CODE NAME SEARCH DESCRIPTION CSCore KACore NonCore ILOs AI Artificial Intelligence (artificial intelligence, ai) Artificial intelligence (AI) studies problems that are difficult or impractical to solve with traditional algorithmic approaches. These problems are often reminiscent of those considered to require human intelligence, and the resulting AI solution strategies typically generalize over classes of problems. AI techniques are now pervasive in computing, supporting everyday applications such as email, social media, photography, financial markets, and intelligent virtual assistants (e.g., Siri, Alexa). These techniques are also used in the design and analysis of autonomous agents that perceive their environment and interact rationally with it, such as self-driving vehicles and other robots. Traditionally, AI has included a mix of symbolic and subsymbolic approaches. The solutions it provides rely on a broad set of general and specialized knowledge representation schemes, problem solving mechanisms, and optimization techniques. These approaches deal with perception (e.g., speech recognition, natural language understanding, computer vision), problem solving (e.g., search, planning, optimization), generation (e.g., narrative, conversation, images, models, recommendations), acting (e.g., robotics, task-automation, control), and the architectures needed to support them (e.g., single agents, multi-agent systems). Machine learning may be used within each of these aspects and can even be employed end-to-end across all of them. The study of Artificial Intelligence prepares students to determine when an AI approach is appropriate for a given problem, identify appropriate representations and reasoning mechanisms, implement them, and evaluate them with respect to both performance and their broader societal impact. AI.1 Fundamental Issues (ai issues) Overview of AI problems, Examples of successful recent AI applications; Definitions of agents with examples (e.g., reactive, deliberative); What is intelligent behavior?; The Turing test and its flaws; Multimodal input and output; Simulation of intelligent behavior; Rational versus non-rational reasoning; Problem characteristics; Fully versus partially observable; Single versus multi-agent; Deterministic versus stochastic; Static versus dynamic; Discrete versus continuous; Nature of agents; Autonomous, semi-autonomous, mixed-initiative autonomy; Reflexive, goal-based, and utility-based; Decision making under uncertainty and with incomplete information; The importance of perception and environmental interactions; Learning-based agents; Embodied agents; sensors, dynamics, effectors; Overview of AI Applications, growth, and impact (economic, societal, ethics) Practice identifying problem characteristics in example environments; Additional depth on nature of agents with examples; Additional depth on AI Applications, Growth, and Impact (economic, societal, ethics, security) Philosophical issues; History of AI Describe the Turing test and the 'Chinese Room' thought experiment; Differentiate between optimal reasoning/behavior and human-like reasoning/behavior; Differentiate the terms: AI, machine learning, and deep learn; Enumerate the characteristics of a specific problem. AI.2 Search (ai search) State space representation of a problem; Specifying states, goals, and operators; Factoring states into representations (hypothesis spaces); Problem solving by graph search; e.g., Graphs as a space, and tree traversals as exploration of that space; Dynamic construction of the graph (not given upfront); Uninformed graph search for problem solving (See also: AL-Foundational); Breadth-first search; Depth-first search; With iterative deepening; Uniform cost search; Heuristic graph search for problem solving (See also: AL-Strategies); Heuristic construction and admissibility; Hill-climbing; Local minima and the search landscape; Local vs global solutions; Greedy best-first search; A* search; Space and time complexities of graph search algorithms Bidirectional search; Beam search; Two-player adversarial games; Minimax search; Alpha-beta pruning; Ply cutoff; Implementation of A* search; Constraint satisfaction Understanding the search space; Constructing search trees; Dynamic search spaces; Combinatorial explosion of search space; Search space topology (e.g., ridges, saddle points, local minima); Local search; Tabu search; Variations on A* (IDA*, SMA*, RBFS); Two-player adversarial games; The horizon effect; Opening playbooks/endgame solutions; What it means to 'solve' a game (e.g., checkers); Implementation of minimax search, beam search; Expectimax search (MDP-solving) and chance nodes; Stochastic search; Simulated annealing; Genetic algorithms; Monte-Carlo tree search Design the state space representation for a puzzle (e.g., N-queens or 3-jug problem); Select and implement an appropriate uninformed search algorithm for a problem (e.g., tic-tac-toe), and characterize its time and space complexities.; Select and implement an appropriate informed search algorithm for a problem after designing a helpful heuristic function (e.g., a robot navigating a 2D gridworld).; Evaluate whether a heuristic for a given problem is admissible/can guarantee an optimal solution.; Apply minimax search in a two-player adversarial game (e.g., connect four), using heuristic evaluation at a particular depth to compute the scores to back; [KA Core]; Design and implement a genetic algorithm solution to a problem.; Design and implement a simulated annealing schedule to avoid local minima in a problem. 70; Design and implement A*/beam search to solve a problem, and compare it against other search algorithms in terms of the solution cost, number of nodes expanded,;; Apply minimax search with alpha-beta pruning to prune search space in a two-player adversarial game (e.g., connect four).; Compare and contrast genetic algorithms with classic search techniques, explaining when it is most appropriate to use a genetic algorithm to learn a model versus other forms of optimization (e.g., gradient descent).; Compare and contrast various heuristic searches vis-a-vis applicability to a given problem.; Model a logic or Sudoku puzzle as a constraint satisfaction problem, solve it with backtrack search, and determine how much arc consistency can reduce the search space. AI.3 Fundamental Knowledge Representation and Reasoning (knowledge representation, knowledge reasoning) Types of representations; Symbolic, logical; Creating a representation from a natural language problem statement; Learned subsymbolic representations; Graphical models (e.g., naive Bayes, Bayesian network); Review of probabilistic reasoning, Bayes theorem (See also: MSF-Probability); Bayesian reasoning; Bayesian inference Random variables and probability distributions; Axioms of probability; Probabilistic inference; Bayes’ Rule (derivation); Bayesian inference (more complex examples); Independence; Conditional Independence; Markov chains and Markov models; Utility and decision making Given a natural language problem statement, encode it as a symbolic or logical representation.; Explain how we can make decisions under uncertainty, using concepts such as Bayes theorem and utility.; Compute a probabilistic inference in a real-world problem using Bayes’ theorem to determine the probability of a hypothesis given evidence.; Apply Bayes’ rule to determine the probability of a hypothesis given evidence.; Compute the probability of outcomes and test whether outcomes are independent AI.4 Machine Learning (machine learning, ml) Definition and examples of a broad variety of machine learning tasks; Supervised learning; Classification; Regression; Reinforcement learning; Unsupervised learning; Clustering; Fundamental ideas:; No free lunch theorem: no one learner can solve all problems; representational design decisions have consequences.; Sources of error and undecidability in machine learning; A simple statistical-based supervised learning such as linear regression or decision trees; Focus on how they work without going into mathematical or optimization details; enough to understand and use existing implementations correctly; The overfitting problem/controlling solution complexity (regularization, pruning – intuition only); The bias (underfitting) – variance (overfitting) tradeoff; Working with Data; Data preprocessing; Importance and pitfalls of preprocessing choices; Handling missing values (imputing, flag-as-missing); Implications of imputing vs flag-as-missing; Encoding categorical variables, encoding real-valued data; Normalization/standardization; Emphasis on real data, not textbook examples; Representations; Hypothesis spaces and complexity; Simple basis feature expansion, such as squaring univariate features; Learned feature representations; Machine learning evaluation; Separation of train, validation, and test sets; Performance metrics for classifiers; Estimation of test performance on held-out data; Tuning the parameters of a machine learning model with a validation set; Importance of understanding what a model is doing, where its pitfalls/shortcomings are, and the implications of its decisions; Basic neural networks; Fundamentals of understanding how neural networks work and their training process, without details of the calculations; Basic introduction to generative neural networks (e.g., large language models); Ethics for Machine Learning (See also: SEP-Context); Focus on real data, real scenarios, and case studies; Dataset/algorithmic/evaluation bias and unintended consequences Formulation of simple machine learning as an optimization problem, such as least squares linear regression or logistic regression; Objective function; Gradient descent; Regularization to avoid overfitting (mathematical formulation); Ensembles of models; Simple weighted majority combination; Deep learning; Deep feed-forward networks (intuition only, no mathematics); Convolutional neural networks (intuition only, no mathematics); Visualization of learned feature representations from deep nets; Other architectures (generative NN, recurrent NN, transformers, etc.); Performance evaluation; Other metrics for classification (e.g., error, precision, recall); Performance metrics for regressors; Confusion matrix; Cross-validation; Parameter tuning (grid/random search, via cross-validation); Overview of reinforcement learning methods; Two or more applications of machine learning algorithms; E.g., medicine and health, economics, vision, natural language, robotics, game play; Ethics for Machine Learning; Continued focus on real data, real scenarios, and case studies (See also: SEP-Context); Privacy (See also: SEP-Privacy); Fairness (See also: SEP-Privacy); Intellectual property; Explainability General statistical-based learning, parameter estimation (maximum likelihood); Supervised learning; Decision trees; Nearest-neighbor classification and regression; Learning simple neural networks / multi-layer perceptrons; Linear regression; Logistic regression; Support vector machines (SVMs) and kernels; Gaussian Processes; Overfitting; The curse of dimensionality; Regularization (mathematical computations, L2 and L1 regularization); Experimental design 73; Data preparation (e.g., standardization, representation, one-hot encoding); Hypothesis space; Biases (e.g., algorithmic, search); Partitioning data: stratification, training set, validation set, test set; Parameter tuning (grid/random search, via cross-validation); Performance evaluation; Cross-validation; Metric: error, precision, recall, confusion matrix; Receiver operating characteristic (ROC) curve and area under ROC curve; Bayesian learning (Cross-Reference AI/Reasoning Under Uncertainty); Naive Bayes and its relationship to linear models; Bayesian networks; Prior/posterior; Generative models; Deep learning; Deep feed-forward networks; Neural tangent kernel and understanding neural network training; Convolutional neural networks; Autoencoders; Recurrent networks; Representations and knowledge transfer; Adversarial training and generative adversarial networks; Attention mechanisms; Representations; Manually crafted representations; Basis expansion; Learned representations (e.g., deep neural networks); Unsupervised learning and clustering; K-means; Gaussian mixture models; Expectation maximization (EM); Self-organizing maps; Graph analysis (e.g., PageRank); Semi-supervised learning; Graphical models (See also: AI-Probability); Ensembles; Weighted majority; Boosting/bagging; Random forest; Gated ensemble; Learning theory; General overview of learning theory / why learning works; VC dimension; Generalization bounds 74; Reinforcement learning; Exploration vs exploitation tradeoff; Markov decision processes; Value and policy iteration; Policy gradient methods; Deep reinforcement learning; Learning from demonstration and inverse RL; Explainable / interpretable machine learning; Understanding feature importance (e.g., LIME, Shapley values); Interpretable models and representations; Recommender systems; Hardware for machine learning; GPUs / TPUs; Application of machine learning algorithms to:; Medicine and health; Economics; Education; Vision; Natural language; Robotics; Game play; Data mining (Cross-reference DM/Data Analytics); Ethics for Machine Learning; Continued focus on real data, real scenarios, and case studies (See also: SEP-Context); In depth exploration of dataset/algorithmic/evaluation bias, data privacy, and fairness (See also: SEP-Privacy, SEP-Context); Trust / explainability Describe the differences among the three main styles of learning (supervised, reinforcement, and unsupervised) and determine which is appropriate to a particular problem domain.; Differentiate the terms of AI, machine learning, and deep learning.; Frame an application as a classification problem, including the available input features and output to be predicted (e.g., identifying alphabetic characters from pixel grid input).; Apply two or more simple statistical learning algorithms to a classification task and measure the classifiers’ accuracy.; Identify overfitting in the context of a problem and learning curves and describe solutions to overfitting.; Explain how machine learning works as an optimization/search process.; Implement a statistical learning algorithm and the corresponding optimization process to train the classifier and obtain a prediction on new data.; Describe the neural network training process and resulting learned representations. 75; Explain proper ML evaluation procedures, including the differences between training and testing performance, and what can go wrong with the evaluation process leading to inaccurate reporting of ML performance.; Compare two machine learning algorithms on a dataset, implementing the data preprocessing and evaluation methodology (e.g., metrics and handling of train/test splits) from scratch.; Visualize the training progress of a neural network through learning curves in a well-established toolkit (e.g., TensorBoard) and visualize the learned features of the network.; Compare and contrast several learning techniques (e.g., decision trees, logistic regression, naive Bayes, neural networks, and belief networks), providing examples of when each strategy is superior.; Evaluate the performance of a simple learning system on a real-world dataset.; Characterize the state of the art in learning theory, including its achievements and shortcomings.; Explain the problem of overfitting, along with techniques for detecting and managing the problem.; Explain the triple tradeoff among the size of a hypothesis space, the size of the training set, and performance accuracy.; Given a real-world application of machine learning, describe ethical issues regarding the choices of data, preprocessing steps, algorithm selection, and visualization/presentation of results. AI.5 Applications and Societal Impact (ai applications, ai societal impact) At least one application of AI to a specific problem and field, such as medicine, health, sustainability, social media, economics, education, robotics,; (choose at least one for the CS Core).; Formulating and evaluating a specific application as an AI problem; How to deal with underspecified or ill-posed problems; Data availability/scarcity and cleanliness; Basic data cleaning and preprocessing; Data set bias; Algorithmic bias; Evaluation bias; Assessment of societal implications of the application; Deployed deep generative models; High-level overview of deep image generative models (e.g., as of 2023, DALL-E, Midjourney, Stable Diffusion, etc.), their uses, and their shortcomings/pitfalls.; High-level overview of large language models (e.g., as of 2023, ChatGPT, Bard, etc.), their uses, and their shortcomings/pitfalls.; Overview of societal impact of AI 76; Ethics (See also: SEP-Context); Fairness (See also: SEP-Privacy, SEP-DEIA); Trust/explainability (See also: SEP-Context); Privacy and usage of training data (See also: SEP-Privacy); Human autonomy and oversight/regulations/legal requirements (See also: SEP-Context); Sustainability (See also: SEP-Sustainability) One or more additional applications of AI to a broad set of problems and diverse fields, such as medicine, health, sustainability, social media, economics, education, robotics,; (choose a different area from that chosen for the CS Core).; Formulating and evaluating a specific application as an AI problem; How to deal with underspecified or ill-posed problems; Data availability/scarcity and cleanliness; Basic data cleaning and preprocessing; Data set bias; Algorithmic bias; Evaluation bias; Assessment of societal implications of the application; Additional depth on deployed deep generative models; Introduction to how deep image generative models work, (e.g., as of 2023, DALL-E, Midjourney, Stable Diffusion) including discussion of attention; Introduction to how large language models work, (e.g., as of 2023, ChatGPT, Bard) including discussion of attention; Idea of foundational models, how to use them, and the benefits/issues with training them from big data; Analysis and discussion of the societal impact of AI; Ethics (See also: SEP-Context); Fairness (See also: SEP-Privacy, SEP-DEIA); Trust/explainability (See also: SEP-Context); Privacy and usage of training data (See also: SEP-Privacy); Human autonomy and oversight/regulations/legal requirements (See also: SEP-Context); Sustainability (See also: SEP-Sustainability) Given a real-world application domain and problem, formulate an AI solution to it, identifying proper data/input, preprocessing, representations, AI techniques, and evaluation metrics/methodology.; Analyze the societal impact of one or more specific real-world AI applications, identifying issues regarding ethics, fairness, bias, trust, and explainability.; Describe some of the failure modes of current deep generative models for language or images, and how this could affect their use in an application. AI.6 Logical Representation and Reasoning (logical representation, logical reasoning) Review of propositional and predicate logic (See also: MSF-Discrete); Resolution and theorem proving (propositional logic only); Forward chaining, backward chaining; Knowledge representation issues; Description logics; Ontology engineering; Semantic web; Non-monotonic reasoning (e.g., non-classical logics, default reasoning); Argumentation; Reasoning about action and change (e.g., situation and event calculus); Temporal and spatial reasoning; Logic programming; Prolog, Answer Set Programming; Rule-based Expert Systems; Semantic networks; Model-based and Case-based reasoning Translate a natural language (e.g., English) sentence into a predicate logic statement.; Convert a logic statement into clausal form.; Apply resolution to a set of logic statements to answer a query.; Compare and contrast the most common models used for structured knowledge representation, highlighting their strengths and weaknesses.; Identify the components of non-monotonic reasoning and its usefulness as a representational mechanism for belief systems.; Compare and contrast the basic techniques for representing uncertainty.; Compare and contrast the basic techniques for qualitative representation.; Apply situation and event calculus to problems of action and change.; Explain the distinction between temporal and spatial reasoning, and how they interrelate.; Explain the difference between rule-based, case-based, and model-based reasoning techniques.; Define the concept of a planning system and how it differs from classical search techniques.; Describe the differences between planning as search, operator-based planning, and propositional planning, providing examples of domains where each is most applicable.; Explain the distinction between monotonic and non-monotonic inference. AI.7 Probabilistic Representation and Reasoning (probabilistic representation, probabilistic reasoning) Conditional Independence review; Knowledge representations; Bayesian Networks; Exact inference and its complexity; Markov blankets and d-separation; Randomized sampling (Monte Carlo) methods (e.g., Gibbs sampling); Markov Networks 78; Relational probability models; Hidden Markov Models; Decision Theory; Preferences and utility functions; Maximizing expected utility; Game theory Compute the probability of a hypothesis given the evidence in a Bayesian network.; Explain how conditional independence assertions allow for greater efficiency of probabilistic systems.; Identify examples of knowledge representations for reasoning under uncertainty.; State the complexity of exact inference. Identify methods for approximate inference.; Design and implement at least one knowledge representation for reasoning under uncertainty.; Describe the complexities of temporal probabilistic reasoning.; Design and implement an HMM as one example of a temporal probabilistic system.; Describe the relationship between preferences and utility functions.; Explain how utility functions and probabilistic reasoning can be combined to make rational decisions. AI.8 Planning (ai planning) Review of propositional and first-order logic; Planning operators and state representations; Total order planning; Partial-order planning; Plan graphs and GraphPlan; Hierarchical planning; Planning languages and representations; PDDL; Multi-agent planning; MDP-based planning; Interconnecting planning, execution, and dynamic replanning; Conditional planning; Continuous planning; Probabilistic planning Construct the state representation, goal, and operators for a given planning problem.; Encode a planning problem in PDDL and use a planner to solve;; Given a set of operators, initial state, and goal state, draw the partial-order planning graph and include ordering constraints to resolve all conflicts.; Construct the complete planning graph for GraphPlan to solve a given problem. AI.9 Agents and Cognitive Systems (ai agents, ai cognitive systems) Agent architectures (e.g., reactive, layered, cognitive); Agent theory (including mathematical formalisms); Rationality, Game Theory; Decision-theoretic agents; Markov decision processes (MDP); Bandit algorithms; Software agents, personal assistants, and information access; Collaborative agents; Information-gathering agents; Believable agents (synthetic characters, modeling emotions in agents); Learning agents; Cognitive systems; Cognitive architectures (e.g., ACT-R, SOAR, ICARUS, FORR); Capabilities (e.g., perception, decision making, prediction, knowledge maintenance); Knowledge representation, organization, utilization, acquisition, and refinement; Applications and evaluation of cognitive systems; Multi-agent systems; Collaborating agents; Agent teams; Competitive agents (e.g., auctions, voting); Swarm systems and biologically inspired models; Multi-agent learning; Human-agent interaction (See also: HCI-User, HCI-Accessibility); Communication methodologies (verbal and non-verbal); Practical issues; Applications; Trading agents, supply chain management; Ethical issues of AI interactions with humans; Regulation and legal requirements of AI systems for interacting with humans Characterize and contrast the standard agent architectures.; Describe the applications of agent theory to domains such as software agents, personal assistants, and believable agents, and discuss associated ethical implications.; Describe the primary paradigms used by learning agents.; Demonstrate using appropriate examples how multi-agent systems support agent interaction.; Construct an intelligent agent using a well-established cognitive architecture (ACT-R, SOAR) for solving a specific problem. AI.10 Natural Language Programming (natural language programming, nlp) Deterministic and stochastic grammars; Parsing algorithms; CFGs and chart parsers (e.g., CYK); Probabilistic CFGs and weighted CYK; Representing meaning/Semantics; Logic-based knowledge representations; Semantic roles; Temporal representations; Beliefs, desires, and intentions; Corpus-based methods; N-grams and HMMs; Smoothing and backoff; Examples of use: POS tagging and morphology; Information retrieval (See also: DM-Unstructured); Vector space model; TF & IDF; Precision and recall; Information extraction; Language translation; Text classification, categorization; Bag of words model; Deep learning for NLP (See also: AI-ML); RNNs; Transformers; Multi-modal embeddings (e.g., images + text); Generative language models Define and contrast deterministic and stochastic grammars, providing examples to show the adequacy of each.; Simulate, apply, or implement classic and stochastic algorithms for parsing natural language.; Identify the challenges of representing meaning.; List the advantages of using standard corpora. Identify examples of current corpora for a variety of NLP tasks.; Identify techniques for information retrieval, language translation, and text classification.; Implement a TF/IDF transform, use it to extract features from a corpus, and train an off-the-shelf machine learning algorithm using those features to do text classification. AI.11 Robotics (ai robotics) Overview: problems and progress; State-of-the-art robot systems, including their sensors and an overview of their sensor processing 81; Robot control architectures, e.g., deliberative vs reactive control and Braitenberg vehicles; World modeling and world models; Inherent uncertainty in sensing and in control; Sensors and effectors; Sensors: e.g., LIDAR, sonar, vision, depth, stereoscopic, event cameras, microphones, haptics,; Effectors: e.g., wheels, arms, grippers; Coordinate frames, translation, and rotation (2D and 3D); Configuration space and environmental maps; Interpreting uncertain sensor data; Localization and mapping; Navigation and control; Forward and inverse kinematics; Motion path planning and trajectory optimization; Manipulation and grasping; Joint control and dynamics; Vision-based control; Multiple-robot coordination and collaboration; Human-robot interaction (See also: HCI-User, HCI-Accessibility); Shared workspaces; Human-robot teaming and physical HRI; Social assistive robots; Motion/task/goal prediction; Collaboration and communication (explicit vs implicit, verbal or symbolic vs non-verbal or visual); Trust; Applications and Societal, Economic, and Ethical Issues; Societal, economic, right-to-work implications; Ethical and privacy implications of robotic applications; Liability in autonomous robotics; Autonomous weapons and ethics; Human oversight and control List capabilities and limitations of today's state-of-the-art robot systems, including their sensors and the crucial sensor processing that informs those systems.; Integrate sensors, actuators, and software into a robot designed to undertake a specific task.; Program a robot to accomplish simple tasks using deliberative, reactive, and/or hybrid control architectures.; Implement fundamental motion planning algorithms within a robot configuration space.; Characterize the uncertainties associated with common robot sensors and actuators; articulate strategies for mitigating these uncertainties.; List the differences among robots' representations of their external environment, including their strengths and shortcomings. 