SecAppDev 2020 Lecture Details
Introduction to low-level software security
Tuesday March 10, 11:00 - 12:30
Learn about memory management vulnerabilities, the attack techniques to exploit them, and the countermeasures that can be taken to defend against them.
Languages like C or C++ are still very popular for low-level programming, for instance in systems programming, or for programming IoT devices. However, the use of these languages carries significant security risks. Memory management vulnerabilities in software developed in these languages have been and continue to be the most critical security vulnerabilities in software systems.
This session will discuss these vulnerabilities, the attack techniques to exploit them, and the countermeasures that can be taken to defend against them from first principles.
The security risks of programming in languages like C/C++ and how to deal with these risks.
Anyone involved with developing or testing software in C or C++
Participants need to know C well enough to read simple C programs, and must have a basic understanding of operating systems and compilers.
Full professor, KU Leuven
Frank Piessens is a full professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium. His research field is software security, where he focuses on the development of high-assurance techniques to deal with implementation-level software vulnerabilities and bugs, including techniques such as software verification, run-time monitoring, hardware security architectures, type systems and programming language design.
Related low-level security sessions
Hands-on introduction to Rust
Haven't done any Rust? Want to know what makes Rust so special? Want the ability to ask two highly experienced Rust developers nuanced questions? Join us as we go hands-on with Rust, starting from an empty file and learning about the Rust ecosystem, pervasive and unique-to-Rust concepts, and areas where Rust truly shines.
Low-level security Thursday March 12, 09:00 - 17:30
Trusted Execution and how far you can trust it
Lecture by Jan Tobias Muehlberg
Modern processors provide Trusted Execution Environments that allow you to protect software components even from an untrusted operating system. Learn when and how to use them!
Low-level security Wednesday March 11, 09:00 - 10:30
Security of embedded devices - an introduction
Lecture by Lennert Wouters
This session introduces the main components of the embedded device ecosystem and some of the common security pitfalls. We do this by looking at real world examples and by demonstrating easy to use techniques.
Low-level security Friday March 13, 09:00 - 10:30