Secure Software Development (WS 2021/22)

Course Number 705022 | Wintersemester 2021/22


This course deals with the design and implementation of secure software. Especially memory corruption vulnerabilities such as buffer overflows, integer overflows or use-after-free bugs can be exploited by an attacker to bypass the intended program behavior and execute arbitrary payload in the worst case. We will look at various runtime mitigation techniques such as ASLR, stack canaries and data execution prevention exist. However, they can often be bypassed by more advanced exploitation techniques. Rather than preventing certain attacks, the ultimate goal is to eliminate memory corruption vulnerabilities and achieve "memory safety". We will discuss methods for debugging and bug discovery as well.


You can find the practicals and exam hacklets descriptions here: Material The slides are available here after the end of each lecture.
Date Type Topic Lecturer Material
Fr 01.10.2021 12:00 VO Organizational + Introduction I Daniel, Martin Slides
We 06.10.2021 10:15 KU Warmup handout David, Andreas Slides
Fr 08.10.2021 12:00 VO Introduction II Daniel -
We 13.10.2021 10:15 KU Defenselets handout Andreas, Nikolaus, Lukas Slides
Fr 15.10.2021 12:00 VO Memory Corruption I Martin, Marcel Slides
We 20.10.2021 10:15 KU Defenselets I Andreas, Nikolaus, Lukas Slides
Fr 22.10.2021 12:00 VO Memory Corruption II Martin, Marcel Slides
We 27.10.2021 10:15 KU Defenselets II Andreas, Nikolaus, Lukas Slides
Fr 29.10.2021 12:00 VO Exploits Vedad Slides - Annotated
We 03.11.2021 10:15 KU Question hour Andreas, Nikolaus, Lukas -
Fr 05.11.2021 12:00 VO Finding Bugs I Vedad Slides - Annotated
We 10.11.2021 10:15 KU Defensive handout David, Katharina Slides
Fr 12.11.2021 12:00 VO Finding Bugs II Vedad Slides - Annotated
We 17.11.2021 10:15 KU Defensive I David, Katharina -
Fr 19.11.2021 12:00 VO Defensive I Martin, Andreas Slides
Fr 26.11.2021 12:00 VO Defensive II Martin, Andreas Slides1-Slides2
We 01.12.2021 10:15 KU Question hour David, Katharina -
Fr 03.12.2021 12:00 VO Defensive III Lukas P. Slides
Fr 10.12.2021 12:00 VO Invited topic Invited speaker Slides

Administrative Information

Teaching Venue

This semester all lectures and tutorials are streamed online via Youtube. Questions can be asked via Youtube and Discord. We will have Discord live sessions with voice chat as well as text channels throughout the whole semester. The links to the streams and to Discord will be distributed per mail ahead of time, so make sure to register for the lecture and the practicals in TUGOnline.

How to get a grade for the lecture?

Written or Oral Exam (possibly virtual). Optional hacklets can be solved during the semester to earn bonus points for the exam.

How to get a grade for the practicals?

The grade consists of multiple practical assignments in combination with oral exams (possibly virtual).


  • Please contact us under or in the Discord channel which you will receive per mail.
  Below you can find the lecture dates exported from TUGOnline.


Daniel Gruß

Assistant Professor

View more
Vedad Hadžić

PhD Candidate

View more
Andreas Kogler

PhD Candidate

View more
David Schrammel

PhD Candidate

View more
Martin Schwarzl

External Lecturer

View more