82; Compare and contrast at least three strategies for robot navigation within known and/or unknown environments, including their strengths and shortcomings.; Describe at least one approach for coordinating the actions and sensing of several robots to accomplish a single task.; Compare and contrast a multi-robot coordination and a human-robot collaboration approach and attribute their differences to differences between the problem settings.; Analyze the societal, economic, and ethical issues of a real-world robotics application. AI.12 Perception and Computer Vision (ai perception, computer vision, cv) Computer vision; Image acquisition, representation, processing, and properties; Shape representation, object recognition, and segmentation; Motion analysis; Generative models; Audio and speech recognition; Touch and proprioception; Other modalities (e.g., olfaction); Modularity in recognition; Approaches to pattern recognition (See also: AI-ML); Classification algorithms and measures of classification quality; Statistical techniques; Deep learning techniques Summarize the importance of image and object recognition in AI and indicate several significant applications of this technology.; List at least three image-segmentation approaches, such as thresholding, edge-based and region- based algorithms, along with their defining characteristics, strengths, and weaknesses.; Implement 2d object recognition based on contour-based and/or region-based shape representations.; Distinguish the goals of sound-recognition, speech-recognition, and speaker-recognition and identify how the raw audio signal will be handled differently in each of these cases.; Provide at least two examples of a transformation of a data source from one sensory domain to another, e.g., tactile data interpreted as single-band 2d images.; Implement a feature-extraction algorithm on real data, e.g., an edge or corner detector for images or vectors of Fourier coefficients describing a short slice of audio signal.; Implement an algorithm combining features into higher-level percepts, e.g., a contour or polygon from visual primitives or phoneme hypotheses from an audio signal.; Implement a classification algorithm that segments input percepts into output categories and quantitatively evaluates the resulting classification.; Evaluate the performance of the underlying feature-extraction, relative to at least one alternative possible approach (whether implemented or not) in its contribution to the classification task (8), above. 83; Describe at least three classification approaches, their prerequisites for applicability, their strengths, and their shortcomings.; Implement and evaluate a deep learning solution to problems in computer vision, such as object or scene recognition. AL Algorithmic Foundations (algorithmic foundations) Algorithms and data structures are fundamental to computer science, since every theoretical computation and applied program consists of algorithms that operate on data elements possessing some underlying structure. Selecting appropriate computational solutions to real-world problems benefits from understanding the theoretical and practical capabilities and limitations of available algorithms and paradigms, including their impact on the environment and society. Moreover, this understanding provides insight into the intrinsic nature of computation, computational problems, and computational problem-solving as well as possible solution techniques independent of programming language, programming paradigm, computer hardware, or other implementation aspects. This knowledge area focuses on the nature of computation including the concepts and skills required to design and analyze algorithms for solving real-world computational problems. It complements the implementation of algorithms and data structures found in the Software Development Foundations (SDF) knowledge area. As algorithms and data structures are essential in all advanced areas of computer science, this area provides the algorithmic foundations that every computer science graduate is expected to know. Exposure to the breadth of these foundational AL topics is designed to provide students with the basis for studying these topics in more depth, for studying additional computation and algorithm topics, and for learning advanced algorithms across a variety of CS knowledge areas and CS+X disciplines. AL.1 Foundational Data Structures and Algorithms (data structures, basic algorithms) Abstract Data Type (ADT) and operations on an ADT (See also: FPL-Types); Dictionary operations (insert, delete, find); Arrays; Numeric vs non-numeric, character strings; Single (vector) vs multidimensional (matrix); Records/Structs/Tuples and Objects (See also: FPL-OOP); Linked lists (for historical reasons); Single vs Double and Linear vs Circular; Stacks; Queues and deques; Heap-based priority queue; Hash tables/maps; Collision resolution and complexity (e.g., probing, chaining, rehash); Graphs (e.g., [un]directed, [a]cyclic, [un]connected, and [un]weighted) (See also: MSF-Discrete); Graph representation: adjacency list vs matrix; Trees (See also: MSF-Discrete); Binary, n-ary, and search trees; Balanced (e.g., AVL, Red-Black, Heap); Sets (See also: MSF-Discrete) 89; Search algorithms; O(n) complexity (e.g., linear/sequential array/list search); O(log2 n) complexity (e.g., binary search); O(logb n) complexity (e.g., uninformed depth/breadth-first tree search); Sorting algorithms (e.g., stable, unstable); O(n2) complexity (e.g., insertion, selection),; O(n log n) complexity (e.g., quicksort, merge, timsort); Graph algorithms; Shortest path (e.g., Dijkstra’s, Floyd’s); Minimal spanning tree (e.g., Prim’s, Kruskal’s) Sorting algorithms; O(n log n) complexity heapsort; Pseudo O(n) complexity (e.g., bucket, counting, radix); Graph algorithms; Transitive closure (e.g., Warshall’s); Topological sort; Matching; Efficient string matching (e.g., Boyer-Moore, Knuth-Morris-Pratt); Longest common subsequence matching; Regular expression matching Cryptography algorithms (e.g., SHA-256) (See also: SEC-Crypto); Parallel algorithms (See also: PDC-Algorithms, FPL-Parallel); Consensus algorithms (e.g., Blockchain) (See also: SEC-Crypto); Proof of work vs proof of stake (See also: SEP-Sustainability); Quantum computing algorithms (See also: AL-Models, AR-Quantum); Oracle-based (e.g., Deutsch-Jozsa, Bernstein-Vazirani, Simon); Superpolynomial speed-up via QFT (e.g., Shor’s); Polynomial speed-up via amplitude amplification (e.g., Grover’s); Fast-Fourier Transform (FFT) algorithm; Differential evolution algorithm For each ADT/Data-Structure in this unit; Explain its definition, properties, representation(s), and associated ADT operations.; Explain step-by-step how the ADT operations associated with the data structure transform;; For each algorithm in this unit explain step-by-step how the algorithm operates.; For each algorithmic approach (e.g., sorting) in this unit apply a prototypical example of the approach (e.g., merge sort).; Given requirements for a problem, develop multiple solutions using various data structures and algorithms. Subsequently, evaluate the suitability, strengths, and weaknesses selecting an approach that best satisfies the requirements.; Explain how collision avoidance and collision resolution is handled in hash tables.; Explain factors beyond computational efficiency that influence the choice of algorithms, such as programming time, maintainability, and the use of application-specific patterns in the input data.; Explain the heap property and the use of heaps as an implementation of a priority queue.; For each of the algorithms and algorithmic approaches in the KA Core topics:; Explain a prototypical example of the algorithm, and; Explain step-by-step how the algorithm operates.; An appreciation of quantum computation and its application to certain problems. AL.2 Algorithmic Strategies (algorithmic strategies) Paradigms; Brute-Force (e.g., linear search, selection sort, traveling salesperson, knapsack); Decrease-and-Conquer; By a Constant (e.g., insertion sort, topological sort),; By a Constant Factor (e.g., binary search),; By a Variable Size (e.g., Euclid’s); Divide-and-Conquer (e.g., binary search, quicksort, mergesort, Strassen’s); Greedy (e.g., Dijkstra’s, Kruskal’s, Knapsack); Transform-and-Conquer; Instance simplification (e.g., find duplicates via list presort); Representation change (e.g., heapsort); Problem reduction (e.g., least-common-multiple, linear programming); Dynamic programming (e.g., Floyd’s, Warshall, Bellman-Ford); Space vs time tradeoffs (e.g., hashing); Handling exponential growth (e.g., heuristic A*, branch-and-bound, backtracking); Iteration vs recursion (e.g., factorial, tree search) Paradigms; Approximation algorithms; Iterative improvement (e.g., Ford-Fulkerson, simplex); Randomized/Stochastic algorithms (e.g., max-cut, balls and bins) Quantum computing For each of the paradigms in this unit,; Explain its definitional characteristics,; Explain an example that demonstrates the paradigm including how this example satisfies the paradigm’s characteristics.; For each of the algorithms in the AL-Foundational unit, explain the paradigm used by the algorithm and how it exemplifies this paradigm.; Given an algorithm, explain the paradigm used by the algorithm and how it exemplifies this paradigm.; Give a real-world problem, evaluate appropriate algorithmic paradigms and algorithms from these paradigms that address the problem including evaluating the tradeoffs among the paradigms and algorithms selected.; Give examples of iterative and recursive algorithms that solve the same problem, explain the benefits and disadvantages of each approach.; Evaluate whether a greedy approach leads to an optimal solution.; Explain various approaches for addressing computational problems whose algorithmic solutions are exponential. AL.3 Complexity (complexity) Complexity Analysis Framework; Best, average, and worst-case performance of an algorithm; Empirical and relative (Order of Growth) measurements; Input size and primitive operations; Time and space efficiency; Asymptotic complexity analysis (average and worst-case bounds); Big-O, Big-Omega, and Big-Theta formal notations; Foundational Complexity Classes and Representative Examples/Problems; O(1) Constant (e.g., array access); O(log2 n) Logarithmic (e.g., binary search); O(n) Linear (e.g., linear search); O(n log2 n) Log Linear (e.g., mergesort); O(n2) Quadratic (e.g., selection sort); O(nc) Polynomial (e.g., O(n3) Gaussian elimination); O(2n) Exponential (e.g., Knapsack, Satisfiability (SAT), Traveling Sales-Person (TSP), all subsets) viii. O(n!) Factorial (e.g., Hamiltonian circuit, all permutations); Empirical measurements of performance; Tractability and intractability; P, NP, and NP-Complete Complexity Classes; NP-Complete Problems (e.g., SAT, Knapsack, TSP); Reductions; Time and space tradeoffs in algorithms Little-o, Little-Omega, and Little Theta notations; Formal recursive analysis; Amortized analysis; Turing Machine-based models of complexity; Time complexity; P, NP, NP-C, and EXP classes; Cook-Levin theorem; Space Complexity; NSpace and PSpace; Savitch’s theorem Prepare a presentation that explains to first year students the basic concepts of algorithmic complexity including best, average, and worst-case algorithm behavior, Big- O, Omega, and Theta notations, complexity classes, time and space tradeoffs, empirical measurement, and impact on practical problems.; Using examples, explain each of the foundational complexity classes in this unit.; For each foundational complexity class in this unit, explain an algorithm that demonstrates the associated runtime complexity.; For each algorithm in the AL-Foundational unit, explain its runtime complexity class and why it belongs to this class.; Informally evaluate the foundational complexity class of simple algorithms.; Given a problem to program for which there may be several algorithmic approaches, evaluate them and determine which are feasible, and select one that is optimal in implementation and run-time behavior.; Develop empirical studies to determine and validate hypotheses about the runtime complexity of various algorithms by running algorithms on input of various sizes and comparing actual performance to the theoretical analysis.; Explain examples that illustrate time-space tradeoffs of algorithms.; Explain how tree balance affects the efficiency of binary search tree operations.; Explain to a non-technical audience the significance of tractable versus intractable algorithms using an intuitive explanation of Big-O complexity.; Explain the significance of NP-Completeness.; Explain how NP-Hard is a lower bound and NP is an upper bound for NP-Completeness.; Explain examples of NP-complete problems.; Use recurrence relations to evaluate the time complexity of recursively defined algorithms.; Apply elementary recurrence relations using a form of the Master Theorem.; Apply Big-O notation to give upper case bounds on time/space complexity of algorithms.; Explain the Cook-Levin Theorem and the NP-Completeness of SAT.; Explain the classes P and NP.; Prove that a problem is NP-Complete by reducing a classic known NP-C problem to it (e.g., 3SAT and Clique).; Explain the P-space class and its relation to the EXP class. AL.4 Computational Models and Formal Languages (computational models, formal language) Formal automata; Finite State; Pushdown; Linear Bounded; Turing Machine; Formal languages, grammars and Chomsky Hierarchy (See also: FPL-Translation, FPL-Syntax); Regular (Type-3); Regular Expressions; Context-Free (Type-2); Context-Sensitive (Type-1); Recursively Enumerable (Type-0); Relations among formal automata, languages, and grammars; Decidability, (un)computability, and halting; The Church-Turing thesis; Algorithmic correctness; Invariants (e.g., in iteration, recursion, tree search) Deterministic and nondeterministic automata; Pumping Lemma proofs; Proof of Finite State/Regular-Language limitation; Pushdown Automata/Context-Free-Language limitation; Decidability; Arithmetization and diagonalization; Reducibility and reductions; Time complexity based on Turing Machine; Space complexity (e.g., Pspace, Savitch’s Theorem); Equivalent models of algorithmic computation; Turing Machines and Variations (e.g., multi-tape, non-deterministic); Lambda Calculus (See also: FPL-Functional); Mu-Recursive Functions Quantum computation (See also: AR-Quantum); Postulates of quantum mechanics; State space 94; State evolution; State composition; State measurement; Column vector representations of qubits; Matrix representations of quantum operations; Simple quantum gates (e.g., XNOT, CNOT) For each formal automaton in this unit:; Explain its definition comparing its characteristics with this unit’s other automata,; Using an example, explain step-by-step how the automaton operates on input including whether it accepts the associated input,; Explain an example of inputs that can and cannot be accepted by the automaton.; Given a problem, develop an appropriate automaton that addresses the problem.; Develop a regular expression for a given regular language expressed in natural language.; Explain the difference between regular expressions (Type-3 acceptors) and the regular expressions (Type-2 acceptors) used in programming languages.; For each formal model in this unit:; Explain its definition comparing its characteristics with the others in this unit,; Explain example inputs that are and cannot be accepted by the language/grammar.; Explain a universal Turing Machine and its operation.; Present to an audience of co-workers and managers the impossibility of providing them a program that checks all other programs, including some seemingly simple ones, for infinite loops including an explanation of the Halting problem, why it has no algorithmic solution, and its significance for real-world algorithmic computation.; Explain examples of classic uncomputable problems.; Explain the Church-Turing Thesis and its significance for algorithmic computation.; Explain how (loop) invariants can be used to prove the correctness of an algorithm.; For each formal automaton in this unit explain (compare/contrast) its deterministic and nondeterministic capabilities.; Apply pumping lemmas, or alternative means, to prove the limitations of Finite State and Pushdown automata.; Apply arithmetization and diagonalization to prove the Halting Problem for Turing Machines is Undecidability.; Given a known undecidable language, apply a mapping reduction or computational history to prove that another language is undecidable.; Convert among equivalently powerful notations for a language, including among DFAs, NFAs, and regular expressions, and between PDAs and CFGs.; Explain Rice’s theorem and its significance. 95; Explain an example proof of a problem that is uncomputable by reducing a classic known uncomputable problem to;; Explain the Primitive and General Recursive functions (zero, successor, selection, primitive recursion, composition, and Mu), their significance, and Turing Machine implementations.; Explain how computation is performed in Lambda Calculus (e.g., Alpha conversion and Beta reduction); For a quantum system give examples that explain the following postulates.; State Space – system state represented as a unit vector in Hilbert space,; State Evolution – the use of unitary operators to evolve system state,; State Composition – the use of tensor product to compose systems states,; State Measurement – the probabilistic output of measuring a system state.; Explain the operation of a quantum XNOT or CNOT gate on a quantum bit represented as a matrix and column vector, respectively. AL.5 Society, Ethics, and the Profession (society ethics profession) Social, ethical, and secure algorithms; Algorithmic fairness; Anonymity (e.g., Differential Privacy); Accountability/Transparency; Responsible algorithms; Economic and other impacts of inefficient algorithms; Sustainability Context aware computing Develop algorithmic solutions to real-world societal problems, such as routing an ambulance to a hospital.; Explain the impact that an algorithm may have on the environment and society when used to solve a real-world problem while considering its sustainability and that it can affect different societal groups in different ways.; Prepare a presentation that justifies the selection of appropriate data structures and/or algorithms to solve a given real-world problem.; Explain an example that articulates how differential privacy protects knowledge of an individual’s data.; Explain the environmental impacts of design choices that relate to algorithm design.; Explain the tradeoffs involved in proof-of-work and proof-of-stake algorithms. AR Architecture and Organization (architecture, hardware organization) Computing professionals spend considerable time writing efficient code to solve a particular problem in an application domain. As the shift from sequential to parallel processing occurs, a deeper understanding of the underlying computer architectures is necessary. Architecture can no longer be viewed as a black box where principles from one architecture can be applied to another. Instead, programmers should look inside the black box and use specific components to enhance system performance and energy efficiency. The Architecture and Organization (AR) knowledge area aims to develop a deeper understanding of the hardware environments upon which almost all computing is based, and the relevant interfaces provided to higher software layers. The target hardware comprises low-end embedded system processors up to high-end enterprise multiprocessors. The topics in this knowledge area will benefit students by enabling them to appreciate the fundamental architectural principles of modern computer systems, including the challenge of harnessing parallelism to sustain performance and energy improvements into the future. This KA will help computer science students depart from the black box approach and become more aware of the underlying computer system and the efficiencies specific architectures can achieve. AR.1 Digital Logic and Digital Systems (digital logic, digital systems) Combinational vs sequential logic/field programmable gate arrays (FPGAs) (See also: SF- Overview, SF-Foundations, SPD-Embedded); Fundamental combinational; Sequential logic building block; Computer-aided design tools that process hardware and architectural representations; High-level synthesis; Register transfer notation; Hardware description language (e.g., Verilog/VHDL/Chisel); System-on-chip (SoC) design flow; Physical constraints; Gate delays; Fan-in and fan-out; Energy/power; Speed of light Discuss the progression of computer technology components from vacuum tubes to VLSI, from mainframe computer architectures to the organization of warehouse-scale computers.; Describe parallelism and data dependencies between and within components in a modern heterogeneous computer architecture.; Explain the relationship between parallelism and power consumption.; Construct the design of basic building blocks for a computer: arithmetic-logic unit (gate-level), registers (gate-level), central processing unit (register transfer-level), and memory (register transfer- level).; Evaluate simple building blocks (e.g., arithmetic-logic unit, registers, movement between registers) of a simple computer design.; Analyze the timing behavior of a pipelined processor, identifying data dependency issues. AR.2 Machine-Level Data Representation (machine-level data representation) Overview and history of computer architecture (See also: SPD-Game); Bits, bytes, and words; Unsigned, signed and two’s complement representations; Numeric data representation and number bases; Fixed-point; Floating-point; Representation of non-numeric data; Representation of records, arrays and UTF data types (See also: AL-Foundational) Discuss why everything in computers are data, including instructions.; Explain how fixed-length number representations can affect accuracy and precision.; Describe how negative integers are stored in sign-magnitude and two’s-complement representations.; Discuss how different formats can represent numerical data.; Explain the bit-level representation of non-numeric data, such as characters, strings, records, and arrays.; Translate numerical data from one format to another.; Describe how a single adder (without overflow detection) can handle both signed (two’s complement) and unsigned (binary) input without 'knowing' which format a given input is using. AR.3 Assembly Level Machine Organization (assembly level machine organization) von Neumann machine architecture; Control unit: instruction fetch, decode, and execution (See also: OS-Principles); Introduction to SIMD vs MIMD and the Flynn taxonomy (See also: PDC-Programs, OS-Scheduling, OS-Process); Shared memory multiprocessors/multicore organization (See also: PDC-Programs, OS-Scheduling) Instruction set architecture (ISA) (e.g., x86, ARM and RISC-V); Fixed vs