Computer security and privacy

General

• Lectures will be held only in-person every Tuesday 15h15-17h00 in CE4. 
• Exercise sessions will be live and in-person every Thursday, 8h15-10h00
• the mid-term will be in-person and on site (on Thursday Nov 7 (closed book))
• the final exam will be held in-person and on site during the exam session in Jan/Feb (closed book)

In More Detail

Course Logistics

From Tuesday Sept 3 on, every following week will have the same structure: 

• Tuesday (15h15-17h00 in CE4). In-person lecture followed by an interactive exercise session led by Prof. Edouard Bugnion.   Due to the high class enrollment, there will be a livestream to the overflow room CM011
  

• Thursday (8h15-10h00 in BS160, BS170, CE2): Q&A time followed by an interactive exercise session (in small groups)

• 8h15-9h00: During the Q&A time, the TAs will be available to answer questions about the programming homework (graded assignments), theory exercises, or lecture material. The TAs best suited to answer questions about the programming homework are: Hugo, Marwan, Florian, and Pierre-Hadrien. The TAs best suited to answer questions about theory are Klim, Mathilde, Boya, Saiid, Christian, and Malo. 

• 9h15-10h00: During the interactive exercise session, each TA will lead a small group of students to solve a set of exercises, often questions from previous exams, published before the session

Course Activities

There are four different types of activities that you are expected to actively participate in

• Lectures: Lectures will be held live and in-person this year. Slides (without notes) will be published before the start of each week's lecture. The lectures will convey the theoretical foundations that you will need to participate in all other course activities. You are expected to attend lectures to follow the course material. As a backup, recordings of the lectures from 2021 will be published.
• Interactive exercise sessions: Interactive exercise are a set of questions we will solve together (either the whole class or in small groups, see above) in an interactive manner. Mostly, these questions are very open and thus do not have one single correct solution. You are not expected to solve these exercises before coming to the interactive exercise session. The only preparation needed is to attend the lecture given that week. Some notes about the proposed solutions will be published after the exercise sessions. However, these are not a replacement for attending the exercise session itself and actively participating in the discussion. We expect students to actively participate in the interactive exercise sessions on Tuesdays and Thursdays. Actively participating enables students to practice their security skills and learn from their mistakes. This helps to better understand of the concepts taught in this course and will greatly help at the time of taking exams.
• Programming homeworks: These are graded assignments that you are expected to solve on your own and individually at home. If you get stuck or need help, the TA team will be available during dedicated hours to answer your questions.
• Theory exercises: Each week, we will publish an exercise sheet with some theory questions about the content of the course. These exercises are meant to help you revisit the course material and prepare for the midterm and the final exam. At the end of each week, we will release written solutions to these exercises. You are expected to solve theory exercises at home. If you have trouble solving some of the exercises or to understand the proposed solutions, the TA team will be available during dedicated hours to answer your questions.
  

"I have a question"

Grading

The final grade is computed as the maximum of the following two combinations

• 60% final ; 30% mid-term ; 10% homework
• 90% final; 10% homework

This means that the other activities: written exercises, assignments, in-class participation, will not be graded. Yet, we strongly recommend you perform them with the same attention as they will greatly help you in your graded activities

Homeworks will be announced on the grading system (com301.epfl.ch). Each homework will be graded on 100 points. The final homework grade will be computed on the total of 500 points.  There is zero tolerance for collaboration on the homeworks.  Before the first homework, get your Linux environment ready (Virtualbox).  You may collaborate on the setup.  More information on the homeworks and the publication and hand-in days can be found in the Programming homeworks page.

Reference books

(Here you can find a mapping between concepts taught in the course and these books in the section below)

• Computer security, by D. Gollmann - https://onlinelibrary.wiley.com/doi/full/10.1002/wics.106
  
• Security Engineering, by R. Anderson - https://www.cl.cam.ac.uk/~rja14/book.html
• Computer Security Principles and practice, by W. Stallings and L. Brown - http://williamstallings.com/ComputerSecurity/

The Theory Exercises for Week 6 are included in the exercise sheet provided last week (Theory Exercises 5).