Fundamental notions and big ideas for achieving security in computer systems. Topics include cryptographic foundations (pseudorandomness, collision-resistant hash functions, authentication codes, signatures, authenticated encryption, public-key encryption), systems ideas (isolation, non-interference, authentication, access control, delegation, trust), and implementation techniques (privilege separation, fuzzing, symbolic execution, runtime defenses, side-channel attacks). Case studies of how these ideas are realized in deployed systems. Lab assignments apply ideas from lectures to learn how to build secure systems and how they can be attacked.