ENSF619 (Winter 2025) Syllabus

This course examines issues related to the security of computer software, a field which holds many challenging problems and opportunities for research. With guidance from the professor, students will survey recent software security publications, develop a novel research project, and produce their own research paper. It is important to understand that the class is designed for students that have working knowledge of computer systems and software development, and want to delve deeper in the area of software security fields. The instructor will not review basic concepts, or provide training on the basics of programming and computer organization. However, no previous cybersecurity expertise is required - the class is designed to be accessible to senior undergraduate and grad students that want to move their first steps in the area of software security research.

1. Undergraduate- or graduate-level coursework in programming and computer system organization, or equivalent experience
2. Ability to work creatively and independently. This class requires to (a) produce reviews of scientific publications and present such publication to the class, and (b) complete a research-oriented project. While the instructor will provide guidance for both tasks, students are expected to think critically and manage day-to-day project activities on their own. Please look at the project description page to make sure it matches your expectations and skills.
3. Curiosity and willingness to work on a semester-long, open-ended class project.

This section lists general class policies that students are expected to follow. Failure to follow any of these policies will result in a failing grade for the student.

1. Attendance: attendance is required; each student may miss up to four classes. Exceptions to this policy may be provided at thediscretion of the instructor. Students that - expectedly or unexpectedly - exceed the number of allowed misses are encouraged to contact the instructor as early as possible (ideally before missing the class).
2. Completing assignments: all students are expected to complete all required assignments. All assignments must be delivered by the stated deadline.
3. Taking in class-exams: it is the responsibility of each student to be present for in-class exams. No alternate test times or locations will be provided, unless required by an accommodation letter.
4. Good behavior: students are expected to be respectful of their classmates and the instructors. Students shall not create disruption in class, and/or act aggressively and disrespectfully.
5. Attribution of collaborative work: student working on team assignments (e.g., class project) must provide a statement (typically in their final project report) clearly describing the contribution of each student, and stating that all students agree with the description. Such statement must be signed by all students on the team.

No Required Textbook: There is no text for this course. We will cover a number of important papers in the field. The papers will be available on the class web site. Each lecture will covers the paper(s) listed in the syllabus. You are required to read and review the paper(s) prior to the lecture. Also, anything presented in the papers (even if not discussed in class) may be the subject of questions in midterms and finals.

The class will include the following graded activities:

1. Paper reviews 20%
2. In-class paper presentation 10%
3. Midterm #1 15%
4. Midterm #2 15%
5. Final project 40%

If all activities are completed, the final grade will depend on the weighted sum of all scores (adjusted based on the overall class performance).

Students will be expected to produce reviews for the papers that we are going to discuss in class, and deliver them by the end of the day before class. Students may miss up to two reviews per semester. It is acceptable to deliver reviews in advance, but no earlier than a week before the paper is going to be discussed. In order to submit their work, students must post their review in the discussion topic referring to the assigned paper in D2L (more instructions will be provided soon). No review will be due in the first week of classes.

As part of the class, each student will need to pick and present two of the assigned readings to the class. In doing so, the student will act as "instructor for a day", introducing their classmates to the concepts in the paper and facilitating discussion and debate on the paper. Each student must contact the instructor within the first week of classes with a list of no less of three papers they are interested in presenting, sorted in order of preference. The instructor will assign one paper to each students on a first-come, first-served basis, attempting to match the preferences of each student.

Preparing a viable presentation is a sizable effort and students are encouraged to begin preparation well in advance. The assigned speaker must prepare sufficient material to cover a 45-minute time slot. During the presentation, the speaker must engage with the rest of the class by asking questions and soliciting opinions. The presentation must cover the paper assigned for that lecture, but it is not limited to the paper - the student can choose to also discuss background topics, or other interesting papers within the same area. If unsure about what to discuss in their presentation, students are invited to timely contact the instructor.

There will be two midterm exams, both in-class; there is no final exam.

The first midterm exam will cover material for the first half of the class in details; the second midterm exam will cover both the second half of the class in details, and important concepts from the first half of the class.

The class will involve completing a large-scale, semester-long research-oriented project. This project will require students to work in pairs and involve a research-oriented assignment, different for every pair. Assignments for the project will be discussed with students and will involve proof-of-concept implementation and evaluation of novel tools/algorithms. A detailed description of the class project can be found on the class website.

The project will entail producing (i) an initial project plan, (ii) a set of intermediate project deliverables to be delivered throughout the semester, (iii) a final project packet including a project report (akin to a mini-scientific paper presenting the main results) and the project's implementation, and (iv) an oral in-class project presentation. The final grade will take into account the quality of all deliverables above. More information on the final projects will be provided during the semester.

While students are encouraged to engage in critical discussion and review of the class topics and papers, every activity must be completed individually and consist of the student's original contribution. The only exception is the class project, which requires students to work in teams. Plagiarism (e.g. reusing substantial amount of material by other people, without making it explicit) in one of the activities will cause the student to receive a failing grade in the class and may bring more serious consequences at the University level.

In general, information about expectations and policies concerning student conducts, student rights, and related topics are described in the University of Calgary Academic Misconduct Policy. Students are responsible for following the rules and guidelines established by the University.

This syllabus may change at the discretion of the instructor.