Exploiting Modern C++: Building Highly-Dependable Software [2019 Class Archive]

“Exploiting Modern C++: Building Highly-Dependable Software” is a two-day training course with programming exercises taught by Matthew Butler. It is offered at the Gaylord Rockies from 9AM to 5PM on Saturday and Sunday, September 21st and 22nd, 2019 (immediately following the conference). Lunch is included.

Course Description

Writing secure code is often shrouded in mystery. But writing secure code begins with robust designs and high-quality, bug-free code. Both are designed to withstand the daily punishment of users who unintentionally cause them to fail and those who seek to exploit their weaknesses. The difference between a garden variety bug and a security vulnerability lies in how close that bug is to an attack surface. But if you write high-quality, bug-free code on robust architectures you are most of the way to having secure, highly-dependable systems.

So how do you build secure architectures and write high-quality, bug-free code? In this class we’ll learn how to design, write, review and test code to its highest quality. And in the process we’ll learn how to build highly-dependable, secure systems.

Why do systems written in Modern C++ that have been code reviewed and tested fail in the field?

How do small bugs undermine the very security and robustness that we build into our systems?

How do you recognize those vulnerabilities during code reviews?

What tools are available for testing a system for stability and security?

In this hands-on course, we’ll answer all these questions and more as you learn the ways that systems can be compromised by ordinary users and not-so ordinary ones. The vulnerabilities we’ll explore are drawn from real-world examples that were found in real-world code bases. All had real-world consequences. In fact, you probably have most or all of these in your code base right now.

By the end of the course, you will have learned:

  • How to identify stability and security vulnerabilities in code you didn’t write.
  • How to analyze a system using threat modeling and architecture analysis.
  • How to use different testing techniques to expose each vulnerability, including: static analysis, dynamic analysis, fuzz testing, penetration testing.
  • How to deploy these design, coding and testing techniques into your own development environments.

We’ll also cover:

  • How to build safety and security into Modern C++ applications from the early design stages.
  • How code structure and coding decisions affect security and stability outcomes.
  • How to design secure systems and write secure code.
  • Best practices for writing secure code for an insecure world.

Want to know how your code can be exploited? After this workshop, you’ll know exactly how it happens. More importantly, you’ll know exactly what to do to stop it.

Course Topics

This two day course is a hands-on workshop where students will explore and practice exploiting known vulnerabilities written in Modern C++. Then they’ll use testing techniques to find those vulnerabilities and fix them.

Day 1:

Lecture: The mistakes we make in our code that brings down our software and how hacker’s view our systems. They are fully focused on their goals and objectives, are we?

Lecture: Architecture Analysis and Threat Modeling techniques.

Exercise: Students will analyze the system’s architecture and threat model it as a whole to identify potential failure points, attack surfaces and attack vectors.

Lecture: Code review techniques for safety and security.

Exercise: Students will use code review techniques to review source code and learn what to look for in specific types of bugs and security vulnerabilities.

Lecture: Penetration techniques and tools.

Exercise: Capture-the-Flag exercise where students will practice penetrating into the system from the outside just like a hacker would.

Day 2:

Lecture: Secure designs, code structure and techniques for writing hardened code.

Lecture: Testing strategies and tools for safety and security.

Exercise: Static Analysis

Exercise: Dynamic Analysis

Exercise: Fuzz Testing

Exercise: Penetration Testing

Exercise: Capture-the-Flag exercise on the now secure system.

Lecture: Best Practices for secure software design.

Prerequisites

Students should have a basic knowledge of C++ including C++11 and have some experience debugging code.

Students are not required to bring a laptop. However this is an interactive class where we will be working on a running system so a laptop is helpful.

For those using laptops, please have the latest versions of VirtualBox and Visual Studio installed. All other tools will be provided before class begins.

Course Instructor

Matthew Butler

Matthew Butler has spent the last three decades as a systems architect and software engineer developing systems for network security, law enforcement and the military. He primarily works in signals intelligence using C, C++ and Modern C++ to build systems running on hardware platforms ranging from embedded micro-controllers to FPGAs to large-scale airborne platforms.

Much of his experience has come in either building systems that defend against attackers or building highly sensitive systems that are targets. He is actively involved in the C++ community and is on various planning committees for C++Now and CppCon as well as being a speaker at both. He is also a member of the ISO C++ Standards Committee.

Over the past thirty years, he has learned the harsh lessons on how we often write systems that fail, not because they don’t scale, but because they aren’t designed to be secure.

He can be reached at mbutler@laurellye.com