6.566 / Spring 2026

The lectures cover a broad overview of systems security together with a deeper focus on several topics: isolation techniques, privilege separation, dealing with buggy code, and networked and distributed systems.

Links to notes etc. on future days are copies of materials from last year, to give you an idea of what the future will bring. We will update the notes as the course progresses. The year of publication for class readings are shown in parentheses.

Monday Tuesday Wednesday Thursday Friday

feb 2
First day of classes feb 3
LEC 1: Introduction, threat models (video)
Preparation: Optionally read about what a modern vulnerability looks like (2026)
Assigned: Lab 1: Buffer overflows feb 4 feb 5
LEC 2: OS and VM isolation (video)
Preparation: Read about OS and VM isolation (Question) feb 6

feb 9 feb 10
LEC 3: Software fault isolation (video)
Preparation: Read about WebAssembly (Question) feb 11 feb 12
LEC 4: Trusted hardware (video)
Preparation: Read BitLocker (2006), sections 1-2 (Question) feb 13
DUE: Lab 1 part 1
DUE: Lab 1 part 2

feb 16
Presidents day feb 17
Monday schedule feb 18 feb 19
Hacking day: no class meeting, work on lab
Assigned: Lab 2: Privilege separation feb 20
DUE: Lab 1 all parts

feb 23 feb 24
LEC 5: Privilege separation (video)
Preparation: Read OpenSSH (2003) (Question) feb 25 feb 26
LEC 6: Data center infrastructure (video)
Preparation: Read Google Infrastructure Security (2024) and BeyondProd (2024) (Question) feb 27
DUE: Lab 2 part 1

mar 2 mar 3
LEC 7: Mobile phone security (video)
Preparation: Read about iOS Security (Question) mar 4 mar 5
LEC 8: Web security model (video)
Preparation: Read about web security (2022) (Question) mar 6
DUE: Lab 2 parts 2+3
ADD DATE

mar 9 mar 10
LEC 9: Buffer overflow defenses (video)
Preparation: Read Baggy bounds checking (2009) + errata (Question)
Assigned: Lab 3: Symbolic execution mar 11 mar 12
LEC 10: Symbolic execution (video)
Preparation: Read EXE: Automatically generating inputs of death (2006) (Question) mar 13
DUE: Lab 2 all parts

mar 16 mar 17
LEC 11: Verification (video)
Preparation: Read TickTock (2025) (Question) mar 18 mar 19
Quiz 1: Covers lectures 1-12 and labs 1-2
Reference: Past quizzes, solutions
Materials: Open laptop
Time and Location: 2:30-4p in 45-230 mar 20
Assigned: Lab 4: Browser security

mar 23
Spring vacation mar 24
Spring vacation mar 25
Spring vacation mar 26
Spring vacation mar 27
Spring vacation

mar 30 mar 31
Hacking day: no class meeting, work on lab apr 1 apr 2
LEC 12 (guest): Supply chain security (Russ Cox) (video)
Preparation: Read 50 years of open-source supply chain (2025) apr 3
DUE: Lab 3 part 1

apr 6 apr 7
LEC 13: Network security (video)
Preparation: Read about network security (Question) apr 8 apr 9
LEC 14: Secure channels (video)
Preparation: Read TLS 1.3 blog post (2018) (Question) apr 10
DUE: Lab 3 all parts
Assigned: Lab 5: ACME + WebAuthn

apr 13 apr 14
LEC 15: Certificates (video)
Preparation: Read Let's Encrypt (2019) (Question) apr 15 apr 16
LEC 16: User authentication (video)
Preparation: Read U2F (2016) and optionally from U2F to passkeys (2023) (Question) apr 17
DUE: Lab 4 part 1

apr 20
Patriots day apr 21
Hacking day: no class meeting, work on lab
DROP DATE apr 22 apr 23
Hacking day: no class meeting, work on lab apr 24
DUE: Lab 4 all parts

apr 27 apr 28
LEC 17: Messaging security (video)
Preparation: Read Analysis of Signal (2019), sections 1-3 (Question) apr 29 apr 30
LEC 18 (guest): TBD (Anish Athalye) (video) may 1
DUE: Lab 5 part 1

may 4 may 5
LEC 19: Key transparency (video)
Preparation: Read CONIKS (2015) (Question) may 6 may 7
LEC 20 (guest): Information security in real life (Colby Morgan) (video) may 8
DUE: Lab 5 all parts

may 11 may 12
LEC 21: Anonymous communication (video)
Preparation: Read Tor (2004) and blog posts 1, 2, and 3 (2012) (Question)
Last day of classes may 13 may 14 may 15
Final exam: Emphasis on lectures 13-24 and labs 3-5
Reference: Past quizzes, solutions
Materials: Open laptop
Time and Location: TBD

may 18
Final exam: Emphasis on lectures 13-24 and labs 3-5
Reference: Past quizzes, solutions
Materials: Open laptop
Time and Location: TBD may 19
Final exam: Emphasis on lectures 13-24 and labs 3-5
Reference: Past quizzes, solutions
Materials: Open laptop
Time and Location: TBD may 20
Final exam: Emphasis on lectures 13-24 and labs 3-5
Reference: Past quizzes, solutions
Materials: Open laptop
Time and Location: TBD may 21 may 22

