Martin Vechev: Katalogdaten im Frühjahrssemester 2019

NameHerr Prof. Dr. Martin Vechev
LehrgebietInformatik
Adresse
Inst. Programmiersprachen u. -syst
ETH Zürich, CAB H 69.1
Universitätstrasse 6
8092 Zürich
SWITZERLAND
Telefon+41 44 632 98 48
E-Mailmartin.vechev@inf.ethz.ch
URLhttp://www.srl.inf.ethz.ch/
DepartementInformatik
BeziehungOrdentlicher Professor

NummerTitelECTSUmfangDozierende
252-0029-00LParallele Programmierung Information 7 KP4V + 2UT. Hoefler, M. Vechev
KurzbeschreibungEinfuehrung in das parallele Programmieren: nicht-deterministische und deterministische Programme, Modelle fuer parallele Programme, Synchronization, Kommunikation und Fairness.
LernzielEinfuehrung in das parallele Programmieren: nicht-deterministische und deterministische Programme, Modelle fuer parallele Programme, Synchronization, Kommunikation und Fairness. Uebungen beschaeftigen sich mit Threads in moderne Programmiersprachen
(Java, C#) und die Ausfuehrung von parallelen Programmen auf
Multi-Prozessor/Multi-Core basierten Systemen.
252-0216-00LRigorous Software Engineering Information
Previously called Software Architecture and Engineering
8 KP4V + 3UZ. Su, M. Vechev
KurzbeschreibungThis course introduces both theoretical and applied aspects of software engineering and analysis. It covers:

- Software Architecture
- Informal and formal Modeling
- Design Patterns
- Code Refactoring
- Program Testing
- Dynamic Program Analysis
- Static Program Analysis
LernzielThe course has two main objectives:

- Understand, end-to-end (theoretical and practical), the core techniques for building quality software

- Understand how to apply these techniques in practice
InhaltSome of the core technical topics covered will be:

- modeling and mapping of models to code
- common code design patterns
- functional and structural testing
- dynamic and static analysis
LiteraturWill be announced in the lecture.
263-2925-00LProgram Analysis for System Security and Reliability Information 5 KP2V + 1U + 1AM. Vechev
KurzbeschreibungSecurity breaches in modern systems (blockchains, datacenters, AI, etc.) result in billions of losses. We will cover key security issues and how the latest automated techniques can be used to prevent these. The course has a practical focus, also covering systems built by successful ETH Spin-offs (ChainSecurity.com and DeepCode.ai).

More info: https://www.sri.inf.ethz.ch/teaching/pass2019
Lernziel* Learn about security issues in modern systems -- blockchains, smart contracts, AI-based systems (e.g., autonomous cars), data centers -- and why they are challenging to address.

* Understand how the latest automated analysis techniques work, both discrete and probabilistic.

* Understand how these techniques combine with machine-learning methods, both supervised and unsupervised.

* Understand how to use these methods to build reliable and secure modern systems.

* Learn about new open problems that if solved can lead to research and commercial impact.
InhaltPart I: Security of Blockchains

- We will cover existing blockchains (e.g., Ethereum, Bitcoin), how they work, what the core security issues are, and how these have led to massive financial losses.
- We will show how to extract useful information about smart contracts and transactions using interactive analysis frameworks for querying blockchains (e.g. Google's Ethereum BigQuery).
- We will discuss the state-of-the-art security tools (e.g., https://securify.ch) for ensuring that smart contracts are free of security vulnerabilities.
- We will study the latest automated reasoning systems (e.g., Dagger) for checking custom (temporal) properties of smart contracts and illustrate their operation on real-world use cases.
- We will study the underlying methods for automated reasoning and testing (e.g., abstract interpretation, symbolic execution, fuzzing) are used to build such tools.

Part II: Machine Learning for Security

- We will discuss how machine learning models for structured prediction are used to address security tasks, including de-obfuscation of binaries (Debin: https://debin.ai), Android APKs (DeGuard: http://apk-deguard.com) and JavaScript (JSNice: http://jsnice.org).
- We will study to leverage program abstractions in combination with clustering techniques to learn security rules for cryptography APIs from large codebases.
- We will study how to automatically learn to identify security vulnerabilities related to the handling of untrusted inputs (cross-Site scripting, SQL injection, path traversal, remote code execution) from large codebases.

Part III: Security of Datacenters and Networks

- We will show how to ensure that datacenters and ISPs are secured using declarative reasoning methods (e.g., Datalog). We will also see how to automatically synthesize secure configurations (e.g. using SyNET and NetComplete) which lead to desirable behaviors, thus automating the job of the network operator and avoiding critical errors.
- We will discuss how to apply modern discrete probabilistic inference (e.g., PSI and Bayonet) so to reason about probabilistic network properties (e.g., the probability of a packet reaching a destination if links fail).

Part IV: Security of AI-based Systems

- We will look into the security issues related to modern systems that combine machine learning models (e.g., neural networks) within traditional systems such as cars, airplanes, and medical systems.
- We will learn state-of-the-art techniques for security testing and certifying entire AI-based systems, such as autonomous driving systems.

To gain a deeper understanding, the course will involve a hands-on programming project where the methods studied in the class will be applied.
263-2930-00LBlockchain Security Seminar Information Belegung eingeschränkt - Details anzeigen
Number of participants limited to 22.

The deadline for deregistering expires at the end of the second week of the semester. Students who are still registered after that date, but do not attend the seminar, will officially fail the seminar.
2 KP2SM. Vechev, D. Drachsler Cohen, P. Tsankov
KurzbeschreibungThis seminar introduces students to the latest research trends in the field of blockchains.
LernzielThe objectives of this seminar are twofold: (1) learning about the blockchain platform, a prominent technology receiving a lot of attention in computer Science and economy and (2) learning to convey and present complex and technical concepts in simple terms, and in particular identifying the core idea underlying the technicalities.
InhaltThis seminar introduces students to the latest research trends in the field of blockchains. The seminar covers the basics of blockchain technology, including motivation for decentralized currency, establishing trust between multiple parties using consensus algorithms, and smart contracts as a means to establish decentralized computation. It also covers security issues arising in blockchains and smart contracts as well as automated techniques for detecting vulnerabilities using programming language techniques.
264-5811-00LProgramming Systems Seminar Information Belegung eingeschränkt - Details anzeigen
Findet dieses Semester nicht statt.
The seminar is open to assistants of the Chair of Programming Methodology and the Software Reliability Lab (Department of Computer Science). Others should contact the instructors.
2 KP2SP. Müller, M. Vechev
KurzbeschreibungThis graduate seminar provides doctoral students in computer science a chance to read and discuss current research papers. Enrollment requires permission of the instructors. Credit units are granted only to active participants.
LernzielLearn about current research results in the area of programming languages, static program analysis, program verification, and related areas; practice of scientific presentations.
InhaltThe seminar will explore different topics from a research perspective.
SkriptSupporting material will be distributed during the seminar.
Voraussetzungen / BesonderesThe seminar is open to assistants of the Chair of Programming Methodology and the Software Reliability Lab (Department of Computer Science). Others should contact the instructors.