First meeting is on 14.02.2020 14-16 Narva 18 - 2048.
Outline
- Ideas for projects
- Simple projects are for one person only
- 2-3 person projects are possible, but you need to plan work distribution ahead and show that it seems possible without one student blocking another
- Incomprehensive list of source code Scanners
- Find a opensource project for scanning
- Find suitable tools for first steps, use them
- Search for security holes manually
- Find another project if nothing has been found (no later then end of March)
- Document the bug
- Fix the bug
- Fix all bugs of the same kind if possible
- Test and document the fixes
- Send a patch upstream, rewriting it if asked, until the patch is merged
- Give a presentation
Planned meetings
- 14.02.2020 14-16 room 2048 - First meeting, intro
- 21.02.2020 14-16 room 2048 - Code auditing demo with scanners (there will hopefully be a screencast with audio)
- 03.04.2020 14-16 room 2048 - Midterm meeting: how you have succeeded in finding the bugs
- 29.05.2020 14-16 room 2048 - Final presentations