(###)

CPSC 538M: Systems Security

[**Overview**](#overview) **//** [**Registration and Prerequisites**](#registration-and-prerequisites) **//** [**Evaluation**](#course-structure-and-grading) **//** [**Projects**](./projects.html) **//** [**Class schedule**](#reading-list) **//** [**Academic Integrity**](#academic-integrity)

Overview

This is a research-oriented graduate course covering topics on security and privacy techniques for software systems in the web, cloud, mobile, and edge.

Learning objectives:

get familiar with cutting edge research topics in systems security
understand the key components of executing a systems security research project (both attack and defense mechanisms) from reading papers
be able to apply the security research to your area of practice
evaluate your interest in the field for future research

Instructor: Aastha Mehta ( [firstname]k[lastinitial] [AT] cs.ubc.ca )

Class hours: Tue/Thu 11:00 – 12:30 hours PT, ~~SWNG 306~~ ICCS 304

Office hours: Wed, 12:00 - 13:00h PT ([Zoom](https://ubc.zoom.us/j/62230160950?pwd=vCin2dlT0nJqEhOz64ovhc0c8bumt2.1)), or by appointment

Web tools: Piazza

Registration and Prerequisites

Registration: Note, the last date to add/drop out of the course is 15 Sep 2025.

Prerequisites: Undergraduate knowledge of operating systems, architecture, networking, databases, and software engineering is essential. Any background in security is welcome but not required. The course is intended for Masters and Ph.D. students in Computer Science, but enterprising Bachelors students are welcome to participate.

Prerequisites for bachelors students: Fourth year standing, satisfying honors requirements. Students should have taken CPSC 313 and CPSC 317. Having taken at least one of CPSC 436A or CPSC 436S is great, but not mandatory.

Evaluation

The goal of this course is to teach you how to identify security threats, devise and reason about defense strategies, and develop security-oriented research directions within your own domain. The evaluation for this course consists of three components:

Class participation: 20%
Mid-term quiz: 25%
Project: 55%

The grading scheme is tentative and subject to change until the beginning of the course. The course staff reserves the right to change the scheme, but we do not anticipate using that right except in consultation with the class as a whole.

Class participation (20%): Participation includes engaging in discussion over Piazza, in the "lectures", over HotCRP, and in project presentations of your peers.

Students are expected to read the assigned reading material before each class, post initial questions and discussion points on Piazza, and respond to others' questions on Piazza and in class. Please submit your questions and initial discussion points on Piazza by 11:00am one day before the class. In the class, we will discuss the reading material and applications of the ideas beyond the papers. You will be graded based on the quality of participation. The additional reading material may provide broader or deeper insights into a topic, but is not essential for classroom discussion.
In addition, each student is expected to give feedback on at least two other groups' project proposals. Your feedback will count towards your class participation points.

Mid-term Quiz (25%): There will be one mid-term quiz conducted in the class time. The quiz will be open-book and open-laptop. Note that sharing quiz questions and answers to any external site, or to people outside the course section, now or at a later point in time, is strictly forbidden.

Project (55%): The course project must be done in teams of 1-2. The goal of the project is to learn to conduct research in computer security. You are encouraged to come up with your own ideas, but you can talk to the instructor for some ideas that are well-scoped for a course project.

Exploration: You may undertake a project overlapping with your own research, if you can demonstrate how it is related to and/or influenced by some topic from this course. You may describe the design, implementation, and evaluation of your solution in the project report. You may optionally submit an artifact along with the report.
Replication: You may reproduce the results of an existing systems security solution. In this case, you are expected to submit a functional artifact and results along with the project report (see more below).
Systematization: You may write an SoK (systematization-of-knowledge) paper on a topic, reviewing the literature and identifying potential directions for future research. Real SoKs tend to cover ~100 papers; an SoK in the course might cover at least 15-20 papers. See [SoK1](https://owl.eu.com/papers/compartmentalization-sok-sp25.pdf), [SoK2](https://dl.acm.org/doi/pdf/10.1145/2988545), [SoK3](https://eprint.iacr.org/2016/613.pdf) to get an idea of what strong SoKs look like.

Graduate students who are working on their own research or identifying research directions for their PhD/MSc/MASc typically prefer option 1. Undergraduate students may decide to (and are recommended to) choose option 2 or 3, unless they are working in a team with graduate students. Please schedule a meeting with the instructor as soon as possible to discuss and finalize your project plans for the course.

The project deliverables will include a research proposal, a proposal presentation, a final presentation, and a final report. For reproducibility studies, the final report must also include an artifact. For more details, please check the project page.

Class schedule

Here is a tentative schedule of papers to be covered in the class.

