Secure Systems
Engineering, Spring 2024
Project Check-In 4
- In-class activity for: Tue Apr 16
- Due on: Mon May 6, 10p EST
- Collaboration: your project group of 4
- Grading: completion, out of 10 points
- One point for each question below
Introduction
Now that your code is submitted, it’s onto the next portion: the red
team. This check-in is designed to help you with that process, so it’s
due a bit later than the other check-ins.
Discuss each question with your group. Then, distill your discussion
into 2-3 sentences, and write up a response. Submit your responses to
all questions to Blackboard. Your responses to these questions are not
binding, but give them some thought as you talk among each other.
Status questions
This first set of questions pertains to your current status with
regards to your demo.
- How confident does your group feel about your submitted code?
Explain.
- How prepared does your group feel for the demo day? Explain.
Demo day assignments
The demo day is Tue May 7 during class time. Every demo day meeting will take place in the instructor’s office,
Steinman 638. Please make sure to bring a laptop that supports the
course VM. The following are the group assignments for the demo day:
| 1 |
6:30p – 6:45p |
| 2 |
6:55p – 7:10p |
| 3 |
7:20p – 7:35p |
| 4 |
7:45p – 8:00p |
| 5 |
8:10p – 8:25p |
Meetings will start promptly at the assigned time. Note that
all group members must be on-time for
your group to receive credit. The team leader should coordinate with all
members to ensure no one is late.
Organization questions
The next set of questions regards how you will plan out the remaining
tasks for the project. Make sure that you can answer the two questions
below before leaving for break.
- What is your group’s timeline to finish the red team analysis and
create the presentation? When and where will you meet?
- Are you able to set up and run the code that you received?
Planning questions
This final set of questions are designed to help you plan the
remainder of the project.
- Go through the voting machine code that you received. What parts of
the code correspond to the required voting machine functionality?
- What parts of the code appear not to be related to the required
functionality? This is likely where the vulnerabilities can be
found.
- Can you use the user interface to run the code corresponding to the
different functionality? This could mean that any vulnerabilities can be
exploited.
- What backdoors have you found in the code? How are they exploited?
How do they change the outcome of the election?
- What will be the content of your presentation? Go through the project description before answering this question,
so that your group is aware of the requirements.
- Who will present which part of the presentation? Note that every
group member must present for about an equal amount of time.
What to turn in
Upload the following to Blackboard before the due date above:
- A PDF containing the responses to the questions above
- Make sure to include screenshots where requested
- List all group members at the top of the document
Only one submission per group is necessary. Blackboard is set up with
your project groups for this check-in.