Building Usable Security

BCCS 3997, Spring 2025

Tentative schedule

The schedule may change based on class pacing + other needs

Date (class #) In-class focus/activities Due 11am before class Due 24h after class (will try to give in-class time to complete these)
January 27 (class 1) Introductions; What is usable S&P?; Brainstorming; Syllabus & class expectations
February 3 (class 2) Student presentations: individual project proposals

Lecture/activity: introduction to threat modealing

Activity (if time): group formation
Slides: Project proposals (individual) (1%) Group selection and tentative project plan (0.5%)

Individual: project selection reflection (0.5%)
February 10 (class 3) Student presentations: Presentation of sections 2-4 of design doc (project overview)

Slides: Presentation of sections 2-4 of design doc (1%)

Design doc: Draft of sections 2-4 (3.5%)
February 17 (class 4) Student presentations: Presentation of peer threat model analysis

Slides: Presentation of peer threat model analysis (1%)

Implementation: Implementation plan and git setup (1.75%)

Peer analysis: Threat model analysis of other projects (4%)
Threat model reflection (2%)
February 24 (class 5) Student presentations: Security best practices

Slides: Security best practices (3%)

Security best practices reflection (0.5%)
March 3 (class 6) TBD by class pacing:

Activity Implementation, design, security best-practices check-in

or

Student presentations: Security best practices PART II

March 10 (class 7) Student presentations: Status updates

Slides: short update presentation #1 (1%)

Design doc: draft of section 5 (4.5%)
March 17 (spring break)
March 24 (class 8) Student presentations: Design changes and roadblocks

Slides: Reflection on design changes and roadblocks (1%)

March 31 (class 9) Student presentations: Prototype demonstrations

Slides: Demo presentation (5%)

Implementation: Submit a list of technical requirements for your analysis team (by Thursday after class)
April 7 (class 10) Activity: Code, documentation, and test environment transferred to the analysis teams

Design doc: Draft of section 6.1 (4.5%)

Implementation: Code prepared to share with analysis team (10.5%)
April 14 (class 11) Student presentations: Present peer reviews

Group work: Make a plan for addressing peer reviews
Slides: presentation of peer analysis (1%)

Peer analysis: Peer analysis doc and issues noted via gitlab
Peer security analysis reflection (1%)
April 21 (class 12) Student presentations: Status udpate

Slides: short update presentation #2 (1%)

Implementation: Issues addressed and updated in gitlab (9%)
April 28 (class 13) workday / make-up day
May 5 (class 14) Student presentations: Final presentations

Slides: final presentations (5%)

May 12, 5pm (finals week) Design doc: finished document (Sections 1, 6.2, 6.3 are new) (8%)

Misc: Final reflection (individual) (2%)

Misc: Summary of individual contributions (individual) (1%)

Implementation: Finished code and test environment (10.5%)

.

Powered by w3.css