General Information

Catalog description | Class meetings | Who should take 6.5660 | Communication | Grading | Turn-in | Collaboration | Warning | Staff

MIT catalog description

Prereq.: 6.1020 and 6.1800

Design and implementation of secure computer systems. Lectures cover attacks that compromise security as well as techniques for achieving security, based on recent research papers. Topics include operating system security, privilege separation, capabilities, language-based security, cryptographic network protocols, trusted hardware, and security in web applications and mobile phones. Labs involve implementing and compromising a web application that sandboxes arbitrary code, supporting TLS certificates, and adding two-factor authentication.

Class meetings

Lectures will be held TR 2:30-4 in 26-100.

Who should take 6.5660?

6.5660 is primarily intended for seniors, M.Eng., and PhD students who want to learn about how to build secure computer systems in detail. 6.5660 counts as a systems TQE subject.


We will distribute assignments and announcements on the course web site. We expect students to check the 6.5660 schedule and Piazza frequently. If you hear a rumor, check it there.

Grading policy

Grades in 6.5660 will be based on the results of two quizzes (one in the middle of the term and one in final's week, 35% in total), labs 1-5 (55%), and class participation and homeworks (e.g., lecture question and reading answer) (together 10%). We expect students to attend the two quizzes at the time/location posted on the schedule.

Lab exercises will be graded on the correctness based on both the lab assignment and whether they fulfill the specifications imposed by the grading/checking scripts. Grading will be done with the unmodified Makefile and grading scripts, so you should pass all the tests without any modifications to those files.

Turn-in policy

Labs are due by 5pm on their due date (typically Friday). Lecture reading questions are due before lecture (2:30pm).

If you need an extension on a lab assignment due to extenuating circumstances, please contact MIT S3; we will give an extension on recommendation from an S3 dean. We will not accept late submissions of lecture reading questions.

If you have scheduling conflicts (e.g., need to attend a job interview, an athletic event), please plan in advance to turn in the assignments on time. If your plan failed and S3 will not recommend an extension, we will give a total of 3 late days for labs throughout the semester, to be used as whole days. You will need to contact the course staff to explain your situation and to get the extension added in Gradescope.


You may not collaborate on quizzes. You are welcome to discuss the labs with other students, but you should complete all assignments on your own, and you should carefully acknowledge all contributions of ideas by others, whether from classmates or from sources you have read.


You'll learn how to attack computer systems in this class in order to better understand how to design defenses. Please don't attack other people's computers or information without their prior permission. As well as being a bad idea, it may be illegal or a violation of MIT network rules and can get you into serious trouble. Don't do it.


E-Mail Office
Srini Devadas 32-G844
Nickolai Zeldovich 32-G994

Teaching assistants
Anish Athalye
Ben Kettle
Richard Liu
Ariel Szekely
Michael Wang

TA office hours
Time Location TA
Monday 12:00p-2:00p 24-310 Michael
Monday 4:00p-6:00p 24-310 Ben
Monday 7:00p-9:00p Zoom Anish
Tuesday 8:00a-10:00a 24-323 Anish
Tuesday 10:00a-12:00p Zoom Richard
Tuesday 5:00p-7:00p 24-323 Ariel
Wednesday 1:00p-3:00p 24-310 Richard
Wednesday 7:00p-9:00p Zoom Ben
Thursday 12:00p-2:00p Zoom Michael
Thursday 6:30p-8:30p Zoom Ariel

Course mailing list:
Use this mailing list to contact all the 6.5660 staff.