Monday	Tuesday	Wednesday	Thursday	Friday
feb 2 First day of classes	feb 3 LEC 1: Introduction, threat models (video) Preparation: Optionally read about what a modern vulnerability looks like (2026) Assigned: Lab 1: Buffer overflows	feb 4	feb 5 LEC 2: OS and VM isolation (video) Preparation: Read about OS and VM isolation (Question)	feb 6
feb 9	feb 10 LEC 3: Software fault isolation (video) Preparation: Read about WebAssembly (Question)	feb 11	feb 12 LEC 4: Trusted hardware (video) Preparation: Read BitLocker (2006), sections 1-2 (Question)	feb 13 DUE: Lab 1 part 1 DUE: Lab 1 part 2
feb 16 Presidents day	feb 17 Monday schedule	feb 18	feb 19 Hacking day: no class meeting, work on lab Assigned: Lab 2: Privilege separation	feb 20 DUE: Lab 1 all parts
feb 23	feb 24 LEC 5: Privilege separation (video) Preparation: Read OpenSSH (2003) (Question)	feb 25	feb 26 LEC 6: Data center infrastructure (video) Preparation: Read Google Infrastructure Security (2024) and BeyondProd (2024) (Question)	feb 27 DUE: Lab 2 part 1
mar 2	mar 3 LEC 7: Mobile phone security (video) Preparation: Read about iOS Security (Question)	mar 4	mar 5 LEC 8: Web security model (video) Preparation: Read about web security (2022) (Question)	mar 6 DUE: Lab 2 parts 2+3 ADD DATE
mar 9	mar 10 LEC 9: Buffer overflow defenses (video) Preparation: Read Baggy bounds checking (2009) + errata (Question) Assigned: Lab 3: Symbolic execution	mar 11	mar 12 LEC 10: Symbolic execution (video) Preparation: Read EXE: Automatically generating inputs of death (2006) (Question)	mar 13 DUE: Lab 2 all parts
mar 16	mar 17 LEC 11: Verification (video) Preparation: Read TickTock (2025) (Question)	mar 18	mar 19 Quiz 1: Covers lectures 1-12 and labs 1-2 Reference: Past quizzes, solutions Materials: Open laptop Time and Location: 2:30-4p in 45-230	mar 20 Assigned: Lab 4: Browser security
mar 23 Spring vacation	mar 24 Spring vacation	mar 25 Spring vacation	mar 26 Spring vacation	mar 27 Spring vacation
mar 30	mar 31 Hacking day: no class meeting, work on lab	apr 1	apr 2 LEC 12 (guest): Supply chain security (Russ Cox) (video) Preparation: Read 50 years of open-source supply chain (2025)	apr 3 DUE: Lab 3 part 1
apr 6	apr 7 LEC 13: Network security (video) Preparation: Read about network security (Question)	apr 8	apr 9 LEC 14: Secure channels (video) Preparation: Read TLS 1.3 blog post (2018) (Question)	apr 10 DUE: Lab 3 all parts Assigned: Lab 5: ACME + WebAuthn
apr 13	apr 14 LEC 15: Certificates (video) Preparation: Read Let's Encrypt (2019) (Question)	apr 15	apr 16 LEC 16: User authentication (video) Preparation: Read U2F (2016) and optionally from U2F to passkeys (2023) (Question)	apr 17 DUE: Lab 4 part 1
apr 20 Patriots day	apr 21 Hacking day: no class meeting, work on lab DROP DATE	apr 22	apr 23 Hacking day: no class meeting, work on lab	apr 24 DUE: Lab 4 all parts
apr 27	apr 28 LEC 17: Messaging security (video) Preparation: Read Analysis of Signal (2019), sections 1-3 (Question)	apr 29	apr 30 LEC 18 (guest): TBD (Anish Athalye) (video)	may 1 DUE: Lab 5 part 1
may 4	may 5 LEC 19: Key transparency (video) Preparation: Read CONIKS (2015) (Question)	may 6	may 7 LEC 20 (guest): Information security in real life (Colby Morgan) (video)	may 8 DUE: Lab 5 all parts
may 11	may 12 LEC 21: Anonymous communication (video) Preparation: Read Tor (2004) and blog posts 1, 2, and 3 (2012) (Question) Last day of classes	may 13	may 14	may 15 Final exam: Emphasis on lectures 13-24 and labs 3-5 Reference: Past quizzes, solutions Materials: Open laptop Time and Location: TBD
may 18 Final exam: Emphasis on lectures 13-24 and labs 3-5 Reference: Past quizzes, solutions Materials: Open laptop Time and Location: TBD	may 19 Final exam: Emphasis on lectures 13-24 and labs 3-5 Reference: Past quizzes, solutions Materials: Open laptop Time and Location: TBD	may 20 Final exam: Emphasis on lectures 13-24 and labs 3-5 Reference: Past quizzes, solutions Materials: Open laptop Time and Location: TBD	may 21	may 22