variable-width instruction sets; Instruction formats; Data manipulation, control, I/O; Addressing modes; Machine language programming; Assembly language programming; Subroutine call and return mechanisms (See also: FPL-Translation, OS-Principles); I/O and interrupts (See also: OS-Principles); Heap, static, stack, and code segments (See also: FPL-Translation, OS-Process) Discuss how the classical von Neumann functional units are implemented in embedded systems, particularly on-chip and off-chip memory.; Describe how instructions are executed in a classical von Neumann machine, with extensions for threads, multiprocessor synchronization, and SIMD execution.; Assess an example diagram with instruction-level parallelism and hazards to describe how they are managed in typical processor pipelines.; Discuss how instructions are represented at the machine level and in the context of a symbolic assembler.; Map an example of high-level language patterns into assembly/machine language notations.; Contrast different instruction formats considering aspects such as addresses per instruction and variable-length vs fixed-length formats.; Analyze a subroutine diagram to comment on how subroutine calls are handled at the assembly level.; Describe basic concepts of interrupts and I/O operations.; Write a simple assembly language program for string/array processing and manipulation AR.4 Memory Hierarchy (computer memory hierarchy) Memory hierarchy: the importance of temporal and spatial locality (See also: SF-Performance, OS- Memory); Main memory organization and operations (See also: OS-Memory); Persistent memory (e.g., SSD, standard disks); Latency, cycle time, bandwidth, and interleaving (See also: SF-Performance); Cache memories (See also: SF-Performance); Address mapping; Block size; Replacement and store policy; Prefetching; Multiprocessor cache coherence (See also: OS-Scheduling); Virtual memory (hardware support) (See also: OS-Memory); Fault handling and reliability (See also: SF-Reliability); Reliability (See also: SF-Reliability, OS-Faults); Error coding; Data compression; Data integrity Processing In-Memory (PIM) Using a memory system diagram, identify the main types of memory technology (e.g., SRAM, DRAM) and their relative cost and performance.; Measure the effect of memory latency on running time.; Enumerate the functions of a system with virtual memory management.; Compute average memory access time under various cache and memory configurations and mixes of instruction and data references. AR.5 Interfacing and Communication (io, i/o, interfaces, communication) I/O fundamentals (See also: OS-Devices, PDC-Communication); Handshaking and buffering; Programmed I/O; Interrupt-driven I/O (See also: OS-Principles); Interrupt structures: vectored and prioritized, interrupt acknowledgment (See also: OS-Principles); I/O devices (e.g., mouse, keyboard, display, camera, sensors, actuators) (See also: GIT- Fundamentals, GIT-Interaction, OS-Advanced-Files, PDC-Programs); External storage, physical organization, and drives; Buses fundamentals (See also: OS-Devices); Bus protocols; Arbitration; Direct-memory access (DMA) Analyze an interrupt control diagram to comment on how interrupts are used to implement I/O control and data transfers.; Enumerate various types of buses in a computer system.; List the advantages of magnetic disks and contrast them with those of solid-state disks. AR.6 Functional Organization (functional organization) Implementation of simple datapaths, including instruction pipelining, hazard detection, and resolution (e.g., stalls, forwarding); Control unit; Hardwired implementation; Microprogrammed realization; Instruction pipelining (See also: SF-Overview); Introduction to instruction-level parallelism (ILP) (See also: PDC-Programs) Compare alternative implementation of datapaths in modern computer architectures.; Produce a set of control signals for adding two integers using hardwired and microprogrammed implementations.; Discuss instruction-level parallelism using pipelining and significant hazards that may occur.; Design a complete processor, including datapath and control.; Compute the average cycles per instruction for a given processor and memory system implementation. AR.7 Performance and Energy Efficiency (performance, energy efficiency) Performance-energy evaluation (introduction): performance, power consumption, memory, and communication costs (See also: SF-Evaluation, OS-Scheduling, SPD-Game); Branch prediction, speculative execution, out-of-order execution, Tomasulo's algorithm; Enhancements for vector processors and GPUs (See also: SPD-Game); Hardware support for multithreading (See also: OS-Concurrency, OS-Scheduling, PDC-Programs); Race conditions; Lock implementations; Point-to-point synchronization; Barrier implementation; Scalability; Alternative architectures including VLIW/EPIC, accelerators, and other special purpose processors; Dynamic voltage and frequency scaling (DVFS); Dark Silicon Discuss performance and energy efficiency evaluation metrics.; Analyze a speculative execution diagram and write about the decisions that can be made.; Create a GPU performance-watt benchmarking diagram.; Write a multithreaded program that adds (in parallel) elements of two integer vectors.; Recommend a set of design choices for alternative computer architectures.; Enumerate key concepts associated with dynamic voltage and frequency scaling.; Measure energy savings improvement for an 8-bit integer quantization compared to a 32-bit quantization. AR.8 Heterogeneous Architectures (heterogeneous architecture) SIMD and MIMD architectures (e.g., General-Purpose GPUs, TPUs, and NPUs) (See also: PDC- Programs, SPD-Embedded, GIT-Shading, SPD-Game); Heterogeneous memory systems (See also: OS-Process, PDC-Communication); Shared memory versus distributed memory; Volatile vs non-volatile memory; Coherence protocols; Domain-Specific Architectures (DSAs) (See also: HCI-Accountability, GIT-Shading); Machine Learning Accelerator; In-networking computing (See also: NC-Applications); Embedded systems for emerging applications; Neuromorphic computing; Edge computing devices; Packaging and integration solutions such as 3DIC and chiplets; Machine learning in architecture design; AI algorithms for workload analysis; Optimization of architecture configurations for performance and power efficiency Analyze a system diagram with alternative parallel architectures, e.g., SIMD and MIMD, and identify the key differences.; Discuss what memory-management issues are found in multiprocessors that are not present in uniprocessors and how these issues might be resolved.; Indicate the differences between memory backplane, processor memory interconnect, and remote memory via networks, their implications for access latency, and their impact on program performance.; Discuss how you would determine when to use a domain-specific accelerator instead of a general- purpose CPU.; Enumerate key differences in architectural design principles between a vector and scalar-based processing unit.; List the advantages and disadvantages of a PIM architecture. AR.9 Secure Processor Architectures (secure processor architecture) Principles of Secure Hardware; Security Risk Analysis, Asset Protection, and Threat Model; Cryptographic Acceleration with Hardware (See also: SEC-Crypto); Support for virtualization (e.g., OS isolation); Roots of trust in hardware, Physically Unclonable Functions (PUF); Hardware Random Number Generators; Memory protection extensions; Runtime pointer bounds checking (e.g., buffer overflow); Protection at the microarchitectural level; Protection at the ISA level; Trusted Execution Environment (TEE); Trusted Computer Base Protections; Protecting virtual machines; Protecting containers; Trusted software modules (Enclaves); Homomorphic encryption for privacy-preserving data processing Discuss principles of secure hardware, exploring a framework for risk analysis and asset protection.; Summarize how Physically Unclonable Functions (PUF) can be a unique device identifier in security applications.; Distinguish a random number generator with dedicated hardware support from generators without hardware dedicated to generating entropy.; List the advantages and disadvantages of memory protection at the ISA level.; Describe key design issues of a trusted execution environment (TEE) to support virtual machines. AR.10 Quantum Architectures (quantum computer, quantum architecture) Principles (See also: AL-Models: 8); The wave-particle duality principle; The uncertainty principle in the double-slit experiment; What is a Qubit? Superposition, interference, and measurement. Photons as qubits; Systems of two qubits, Entanglement, Bell states, The No-Signaling theorem; Axioms of QM: superposition principle, measurement axiom, unitary evolution; Single qubit gates for the circuit model of quantum computation: X, Z, H; Two qubit gates and tensor products, working with matrices; The No-Cloning Theorem. The Quantum Teleportation protocol; Algorithms (See also: AL-Foundational); Simple quantum algorithms: Bernstein-Vazirani, Simon’s algorithm; Implementing Deutsch-Josza with Mach-Zehnder Interferometers; Quantum factoring (Shor’s Algorithm); Quantum search (Grover’s Algorithm); Implementation aspects (See also: SPD-Interactive); The physical implementation of qubits; Classical control of a Quantum Processing Unit (QPU); Error mitigation and control, NISQ and beyond; Measurement approaches; Emerging Applications; Post-quantum encryption; The Quantum Internet; Adiabatic quantum computation (AQC) and quantum annealing Discuss how a quantum object produced as a particle propagates like a wave and is detected as a particle with a probability distribution corresponding to the wave.; Discuss the quantum-level nature that is inherently probabilistic.; Express your view on entanglement that can be used to create non-classical correlations, but there is no way to use quantum entanglement to send messages faster than the speed of light.; Describe quantum parallelism and the role of constructive vs destructive interference in quantum algorithms given the probabilistic nature of measurement(s).; Analyze a code snippet providing the role of quantum Fourier transform (QFT) in Shor’s algorithm.; Write a program to implement Shor’s algorithm in a simulator, highlighting the classical components and aspects of Shor’s algorithm.; Enumerate the specifics of each qubit modality (e.g., trapped ion, superconducting, silicon spin, photonic, quantum dot, neutral atom, topological, color center, electron-on-helium).; Contrast AQC with the gate model of quantum computation and the problems each is better suited to solve. AR.11 Sustainability Issues (sustainability) Environmental impacts of implementation decisions; Sustainability goals, resource consumption, and economic viability; Carbon footprint, hardware electronic waste; The energy footprint of data centers at various workloads (e.g., AI model training and use); Guidelines for sustainable design standards Assess the environmental impacts of a given project’s deployment (e.g., the energy consumption of CPUs and GPUs, contribution to e-waste, and effect of hardware virtualization in data centers). DM Data Management (data management) Since the mid-1970s, the study of Data Management (DM) has meant an almost exclusive study of relational database systems. Depending on institutional context, students have studied, in varying proportions, the following. • Data modeling and database design: for example, E-R Data model, relational model, normalization theory • Query construction: e.g., relational algebra, SQL • Query processing: e.g., indices (B+tree, hash), algorithms (e.g., external sorting, select, project, join), query optimization (transformations, index selection) • DBMS internals: e.g., concurrency/locking, transaction management, buffer management Today's graduates are expected to possess DBMS user (rather than implementor) skills. These primarily include data modeling and query construction; ability to take an unorganized collection of data, organize it using a DBMS, and access/update the collection via queries. Additionally, students need to study the following. - The role data plays in an organization. This includes the Data Life Cycle: Creation-Processing- Review/Reporting-Retention/Retrieval-Destruction. - The social/legal aspects of data collection: e.g., scale, data privacy, database privacy (compliance) by design, de-identification, ownership, reliability, database security, and intended and unintended applications. - Emerging and advanced technologies that are augmenting/replacing traditional relational systems, particularly those used to support (big) data analytics, including NoSQL (e.g., JSON, XML, key- value store databases), cloud databases, MapReduce, and dataframes. - The existing and emerging roles for those involved with data management, which include the following. o Product feature engineers: those who use both SQL and NoSQL operational databases. o Analytical engineers/data engineers: those who write analytical SQL, Python, and Scala code to build data assets for business groups. o Business analysts: those who build/manage data most frequently with Excel spreadsheets. o Data infrastructure engineers: those who implement a data management system in a variety of data applications (e.g., OLTP). o 'Everyone' who produces or consumes data must understand the associated social, ethical, and professional issues. One role that transcends all the above categories is that of data custodian. Previously, data were seen as a resource to be managed (Information Systems Management) just like other enterprise resources. Today, data are seen in a larger context. Data about customers can now be seen as belonging to (or in some national contexts, as owned by) those customers. There is now an accepted understanding that the safe and ethical storage, and use, of institutional data is part of being a responsible data custodian. Furthermore, we acknowledge the tension between a curricular focus on professional preparation versus the study of a knowledge area as a scientific endeavor. This is particularly true with Data Management. For example, proving (or at least knowing) the completeness of Armstrong’s Axioms is fundamental in functional dependency theory. However, most computer science graduates will never utilize this concept during their professional careers. The same can be said for many other topics in the Data Management canon. Conversely, if our graduates can only normalize data into Boyce-Codd normal form (using an automated tool) and write SQL queries, without understanding the role that indices play in efficient query execution, we have done them and society a disservice. To this end, the number of CS Core hours is relatively small relative to the KA Core hours. This approach is designed to allow institutions with differing contexts to customize their curricula appropriately. An institution that focuses on OLTP implementation, for example, would prioritize efficient storage and data access, while an institution that focuses on product features would prioritize programmatic access to extant databases. However, an institution manages this tension, we wish to give voice to one of the ironies of computer science curricula. Students typically spend much of their educational life reading (and writing) data from a file or interactively, while outside of the academy the predominant data comes from databases accessed programmatically. Perhaps in the not-too-distant future students will learn programmatic database access early on and then continue this practice as they progress through their curriculum. Finally, we understand that while the Data Management KA may be orthogonal to the SEC (Security) and SEP (Society, Ethics, and the Profession) KAs, it is also ground zero for these (and other) knowledge areas. When designing persistent data stores, the question of what should be stored must be examined from both legal and ethical perspectives. Are there privacy concerns? And just as importantly, how well protected is the data? DM.1 The Role of Data and Data Life Cycle (data, data life cycle) The Data Life Cycle: Creation-Processing-Review/Reporting-Retention/Retrieval-Destruction (See also: SEP-Context, SEP-Ethical-Analysis, SEP-Professional-Ethics, SEP-Privacy, SEP-Security, SEC-Foundations) Identify the five stages of the Data Life Cycle. DM.2 Core Database System Concepts (databases) Purpose and advantages of database systems; Components of database systems; Design of core DBMS functions (e.g., query mechanisms, transaction management, buffer management, access methods); Database architecture, data independence, and data abstraction; Transaction management; Normalization; Approaches for managing large volumes of data (e.g., NoSQL database systems, use of MapReduce) (See also: PDC-Algorithms); How to support CRUD-only applications; Distributed databases/cloud-based systems; Structured, semi-structured, and unstructured data; Use of a declarative query language Systems supporting structured and/or stream content Identify at least four advantages that using a database system provides.; Enumerate the components of a (relational) database system.; Follow a query as it is processed by the components of a (relational) database system.; Defend the value of data independence.; Compose a simple select-project-join query in SQL.; Enumerate the four properties of a correct transaction manager.; Describe the advantages for eliminating duplicate repeated data.; Outline how MapReduce uses parallelism to process data efficiently.; Evaluate the differences between structured and semi/unstructured databases. DM.3 Data Modeling (data modeling) Data modeling (See also: SE-Requirements); Relational data model (See also: MSF-Discrete) Conceptual models (e.g., entity-relationship, UML diagrams); Semi-structured data models (expressed using DTD, XML, or JSON Schema, for example) Spreadsheet models; Object-oriented models (See also: FPL-OOP); GraphQL; New features in SQL; Specialized Data Modeling topics; Time series data (aggregation, join); Graph data (link traversal); Techniques for avoiding inefficient raw data access (e.g., 'avg daily price'): materialized views and special data structures (e.g., Hyperloglog, bitmap); Geo-Spatial data (e.g., GIS databases) (See also: SPD-Interactive) Describe the components of the relational data model.; Model 1:1, 1:n, and n:m relationships using the relational data model.; Describe the components of the E-R (or some other non-relational) data model.; Model a given environment using a conceptual data model.; Model a given environment using the document-based or key-value store-based data model. DM.4 Relational Databases (relational databases, relational db) Entity and referential integrity: Candidate key, superkeys; Relational database design Mapping conceptual schema to a relational schema; Physical database design: file and storage structures (See also: OS-Files); Introduction to Functional dependency theory; Normalization Theory; Decomposition of a schema; lossless-join, and dependency-preservation properties of a decomposition; Normal forms (BCNF); Denormalization (for efficiency) Functional dependency theory; Closure of a set of attributes; Canonical Cover; Normalization theory; Multi-valued dependency (4NF); Join dependency (PJNF, 5NF); Representation theory Describe the defining characteristics behind the relational data model.; Comment on the difference between a foreign key and a superkey.; Enumerate the different types of integrity constraints.; Compose a relational schema from a conceptual schema which contains 1:1, 1:n, and n:m relationships.; Map appropriate file structure to relations and indices.; Describe how functional dependency theory generalizes the notion of;; Defend a given decomposition as lossless and or dependency preserving.; Detect which normal form a given decomposition yields.; Comment on reasons for denormalizing a relation. DM.5 Query Construction (query construction) SQL Query Formation; Interactive SQL execution; Programmatic execution of an SQL query Relational Algebra; SQL; Data definition including integrity and other constraint specifications; Update sublanguage Relational Calculus; QBE and 4th-generation environments; Different ways to invoke non-procedural queries in conventional languages; Introduction to other major query languages (e.g., XPATH, SPARQL); Stored procedures Compose SQL queries that incorporate select, project, join, union, intersection, set difference, and set division.; Determine when a nested SQL query is correlated or;; Iterate over data retrieved programmatically from a database via an SQL query.; Define, in SQL, a relation schema, including all integrity constraints and delete/update triggers.; Compose an SQL query to update a tuple in a relation. DM.6 Query Processing (query processing) Page structures; Index structures; B+ trees (See also: AL-Foundational); Hash indices: static and dynamic (See also: AL-Foundational, SEC-Foundations); Index creation in SQL; File structures (See also: OS-Files); Heap files; Hash files; Algorithms for query operators; External Sorting (See also: AL-Foundational); Selection; Projection; with and without duplicate elimination; Natural Joins: Nested loop, Sort-merge, Hash join; Analysis of algorithm efficiency (See also: AL-Complexity); Query transformations; Query optimization; Access paths; Query plan construction; Selectivity estimation; Index-only plans; Parallel Query Processing (e.g., parallel scan, parallel join, parallel aggregation) (See also: PDC- Algorithms); Database tuning/performance; Index selection; Impact of indices on query performance (See also: SF-Performance, SEP-Sustainability); Denormalization Describe the purpose and organization of both B+ tree and hash index structures.; Compose an SQL command to create an index (any kind).; Specify the steps for the various query operator algorithms: external sorting, projection with duplicate elimination, sort-merge join, hash-join, block nested-loop join.; Derive the run-time (in I/O requests) for each of the above algorithms.; Transform a query in relational algebra to its equivalent appropriate for a left-deep, pipelined execution.; Compute selectivity estimates for a given selection and/or join operation.; Describe how to modify an index structure to facilitate an index-only operation for a given relation.; For a given scenario decide on which indices to support for the efficient execution of a set of queries.; Describe how DBMSs leverage parallelism to speed up query processing by dividing the work across multiple processors or nodes. DM.7 DBMS Internals (dbms internals) DB Buffer Management (See also: OS-Memory, SF-Resource); Transaction Management (See also: PDC-Coordination); Isolation Levels; ACID; Serializability; Distributed Transactions; Concurrency Control: (See also: OS-Concurrency); 2-Phase Locking; Deadlocks handling strategies; Quorum-based consistency models; Recovery Manager; Relation with Buffer Manager Concurrency Control:; Optimistic concurrency control; Timestamp concurrency control; Recovery Manager; Write-Ahead logging; ARIES recovery system (Analysis, REDO, UNDO) Describe how a DBMS manages its Buffer Pool.; Describe the four properties for a correct transaction manager.; Outline the principle of serializability. DM.8 NoSQL Systems (nosql) Why NoSQL? (e.g., Impedance mismatch between Application [CRUD] and RDBMS); Key-Value and Document data model Storage systems (e.g., Key-Value systems, Data Lakes); Distribution Models (Sharding and Replication) (See also: PDC-Communication); Graph Databases; Consistency Models (Update and Read, Quorum consistency, CAP theorem) (See also: PDC- Communication); Processing model (e.g., Map-Reduce, multi-stage map-reduce, incremental map-reduce) (See also: PDC-Communication); Case Studies: Cloud storage system (e.g., S3); Graph databases; 'When not to use NoSQL' (See also: SPD-Web) Develop a use case for the use of NoSQL over RDBMS.; Describe the defining characteristics behind Key-Value and Document-based data models. DM.9 Data Security and Privacy (data security, data privacy) Differences between data security and data privacy (See also: SEC-Foundations); Protecting data and database systems from attacks, including injection attacks such as SQL injection (See also: SEC-Foundations); Personally identifying information (PII) and its protection (See also: SEC-Foundations, SEP- Security, SEP-Privacy); Ethical considerations in ensuring the security and privacy of data (See also: SEC-SEP, SEP- Ethical-Analysis, SEP-Security, SEP-Privacy) Need for, and different approaches to securing data at rest, in transit, and during processing (See also: SEC-Foundations, SEC-Crypto); Database auditing and its role in digital forensics (See also: SEC-Forensics); Data inferencing and preventing attacks (See also: SEC-Crypto); Laws and regulations governing data security and data privacy (See also: SEP-Security, SEP- Privacy, SEC-Foundations, SEC-Governance) Typical risk factors and prevention measures for ensuring data integrity (See also: SEC- Governance); Ransomware and prevention of data loss and destruction (See also: SEC-Coding, SEC-Forensics) Describe the differences in the goals for data security and data privacy.; Identify and mitigate risks associated with different approaches to protecting data.; Describe legal and ethical considerations of end-to-end data security and privacy.; Develop a database auditing system given risk considerations.; Apply