Building Secure Systems using Programming Languages and Analysis

Course organization

The course consists of lectures, readings, pre-lecture questions, and a project. Most of the work in this course consists of reading journal and conference papers. We will cover one paper for each class meeting. Active discussion will give you a non-trivial understanding of the material. The final project will give you an opportunity to explore a topic more deeply.


  • 30% Paper summaries and reading questions
  • 25% Class participation
  • 45% Final project (including presentation and write-up)

Paper summaries and reading questions

Prior to each lecture, please summarize each reading into 1-2 paragraphs. With some exceptions, each paper will also be accompanied with (one to two) questions that you are required to respond to. The questions will be posted on the reading list in the syllabus at least one day prior to the lecture devoted to that paper. Responses should be short and pithy. Our goal is to get you to think deeply about the paper, not to test you. You won’t be graded on the correctness of your answer but simply on whether you attempted to answer the question at all.

Class participation

Each student is expected to lead the discussion for (at least) one paper. Beyond this, we evaluate class participation largely by observing how prepared students are to discuss the covered paper when they come to class. This is not a trivial requirement because we expect papers to have been read thoroughly prior to lecture. Your paper summary and response to reading questions are a good opportunity to show that you understood the paper well.

Final project

In groups of 2-3, students are expected to work on a final project. The goal of the project is to do original research on a security problem, (hopefully) using techniques explored in this course. At the end of the quarter, you are expected to give a short presentation and write a short conference-style paper on the project.

We will have a list of project ideas shortly after the course starts, but students are also encouraged to come up with their own ideas. If you are already working on a research project that fits the theme of this course, please feel free to use this as your final project (but indicate that you are doing so).


The organization of this course was inspired by the Stanford CS 240 course. (Thanks to Dawson Engler, Sergio Benitez, and David Mazières!)