Please expand the respective lecture unit to view the detailed course content. 

• Part I: Administrative
  • Introduction to the course staff and tutors
  • Organization of the lectures, tutorials, homework exercises, and exams
  • Introduction to the course tools and textbooks
• Part II: Introduction to Software Engineering
  
  • Explain the basic terminology: software engineering and activities
  • Abstraction
  • System modeling with UML
• Part III: Software engineering models
  
  • Defined (e.g., Waterfall model) and agile methods (e.g., Scrum)
  • Applying agile methods in software engineering projects
  • A note on tactical vs. strategic programming
• Part IV: Course overview
  • Course focus: Cloud software engineering
  • An overview of software engineering activities in the cloud
• Part V: Introduction to Cloud Computing
  • What is cloud computing?
  • Why is it important for software engineering?
  • Cloud hardware architecture
    • Data center and cloud infrastructure
    • Virtualization: Compute, storage, & network
  • Types of cloud services
    • IaaS, PaaS, and SaaS
  • Types of cloud infrastructure
    • Public, private, and hybrid cloud

• Part I: System design requirements
  • Requirements engineering
  • Stages in requirements engineering
  • Functional vs non-functional requirements
  • Non-functional requirements
    • Scalability
    • Reliability
    • Availability
    • Performance
    • Security
    • Maintainability
    • Deployability
    • Monitoring
• Part II: Software architectures
  • What is a software architecture?
  • An overview of the cloud software architectures
• Part III: Client-server architecture
  • Architecture overview
  • Communication layer
    • REST
    • Remote procedure calls (RPC) via gRPC
    • Serialization and deserialization of structured data using Protbuf
• Part IV: Layered architecture
  • Architecture overview
  • Subsystem decomposition: layered architectures
    • Ubiquitous adoption of layered architectures in systems
    • Open vs closed layered architectures
    • Different layers, different abstraction
    • Pulldown the complexity downward
  • Three-tier architectures
    • Definition of tiers
• Part V: Monolithic architectures
  • Architecture overview
  • Deployment models
  • Advantages
  • Limitations
• Part VI: Microservice architectures
  • Architecture overview
  • Advantages/drawbacks of microservice architectures
  • How to design and build a simple microservice application

• Part I: System design challenges
  • Software complexity and the quest for simplicity
  • Design goals
  • System design trade-offs
  • Hints for computer system designs
• Part II: Modularity
  • System decomposition into sub-systems/components
  • Subsystem decomposition: Modules
    • Create an initial subsystem decomposition
    • Differentiate between coupling and cohesion
  • Pattern implementation:
    • Facade pattern
  • Interface design
    • Shallow vs deep modules: The trade-offs between interface and functionality
    • General purpose modules are deeper
    • Information hiding (and leakage) principle
• Part III: Data management
  • What are data management systems?
  • Key-value stores (KVS) (In-memory/Persistent)
  • Filesystems 
  • Shared log
  • Databases
• Part IV: Pattern implementation
  • MVC pattern

• Part I: Performance
  • • Performance metrics: Latency, throughput, utilization, SLAs
    • A systems approach to designing for performance
    • Measurement-driven approach to building high-performance systems
      • Identifying bottlenecks (time-based profiling)
      • Automated performance profiling tools (Linux perf and Flamegraphs)
    • Design hints for performance:
      • Resource splitting
      • Caching
      • Compute in the background
      • Batch processing
      • Parallelism
• Part II: Concurrency (or Scale Up!)
  • • Why Concurrency?
      • Single-node parallelism: multicores, accelerators, smart devices (SSDs/NICs)
    • Process vs threads
    • Thread scheduling
      • Cooperative vs. preemptive schedulers
      • Scheduling policies: round robin, fairness-based, priority-based, earliest-deadline first
    • Parallel programming
      • Managing threads: thread spawning, thread pools
      • Communication mechanisms and critical sections
      • Synchronization primitives: Semaphores, mutexes, barriers, readers-writer locks
      • Lock-free data structures
    • Problems with threads
      • Race Conditions
      • Deadlocks, livelocks
      • Starvation
    • Parallel programming patterns
      • Fork-join
      • Data-parallel programming pattern w/ barriers
      • Synchronous vs asynchronous
• Part III: Scalability (or Scale Out!)
  • Why scalability? (Limitations of single-node scaling up!)
  • Challenges of scalability
  • Scaling stateless applications
    • load balancers
  • Scaling stateful applications
    • Sharding
    • Consistent hashing
    • Secondary indexes
  • Scalable system architectures
    • A generic controller-workers architecture for building scalable systems
    • Scalable computation case study: Data-parallel programming model (MapReduce)
    • Scalable data management case study: Distributed key-value stores (KVS) 

