CS 5970 Embedded Systems Security

Spring 2020

(This page will be changed frequently. Please check before class.)


Dr. Song Fang



MW 4:30 pm - 5:45 pm in Carson Engr Ctr 0031

Office hours:

MW 3:30 pm - 4:30 pm in DEH 232

Email address:

songf at ou.edu



Teaching assistant:





Quizzes: 10%; Labs: 15%; Paper Summary: 30%; Presentation: 20%; Project: 25%

Suggested textbook: David Kleidermacher and Mike Kleidermacher, Embedded Systems Security: Practical Methods for Safe and Secure Software and Systems Development, 1st Edition, Newnes, 2012.

Wenliang Du. Computer Security: A Hands-on Approach. 1st Edition, 2017.
Labs: Lab 1: Environment Variable and Set-UID Lab due on 02/09
Lab 2: Buffer-Overflow Vulnerability Lab due on 03/01
Lab 3: Exercise with OpenSSL due on 03/18
In-class presentation: Each student should select a paper from the paper list provided by the instructor and prepare an in-class presentation about the selected paper.
Project: Teams of students will work on a collaborative project for the duration of the semester. Students can form teams, each with up to three members, based on common interests and/or complementary skills. You get no extra credit for working alone.
Notes on submissions:

You must use a text editor (e.g., MS Word, Latex) to complete your homework. All submissions should be made via OU's Canvas.
Course feedback

Schedule of classes (Topics and dates may change as the semester progresses)

Date Reading Topics Slide
01/13 Kleidermacher Chapter 1 Introduction to embedded systems security Lec 1
01/15 Du Chapter 1, On Trusting Trust Software security (1): Set-UID programs Lec 2
01/20 Martin Luther King Day Holiday - No class
01/22 Invoking programs
01/27 Du Chapter 2 Software security (2): Environment variables and shell variables Lec 3
01/29 Attack surface on environment variables
02/03 Du Chapters 4 and 5 Software security (3): Buffer overflow attack Lec 4
02/05 Campus is closed due to inclement weather
02/10 Student in-class presentation (1)
02/12 Project discussion; stack buffer-overflow attack
02/17 Student in-class presentation (2)
02/19 Software security (4): Buffer overflow mitigation
02/24 Student in-class presentation (3)
02/26 Kleidermacher Chapter 4 Embedded cryptography: secret key cryptography, hash Lec 5
03/02 Public key cryptography Lec 6
03/04 Blockchain
03/09 Student in-class presentation (4)
03/11 Introduction to wireless security Lec 7
03/16 Spring Vacation - No class
03/18 Spring Vacation - No class
03/23 Term project lightning talk; lab analysis
03/25 Wireless jamming attacks and countermeasures
03/30 Student in-class presentation (5)
04/01 IoT seucurity Lec 8
04/06 Student in-class presentation (6)
04/08 Individual meeting on projects - No class
04/13 Student in-class presentation (7)
04/15 Student in-class presentation (8)
04/20 Side-channel attacks Lec 9
04/22 Emerging applications Lec 10
04/27 Student in-class presentation (9)
04/29 Final project demo

© 2020 Song Fang.