several data exploration approaches to understanding unfamiliar datasets. DM.10 Data Analytics (data analytics) Exploratory data techniques (motivation, representation, descriptive statistics, visualizations); Data science lifecycle: business understanding, data understanding, data preparation, modeling, evaluation, deployment, and user acceptance (See also: AI-ML); Data mining and machine learning algorithms: e.g., classification, clustering, association, regression (See also: AI-ML); Data acquisition and governance (See also: SEC-Governance); Data security and privacy considerations (See also: SEP-Security, SEP-Privacy, SEC-Foundations); Data fairness and bias (See also: SEP-Security, AI-SEP); Data visualization techniques and their use in data analytics (See also: GIT-Visualization); Entity Resolution Describe several data exploration approaches, including visualization, to understanding unfamiliar datasets.; Apply several data exploration approaches to understanding unfamiliar datasets.; Describe basic machine learning/data mining algorithms and when they are appropriate for;; Apply several machine learning/data mining algorithms.; Describe legal and ethical considerations in acquiring, using, and modifying datasets.; Describe issues of fairness and bias in data collection and usage. DM.11 Distributed Databases/Cloud Computing (distributed databases, cloud compute, cloud, aws, gcp, azure) Distributed DBMS (See also: PDC-Communications); Distributed data storage; Distributed query processing; Distributed transaction model; Homogeneous and heterogeneous solutions; Client-server distributed databases (See also: NC-Fundamentals); Parallel DBMS (See also: PDC-Algorithms); Parallel DBMS architectures: shared memory, shared disk, shared nothing; Speedup and scale-up, e.g., use of the MapReduce processing model (See also: PDC- Programs, SF-Foundations); Data replication and weak consistency models (See also: PDC-Coordination) DM.12 Semi-structured and Unstructured Databases (semistructured database, unstructured database) Vectorized unstructured data (text, video, audio, etc.) and vector storage; TF-IDF Vectorizer with ngram; Word2Vec; Array database or array data type handling; Semi-structured databases (e.g., JSON); Storage; Encoding and compression of nested data types; Indexing; Btree, skip index, Bloom filter; Inverted index and bitmap compression; Space filling curve indexing for semi-structured geo-data; Query processing for OLTP and OLAP use cases; Insert, Select, update/delete tradeoffs; Case studies on Postgres/JSON, MongoDB, and Snowflake/JSON DM.13 Society, Ethics, and the Profession (society ethics profession) Issues related to scale (See also: SEP-Economies); Data privacy overall (See also: SEP-Privacy, SEP-Ethical-Analysis); Privacy compliance by design (See also: SEP-Privacy); Data anonymity (See also: SEP-Privacy); Data ownership/custodianship (See also: SEP-Professional-Ethics); Intended and unintended applications of stored data (See also: SEP-Professional-Ethics, SEC- Foundations) Reliability of data (See also: SEP-Security); Provenance, data lineage, and metadata management (See also: SEP-Professional-Ethics); Data security (See also: DM-Security, SEP-Security) Enumerate three social and three legal issues related to large data collections.; Describe the value of data privacy.; Identify the competing stakeholders with respect to data ownership.; Enumerate three negative unintended consequences from a given (well known) data-centric application (e.g., Facebook, LastPass, Ashley Madison).; Describe the meaning of data provenance and lineage.; Identify how a database might contribute to data security as well as how it may introduce insecurities. FPL Foundations of Programming Languages (programming languages) The foundations of programming languages are rooted in discrete mathematics, logic, and formal languages, and provide a basis for the understanding of complex modern programming languages. Although programming languages vary according to the language paradigm and the problem domain and evolve in response to both societal needs and technological advancement, they share an underlying abstract model of computation and program development. This remains true even as processor hardware and their interface with programming tools become increasingly intertwined and progressively more complex. An understanding of the common abstractions and programming paradigms enables faster learning of programming languages. The Foundations of Programming Languages knowledge area is concerned with articulating the underlying concepts and principles of programming languages, the formal specification of a programming language and the behavior of a program, explaining how programming languages are implemented, comparing the strengths and weaknesses of various programming paradigms, and describing how programming languages interface with entities such as operating systems and hardware. The concepts covered here are applicable to several languages and an understanding of these principles assists a learner to move readily from one language to another, as well as select a programming paradigm and language that best suits the problem at hand. Programming languages are the medium through which programmers precisely describe concepts, formulate algorithms, and reason about solutions. Over the course of a career, a computer scientist will learn and work with many different languages, separately or together. Software developers must understand different programming models, programming features and constructs, and underlying concepts to make informed design choices among languages that support multiple complementary approaches. It would be useful to know how programming language features are defined, composed, and implemented to improve execution efficiency and long-term maintenance of developed software. Also useful is a basic knowledge of language translation, program analysis, run-time behavior, memory management and interplay of concurrent processes communicating with each other through message- passing, shared memory, and synchronization. Finally, some developers and researchers will need to design new languages, an exercise which requires greater familiarity with basic principles. FPL.1 Object-Oriented Programming (object-oriented, oop) Imperative programming as a subset of object-oriented programming.; Object-oriented design:; Decomposition into objects carrying state and having behavior.; Class-hierarchy design for modeling.; Definition of classes: fields, methods, and constructors. (See also: SDF-Fundamentals); Subclasses, inheritance (including multiple inheritance), and method overriding.; Dynamic dispatch: definition of method-call.; Exception handling. (See also: SDF-Fundamentals, PDC-Coordination, SE-Construction); Object-oriented idioms for encapsulation:; Privacy, data hiding, and visibility of class members.; Interfaces revealing only method signatures.; Abstract base classes, traits and mixins.; Dynamic vs static properties.; Composition vs inheritance.; Subtyping:; Subtype polymorphism; implicit upcasts in typed languages.; Notion of behavioral replacement: subtypes acting like supertype.; Relationship between subtyping and inheritance. Collection classes, iterators, and other common library components.; Metaprogramming and reflection. Enumerate the differences between imperative and object-oriented programming paradigms.; Compose a class through design, implementation, and testing to meet behavioral requirements.; Build a simple class hierarchy utilizing subclassing that allows code to be reused for distinct subclasses.; Predict and validate control flow in a program using dynamic dispatch.; Compare and contrast how computational solutions to a problem differ in procedural, functional, and object-oriented approaches.; Compare and contrast mechanisms to define and protect data elements within procedural, functional, and object-oriented approaches.; Compare and contrast the benefits and costs/impact of using inheritance (subclasses) and composition (specifically, how to base composition on higher order functions).; Explain the relationship between object-oriented inheritance (code-sharing and overriding) and subtyping (the idea of a subtype being usable in a context that expects the supertype).; Use object-oriented encapsulation mechanisms such as interfaces and private members.; Define and use iterators and other operations on aggregates, including operations that take functions as arguments, in multiple programming languages, selecting the most natural idioms for each language. (See also: FPL-Functional); Use collection classes and iterators effectively to solve a problem. FPL.2 Functional Programming (functional programming) Lambda expressions and evaluation: (See also: AL-Models, FPL-Formalism); Variable binding and scope rules. (See also: SDF-Fundamentals); Parameter-passing. (See also: SDF-Fundamentals); Nested lambda expressions and reduction order.; Effect-free programming:; Function calls have no side effects, facilitating compositional reasoning.; Immutable variables and data copying vs reduction.; Use of recursion vs loops vs pipelining (map/reduce).; Processing structured data (e.g., trees) via functions with cases for each data variant:; Functions defined over compound data in terms of functions applied to the constituent pieces.; Persistent data structures.; Using higher-order functions (taking, returning, and storing functions). Metaprogramming and reflection.; Function closures (functions using variables in the enclosing lexical environment).; Basic meaning and definition – creating closures at run-time by capturing the environment.; Canonical idioms: call-backs, arguments to iterators, reusable code via function arguments.; Using a closure to encapsulate data in its environment.; Delayed versus eager evaluation. Graph reduction machine and call-by-need.; Implementing delayed evaluation.; Integration with logic programming paradigm using concepts such as equational logic, narrowing, residuation and semantic unification. (See also: FPL-Logic); Integration with other programming paradigms such as imperative and object-oriented Develop basic algorithms that avoid assigning to mutable states or considering reference equality.; Develop useful functions that take and return other functions.; Compare and contrast how computational solutions to a problem differ in procedural, functional, and object-oriented approaches.; Compare and contrast mechanisms to define and protect data elements within procedural, functional, and object-oriented approaches.; Explain a simple example of lambda expression being implemented using a virtual machine, such as a SECD machine, showing storage and reclaim of the environment.; Correctly interpret variables and lexical scope in a program using function closures.; Use functional encapsulation mechanisms such as closures and modular interfaces.; Compare and contrast stateful vs stateless execution.; Define and use iterators and other operations on aggregates, including operations that take functions as arguments, in multiple programming languages, selecting the most natural idioms for each language. (See also: FPL-OOP); Illustrate graph reduction using a λ-expression using a shared subexpression.; Illustrate the execution of a simple nested λ-expression using an abstract machine, such as an ABC machine.; Illustrate narrowing, residuation, and semantic unification using simple illustrative examples.; Illustrate the concurrency constructs using simple programming examples of known concepts such as a buffer being read and written concurrently or sequentially. (See also: FPL-OOP) FPL.3 Logic Programming (logic programming) Universal vs existential quantifiers. (See also: AI-LRR, MSF-Discrete); First order predicate logic vs higher order logic. (See also: AI-LRR, MSF-Discrete); Expressing complex relations using logical connectives and simpler relations.; Definitions of Horn clause, facts, goals and subgoals.; Unification and unification algorithm; unification vs assertion vs expression evaluation.; Mixing relations with functions. (See also: MSF-Discrete); Cuts, backtracking, and non-determinism.; Closed-world vs open-world assumptions. Memory overhead of variable copying in handling iterative programs.; Programming constructs to store partial computation and pruning search trees.; Mixing functional programming and logic programming using concepts such as equational logic, narrowing, residuation, and semantic unification. (See also: FPL-Functional); Higher-order, constraint, and inductive logic programming. (See also: AI-LRR); Integration with other programming paradigms such as object-oriented programming.; Advance programming constructs such as difference-lists, creating user defined data structures, set of, etc. Use a logic language to implement a conventional algorithm.; Use a logic language to implement an algorithm employing implicit search using clauses, relations, and cuts.; Use a simple illustrative example to show correspondence between First Order Predicate Logic (FOPL) and logic programs using Horn clauses.; Use examples to illustrate the unification algorithm and its role of parameter-passing in query reduction.; Use simple logic programs interleaving relations, functions, and recursive programming such as factorial and Fibonacci numbers and simple complex relationships between entities and illustrate execution and parameter-passing using unification and backtracking.; Illustrate computation of simple programs such as Fibonacci and show overhead of recomputation, and then show how to improve execution overhead. FPL.4 Shell Scripting (shell scripting) Error/exception handling; Piping (See also: AR-Organization, SF-Overview, OS-Process); System commands (See also: SF-Overview); Interface with operating systems (See also: SF-Overview, OS-Principles); Environment variables (See also: SF-Overview); File abstraction and operators (See also: SDF-Fundamentals, OS-Files, SF-Resource); Data structures, such as arrays and lists. (See also: AL-Foundational, SDF-Fundamentals, SDF- Data-Structures); Regular expressions (See also: AL-Models); Programs and processes (See also: OS-Process); Workflow Create and execute automated scripts to manage various system tasks.; Solve various text processing problems through scripting. FPL.5 Event-Driven and Reactive Programming (event driven, reactive programming) Procedural programming vs reactive programming: advantages of reactive programming in capturing events.; Components of reactive programming: event-source, event signals, listeners and dispatchers, event objects, adapters, event-handlers. (See also: GIT-Interaction, SPD-Web, SPD-Mobile, SPD-Robot, SPD-Embedded, SPD-Game, SPD-Interactive); Stateless and state-transition models of event-based programming.; Canonical uses such as GUIs, mobile devices, robots, servers. (See also: GIT-Interaction, GIT- Image, SPD-Web, SPD-Mobile, SPD-Robot, SPD-Embedded, SPD-Game, SPD-Interactive) Using a reactive framework:; Defining event handlers/listeners; Parameterization of event senders and event arguments; Externally generated events and program-generated events; Separation of model, view, and controller; Event-driven and reactive programs as state-transition systems Implement event handlers for use in reactive systems, such as GUIs.; Examine why an event-driven programming style is natural in domains where programs react to external events.; Define and use a reactive framework. Describe an interactive system in terms of a model, a view, and a controller. FPL.6 Parallel and Distributed Computing (parallel compute, distributed compute) Safety and liveness (See also: PDC-Evaluation); Race conditions (See also: OS-Concurrency); Dependencies/preconditions; Fault models (See also: OS-Faults); Termination (See also: PDC-Coordination); Programming models (See also: PDC-Programs) One or more of the following:; Actor models; Procedural and reactive models; Synchronous/asynchronous programming models; Data parallelism; Properties (See also: PDC-Programs, PDC-Coordination); Order-based properties; Commutativity; Independence; Consistency-based properties; Atomicity; Consensus; Execution control: (See also: PDC-Coordination, SF-Foundations); Async await; Promises; Threads; Communication and coordination (See also: OS-Process, PDC-Communication, PDC-Coordination); Mutexes; Message-passing; Shared memory; Cobegin-coend; Monitors; Channels; Threads; Guards Futures; Language support for data parallelism such as forall, loop unrolling, map/reduce; Effect of memory-consistency models on language semantics and correct code generation; Representational State Transfer Application Programming Interfaces (REST APIs); Technologies and approaches: cloud computing, high performance computing, quantum computing, ubiquitous computing; Overheads of message-passing; Granularity of program for efficient exploitation of concurrency; Concurrency and other programming paradigms (e.g., functional) Explain why programming languages do not guarantee sequential consistency in the presence of data races and what programmers must do as a result.; Implement correct concurrent programs using multiple programming models, such as shared memory, actors, futures, synchronization constructs, and data-parallelism primitives.; Use a message-passing model to analyze a communication protocol.; Use synchronization constructions such as monitor/synchronized methods in a simple program.; Modeling data dependency using simple programming constructs involving variables, read and write.; Modeling control dependency using simple constructs such as selection and iteration.; Explain how REST API's integrate applications and automate processes.; Explain benefits, constraints and challenges related to distributed and parallel computing FPL.7 Aspect-Oriented Programming (aspect oriented programming) Aspects; Join points; Advice; Before; After (as finally, returning or throwing); Around; Point cuts; Designators; Weaving – static and dynamic; Alternatives including annotations and IDEs FPL.8 Type Systems (type systems) A type as a set of values together with a set of operations; Primitive types (e.g., numbers, Booleans) (See also: SDF-Fundamentals); Compound types built from other types (e.g., records/structs, unions, arrays, lists, functions, references using set operations) (See also: SDF-Data-Structures); Association of types to variables, arguments, results, and fields; Type safety as an aspect of program correctness (See also: FPL-Formalism); Type safety and errors caused by using values inconsistently given their intended types; Goals and limitations of static and dynamic typing: detecting and eliminating errors as early as possible.; Generic types (parametric polymorphism); Definition and advantages of polymorphism: parametric, subtyping, overloading, and coercion; Comparison of monomorphic and polymorphic types; Comparison with ad-hoc polymorphism (overloading) and subtype polymorphism; Generic parameters and typing; Use of generic libraries such as collections; Comparison with ad hoc polymorphism (overloading) and subtype polymorphism; Prescriptive vs descriptive polymorphism; Implementation models of polymorphic types; Subtyping Type equivalence: structural vs name equivalence; Complementary benefits of static and dynamic typing:; Errors early vs errors late/avoided; Enforce invariants during code development and code maintenance vs postpone typing decisions while prototyping and conveniently allow flexible coding patterns such as heterogeneous collections.; Typing rules for function, product, and sum types; Avoiding misuse of code vs allowing more code reuse; Detect incomplete programs vs allow incomplete programs to run; Relationship to static analysis; Decidability Compositional type constructors, such as product types (for aggregates), sum types (for unions), function types, quantified types, and recursive types; Type checking; Subtyping: (See also: FPL-OOP); Subtype polymorphism; implicit upcasts in typed languages; Notion of behavioral replacement: subtypes acting like supertype; Relationship between subtyping and inheritance; Type safety as preservation plus progress; Type inference; Static overloading; Propositions as types (implication as a function, conjunction as a product, disjunction as a sum) (See also: FPL-Formalism); Dependent types (universal quantification as dependent function, existential quantification as dependent product). (See also: FPL-Formalism) Describe, for both a primitive and a compound type, the values that have that type.; Describe, for a language with a static type system, the operations that are forbidden statically, such as passing the wrong type of value to a function or method.; Describe examples of program errors detected by a type system.; Identify program properties, for multiple programming languages, that are checked statically and program properties that are checked dynamically.; Describe an example program that does not type-check in a particular language and yet would have no error if;; Use types and type-error messages to write and debug programs.; Explain how typing rules define the set of operations that are legal for a type.; List the type rules governing the use of a particular compound type.; Explain why undecidability requires type systems to conservatively approximate program behavior.; Define and use program pieces (such as functions, classes, methods) that use generic types, including for collections.; Discuss the differences among generics, subtyping, and overloading.; Explain multiple benefits and limitations of static typing in writing, maintaining, and debugging software.; Define a type system precisely and compositionally.; For various foundational type constructors, identify the values they describe and the invariants they enforce.; Precisely describe the invariants preserved by a sound type system.; Prove type safety for a simple language in terms of preservation and progress theorems.; Implement a unification-based type-inference algorithm for a simple language.; Explain how static overloading and associated resolution algorithms influence the dynamic behavior of programs. FPL.9 Systems Execution and Memory Model (systems execution, memory model) Data structures for translation, execution, translation, and code mobility such as stack, heap, aliasing (sharing using pointers), indexed sequence and string; Direct, indirect, and indexed access to memory location; Run-time representation of data abstractions such as variables, arrays, vectors, records, pointer- based data elements such as linked-lists and trees, and objects; Abstract low-level machine with simple instruction, stack, and heap to explain translation and execution; Run-time layout of memory: activation record (with various pointers), static data, call-stack, heap (See also: AR-Memory, OS-Memory); Translating selection and iterative constructs to control-flow diagrams; Translating control-flow diagrams to low level abstract code; Implementing loops, recursion, and tail calls; Translating function/procedure calls and return from calls, including different parameter-passing mechanisms using an abstract machine; Memory management: (See also: AR-Memory, OS-Memory); Low level allocation and accessing of high-level data structures such as basic data types, n- dimensional array, vector, record, and objects; Return from procedure as automatic deallocation mechanism for local data elements in the stack; Manual memory management: allocating, de-allocating, and reusing heap memory; Automated memory management: garbage collection as an automated technique using the notion of reachability; Green computing. (See also: SEP-Sustainability) Explain how a core language construct, such as data abstractions and control abstractions, is executed.; Explain how programming language implementations typically organize memory into global data, text, heap, and stack sections and how features such as recursion and memory management map to this memory model.; Explain why memory leaks and dangling pointer problems occur, and what can be done by a programmer to avoid/fix them. FPL.10 Language Translation and Execution (translation, code execution) Execution models for JIT (Just-In-Time), compiler, interpreter; Use of intermediate code, e.g., bytecode; Limitations and benefits of JIT, compiler, and interpreter; Cross compilers/transpilers; BNF and extended BNF representation of context-free grammar; Parse tree using a simple sentence such as arithmetic expression or if-then-else statement; Execution as native code or within a virtual machine; Language translation pipeline: syntax analysis, parsing, optional type-checking, translation/code generation and optimization, linking, loading, execution Run-time representation of core language constructs such as objects (method tables) and functions that can be passed as parameters to and returned from functions (closures); Secure compiler development (See also: SEC-Foundations, SEC-Coding) Explain and understand the differences between compiled, JIT, and interpreted language implementations, including the benefits and limitations of each.; Differentiate syntax and parsing from semantics and evaluation.; Use BNF and extended BNF to specify the syntax of simple constructs such as if-then-else, type declaration and iterative constructs for known languages such as C++ or Python.; Illustrate the parse tree using a simple sentence/arithmetic expression.; Illustrate translation of syntax diagrams to BNF/extended BNF for simple constructs such as if-then- else, type