teaching

Software Verification and Analysis

Stellenbosch University

• Years: 2025.
• Role: Part-time Lecturer.
• Responsibilities:
  • Lectures
  • Assignment and exam creation

Introduction to various techniques for software quality management, including verification and static analysis tools and techniques for finding subtle concurrency bugs. The course will cover topics such as Software Testing, Model checking, Symbolic Execution, Linearisability, and Static Analysis. The course is assessed via practical assignments that require applying your knowledge to find bugs and solve problems using the various tools.

Vulnerability Discovery and Exploitation

Stellenbosch University

• Years: 2021, 2024, 2025.
• Role: Module Coordinator.
• Responsibilities:
  • Assignment and exam creation
  • Grading
  • Material management
  • Student communication.

This module provides an introduction to the discovery and exploitation of vulnerabilities in software systems. Taking on the attacker perspective, we begin by reasoning about the circumstances that turn seemingly minor programming flaws into gateways for unauthorized access. We learn how to uncover attack surface, determine trust relationships, review code for design and implementation flaws and demonstrate their exploitability.

With these practical experiences in mind and an appreciation for the difficulty of the task, we proceed to focus on methods for automating parts of the discovery process, both via static and dynamic program analysis. We learn about fuzz testing and instrumentation, static analysis of control- and data flow, the usefulness of type systems for vulnerability discovery, and variant analysis based on intermediate graph representations of code.