• Part I: Security
  • • Security engineering
      • Security policies: Threat model and security (CIA) properties
      • Security design principles
        • Least privilege
        • Compartmentalization
        • Isolation via privilege mediation
      • A general recipe for secure systems design
      • Access control
        • Access control lists (ACLs)
        • Capabilities
    • Software security in the cloud
      • Security challenges in the cloud
      • Secure systems stack: Compute, network, and storage
      • Authentication, key management, and attestation
• Part II: Reliability and availability
  • Terminology: System failures, fault types and sources, and properties and metrics
  • Single-node fault-tolerant systems
    • Write-ahead logging for system reliability
    • Issues with a logging-only approach
  • Replication as the general recipe
    • Replication for stateless services
    • Issues with replication for stateful services
  • Replication for stateful services
    • Primary-backup replication
    • State machine replication
• Part III: Pattern implementation
  • Adapter pattern
  • Observer pattern
  • Strategy pattern

• Part I: Faults and failures in software
  • Terminology and impact
• Part II: Software testing
  • Testing overview
    • Black box, grey box, white box testing
  • Unit testing
    • Apply unit testing with JUnit
  • Integration testing
    • Stubs and drivers
    • Bottom-up, top-down, sandwich integration
• Part III: Automated large-scale system testing
  • Fuzzing (AFL)
  • Symbolic execution (KLEE, S2E, Angr)
  • System crashing for resiliency (Chaos Monkey)
• Part IV: Mock testing
• • Test doubles

• Part I: Program analysis
  • Motivation and terminology
  • Trade-offs: Soundness, completeness, static vs. dynamic analysis
• Part II: Static analysis tools
  • Compiler warnings/errors
  • Infer
  • Clang Analyzer and Clang Tidy
  • Spotbugs
• Part III: Brief introduction to C
• Part IV: Dynamic analysis tools
  • Undefined behavior
  • Memory safety issues
  • Dynamic binary instrumentation
  • Compiler-assisted instrumentation (LLVM)
  • Valgrind
  • Sanitizers (AddressSanitizer, ThreadSanitizer, MemorySanitizer, UBSan)
  • Combining Fuzzing with Sanitizers

• Part I: Source code management
  • Source code management
  • Version control
  • Branch management
  • Centralized (piper) vs decentralized (git) source code management
• Part II: Build systems
  • Why a build system?
  • Task-based build systems
  • Artifact-based build systems
  • Distributed builds
  • Dependency management
  • Hermeticity
• Part III: Release management
  • Release planning
  • Software versioning
  • Software upgrades
• Part IV: Continous *
  • Continuous integration
  • Continuous delivery
  • Continuous deployment
  • Continuous testing/fuzzing w/ OSS Fuzz
•  

• Part I: Software deployment models in the cloud
  • Workflows, advantages, challenges, use-cases, examples, and best practices
    • Baremetal
    • Virtual machines
    • Containers
    • Serverless
• Part II: “Hello World in the Cloud” w/ container
  • Understanding the design, implementation, and deployment of a simple cloud application
  • Introducing aspects of container-based (Docker) application development and deployment
• Part III: Cloud orchestration
  • Cluster management
  • Kubernetes: A container orchestration system
  • How to deploy a simple microservice application with Kubernetes
• Part IV: Cloud systems monitoring
  • Why system monitoring?
  • Prometheus architecture
  • Metrics types
  • Visualizing metrics with Graphana
  • Altering mechanisms
  • An example: Instrumenting a simple HTTP server

• Part I: Software quality
  • Software quality management
  • Reviewing
  • // Comments
  • Code refactoring
  • Trustworthy software systems
    • Formal verification
    • Code compliance
• Part II: Project management
  • Project management
  • Work breakdown structure
  • Team organization
  • Communication mechanisms
• Part III: Exam preparation
• • Exam format
  • Q&A