declaration, iterative constructs,;; Illustrate ambiguity in parsing using nested if-then-else/arithmetic expression and show resolution using precedence order.; Discuss the benefits and limitations of garbage collection, including the notion of reachability. FPL.11 Program Abstraction and Representation (program abstraction, program representation) BNF and regular expressions; Programs that take (other) programs as input such as interpreters, compilers, type-checkers, documentation generators; Components of a language:; Definitions of alphabets, delimiters, sentences, syntax, and semantics; Syntax vs semantics; Program as a set of non-ambiguous meaningful sentences; Basic programming abstractions: constants, variables, declarations (including nested declarations), command, expression, assignment, selection, definite and indefinite iteration, iterators, function, procedure, modules, exception handling (See also: SDF-Fundamentals); Mutable vs immutable variables: advantages and disadvantages of reusing existing memory location vs advantages of copying and keeping old values; storing partial computation vs recomputation; Types of variables: static, local, nonlocal, global; need and issues with nonlocal and global variables.; Scope rules: static vs dynamic; visibility of variables; side-effects.; Side-effects induced by nonlocal variables, global variables and aliased variables. L-values and R-values: mapping mutable variable-name to L-values; mapping immutable variable- names to R-values; Environment vs store and their properties; Data and control abstraction; Mechanisms for information exchange between program units such as procedures, functions, and modules: nonlocal variables, global variables, parameter-passing, import-export between modules; Data structures to represent code for execution, translation, or transmission.; Low level instruction representation such as virtual machine instructions, assembly language, and binary representation (See also: AR-Representation, AR-Assembly); Lambda calculus, variable binding, and variable renaming. (See also: AL-Models, FPL-Formalism); Types of semantics: operational, axiomatic, denotational, behavioral; define and use abstract syntax trees; contrast with concrete syntax. Illustrate the scope of variables and visibility using simple programs.; Illustrate different types of parameter-passing using simple pseudo programming language.; Explain side-effect using global and nonlocal variables and how to fix such programs.; Explain how programs that process other programs treat the other programs as their input data.; Describe a grammar and an abstract syntax tree for a small language.; Describe the benefits of having program representations other than strings of source code.; Implement a program to process some representation of code for some purpose, such as an interpreter, an expression optimizer, or a documentation generator. FPL.12 Syntax Analysis (syntax analysis) Regular grammars vs context-free grammars (See also: AL-Models); Scanning and parsing based on language specifications; Lexical analysis using regular expressions; Tokens and their use; Parsing strategies including top-down (e.g., recursive descent, or LL) and bottom-up (e.g., LR or GLR) techniques; Lookahead tables and their application to parsing; Language theory:; Chomsky hierarchy (See also: AL-Models); Left-most/right-most derivation and ambiguity; Grammar transformation; Parser error recovery mechanisms; Generating scanners and parsers from declarative specifications Use formal grammars to specify the syntax of languages.; Illustrate the role of lookahead tables in parsing.; Use declarative tools to generate parsers and scanners.; Recognize key issues in syntax definitions: ambiguity, associativity, precedence. FPL.13 Compiler Semantic Analysis (compiler semantics) Abstract syntax trees; contrast with concrete syntax; Defining, traversing, and modifying high-level program representations; Scope and binding resolution; Static semantics; Type checking.; Define before use; Annotation and extended static checking frameworks.; L-values/R-values (See also: SDF-Fundamentals); Call semantics; Types of parameter-passing with simple illustrations and comparison: call by value, call by reference, call by value-result, call by name, call by need and their variations; Declarative specifications such as attribute grammars and their applications in handling limited context-base grammar Draw the abstract syntax tree for a small language.; Implement context-sensitive, source-level static analyses such as type-checkers or resolving identifiers to identify their binding occurrences.; Describe semantic analyses using an attribute grammar. FPL.14 Program Analysis and Analyzers (program analysis, program analyzers) Relevant program representations, such as basic blocks, control-flow graphs, def-use chains, and static single assignment; Undecidability and consequences for program analysis; Flow-insensitive analysis, such as type-checking and scalable pointer and alias analysis; Flow-sensitive analysis, such as forward and backward dataflow analyses; Path-sensitive analysis, such as software model checking and software verification; Tools and frameworks for implementing analyzers; Role of static analysis in program optimization and data dependency analysis during exploitation of concurrency (See also: FPL-Code); Role of program analysis in (partial) verification and bug-finding (See also: FPL-Code); Parallelization:; Analysis for auto-parallelization; Analysis for detecting concurrency bugs Explain the difference between dataflow graph and control flow graph.; Explain why non-trivial sound program analyses must be approximate.; Argue why an analysis is correct (sound and terminating).; Explain why potential aliasing limits sound program analysis and how alias analysis can help.; Use the results of a program analysis for program optimization and/or partial program correctness. FPL.15 Code Generation (code generation) Instruction sets (See also: AR-Assembly); Control flow; Memory management (See also: AR-Memory, OS-Memory); Procedure calls and method dispatching; Separate compilation; linking; Instruction selection; Instruction scheduling (e.g., pipelining); Register allocation; Code optimization as a form of program analysis (See also: FPL-Analysis); Program generation through generative AI Identify all essential steps for automatically converting source code into assembly or other low-level languages.; Explain the low-level code necessary for calling functions/methods in modern languages.; Discuss why separate compilation requires uniform calling conventions.; Discuss why separate compilation limits optimization because of unknown effects of calls.; Discuss opportunities for optimization introduced by naive translation and approaches for achieving. optimization, such as instruction selection, instruction scheduling, register allocation, and peephole optimization. FPL.16 Run-time Behavior and Systems (runtime) Process models using stacks and heaps to allocate and deallocate activation records and recovering environments using frame pointers and return addresses during a procedure call including parameter-passing examples; Schematics of code lookup using hash tables for methods in implementations of object-oriented programs; Data layout for objects and activation records; Object allocation in heap; Implementing virtual entities and virtual methods; virtual method tables and their application; Run-time behavior of object-oriented programs; Compare and contrast allocation of memory during information exchange using parameter-passing and non-local variables (using chain of static links).; Dynamic memory management approaches and techniques: malloc/free, garbage collection (mark- sweep, copying, reference counting), regions (also known as arenas or zones); Just-in-time compilation and dynamic recompilation; Interface to operating system (e.g., for program initialization); Interoperability between programming languages including parameter-passing mechanisms and data representation (See also: AR-Representation); Big endian, little endian; Data layout of composite data types such as arrays; Other common features of virtual machines, such as class loading, threads, and security checking; Sandboxing Discuss benefits and limitations of automatic memory management.; Explain the use of metadata in run-time representations of objects and activation records, such as class pointers, array lengths, return addresses, and frame pointers.; Compare and contrast static allocation vs stack-based allocation vs heap-based allocation of data elements.; Explain why some data elements cannot be automatically deallocated at the end of a procedure/method call (need for garbage collection).; Discuss advantages, disadvantages, and difficulties of just-in-time and dynamic recompilation.; Discuss the use of sandboxing in mobile code.; Identify the services provided by modern language run-time systems. FPL.17 Advanced Programming Constructs (advanced programming constructs) Encapsulation mechanisms; Delayed evaluation and infinite streams; Compare and contrast delayed evaluation vs eager evaluation; Unification vs assertion vs expression evaluation; Control abstractions: exception handling, continuations, monads.; Object-oriented abstractions: multiple inheritance, mixins, traits, multimethods; Metaprogramming: macros, generative programming, model-based development; String manipulation via pattern-matching (regular expressions); Dynamic code evaluation ("eval"); Language support for checking assertions, invariants, and pre/post-conditions; Domain specific languages, such as database languages, data science languages, embedded computing languages, synchronous languages, hardware interface languages; Massive parallel high performance computing models and languages Use various advanced programming constructs and idioms correctly.; Discuss how various advanced programming constructs aim to improve program structure, software quality, and programmer productivity.; Discuss how various advanced programming constructs interact with the definition and implementation of other language features. FPL.18 Language Pragmatics (language pragmatics) Effect of technology needs and software requirements on programming language development and evolution; Problem domains and programming paradigm; Criteria for good programming language design; Principles of language design such as orthogonality; Defining control and iteration constructs; Modularization of large software; Evaluation order, precedence, and associativity; Eager vs delayed evaluation; Defining control and iteration constructs; External calls and system libraries Discuss the role of concepts such as orthogonality and well-chosen defaults in language design.; Objectively evaluate and justify language-design decisions.; Implement an example program whose result can differ under different rules for evaluation order, precedence, or associativity.; Illustrate uses of delayed evaluation, such as user-defined control abstractions.; Discuss the need for allowing calls to external calls and system libraries and the consequences for language implementation. FPL.19 Formal Semantics (formal semantics) Syntax vs semantics; Approaches to semantics: axiomatic, operational, denotational, type-based; Axiomatic semantics of abstract constructs such as assignment, selection, iteration using pre- condition, post-conditions, and loop invariant; Operational semantics analysis of abstract constructs and sequence of such as assignment, expression evaluation, selection, iteration using environment and store; Symbolic execution; Constraint checkers; Denotational semantics; Lambda Calculus. (See also: AL-Models, FPL-Functional); Proofs by induction over language semantics; Formal definitions and proofs for type systems (See also: FPL-Types); Propositions as types (implication as a function, conjunction as a product, disjunction as a sum); Dependent types (universal quantification as dependent function, existential quantification as dependent product); Parametricity Construct formal semantics for a small language.; Write a lambda-calculus program and show its evaluation to a normal form.; Discuss the different approaches of operational, denotational, and axiomatic semantics.; Use induction to prove properties of all programs in a language.; Use induction to prove properties of all programs in a language that is well-typed according to a formally defined type system.; Use parametricity to establish the behavior of code given only its type. FPL.20 Formal Development Methodologies (formal development methods) Formal specification languages and methodologies; Theorem provers, proof assistants, and logics; Constraint checkers (See also: FPL-Formalism); Dependent types (universal quantification as dependent function, existential quantification as dependent product) (See also: FPL-Types, FPL-Formalism); Specification and proof discharge for fully verified software systems using pre/post conditions, refinement types,;; Formal modeling and manual refinement/implementation of software systems.; Use of symbolic testing and fuzzing in software development.; Model checking.; Understanding of situations where formal methods can be effectively applied and how to structure development to maximize their value. Use formal modeling techniques to develop and validate architectures.; Use proof assisted programming languages to develop fully specified and verified software artifacts.; Use verifier and specification support in programming languages to formally validate system properties.; Integrate symbolic validation tooling into a programming workflow.; Discuss when and how formal methods can be effectively used in the development process. FPL.21 Design Principles of Programming Languages (design principles of programming languages) Language design principles; Simplicity; Security (See also: SEC-Coding); Fast translation; Efficient object code; Orthogonality; Readability; Completeness; Implementation strategies; Designing a language to fit a specific domain or problem; Interoperability between programming languages; Language portability; Formal description of a programming language; Green computing principles (See also: SEP-Sustainability) Understand what constitutes good language design and apply that knowledge to evaluate a real programming language. FPL.22 Society, Ethics, and the Profession (society ethics profession) Impact of English-centric programming languages; Enhancing accessibility and inclusivity for people with disabilities – Supporting assistive technologies; Human factors related to programming languages and usability; Impact of syntax on accessibility; Supporting cultural differences (e.g., currency, decimals, dates); Neurodiversity; Etymology of terms such as 'class,' 'master,' and 'slave' in programming languages; Increasing accessibility by supporting multiple languages within applications (UTF) Consciously design programming languages to be inclusive and non-offensive. GIT Graphics and Interactive Techniques (graphics and interactive techniques) Computer graphics is the term used to describe the computer generation and manipulation of images and can be viewed as the science of enabling visual communication through computation. Its application domains include animation, Computer Generated Imagery (CGI) and Visual Effects (VFX); engineering; machine learning; medical imaging; scientific, information, and knowledge visualization; simulators; special effects; user interfaces; and video games. Traditionally, graphics at the undergraduate level focused on rendering, linear algebra, physics, the graphics pipeline, interaction, and phenomenological approaches. Today’s graphics courses increasingly include data science, physical computing, animation, and haptics. Thus, the knowledge area (KA) expanded beyond core image-based computer graphics. At the advanced level, undergraduate institutions are more likely to offer one or several courses specializing in a specific graphics knowledge unit (KU) or topic: e.g., gaming, animation, visualization, tangible or physical computing, and immersive courses such as Augmented Reality (AR)/Virtual Reality (VR)/eXtended Reality (XR). There is considerable connection with other computer science knowledge areas (KAs): Algorithmic Foundations, Architecture and Organization, Artificial Intelligence; Human-Computer Interaction; Parallel and Distributed Computing; Specialized Platform Development; Software Engineering; and Society, Ethics, and the Profession. For students to become adept at the use and generation of computer graphics and interactive techniques, many issues must be addressed, such as human perception and cognition, data and image file formats, display specifications and protocols, hardware interfaces, and application program interfaces (APIs). Unlike other knowledge areas, knowledge units within Graphics and Interactive Techniques may be included in a variety of elective courses. Alternatively, graphics topics may be introduced in an applied project in courses primarily covering human computer interaction, embedded systems, web development, introductory programming courses,; Undergraduate computer science students who study the knowledge units specified below through a balance of theory and applied instruction will be able to understand, evaluate, and/or implement the related graphics and interactive techniques as users and developers. Because technology changes rapidly, the Graphics and Interactive Techniques subcommittee attempted to avoid being overly prescriptive. Any examples of APIs, programs, and languages should be considered as appropriate examples in 2023. In effect, this is a snapshot in time. Graphics as a knowledge area has expanded and become pervasive since the CS2013 report. AR/VR/XR, artificial intelligence, computer vision, data science, machine learning, and interfaces driven by embedded sensors in everything from cars to coffee makers use graphics and interactive techniques. The now ubiquitous smartphone has made much of the world’s population regular users and creators of graphics, digital images, and the interactive techniques to manipulate them. Animations, games, visualizations, and immersive applications that ran on desktops in 2013, now can run on mobile devices. The amount of stored digital data grew exponentially since 2013, and both data and visualizations are now published by myriad sources including news media and scientific organizations. Revenue from mobile video games now exceeds that of music and movies combined [1]. CGI and VFX are employed in almost all films, animations, TV productions, advertising, and business graphics. The number of people who create graphics has skyrocketed, as have the number of applications and generative tools used to produce graphics. It is critical that students and faculty confront the ethical issues, questions, and conundrums that have arisen and will continue to arise in and because of applications in computer graphics. Today’s headlines unfortunately already provide examples of inequity and/or wrong-doing in autonomous navigation, deepfakes, computational photography, generative images, and facial recognition. GIT.1 Fundamental Concepts (basic graphics) Uses of computer graphics and interactive techniques and their potential risks and abuses.; Entertainment, business, and scientific applications: e.g., visual effects, generative imagery, computer vision, machine learning, user interfaces, video editing, games and game engines, computer-aided design and manufacturing, data visualization, and virtual/augmented/mixed reality; Intellectual property, deep fakes, facial recognition, privacy (See also: SEP-DEIA, SEP-Privacy, SEP-IP, SEP-Professional-Ethics); Graphic output; Displays (e.g., LCD); Printers; Analog film; Concepts; Resolution (e.g., pixels, dots); Aspect ratio; Frame rate; Human vision system; Tristimulus reception (RGB); Eye as a camera (projection); Persistence of vision (frame rate, motion blur); Contrast (detection, Mach banding, dithering/aliasing); Non-linear response (dynamic range, tone mapping); Binocular vision (stereo); Accessibility (color deficiency, strobing, monocular vision, etc.) (See also: SEP-DEIA, HCI-User); Standard image formats; Raster; Lossless (e.g., TIF); Lossy (e.g., JPG, GIF, etc.); Vector (e.g., SVG, Adobe Illustrator); Digitization of analog data; Rasterization; Resolution; Sampling and quantization; Color models: additive (RGB), subtractive (CMYK), and color perception (HSV); Tradeoffs between storing image data and re-computing image data; Spatialization: coordinate systems, absolute and relative positioning; Animation as a sequence of still images Applied interactive graphics (e.g., processing, python); Display characteristics (protocols and ports) Identify common uses of digital presentation to humans (e.g., computer graphics, sound).; Describe how analog signals can be reasonably represented by discrete samples, for example, how images can be represented by pixels.; Compute the memory requirement for storing a color image given its resolution.; Create a graphic depicting how the limits of human perception affect choices about the digital representation of analog signals.; Indicate when and why you should use each of the following common file formats: JPG, PNG, MP3, MP4, and GIF.; Describe color models and their use in graphics display devices.; Compute the memory requirements for a multi-second movie (lasting n seconds) displaying at a specific framerate (f frames per second) at a specified resolution (r pixels per frame); Compare and contrast digital video to analog video.; Describe the basic process of producing continuous motion from a sequence of discrete frames (sometimes called 'flicker fusion').; Describe a possible visual misrepresentation that could result from digitally sampling an analog world.; Compute memory space requirements based on resolution and color coding.; Compute time requirements based on refresh rates and rasterization techniques.; Design a user interface and an alternative for persons with color perception deficiency.; Construct a simple graphical user interface using a graphics library. GIT.2 Visualization (visualization) Scientific Data Visualization and Information Visualization; Visualization techniques; Statistical visualization (e.g., scatterplots, bar graphs, histograms, line graphs, pie charts, trees, and graphs); Text visualization; Geospatial visualization; 2D/3D scalar fields; Vector fields; Direct volume rendering; Visualization pipeline; Structuring data; Mapping data to visual representations (e.g., scales, grammar of graphics); View transformations (e.g., pan, zoom, filter, select); Common data formats (e.g., HDF, netCDF, geotiff, GeoJSON, shape files, raw binary, JSON, CSV, plain text); High-dimensional data handling techniques; Statistical (e.g., averaging, clustering, filtering); Perceptual (e.g., multi-dimensional vis, parallel coordinates, trellis plots); Perceptual and cognitive foundations that drive visual abstractions.; Human optical system; Color theory; Gestalt theories; Design and evaluation of visualizations; Purpose (e.g., analysis, communication, aesthetics); Accessibility; Appropriateness of encodings; Misleading visualizations Compare and contrast data visualization and information visualization.; Deploy basic algorithms for visualization.; Compare the tradeoffs of visualization algorithms in terms of accuracy and performance.; Design a suitable visualization for a particular combination of data characteristics, application tasks, and audience.; Analyze the effectiveness of a given visualization for a particular task.; Design a process to evaluate the utility of a visualization algorithm or system.; Identify a variety of applications of visualization including representations of scientific, medical, and mathematical data; flow visualization; and spatial analysis. GIT.3 Applied Rendering Techniques (rendering techniques) Object and scene modeling; Object representations: polygonal, parametric,;; Modeling transformations: affine and coordinate-system transformations; Scene representations: scene graphs; Camera and projection modeling; Pinhole cameras, similar triangles, and projection model; Camera models; Projective geometry; Radiometry and light models; Radiometry; Rendering equation; Rendering in nature – emission and scattering,;; Rendering; Simple triangle rasterization; Rendering with a shader-based API; Visibility and occlusion, including solutions to this problem (e.g., depth buffering, Painter’s algorithm, and ray tracing); Texture mapping, including minification and magnification (e.g., trilinear MIP mapping); Application of spatial data structures to rendering.; Ray tracing; Sampling and anti-aliasing Describe and illustrate the light transport problem (i.e., light is emitted, scatters around the scene, and is measured by the eye).; Describe the basic rendering pipeline.; Compare and contrast how forward and backwards rendering factor into the graphics pipeline.; Create a program to display 2D shapes in a window.; Create a program to display 3D models.; Produce linear perspective from similar triangles by converting points (x, y, z) to points (x/z, y/z, 1).; Compute two-dimensional and 3-dimensional points by applying affine transformations.; Indicate the changes required to extend 2D transformation operations to handle transformations in 3D.; Define texture mapping, sampling, and anti-aliasing, and describe examples of each.; Compare ray tracing and