VVZ API is not affiliated with ETH Zurich. Data might be outdated or incorrect. Please view the official ETHZ Vorlesungsverzeichnis for binding information.

252-1414-00L 7 Credits MSC , WBZ D-ITET , D-INFK , D-MATH , D-GESS

You're viewing possible stale or outdated data. Please check the latest semester for more up-to-date information.

System Security

Lecturers & Examiners: Prof. Dr. Srdjan Capkun, Prof. Dr. Adrian Perrig

VVZ CR 3.48

Last Updated: 2026-02-05 15:48:26

Abstract

The first part of the lecture covers individual system aspects starting with tamperproof or tamper-resistant hardware in general over operating system related security mechanisms to application software systems, such as host based intrusion detection systems. In the second part, the focus is on system design and methodologies for building secure systems.

Objective

In this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems, and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met.

Content

The first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc. In the second part, the focus is on system design and methodologies for building secure systems. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, language-supported security, logging and auditing (BSM audit, dtrace, ...), cryptographic support, and trustworthy computing (TCG, SGX). Along the lectures, model cases will be elaborated and evaluated in the exercises.

Resources

Learning Materials (Links)

Main link
Course Webpage

General Information

Language: English
Levels: MSC , WBZ
Frequency: Yearly recurring

Examination

Type: session examination
Mode: written 90 minutes
Aids: Keine

Grading: 20% exercises and related reports (compulsory continuous performance assessments), 80% final exam.

Course Components

Type	Title	Time & Place	Hours
lecture	System Security	Mon 10:15-12:00 (HG D 1.2)	2 h weekly
exercise	System Security The exercises begin in the second week of the semester.	Thu 14:15-16:00 (HG D 3.2) Thu 16:15-18:00 (CAB G 11)	2 h weekly
independent project	System Security	No time listed	2 h weekly

Offered In

Computer Science Master
- Master Studies (Programme Regulations 2020)
  - Majors
    - Major in Secure and Reliable Systems
      - Core Courses
    - Major in Data Management Systems
      - Elective Courses
  - Minors
    - Minor in Information Security
    - Minor in Systems Software
- Master Studies (Programme Regulations 2009)
  - Focus Courses
    - Focus Courses in Distributed Systems
      - Focus Core Courses Distributed Systems
    - Focus Courses General Studies
      - Core Focus Courses General Studies
Electrical Engineering and Information Technology Master
- Master Studies (Programme Regulations 2018)
  - Computers and Networks (The core courses and specialisation courses below are a selection for students who wish to specialise in the area of "Computers and Networks", see . The individual study plan is subject to the tutor's approval.)
    - Core Courses (These core courses are particularly recommended for the field of "Computers and Networks". You may choose core courses form other fields in agreement with your tutor. A minimum of 24 credits must be obtained from core courses during the MSc EEIT.)
      - Advanced Core Courses (Advanced core courses bring students to gain in-depth knowledge of the chosen specialization. They are MSc level only.)
- Master Studies (Programme Regulations 2008)
  - Major Courses (A total of 42 CP must be achieved during the Master Programme. The individual study plan is subject to the tutor's approval.)
    - Computers and Networks
      - Core Subjects (These core subjects are particularly recommended for the field of "Computers and Networks".)
CAS in Computer Science
- Focus Courses and Electives
Science, Technology, and Policy Master
- Minor in Natural Sciences and Engineering
  - Data and Computer Science
Data Science Master
- Core Courses
  - Core Electives
DAS in Cyber Security
- Core Courses
Cyber Security Master
- Field of Specialization
  - Core Courses
- Minor
  - Data Management Systems
    - Elective Courses