General Information

MIT catalog description

Prereq.: 6.1020 and 6.1800
G
3-6-3

Design and implementation of secure computer systems. Lectures cover attacks that compromise security as well as techniques for achieving security, based on recent research papers. Topics include operating system security, privilege separation, capabilities, language-based security, cryptographic network protocols, trusted hardware, and security in web applications and mobile phones. Labs involve implementing and compromising a web application that sandboxes arbitrary code, supporting TLS certificates, and adding two-factor authentication.

Class meetings

Lectures will be held TR 2:30-4 in 26-100.

Who should take 6.5660?

6.5660 is primarily intended for seniors, M.Eng., and PhD students who want to learn about how to build secure computer systems in detail. 6.5660 counts as a systems TQE subject.

Communication

We will distribute assignments and announcements on the course web site. We expect students to check the 6.5660 schedule and Piazza frequently. If you hear a rumor, check it there.

Grading policy

Grades in 6.5660 will be based on the results of two quizzes (one in the middle of the term and one in final's week, 35% in total), labs 1-5 (55%), and class participation and homeworks (e.g., lecture question and reading answer) (together 10%). We expect students to attend the two quizzes at the time/location posted on the schedule.

Lab exercises will be graded on the correctness based on both the lab assignment and whether they fulfill the specifications imposed by the grading/checking scripts. Grading will be done with the unmodified Makefile and grading scripts, so you should pass all the tests without any modifications to those files.

Turn-in policy

Labs are due by 5pm on their due date (typically Friday). Lecture reading questions are due before lecture (2:30pm).

If you need an extension on a lab assignment due to extenuating circumstances, please contact MIT S3; we will give an extension on recommendation from an S3 dean. We will not accept late submissions of lecture reading questions.

If you have scheduling conflicts (e.g., need to attend a job interview, an athletic event), please plan in advance to turn in the assignments on time. If your plan failed and S3 will not recommend an extension, we will give a total of 3 late days for labs throughout the semester, to be used as whole days. You will need to contact the course staff to explain your situation and to get the extension added in Gradescope.

Collaboration

You may not collaborate on quizzes. You are welcome to discuss the labs with other students, but you should complete all assignments on your own, and you should carefully acknowledge all contributions of ideas by others, whether from classmates or from sources you have read.

Warning

You'll learn how to attack computer systems in this class in order to better understand how to design defenses. Please don't attack other people's computers or information without their prior permission. As well as being a bad idea, it may be illegal or a violation of MIT network rules and can get you into serious trouble. Don't do it.

Staff

Lecturers
Name	E-Mail	Office
Srini Devadas	devadas at csail.mit.edu	32-G844
Nickolai Zeldovich	nickolai at csail.mit.edu	32-G994

Teaching assistants
Name	E-Mail
Anish Athalye	aathalye at mit.edu
Ben Kettle	bkettle at mit.edu
Richard Liu	rtliu at mit.edu
Ariel Szekely	arielck at mit.edu
Michael Wang	mi27950 at mit.edu

TA office hours
Day	Time	Location	TA
Monday	12:00p-2:00p	24-310	Michael
Monday	4:00p-6:00p	24-310	Ben
Monday	7:00p-9:00p	Zoom	Anish
Tuesday	8:00a-10:00a	24-323	Anish
Tuesday	10:00a-12:00p	Zoom	Richard
Tuesday	5:00p-7:00p	24-323	Ariel
Wednesday	1:00p-3:00p	24-310	Richard
Wednesday	7:00p-9:00p	Zoom	Ben
Thursday	12:00p-2:00p	Zoom	Michael
Thursday	6:30p-8:30p	Zoom	Ariel

Course mailing list: 65660-staff@lists.csail.mit.edu
Use this mailing list to contact all the 6.5660 staff.