-->

Date	Topic	Preparation material	Other resources
Sep 02	Imagine Day
Sep 04	Introduction, security overview, threat models		How to read a paper
Sep 09	Access control	[Access Control](https://pages.cs.wisc.edu/~remzi/OSTEP/security-access.pdf) (§55.1-55.3, 55.5-55.6) [Zanzibar](https://www.usenix.org/system/files/atc19-pang.pdf) (§1, 2.1, 2.3, 2.4, 3, 4)	[Qapla](https://aasthakm.github.io/files/sec17-qapla.pdf)
Sep 11	Information Flow Control	[Decentralized Label Model](https://www.cs.cornell.edu/andru/papers/iflow-tosem.pdf) (§1-3, 5) [Growlithe](https://aasthakm.github.io/files/sp25-growlithe.pdf) (§1-4, 5.1, 5.4)
Sep 11	*Register project team*
Sep 16	Software vulnerabilities	[Eternal War in Memory](https://nebelwelt.net/files/13Oakland.pdf)	[Stack smashing](https://thesquareplanet.com/blog/smashing-the-stack-21st-century/) [ROP attacks](https://hovav.net/ucsd/dist/geometry.pdf)
Sep 18	CFI and SFI	[CFI principles](https://users.soe.ucsc.edu/~abadi/Papers/cfi-tissec-revised.pdf) (§1, 2.1, 3, 4, 5) [SFI principles](https://cseweb.ucsd.edu/~dstefan/cse227-spring21/papers/tan:sfi.pdf) (§1-3, 5, 6)
Sep 23	Software-based sandboxing	[RLBox](https://www.usenix.org/system/files/sec20-narayan.pdf)
Sep 25	Hardware-accelerated compartmentalization	[Capacity](https://kha-dinh.github.io/assets/pdf/capacity.pdf)
Sep 25	*Project abstract due (1 page)*	[How to write a great research paper](https://www.microsoft.com/en-us/research/academic-program/write-great-research-paper/)
Sep 30	Regional holiday -- National Day for Truth and Reconciliation
Oct 01	*1st project check-in*
Oct 02	Modeling isolation abstractions	OSMosis (TBA)	[Survey](https://dl.acm.org/doi/pdf/10.1145/2988545)
Oct 07	Hardware isolation primitives	[Video](https://www.youtube.com/watch?v=MREwcSo0uz4)	[Getting Started with TEEs](https://github.com/Yuhala/tees-for-dummies)
Oct 07	*Project proposal due (3 pages)*
Oct 09	Secure applications in TEEs	[ReZone](https://www.usenix.org/system/files/sec22fall_cerdeira.pdf) (tentative)	[Sanctuary](https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_01A-1_Brasser_paper.pdf)
Oct 14	TCB for TEEs	[ACAI](https://n.ethz.ch/~sshivaji/publications/acai_usenix24.pdf) (tentative)	[StrongBox](https://fengweiz.github.io/paper/strongbox-ccs22.pdf)
Oct 14	*Peer review*
Oct 16	Cache-timing side-channels	[Flush+Reload](https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-yarom.pdf) (§1-5) [Prime+Probe](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7163050) (§1-6, 9)	[Survey](https://eprint.iacr.org/2016/613.pdf)
Oct 21	*Project proposal talks*	[How to give a great research talk](https://www.microsoft.com/en-us/research/academic-program/give-great-research-talk/)
Oct 23	Cache side-channel mitigations	[Constant-time technique](https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/secure-coding/mitigate-timing-side-channel-crypto-implementation.html) [Predictive Mitigation](https://www.cs.cornell.edu/andru/papers/ccs10.pdf)
Oct 28	Transient execution attacks	[Transient execution attacks and defenses](https://www.usenix.org/system/files/sec19-canella.pdf)	[Survey](https://dl.acm.org/doi/pdf/10.1145/3442479)
Oct 30	Transient execution attack mitigations	[Software Mitigations](https://www.usenix.org/system/files/sec23fall-prepub-278-zhang-zhiyuan.pdf) [Hardware Mitigations](https://www.intel.com/content/dam/develop/external/us/en/documents/336996-speculative-execution-side-channel-mitigations.pdf) (§2, 3)
Nov 04	Network side-channel attacks	[Beauty and the Burst](https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-schuster.pdf)
Nov 05	*2nd project check-in*
Nov 06	Network side-channel mitigations	[NetShaper](https://www.usenix.org/system/files/usenixsecurity24-sabzi.pdf)
Nov 11	Mid-term break
Nov 13	*Mid-term quiz*
Nov 18	AI systems & security overview	[MCP](https://arxiv.org/pdf/2503.23278) [ITBench](https://arxiv.org/pdf/2502.05352)
Nov 20	Prompt injection and jailbreaking	[Design Patterns](https://arxiv.org/pdf/2506.08837)
Nov 25	Agents and access risk	[Securing AI agents with IFC](https://arxiv.org/pdf/2505.23643)
Nov 27	*Final project presentation*
Dec 02	Project time
Dec 04	Project time
Dec 05	*Final project reports due (5 pages)*

(###) Additional reading

Academic Integrity

[UBC Academic Honesty and Integrity](https://academicintegrity.ubc.ca/)
[CS Department's Integrity Policy](https://www.cs.ubc.ca/students/undergrad/resources/academic-integrity)
[AI Use Policy](./aipolicy.html)

(###) Acknowledgements

UBC’s main Vancouver campus—including our classroom and other course spaces—is located on the traditional, ancestral and unceded territory of the Musqueam people. These lands have always been a place of learning for Musqueam youth, who were instructed in their culture, history, and tradition, and who in turn shared their knowledge with a new generation.