rasterization for the visibility problem.; Construct a program that performs transformation and clipping operations on simple two- dimensional shapes.; Implement a simple real-time renderer using a rasterization API (e.g., OpenGL, webGL) using vertex buffers and shaders.; Compare and contrast the different rendering techniques.; Compare and contrast the difference in transforming the camera vs the models. GIT.4 Geometric Modeling (geometric modeling) Basic geometric operations such as intersection calculation and proximity tests on 2D objects; Surface representation/model; Tessellation; Mesh representation, mesh fairing, and mesh generation techniques such as Delaunay triangulation, and marching cubes/tetrahedrons; Parametric polynomial curves and surfaces; Implicit representation of curves and surfaces; Spatial subdivision techniques; Volumetric representation/model; Volumes, voxels, and point-based representations.; Signed Distance Fields; Sparse Volumes, i.e., VDB; Constructive Solid Geometry (CSG) representation; Procedural representation/model; Fractals; L-Systems; Multi-resolution modeling (See also: SPD-Game); Reconstruction, e.g., 3D scanning, photogrammetry Contrast representing curves and surfaces in both implicit and parametric forms.; Create simple polyhedral models by surface tessellation.; Create a mesh representation from an implicit surface.; Create a fractal model or terrain using a procedural method.; Create a mesh from data points acquired with a laser scanner.; Create CSG models from simple primitives, such as cubes and quadric surfaces.; Contrast modeling approaches with respect to space and time complexity and quality of image. GIT.5 Shading and Advanced Rendering (shading, advanced rendering) Solutions and approximations to the rendering equation, for example; Distribution ray tracing and path tracing; Photon mapping; Bidirectional path tracing; Metropolis light transport; Time (motion blur), lens position (focus), and continuous frequency (color) and their impact on rendering; Shadow mapping; Occlusion culling; Bidirectional Scattering Distribution function (BSDF) theory and microfacets; Subsurface scattering; Area light sources; Hierarchical depth buffering; Image-based rendering; Non-photorealistic rendering; Realtime rendering; GPU architecture (See also: AR-Heterogeneity); Human visual systems including adaptation to light, sensitivity to noise, and flicker fusion (See also: HCI-Accessibility, SEP-DEIA) Describe how an algorithm estimates a solution to the rendering equation.; Discuss the properties of a rendering algorithm (e.g., complete, consistent, and unbiased).; Analyze the bandwidth and computation demands of a simple shading algorithm.; Implement a non-trivial shading algorithm (e.g., toon shading, cascaded shadow maps) under a rasterization API.; State how a particular artistic technique might be implemented in a renderer.; Describe how one might recognize the shading techniques used to create a particular image.; Write a program that implements any of the specified graphics techniques using a primitive graphics system at the individual pixel level.; Write a ray tracer for scenes using a simple (e.g., Phong’s) Bidirectional Reflection Distribution Function (BRDF) plus reflection and refraction. GIT.6 Computer Animation (computer animation) Principles of Animation: Squash and Stretch, Timing, Anticipation, Staging, Follow Through and Overlapping Action, Straight Ahead Action, and Pose-to-Pose Action, Slow In and Out, Arcs, Exaggeration, and Appeal; Types of animation; 2- and 3-dimensional animation; Motion graphics; Motion capture; Motion graphics; Stop animation; Key-frame animation; Keyframe Interpolation Methods: Lerp/Slerp/Spline; Forward and inverse kinematics (See also: SPD-Robot, AI-Robotics); Skinning algorithms; Capturing; Linear blend, dual quaternion; Rigging; Blend shapes; Pose space deformation; Motion capture; Set up and fundamentals; Blending motion capture clips; Blending motion capture and keyframe animation; Ethical considerations (See also: SEP-DEIA, SEP-Privacy); Avoidance of 'default' captures - there is no typical human walk cycle.; Accessibility Using a simple open-source character model and rig, describe visually why each of the principles of animation is fundamental to realistic animation.; Compute the location and orientation of model parts using a forward kinematic approach.; Compute the orientation of articulated parts of a model from a location and orientation using an inverse kinematic approach.; Compare the tradeoffs in different representations of rotations.; Write a script that implements the spline interpolation method for producing in-between positions and orientations.; Deploy off-the-shelf animation software to construct, rig, and animate simple organic forms. GIT.7 Simulation (simulation) Collision detection and response; Signed Distance Fields; Sphere/sphere; Triangle/point; Edge/edge; Procedural animation using noise; Particle systems; Integration methods (e.g., forward Euler, midpoint, leapfrog); Mass/spring networks; Position-based dynamics; Rules (e.g., boids, crowds); Rigid bodies; Grid-based fluids; Semi-Lagrangian advection; Pressure projection; Heightfields; Terrain: transport, erosion; Water: ripple, shallow water.; Rule-based systems (e.g., L-systems, space-colonizing systems, Game of Life) Implement algorithms for physical modeling of particle dynamics using simple Newtonian mechanics (e.g., Witkin & Kass, snakes and worms, symplectic Euler, Stormer/Verlet, or midpoint Euler methods); Contrast the basic ideas behind fluid simulation methods for modeling ballistic trajectories (e.g., for splashes, dust, fire, or smoke).; Implement a smoke solver with user interaction. GIT.8 Immersion (immersion) Immersion levels (i.e., Virtual Reality (VR), Augmented Reality (AR), and Mixed Reality (MR)); Definitions of and distinctions between immersion and presence; 360 Video; Stereoscopic display; Head-mounted displays; Stereo glasses; Viewer tracking; Inside out and outside In; Head/Body/Hand/tracking; Time-critical rendering to achieve optimal Motion To Photon (MTP) latency; Multiple Levels Of Details (LOD); Image-based VR; Branching movies; Distributed VR, collaboration over computer network; Presence and factors that impact level of immersion; 3D interaction; Applications in medicine, simulation, training, and visualization; Safety in immersive applications; Motion sickness; VR obscures the real world, which increases the potential for falls and physical accidents Create a stereoscopic image.; Design and write an AR or VR application.; Summarize the pros and cons of different types of viewer tracking.; Compare and contrast the differences between geometry- and image-based virtual reality.; Analyze the design issues of user action synchronization and data consistency in a networked environment.; Create the specifications for an augmented reality application to be used by surgeons in the operating room.; Assess an immersive application’s accessibility (See also: HCI-Accessibility, SEP-DEIA); Identify the most important technical characteristics of a VR system/application that should be controlled to avoid motion sickness and explain why. GIT.9 Interaction (interaction) Event Driven Programming (See also: FPL-Event-Driven); Mouse or touch events; Keyboard events; Voice input; Sensors; Message passing communication; Network events; Graphical User Interface (Single Channel); Window; Icons; Menus; Pointing Devices; Accessibility (See also: SEP-DEIA) Gestural Interfaces (See also: SPD-Game); Touch screen gestures; Hand and body gestures; Haptic Interfaces; External actuators; Gloves; Exoskeletons; Multimodal Interfaces; Head-worn Interfaces; Brain-computer interfaces, e.g., Electroencephalography (EEG) electrodes and Multi-Electrode Arrays (MEAs); Headsets with embedded eye tracking; AR glasses; Natural Language Interfaces (See also: AI-NLP) Create a simple game that responds to single channel mouse and keyboard events.; Create a mobile app that responds to touch events.; Design and create an application that responds to different event triggers.; Assess the consistency or lack of consistency in cross-platform touch screen gestures.; Design and create an application that provides haptic feedback.; Write a program that is controlled by gestures. GIT.10 Image Processing (image processing) Morphological operations; Connected components; Dilation; Erosion; Computing region properties (area, perimeter, centroid, etc.); Color histograms; Representation; Contrast enhancement through normalization; Image enhancement; Convolution; Blur (e.g., Gaussian); Sharpen (e.g., Laplacian); Frequency filtering (e.g., low-pass, high-pass); Image restoration; Noise, degradation; Inpainting and other completion algorithms; Wiener filter; Image coding; Redundancy; Compression (e.g., Huffman coding); Discrete Cosine Transform (DCT), wavelet transform, Fourier transforms (See also: SPD- Interactive); Nyquist Theorem; Watermarks; Connections to deep learning (e.g., Convolutional Neural Networks) (See also: AI-ML) Write a program that uses dilation and erosion to smooth the edges of a binary image.; Manipulating the hue of an image.; Write a program that applies a high-pass filter to an image. (The advanced variation would be to filter an image using a high-pass filter in the frequency domain.); Write a program that restores missing parts of an image using an in-paint algorithm (e.g., Poisson image editing); Assess the results of selectively filtering an image in the frequency domain. GIT.11 Tangible/Physical Computing (tangible computing, physical computing) Interaction with the physical world (See also: SPD-Embedded); Acquisition of data from sensors; Driving external actuators; Connection to physical artifacts; Computer-Aided Design (CAD); Computer-Aided Manufacturing (CAM); Fabrication (See also: HCI-Design); Prototyping; Additive (3D printing); Subtractive (Computer Numerical Control (CNC) milling); Forming (vacuum forming); Internet of Things (See also: SPD-Interactive); Network connectivity; Wireless communication Construct a simple virtual switch or application button and use it to turn on an LED.; Construct a simple system to move a servo in response to sensor data.; Create a circuit and accompanying microcontroller code that uses a light sensor to vary a property of something else (e.g., color or brightness of an LED or graphic, position of an external actuator).; Create a circuit with a variable resistor and write a microcontroller program that reads and responds to the resistor’s changing values.; Create a 3D form in a CAD package.; Show how affine transformations are achieved in the CAD program.; Show an example of instances of an object.; Create a fabrication plan. Provide a cost estimate for materials and time. How will you fabricate it?; Fabricate; How closely did your actual fabrication process match your plan? Where did it differ?; Write the G- and M-Code to construct a 3D maze and use a CAD/CAM package to check your work.; Decide and defend your decision to use Ethernet, WiFi, Bluetooth, RFID/NFC, or something else for internet connectivity when designing an IoT pill dispenser. Create an IoT pill dispenser.; Distinguish between the different types of fabrication and describe when you would use each. GIT.12 Society, Ethics, and the Profession (society ethics profession) Accessibility in immersive, interactive, and physical computing applications (See also: SEP-DEIA); Accessible to people with mobility impairments; Accessible to people with vision and/or hearing impairments; Ethics/privacy in graphics applications. (See also: SEP-Privacy, SEP-Professional-Ethics, and SEP-Security); Acquisition of private data (room scans, body proportions, active cameras, etc.); Can’t look away from immersive applications easily; Danger to self/surroundings while immersed; Ethical pitfalls of facial recognition; Misleading visualizations; Due to incorrect data because of exaggeration, hole filling, smoothing, data cleanup,;; Even correct data can mislead (e.g., aliasing can cause back moving or stopped fan blades); Privacy regarding health and other personal information; Bias in image processing; Deep fakes; Applications that misidentify people based on skin color or hairstyle; Intellectual Property law as it relates to computer graphics and interactive techniques (See also: SEP-IP); images used to train generative AI; images produced by generative AI; Current and past contributors to the field (See also: SEP-DEIA) ; Discuss the security issues inherent in location tags.; Describe the ethical pitfalls of facial recognition. Can facial recognition be used ethically? If so, how?; Discuss the copyright issues of using watermarked images to train a neural network. HCI Human-Computer Interaction (human computer interaction, hci) Computational systems not only enable users to solve problems, but also foster social connectedness and support a broad variety of human endeavors. Thus, these systems should work well with their users and solve problems in ways that respect individual dignity, social justice, and human values and creativity. Human-computer interaction (HCI) addresses those issues from an interdisciplinary perspective that includes computer science, psychology, business strategy, and design principles. Each user is different and, from the perspective of HCI, the design of every system that interacts with people should anticipate and respect that diversity. This includes not only accessibility, but also cultural and societal norms, neural diversity, modality, and the responses the system elicits in its users. An effective computational system should evoke trust while it treats its users fairly, respects their privacy, provides security, and abides by ethical principles. These goals require design-centric engineering that begins with intention and with the understanding that design is an iterative process, one that requires repeated evaluation of its usability and its impact on its users. Moreover, technology evokes user responses, not only by its output, but also by the modalities with which it senses and communicates. This knowledge area heightens the awareness of these issues and should influence every computer scientist. HCI.1 Understanding the User: Individual Goals and Interactions With Others (user goals, user interactions) User-centered design and evaluation methods. (See also: SEP-Context, SEP-Ethical-Analysis, SEP-Professional-Ethics); 'You are not the users'; User needs-finding; Formative studies; Interviews; Surveys; Usability tests User-centered design methodology. (See also: SE-Tools); Personas/persona spectrum; User stories/storytelling and techniques for gathering stories; Empathy maps; Needs assessment (techniques for uncovering needs and gathering requirements - e.g., interviews, surveys, ethnographic and contextual enquiry) (See also: SE-Requirements); Journey maps; Evaluating the design (See also: HCI-Evaluation); Interfacing with stakeholders, as a team; Risks associated with physical, distributed, hybrid and virtual teams; Physical and cognitive characteristics of the user; Physical capabilities that inform interaction design (e.g., color perception, ergonomics) Knowledge Unit CS Core KA Core Understanding the User 2 5 Accountability and Responsibility in Design 2 2 Accessibility and Inclusive Design 2 2 Evaluating the Design 1 2 System Design 1 5 Society, Ethics, and the Profession Included in SEP hours Total Hours 8 16; Cognitive models that inform interaction design (e.g., attention, perception and recognition, movement, memory); Topics in social/behavioral psychology (e.g., cognitive biases, change blindness); Designing for diverse user populations. (See also: SEP-DEIA, HCI-Accessibility); How differences (e.g., in race, ability, age, gender, culture, experience, and education) impact user experiences and needs; Internationalization; Designing for users from other cultures; Cross-cultural design; Challenges to effective design evaluation. (e.g., sampling, generalization; disability and disabled experiences); Universal design; Collaboration and communication (See also: AI-SEP, SE-Teamwork, SEP-Communication, SPD- Game); Understanding the user in a multi-user context; Synchronous group communication (e.g., chat rooms, conferencing, online games); Asynchronous group communication (e.g., email, forums, social networks); Social media, social computing, and social network analysis; Online collaboration; Social coordination and online communities; Avatars, characters, and virtual worlds 6. Multi-user systems Conduct a user-centered design process that is integrated into a project.; Compare and contrast the needs of users with those of designers.; Identify the representative users of a design and discuss who else could be impacted by;; Describe empathy and evaluation as elements of the design process.; Carry out and document an analysis of users and their needs.; Construct a user story from a needs assessment.; Redesign an existing solution to a population whose needs differ from those of the initial target population.; Contrast the different needs-finding methods for a given design problem.; Reflect on whether your design would benefit from low-tech or no-tech components.; Recognize the implications of designing for a multi-user system/context. HCI.2 Accountability and Responsibility in Design (accountable design, responsible design) Design impact; Sustainability (See also: SEP-Sustainability); Inclusivity (See also: SEP-DEIA); Safety, security and privacy (See also: SEP-Security, SEC-Foundations); Harm and disparate impact (See also: SEP-DEIA); Ethics in design methods and solutions (See also: SEP-Ethical-Analysis, SEP-Context, SEP- Intellectual Property); The role of artificial intelligence (See also: AI-SEP); Responsibilities for considering stakeholder impact and human factors (See also: SEP- Professional-Ethics); Role of design to meet user needs; Requirements in design (See also: SEP-Professional-Ethics); Ownership responsibility; Legal frameworks, compliance requirements; Consideration beyond immediate user needs, including via iterative reconstruction of problem analysis and 'digital well-being' features Value-sensitive design (See also: SEP-Ethical-Analysis, SEP-Context, SEP-Communication); Identify direct and indirect stakeholders; Determine and include diverse stakeholder values and value systems.; Persuasion through design (See also: SEP-Communication); Assess the persuasive content of a design; Employ persuasion as a design goal; Distinguish persuasive interfaces from manipulative interfaces Identify and critique the potential impacts of a design on society and relevant communities to address such concerns as sustainability, inclusivity, safety, security, privacy, harm, and disparate impact.; Identify the potential human factor elements in a design.; Identify and understand direct and indirect stakeholders.; Develop scenarios that consider the entire lifespan of a design, beyond the immediately planned uses that anticipate direct and indirect stakeholders.; Identify and critique the potential factors in a design that impact direct and indirect stakeholders and broader society (e.g., transparency, sustainability of the system, trust, artificial intelligence).; Assess the persuasive content of a design and its intent relative to user interests.; Critique the outcomes of a design given its intent.; Understand the impact of design decisions. HCI.3 Accessibility and Inclusive Design (accessibility, inclusive design) Background (See also: SEP-DEIA, SEP-Security); Societal and legal support for and obligations to people with disabilities; Accessible design benefits everyone; Techniques; Accessibility standards (e.g., Web Content Accessibility Guidelines) (See also: SPD-Web); Technologies (See also: SE-Tools); Features and products that enable accessibility and support inclusive development by designers and engineers; IDFs (Inclusive Design Frameworks) (See also: SEP-DEIA); Recognizing differences; Universal design Background; Demographics and populations (permanent, temporary, and situational disability); International perspectives on disability (See also: SEP-DEIA); Attitudes towards people with disabilities (See also: SEP-DEIA); Techniques; UX (user experience) design and research; Software engineering practices that enable inclusion and accessibility. (See also: SEP-DEIA); Technologies; Examples of accessibility-enabling features, such as conformance to screen readers; Inclusive Design Frameworks; Creating inclusive processes such as participatory design; Designing for larger impact Background (See also: SEP-DEIA); Unlearning and questioning; Disability studies; Technologies: the Return On Investment (ROI) of inclusion; Inclusive Design Frameworks: user-sensitive inclusive design (See also: SEP-DEIA); Critical approaches to HCI (e.g., inclusivity) (See also: SEP-DEIA) Identify accessibility challenges faced by people with different disabilities and specify the associated accessible and assistive technologies that address them. (See also: AI-Agents, AI-Robotics); Identify appropriate inclusive design approaches, such as universal design and ability-based design.; Identify and demonstrate understanding of software accessibility guidelines.; Demonstrate recognition of laws and regulations applicable to accessible design.; Apply inclusive frameworks to design, such as universal design and usability and ability-based design, and demonstrate accessible design of visual, voice-based, and touch-based UIs.; Demonstrate understanding of laws and regulations applicable to accessible design.; Demonstrate understanding of what is appropriate and inappropriate high level of skill during interaction with individuals from diverse populations.; Analyze web pages and mobile apps for current standards of accessibility.; Biases towards disability, race, and gender have historically, either intentionally or unintentionally, informed technology design.; Find examples.; Consider how those experiences (learnings?) might inform design.; Conceptualize user experience research to identify user needs and generate design insights. HCI.4 Evaluating the Design (evaluating design) Methods for evaluation with users; Formative (e.g., needs-finding, exploratory analysis) and summative assessment (e.g., functionality and usability testing); Elements to evaluate (e.g., utility, efficiency, learnability, user satisfaction, affective elements such as pleasure and engagement); Understanding ethical approval requirements before engaging in user research (See also: SE- Tools, SEP-Ethical-Analysis, SEP-Security, SEP-Privacy, SEP-Professional-Ethics) Methods for evaluation with users (See also: SE-Validation); Qualitative methods (qualitative coding and thematic analysis); Quantitative methods (statistical tests); Mixed methods (e.g., observation, think-aloud, interview, survey, experiment); Presentation requirements (e.g., reports, personas); User-centered testing; Heuristic evaluation; Challenges and shortcomings to effective evaluation (e.g., sampling, generalization); Study planning; How to set study goals; Hypothesis design; Approvals from Institutional Research Boards and ethics committees (See also: SEP-Ethical- Analysis, SEP-Security, SEP-Privacy); How to pre-register a study; Within-subjects vs between-subjects design; Implications and impacts of design with respect to the environment, material, society, security, privacy, ethics, and broader impacts. (See also: SEC-Foundations); The environment; Material; Society; Security; Privacy; Ethics; Broader impacts Techniques and tools for quantitative analysis; Statistical packages; Visualization tools; Statistical tests (e.g., ANOVA, t-tests, post-hoc analysis, parametric vs non-parametric tests); Data exploration and visual analytics; how to calculate effect size.; Data management; Data storage and data sharing (open science); Sensitivity and identifiability. Discuss the differences between formative and summative assessment and their role in evaluating design; Select appropriate formative or summative evaluation methods at different points throughout the development of a design.; Discuss the benefits of using both qualitative and quantitative methods for evaluation.; Evaluate the implications and broader impacts of a given design.; Plan a usability evaluation for a given user interface, and justify its study goals, hypothesis design, and study design.; Conduct a usability evaluation of a given user interface and draw defensible conclusions given the study design.; Select and run appropriate statistical tests on provided study data to test for significance in the results.; Pre-register a study design, with planned statistical tests. HCI.5 System Design (user system design) Prototyping techniques and tools; Low-fidelity prototyping; Rapid prototyping; Throw-away prototyping; Granularity of prototyping; Design patterns; Iterative design; Universal design (See also: SEP-DEIA); Interaction design (e.g., data-driven design, event-driven design); Design constraints; Platforms (See also: SPD-Game); Devices; Resources; Balance among usability, security and privacy (See also: SEC-Foundations) Design patterns and guidelines; Software architecture patterns; Cross-platform design; Synchronization considerations; Design processes (See also: SEP-Communication); Participatory design; Co-design; Double-diamond; Convergence and divergence; Interaction techniques (See also: GIT-Interaction); Input and output vectors (e.g., gesture, pose, touch, voice, force); Graphical user interfaces; Controllers; Haptics; Hardware design; Error handling; Visual UI design (See also: GIT-Visualization); Color; Layout; Gestalt principles Immersive environments (See also: GIT-Immersion); XR (encompasses virtual reality, augmented reality, and mixed reality); Spatial audio; 3D printing and fabrication; Asynchronous interaction models; Creativity support tools; Voice UI designs Propose system designs tailored to a specified appropriate mode of interaction.; Follow an iterative design and development process that incorporates the following:; Understanding the user; Developing an increment; Evaluating the increment; Feeding those results into a subsequent iteration; Explain the impact of changing constraints and design tradeoffs (e.g., hardware, user, security.) on system design.; Evaluate architectural design approaches in the context of project goals.; Identify synchronization challenges as part of the user experience in distributed environments.; Evaluate and compare the privacy implications behind different input techniques for a given scenario.; Explain the rationale behind a UI design based on visual design principles.; Evaluate the privacy implications within a VR/AR/MR scenario HCI.6 Society, Ethics, and the Profession (society ethics profession) Universal and user-centered design (See also: HCI-User, SEP-DEIA); Accountability (See also: HCI-Accountability); Accessibility and inclusive design (See also: SEP-DEIA, SEP-Security); Evaluating the design (See also: HCI-Evaluation); System design (See also: HCI-Design) Participatory and inclusive design processes; Evaluating the design: Implications and impacts of design: with respect to the environment, material, society, security, privacy, ethics, and broader impacts (See also: SEC-Foundations, SEP- Privacy) VR/AR/MR scenarios Conduct a user-centered design process that is integrated into a project.; Identify and critique the potential impacts of a design on society and relevant communities to address such concerns as sustainability, inclusivity, safety, security, privacy, harm, and disparate impact.; Critique a recent example of a non-inclusive design choice, its societal implications, and propose potential design improvements.; Evaluating the design: Identify the implications and broader impacts of a given design.; Evaluate the privacy implications within a VR/AR/MR scenario. MSF Mathematical and Statistical Foundations (math and statistics) A strong mathematical foundation remains a bedrock of computer science education and infuses the practice of computing whether in developing algorithms, designing systems, modeling real-world phenomena, or computing with data. This Mathematical and Statistical Foundations (MSF) knowledge area – the successor to the ACM CS2013 [1] curriculum's "Discrete Structures" area – seeks to identify the mathematical and statistical material that undergirds modern computer science. The change of name corresponds to a realization both that the broader name better describes the combination of topics from the 2013 report and from those required for the recently growing areas of computer science, such as artificial intelligence, machine learning, data science, and quantum computing, many of which have continuous mathematics as their foundations. MSF.1 Discrete Mathematics (discrete math) Sets, relations, functions, cardinality; Recursive mathematical definitions; Proof techniques (induction, proof by contradiction); Permutations, combinations, counting, pigeonhole principle; Modular arithmetic; Logic: truth tables, connectives (operators), inference rules, formulas, normal forms, simple predicate logic; Graphs: basic definitions; Order notation Sets, Relations, and Functions, Cardinality; Explain with examples the basic terminology of functions, relations, and sets.; Perform the operations associated with sets, functions, and relations.; Relate practical examples to the appropriate set, function, or relation model, and interpret the associated operations and terminology in context.; Calculate the size of a finite set, including making use of the sum and product rules and inclusion-exclusion principle.; Explain the difference between finite, countable, and uncountable sets.; Recursive mathematical definitions; Apply recursive definitions of sequences or structures (e.g., Fibonacci numbers, linked lists, parse trees, fractals).; Formulate inductive proofs of statements about recursive definitions.; Solve a variety of basic recurrence relations.; Analyze a problem to determine underlying recurrence relations.; Given a recursive/iterative code snippet, describe its underlying recurrence relation, hypothesize a closed form for the recurrence relation, and prove the hypothesis correct (usually, using induction).; Proof Techniques; Identify the proof technique used in a given proof.; Outline the basic structure of each proof technique (direct proof, proof by contradiction, and induction) described in this unit.; Apply each of the proof techniques (direct proof, proof by contradiction, and induction) correctly in the construction of a sound argument.; Determine which type of proof is best for a given problem.; Explain the parallels between ideas of mathematical and/or structural induction to recursion and recursively defined structures.; Explain the relationship between weak and strong induction and give examples of the appropriate use of each.; Permutations, combinations, and counting; Apply counting arguments, including sum and product rules, inclusion-exclusion principle, and arithmetic/geometric progressions.; Apply the pigeonhole principle in the context of a formal proof.; Compute permutations and combinations of a set, and interpret the meaning in the context of the specific application.; Map real-world applications to appropriate counting formalisms, such as determining the number of ways to arrange people around a table, subject to constraints on the seating arrangement, or the number of ways to determine certain hands in cards (e.g., a full house).; Modular arithmetic; Perform computations involving modular arithmetic.; Explain the notion of the greatest common divisor and apply Euclid's algorithm to compute;; Logic; Convert logical statements from informal language to propositional and predicate logic expressions.; Apply formal methods of symbolic propositional and predicate logic, such as calculating validity of formulae, computing normal forms, or negating a logical statement.; Use the rules of inference to construct proofs in propositional and predicate logic.; Describe how symbolic logic can be used to model real-life situations or applications, including those arising in computing contexts such as software analysis (e.g., program correctness), database queries, and algorithms.; Apply formal logic proofs and/or informal, but rigorous, logical reasoning to real problems, such as predicting the behavior of software or solving problems such as puzzles.; Describe the strengths and limitations of propositional and predicate logic.; Explain what it means for a proof in propositional (or predicate) logic to be valid.; Graphs; Illustrate by example the basic terminology of graph theory, and some of the properties and special cases of types of graphs, including trees.; Demonstrate different traversal methods for trees and graphs, including pre-, post-, and in-order traversal of trees, along with breadth-first and depth-first search for graphs.; Model a variety of real-world problems in computer science using appropriate forms of graphs and trees, such as representing a network topology, the organization of a hierarchical file system, or a social network.; Show how concepts from graphs and trees appear in data structures, algorithms, proof techniques (structural induction), and counting. MSF.2 Probability (probability) Basic notions: sample spaces, events, probability, conditional probability, Bayes’ rule; Discrete random variables and distributions; Continuous random variables and distributions; Expectation, variance, law of large numbers, central limit theorem; Conditional distributions and expectation; Applications to computing, the difference between probability and statistics (as subjects) Basic notions: sample spaces, events, probability, conditional probability, Bayes’ rule; Translate a prose description of a probabilistic process into a formal setting of sample spaces, outcome probabilities, and events.; Calculate the probability of simple events.; Determine whether two events are independent.; Compute conditional probabilities, including through applying (and explaining) Bayes' Rule.; Discrete random variables and distributions; Define the concept of a random variable and indicator random variable.; Determine whether two random variables are independent.; Identify common discrete distributions (e.g., uniform, Bernoulli, binomial, geometric).; Continuous random variables and distributions; Identify common continuous distributions (e.g., uniform, normal, exponential).; Calculate probabilities using cumulative density functions.; Expectation, variance, law of large numbers, central limit theorem; Define the concept of expectation and variance of a random variable.; Compute the expected value and variance of simple or common discrete/continuous random variables.; Explain the relevance of the law of large numbers and central limit theorem to probability calculations.; Conditional distributions and expectation; Explain the distinction between joint, marginal, and conditional distributions.; Compute marginal and conditional distributions from a full distribution, for both discrete and continuous random variables.; Compute conditional expectations for both discrete and continuous random variables.; Applications to computing; Describe how probability can be used to model real-life situations or applications, such as predictive text, hash tables, and quantum computation.; Apply probabilistic processes to solving computational problems, such as through randomized algorithms or in security contexts. MSF.3 Statistics (statistics) Basic definitions and concepts: populations, samples, measures of central tendency, variance; Univariate data: point estimation, confidence intervals Multivariate data: estimation, correlation, regression; Data transformation: dimension reduction, smoothing; Statistical models and algorithms; Hypothesis testing Basic definitions and concepts: populations, samples, measures of central tendency, variance; Create and interpret frequency tables.; Display data graphically and interpret graphs (e.g., histograms).; Recognize, describe, and calculate means, medians, quantiles (location of data).; Recognize, describe, and calculate variances, interquartile ranges (spread of data).; Univariate data: point estimation, confidence intervals; Formulate maximum likelihood estimation (in linear-Gaussian settings) as a least-squares problem.; Calculate maximum likelihood estimates.; Calculate maximum a posteriori estimates and make a connection with regularized least squares.; Compute confidence intervals as a measure of uncertainty.; Sampling, bias, adequacy of samples, Bayesian vs frequentist interpretations; Multivariate data: estimation, correlation, regression; Formulate the multivariate maximum likelihood estimation problem as a least-squares problem.; Interpret the geometric properties of maximum likelihood estimates.; Derive and calculate the maximum likelihood solution for linear regression.; Derive and calculate the maximum a posteriori estimates for linear regression.; Implement both maximum likelihood and maximum a posteriori estimates in the context of a polynomial regression problem.; Formulate and understand the concept of data correlation (e.g., in 2D); Data transformation: dimension reduction, smoothing; Formulate and derive Principal Component Analysis (PCA) as a least-squares problem.; Geometrically interpret PCA (when solved as a least-squares problem).; Describe when PCA works well (one can relate back to correlated data).; Geometrically interpret the linear regression solution (maximum likelihood).; Statistical models and algorithms; Apply PCA to dimensionality reduction problems.; Describe the tradeoff between compression and reconstruction power.; Apply linear regression to curve-fitting problems.; Explain the concept of overfitting.; Discuss and apply cross-validation in the context of overfitting and model selection (e.g., degree of polynomials in a regression context). MSF.4 Linear Algebra (linear algebra) Vectors: definitions, vector operations, geometric interpretation, angles: Matrices: definition, matrix operations, meaning of Ax=b Matrices, matrix-vector equation, geometric interpretation, geometric transformations with matrices; Solving equations, row-reduction; Linear independence, span, basis; Orthogonality, projection, least-squares, orthogonal bases; Linear combinations of polynomials, Bezier curves; Eigenvectors and eigenvalues; Applications to computer science: Principal Components Analysis (PCA), Singular Value Decomposition (SVD), page-rank, graphics Vectors: definitions, vector operations, geometric interpretation, angles; Describe algebraic and geometric representations of vectors in Rn and their operations, including addition, scalar multiplication, and dot product.; List properties of vectors in Rn.; Compute angles between vectors in Rn.; Matrices, matrix-vector equation, geometric interpretation, geometric transformations with matrices; Perform common matrix operations, such as addition, scalar multiplication, multiplication, and transposition.; Relate a matrix to a homogeneous system of linear equations.; Recognize when two matrices can be multiplied.; Relate various matrix transformations to geometric illustrations.; Solving equations, row-reduction; Formulate, solve, apply, and interpret properties of linear systems.; Perform row operations on a matrix.; Relate an augmented matrix to a system of linear equations.; Solve linear systems of equations using the language of matrices.; Translate word problems into linear equations.; Perform Gaussian elimination.; Linear independence, span, basis; Define subspace of a vector space.; List examples of subspaces of a vector space.; Recognize and use basic properties of subspaces and vector spaces.; Determine if specific subsets of a vector space are subspaces.; Discuss the existence of a basis of an abstract vector space.; Describe coordinates of a vector relative to a given basis.; Determine a basis for and the dimension of a finite-dimensional space.; Discuss spanning sets for vectors in Rn.; Discuss linear independence for vectors in Rn.; Define the dimension of a vector space.; Orthogonality, projection, least-squares, orthogonal bases; Explain the Gram-Schmidt orthogonalization process.; Define orthogonal projections.; Define orthogonal complements.; Compute the orthogonal projection of a vector onto a subspace, given a basis for the subspace.; Explain how orthogonal projections relate to least square approximations.; Linear combinations of polynomials, Bezier curves; Identify polynomials as generalized vectors.; Explain linear combinations of basic polynomials.; Describe orthogonality for polynomials.; Distinguish between basic polynomials and Bernstein polynomials.; Apply Bernstein polynomials to Bezier curves.; Eigenvectors and eigenvalues; Find the eigenvalues and eigenvectors of a matrix.; Define eigenvalues and eigenvectors geometrically.; Use characteristic polynomials to compute eigenvalues and eigenvectors.; Use eigenspaces of matrices, when possible, to diagonalize a matrix.; Perform diagonalization of matrices.; Explain the significance of eigenvectors and eigenvalues.; Find the characteristic polynomial of a matrix.; Use eigenvectors to represent a linear transformation with respect to a particularly nice basis.; Applications to computer science: PCA, SVD, page-rank, graphics; Explain the geometric properties of PCA.; Relate PCA to dimensionality reduction.; Relate PCA to solving least-squares problems.; Relate PCA to solving eigenvector problems.; Apply PCA to reducing the dimensionality of a high-dimensional dataset (e.g., images).; Explain the page-rank algorithm and understand how it relates to eigenvector problems.; Explain the geometric differences between SVD and PCA.; Apply SVD to a concrete example (e.g., movie rankings). MSF.5 Calculus (calculus) Sequences, series, limits; Single-variable derivatives: definition, computation rules (chain rule etc.), derivatives of important functions, applications; Single-variable integration: definition, computation rules, integrals of important functions, fundamental theorem of calculus, definite vs indefinite, applications (including in probability); Parametric and polar representations; Taylor series; Multivariate calculus: partial derivatives, gradient, chain-rule, vector valued functions,; Optimization: convexity, global vs local minima, gradient descent, constrained optimization, and Lagrange multipliers.; Ordinary Differential Equations (ODEs): definition, Euler method, applications to simulation, Monte Carlo integration; CS applications: gradient descent for machine learning, forward and inverse kinematics, applications of calculus to probability Sequences, series, limits; Explain the difference between infinite sets and sequences.; Explain the formal definition of a limit.; Derive the limit for examples of sequences and series.; Explain convergence and divergence.; Apply L’Hospital’s rule and other approaches to resolving limits.; Single-variable derivatives: definition, computation rules (chain rule etc.), derivatives of important functions, applications; Explain a derivative in terms of limits.; Explain derivatives as functions.; Perform elementary derivative calculations from limits.; Apply sum, product, and quotient rules.; Work through examples with important functions.; Single-variable integration: definition, computation rules, integrals of important functions, fundamental theorem of calculus, definite vs indefinite, applications (including in probability); Explain the definitions of definite and indefinite integrals.; Apply integration rules to examples with important functions.; Explore the use of the fundamental theorem of calculus.; Apply integration to problems.; Parametric and polar representations; Apply parametric representations of important curves.; Apply polar representations.; Taylor series; Derive Taylor series for some important functions.; Apply the Taylor series to approximations.; Multivariate calculus: partial derivatives, gradient, chain-rule, vector valued functions, applications to optimization, convexity, global vs local minima.; Compute partial derivatives and gradients.; Work through examples with vector-valued functions with gradient notation.; Explain applications to optimization.; ODEs: definition, Euler method, applications to simulation; Apply the Euler method to integration.; Apply the Euler method to a single-variable differential equation.; Apply the Euler method to multiple variables in an ODE. NC Networking and Communications (networking, communications) Networking and communication play a central role in interconnected computer systems that are transforming the daily lives of billions of people. The public internet provides connectivity for networked applications that serve ever-increasing numbers of individuals and organizations around the world. Complementing the public sector, major proprietary networks leverage their global footprints to support cost-effective distributed computing, storage, and content delivery. Advances in satellite networks expand connectivity to rural areas. Device-to-device communication underlies the emerging Internet of Things. This knowledge area deals with key concepts in networking and communication, as well as their representative instantiations in the internet and other computer networks. Besides the basic principles of switching and layering, the area at its core provides knowledge on naming, addressing, reliability, error control, flow control, congestion control, domain hierarchy, routing, forwarding, modulation, encoding, framing, and access control. The area also covers knowledge units in network security and mobility, such as security threats, countermeasures, device-to-device communication, and multi-hop wireless networking. In addition to the fundamental principles, the area includes their specific realization of the Internet as well as hands-on skills in the implementation of networking and communication concepts. Finally, the area comprises emerging topics such as network virtualization and quantum networking. As the main learning outcome, learners develop a thorough understanding of the role and operation of networking and communication in networked computer systems. They learn how network structure and communication protocols affect the behavior of distributed applications. The area can be used to educate not only key principles but also their specific instantiations in the internet and equip the student with hands-on implementation skills. While computer-system, networking, and communication technologies are advancing at a fast pace, the gained fundamental knowledge enables the student to readily apply the concepts in new technological settings. NC.1 Network Fundamentals (networking basics) Importance of networking in contemporary computing, and associated challenges. (See also: SEP- Context, SEP-Privacy); Organization of the internet (e.g., users, Internet Service Providers, autonomous systems, content providers, content delivery networks); Switching techniques (e.g., circuit and packet); Layers and their roles (application, transport, network, datalink, and physical); Layering principles (e.g., encapsulation and hourglass model) (See also: SF-Foundations); Network elements (e.g., routers, switches, hubs, access points, and hosts); Basic queueing concepts (e.g., relationship with latency, congestion, service levels, etc.) Articulate the organization of the internet.; List and define the appropriate network terminology.; Describe the layered structure of a typical networked architecture.; Identify the different types of complexity in a network (edges, core, etc.). NC.2 Networked Applications (networked applications) Naming and address schemes (e.g., DNS, and Uniform Resource Identifiers); Distributed application paradigms (e.g., client/server, peer-to-peer, cloud, edge, and fog) (See also: PDC-Communication, PDC-Coordination); Diversity of networked application demands (e.g., latency, bandwidth, and loss tolerance) (See also: PDC-Communication, SEP-Sustainability, SEP-Context); Coverage of application-layer protocols (e.g., HTTP); Interactions with TCP, UDP, and Socket APIs (See also: PDC-Programs) Define the principles of naming, addressing, resource location.; Analyze the needs of specific networked application demands.; Describe the details of one application layer protocol.; Implement a simple client-server socket-based application. NC.3 Reliability Support (network reliability) Unreliable delivery (e.g., UDP); Principles of reliability (e.g., delivery without loss, duplication, or out of order) (See also: SF- Reliability); Error control (e.g., retransmission, error correction); Flow control (e.g., stop and wait, window based); Congestion control (e.g., implicit and explicit congestion notification); TCP and performance issues (e.g., Tahoe, Reno, Vegas, Cubic) Describe the operation of reliable delivery protocols.; List the factors that affect the performance of reliable delivery protocols.; Describe some TCP reliability design issues.; Design and implement a simple reliable protocol NC.4 Routing and Forwarding (routing, forwarding) Routing paradigms and hierarchy (e.g., intra/inter domain, centralized and decentralized, source routing, virtual circuits, QoS); Forwarding methods (e.g., forwarding tables and matching algorithms); IP and Scalability issues (e.g., NAT, CIDR, BGP, different versions of IP) Describe various routing paradigms and hierarchies.; Describe how packets are forwarded in an IP network.; Describe how the Internet tackles scalability challenges. NC.5 Single Hop Communication (hop, one-hop) Introduction to modulation, bandwidth, and communication media; Encoding and Framing; Medium Access Control (MAC) (e.g., random access and scheduled access); Ethernet and WiFi; Switching (e.g., spanning trees, VLANS).; Local Area Network Topologies (e.g., data center, campus networks). Describe some basic aspects of modulation, bandwidth, and communication media.; Describe in detail a MAC protocol.; Demonstrate understanding of encoding and framing solution tradeoffs.; Describe details of the implementation of Ethernet.; Describe how switching works.; Describe one kind of a LAN topology. NC.6 Network Security (network security) General intro about security (Threats, vulnerabilities, and countermeasures) (See also: SEP- Security, SEC-Foundations, SEC-Engineering); Network specific threats and attack types (e.g., denial of service, spoofing, sniffing and traffic redirection, attacker-in-the-middle, message integrity attacks, routing attacks, ransomware, and traffic analysis) (See also: SEC-Foundations, SEC-Engineering); Countermeasures (: SEC-Foundations, SEC-Crypto, SEC-Engineering); Cryptography (e.g. SSL, TLS, symmetric/asymmetric); Architectures for secure networks (e.g., secure channels, secure routing protocols, secure DNS, VPNs, DMZ, Zero Trust Network Access, hyper network security, anonymous communication protocols, isolation); Network monitoring, intrusion detection, firewalls, spoofing and DoS protection, honeypots, tracebacks, BGP Sec, RPKI Describe some of the threat models of network security.; Describe specific network-based countermeasures.; Analyze various aspects of network security from a case study. NC.7 Mobility (mobile networks) Principles of cellular communication (e.g., 4G, 5G); Principles of Wireless LANs (mainly 802.11); Device to device communication (e.g., IoT communication); Multi-hop wireless networks (e.g., ad hoc networks, opportunistic, delay tolerant) Describe some aspects of cellular communication such as registration; Describe how 802.11 supports mobile users; Describe practical uses of device-to-device communication, as well as multihop; Describe one type of mobile network such as ad hoc NC.8 Emerging Topics (emerging networks) Middleboxes (e.g., advances in usage of AI, intent-based networking, filtering, deep packet inspection, load balancing, NAT, CDN); Network Virtualization (e.g., SDN, Data Center Networks); Quantum Networking (e.g., Intro to the domain, teleportation, security, Quantum Internet); Satellite, mmWave, Visible Light Describe the value of advances in middleboxes in networks.; Describe the importance of Software Defined Networks.; Describe some of the added value achieved by using Quantum Networking. OS Operating Systems (operating systems, os) The operating system is a collection of services needed to safely interface the hardware with applications. Core topics focus on the mechanisms and policies needed to virtualize computation, memory, and Input/Output (I/O). Overarching themes that are reused at many levels in computer systems are well illustrated in operating systems (e.g., polling vs interrupts, caching, flexibility vs costs, scheduling approaches to processes, page replacement, etc.). The Operating Systems knowledge area contains the key underlying concepts for other knowledge areas — trust boundaries, concurrency, persistence, and safe extensibility OS.1 Role and Purpose of Operating Systems (purpose of operating system) Operating systems mediate between general purpose hardware and application-specific software.; Universal operating system functions (e.g., process, user and device interfaces, persistence of data); Extended and/or specialized operating system functions (e.g., embedded systems, server types such as file, web, multimedia, boot loaders and boot security); Design issues (e.g., efficiency, robustness, flexibility, portability, security, compatibility, power, safety, tradeoffs between error checking and performance, flexibility and performance, and security and performance) (See also: SEC-Engineering); Influences of security, networking, multimedia, parallel and distributed computing; Overarching concern of security/protection: Neglecting to consider security at every layer creates an opportunity to inappropriately access resources. Example concepts:; Unauthorized access to files on an unencrypted drive can be achieved by moving the media to another computer.; Operating systems enforced security can be defeated by infiltrating the boot layer before the operating system is loaded.; Process isolation can be subverted by inadequate authorization checking at API boundaries.; Vulnerabilities in system firmware can provide attack vectors that bypass the operating system entirely.; Improper isolation of virtual machine memory, computing, and hardware can expose the host system to attacks from guest systems.; The operating system may need to mitigate exploitation of hardware and firmware vulnerabilities, leading to potential performance reductions (e.g., Spectre and Meltdown mitigations).; Exposure of operating systems functions in shells and systems programming. (See also: FPL- Scripting) Understand the objectives and functions of modern operating systems.; Evaluate the design issues in different usage scenarios (e.g., real time OS, mobile, server).; Understand the functions of a contemporary operating system with respect to convenience, efficiency, and the ability to evolve.; Understand how evolution and stability are desirable and mutually antagonistic in operating systems function OS.2 Principles of Operating Systems (operating system principles, os principles) Operating system software design and approaches (e.g., monolithic, layered, modular, micro- kernel, unikernel); Abstractions, processes, and resources; Concept of system calls and links to application program interfaces (e.g., Win32, Java, Posix). (See also: AR-Assembly); The evolution of the link between hardware architecture and the operating system functions; Protection of resources means protecting some machine instructions/functions (See also: AR- Assembly) Example concepts:; Applications cannot arbitrarily access memory locations or file storage device addresses.; Protection of coprocessors and network devices; Leveraging interrupts from hardware level: service routines and implementations. (See also: AR- Assembly) Example concepts:; Timer interrupts for implementing time slices; I/O interrupts for putting blocking threads to sleep without polling; Concept of user/system state and protection, transition to kernel mode using system calls (See also: AR-Assembly); Mechanism for invoking system calls, the corresponding mode and context switch and return from interrupt (See also: AR-Assembly); Performance costs of context switches and associated cache flushes when performing process switches in Spectre-mitigated environments. Understand how the application of software design approaches to operating systems design/implementation (e.g., layered, modular, etc.) affects the robustness and maintainability of an operating system.; Categorize system calls by purpose.; Understand dynamics of invoking a system call (e.g., passing parameters, mode change).; Evaluate whether a function can be implemented in the application layer or can only be accomplished by system calls.; Apply OS techniques for isolation, protection, and throughput across OS functions (e.g., starvation similarities in process scheduling, disk request scheduling, semaphores, etc.) and beyond.; Understand how the separation into kernel and user mode affects safety and performance.; Understand the advantages and disadvantages of using interrupt processing in enabling multiprogramming.; Analyze potential vectors of attack via the operating systems and the security features designed to guard against them. OS.3 Concurrency (concurrency) Thread abstraction relative to concurrency; Race conditions, critical regions (role of interrupts, if needed) (See also: PDC-Programs); Deadlocks and starvation (See also: PDC-Coordination); Multiprocessor issues (spin-locks, reentrancy).; Multiprocess concurrency vs multithreading Thread creation, states, structures (See also: SF-Foundations); Thread APIs; Deadlocks and starvation (necessary conditions/mitigations) (See also: PDC-Coordination); Implementing thread safe code (semaphores, mutex locks, condition variables). (See also: AR- Performance-Energy, SF-Evaluation, PDC-Evaluation); Race conditions in shared memory (See also: PDC-Coordination) Managing atomic access to OS objects (e.g., big kernel lock vs many small locks vs lockless data structures like lists) Understand the advantages and disadvantages of concurrency as inseparable functions within the operating system framework.; Understand how architecture level implementation results in concurrency problems including race conditions.; Understand concurrency issues in multiprocessor systems.; Understand the range of mechanisms that can be employed at the operating system level to realize concurrent systems and describe the benefits of each.; Understand techniques for achieving synchronization in an operating system (e.g., describe how a semaphore can be implemented using OS primitives) including intra-concurrency control and use of hardware atomics.; Accurately analyze code to identify race conditions and appropriate solutions for addressing race conditions. OS.4 Protection and Safety (os protection, os safety) Overview of operating system security mechanisms (See also: SEC-Foundations); Attacks and antagonism (scheduling, etc.) (See also: SEC-Foundations); Review of major vulnerabilities in real operating systems (See also: SEC-Foundations); Operating systems mitigation strategies such as backups (See also: SF-Reliability) Policy/mechanism separation (See also: SEC-Governance); Security methods and devices (See also: SEC-Foundations) Example concepts:; Rings of protection (history from Multics to virtualized x86); x86_64 rings -1 and -2 (hypervisor and ME/PSP); Protection, access control, and authentication (See also: SEC-Foundations, SEC-Crypto) Understand the requirement for protection and security mechanisms in operating systems.; List and describe the attack vectors that leverage OS vulnerabilities.; Understand the mechanisms available in an OS to control access to resources.; Summarize the features and limitations of an operating system that impact protection and security. OS.5 Scheduling (scheduling, scheduler) Preemptive and non-preemptive scheduling; Schedulers and policies (e.g., first come, first serve, shortest job first, priority, round robin, multilevel) (See also: SF-Resource); Concepts of Symmetric Multi-Processor (SMP) scheduling and cache coherence (See also: AR- Memory); Timers (e.g., building many timers out of finite hardware timers) (See also: AR-Assembly); Fairness and starvation Subtopics of operating systems such as energy-aware scheduling and real-time scheduling (See also: AR-Performance-Energy, SPD-Embedded, SPD-Mobile); Cooperative scheduling, such as Linux futexes and userland scheduling. Compare and contrast the common algorithms used for both preemptive and non-preemptive scheduling of tasks in operating systems, such as priority, performance comparison, and fair-share schemes.; Explain the relationships between scheduling algorithms and application domains.; Explain the distinctions among types of processor scheduler such as short-term, medium-term, long-term, and I/O.; Evaluate a problem or solution to determine appropriateness for asymmetric and/or symmetric multiprocessing.; Evaluate a problem or solution to determine appropriateness as a process vs threads.; List some contexts benefitting from preemption and deadline scheduling.; Explain the ways that the logic embodied in scheduling algorithms are applicable to other operating systems mechanisms, such as first come first serve or priority to disk I/O, network scheduling, project scheduling, and problems beyond computing. OS.6 Process Model (process model) Processes and threads relative to virtualization protected memory, process state, memory isolation,;; Memory footprint/segmentation (e.g., stack, heap, etc.) (See also: AR-Assembly); Creating and loading executables, shared libraries, and dynamic linking (See also: FPL-Translation); Dispatching and context switching (See also: AR-Assembly); Interprocess communication (e.g., shared memory, message passing, signals, environment variables) (See also: PDC-Communication) Understand how processes and threads use concurrency features to virtualize control.; Understand reasons for using interrupts, dispatching, and context switching to support concurrency and virtualization in an operating system.; Understand the different states that a task may pass through, and the data structures needed to support the management of many tasks.; Understand the different ways of allocating memory to tasks, citing the relative merits of each.; Apply the appropriate interprocess communication mechanism for a specific purpose in a programmed software artifact. OS.7 Memory Management (memory management) Review of physical memory, address translation and memory management hardware (See also: AR-Memory, MSF-Discrete); Impact of memory hierarchy including cache concept, cache lookup, and per-CPU caching on operating system mechanisms and policy (See also: AR-Memory, SF-Performance); Logical and physical addressing, address space virtualization (See also: AR-Memory, MSF- Discrete); Concepts of paging, page replacement, thrashing and allocation of pages and frames; Allocation/deallocation/storage techniques (algorithms and data structure) performance and flexibility Example concept: Arenas, slab allocators, free lists, size classes, heterogeneously sized pages (huge pages); Memory caching and cache coherence and the effect of flushing the cache to avoid speculative execution vulnerabilities (See also: AR-Organization, AR-Memory, SF-Performance); Security mechanisms and concepts in memory management including sandboxing, protection, isolation, and relevant vectors of attack (See also: SEC-Foundations) Virtual memory: leveraging virtual memory hardware for OS services and efficiency Explain memory hierarchy and cost-performance tradeoffs.; Summarize the principles of virtual memory as applied to caching and paging.; Evaluate the tradeoffs in terms of memory size (main memory, cache memory, auxiliary memory) and processor speed.; Describe the reason for and use of cache memory (performance and proximity, how caches complicate isolation and virtual machine abstraction).; Code/Develop efficient programs that consider the effects of page replacement and frame allocation on the performance of a process and the system in which it executes.; Explain how hardware is utilized for efficient virtualization OS.8 Device Management (device management) Buffering strategies (See also: AR-IO); Direct Memory Access (DMA) and polled I/O, Memory-mapped I/O (See also: AR-IO) Example concept: DMA communication protocols (e.g., ring buffers etc.); Historical and contextual - Persistent storage device management (e.g., magnetic, Solid State Device (SSD)) (See also: SEP-History) Device interface abstractions, hardware abstraction layer; Device driver purpose, abstraction, implementation, and testing challenges; High-level fault tolerance in device communication Explain architecture level device control implementation and link relevant operating system mechanisms and policy (e.g., buffering strategies, direct memory access).; Explain OS device management layers and the architecture (e.g., device controller, device driver, device abstraction).; Explain the relationship between the physical hardware and the virtual devices maintained by the operating system.; Explain I/O data buffering and describe strategies for implementing;; Describe the advantages and disadvantages of direct memory access and discuss the circumstances in which its use is warranted.; Describe the complexity and best practices for the creation of device drivers OS.9 File Systems API and Implementation (file systems) Concept of a file including data, metadata, operations, and access-mode; File system mounting; File access control; File sharing; Basic file allocation methods, including linked allocation table; File system structures comprising file allocation including various directory structures and methods for uniquely identifying files (e.g., name, identified or metadata storage location); Allocation/deallocation/storage techniques (algorithms and data structure) impact on performance and flexibility (i.e., internal and external fragmentation and compaction); Free space management such as using bit tables vs linking; Implementation of directories to segment and track file location Explain the choices to be made in designing file systems.; Evaluate different approaches to file organization, recognizing the strengths and weaknesses of each.; Apply software constructs appropriately given knowledge of the file system implementation OS.10 Advanced File Systems (file system architecture) File systems: partitioning, mount/unmount, virtual file systems; In-depth implementation techniques; Memory-mapped files (See also: AR-IO ); Special-purpose file systems; Naming, searching, access, backups; Journaling and log-structured file systems (See also: SF-Reliability) Distributed file systems; Encrypted file systems; Fault tolerance Explain how hardware developments have led to changes in the priorities for the design and the management of file systems.; Map file abstractions to a list of relevant devices and interfaces.; Identify and categorize different mount types.; Explain specific file systems requirements and the specialized file systems features that meet those requirements.; Explain the use of journaling and how log-structured file systems enhance fault tolerance.; Explain purpose and complexity of distributed file systems.; List examples of distributed file systems protocols.; Explain mechanisms in file systems to improve fault tolerance. OS.11 Virtualization (virtualization) Using virtualization and isolation to achieve protection and predictable performance. (See also: SF- Performance); Advanced paging and virtual memory. (See also: SF-Performance); Virtual file systems and virtual devices.; Containers and their comparison to virtual machines.; Thrashing (e.g., Popek and Goldberg requirements for recursively virtualizable systems) Types of virtualizations (including hardware/software, OS, server, service, network). (See also: SF- Performance); Portable virtualization; emulation vs isolation. (See also: SF-Performance); Cost of virtualization. (See also: SF-Performance); Virtual machines and container escapes, dangers from a security perspective. (See also: SEC- Engineering); Hypervisors- hardware virtual machine extensions, hosts with kernel support, QEMU KVM Explain how hardware architecture provides support and efficiencies for virtualization.; Explain the difference between emulation and isolation.; Evaluate virtualization tradeoffs; Explain hypervisors and the need for them in conjunction with different types of hypervisors. OS.12 Real-time and Embedded Systems (real-time operating system, RTOS, embedded) Process and task scheduling.; Deadlines and real-time issues. (See also: SPD-Embedded); Low-latency vs 'soft real-time" vs "hard real time." (See also: SPD-Embedded, FPL-Event-Driven) Memory/disk management requirements in a real-time environment.; Failures, risks, and recovery.; Special concerns in real-time systems (safety). Explain what makes a system a real-time system.; Explain latency and its sources in software systems and its characteristics.; Explain special concerns that real-time systems present, including risk, and how these concerns are addressed.; Explain specific real time operating systems features and mechanisms OS.13 Fault Tolerance (fault tolerance) Reliable and available systems. (See also: SF-Reliability); Software and hardware approaches to address tolerance (RAID). (See also: SF-Reliability) Spatial and temporal redundancy. (See also: SF-Reliability); Methods used to implement fault tolerance. (See also: SF-Reliability); Error identification and correction mechanisms, checksums of volatile memory in RAM. (See also: AR-Memory); File system consistency check and recovery.; Journaling and log-structured file systems. (See also: SF-Reliability); Use-cases for fault-tolerance (databases, safety-critical). (See also: SF-Reliability); Examples of OS mechanisms for detection, recovery, restart to implement fault tolerance, use of these techniques for the OS’s own services. (See also: SF-Reliability) Explain how operating systems can facilitate fault tolerance, reliability, and availability.; Explain the range of methods for implementing fault tolerance in an operating system.; Explain how an operating system can continue functioning after a fault occurs.; Explain the performance and flexibility tradeoffs that impact using fault tolerance.; Describe operating systems fault tolerance issues and mechanisms in detail OS.14 Society, Ethics, and the Profession (society ethics profession) Open source in operating systems. (See also: SEP-IP) Example concepts:; Identification of vulnerabilities in open-source kernels,; Open-source guest operating systems,; Open-source host operating systems, and; Changes in monetization (paid vs free upgrades).; End-of-life issues with sunsetting operating systems. Example concept: Privacy implications of using proprietary operating systems/operating environments, including telemetry, automated scanning of personal data, built-in advertising, and automatic cloud integration. Explain advantages and disadvantages of finding and addressing bugs in open-source kernels.; Contextualize history and positive and negative impact of Linux as an open-source product.; List complications with reliance on operating systems past end-of-life.; Understand differences in finding and addressing bugs for various operating systems payment models. PDC Parallel and Distributed Computing (parallel compute, distributed compute) Parallel and distributed programming arranges, coordinates, and controls multiple computations occurring at the same time across different places. The ubiquity of parallelism and distribution are inevitable consequences of increasing numbers of gates in processors, processors in computers, and computers everywhere that may be used to improve performance compared to sequential programs, while also coping with the intrinsic interconnectedness of the world, and the possibility that some components or connections fail or behave maliciously. Parallel and distributed programming removes the restrictions of sequential programming that require computational steps to occur in a serial order in a single place, revealing further distinctions, techniques, and analyses applying at each layer of computing systems. In most conventional usage, 'parallel' programming focuses on establishing and coordinating multiple activities that may occur at the same time, 'distributed' programming focuses on establishing and coordinating activities that may occur in different places, and 'concurrent' programming focuses on interactions of ongoing activities with each other and the environment. However, all three terms may apply in most contexts. Parallelism generally implies some form of distribution because multiple activities occurring without sequential ordering constraints happen in multiple physical places (unless they rely on context-switching or quantum effects). Conversely, actions in different places need not bear any specific sequential ordering with respect to each other in the absence of communication constraints. Parallel, distributed, and concurrent programming techniques form the core of High Performance Computing (HPC), distributed systems, and increasingly, nearly every computing application. The PDC knowledge area has evolved from a diverse set of advanced topics into a central body of knowledge and practice, permeating almost every other aspect of computing. Growth of the field has occurred irregularly across different subfields of computing, sometimes with different goals, terminology, and practices, masking the considerable overlap of basic ideas and skills that are the primary focus of this knowledge area. Nearly every problem with a sequential solution also admits parallel and/or distributed solutions; additional problems and solutions arise only in the context of concurrency. Nearly every application domain of parallel and distributed computing is a well-developed area of study and/or engineering too large to enumerate. PDC.1 Programs (parallel programs) Parallelism; Declarative parallelism: Determining which actions may, or must not, be performed in parallel, at the level of instructions, functions, closures, composite actions, sessions, tasks, and services is the main idea underlying PDC algorithms; failing to do so is the main source of errors. (See also: PDC-Algorithms); Defining order: for example, using happens-before relations or series/parallel directed acyclic graphs representing programs.; Independence: determining when ordering does not matter, in terms of commutativity, dependencies, preconditions.; Ensuring ordering among otherwise parallel actions when necessary, including locking, safe publication; and imposing communication – sending a message happens before receiving it; conversely relaxing when unnecessary.; Distribution; Defining places, as devices executing actions, including hardware components, remote hosts, may also include external, uncontrolled devices, hosts, and users. (See also: AR-IO); One device may time-slice or otherwise emulate multiple parallel actions by fewer processors by scheduling and virtualization. (See also: OS-Scheduling); Naming or identifying places (e.g., device IDs) and actions as parties (e.g., thread IDs).; Activities across places may communicate across media. (See also: PDC-Communication); Starting activities; Options that enable actions to be performed (eventually) at places range from hardwiring to configuration scripts; also establishing communication and resource management; these are expressed differently across languages and contexts, usually relying on automated provisioning and management by platforms (See also: SF-Resources); Procedural: Enabling multiple actions to start at a given program point; for example, starting new threads, possibly scoping, or otherwise organizing them in hierarchical groups; Reactive: Enabling upon an event by installing an event handler, with less control of when actions begin or end, and may apply even on uniprocessors; Dependent: Enabling upon completion of others; for example, sequencing sets of parallel actions (See also: PDC-Coordination); Granularity: Execution cost of action bodies should outweigh the overhead of arranging them 220; Execution Properties; Nondeterministic execution of unordered actions; Consistency: Ensuring agreement among parties about values and predicates when necessary to avoid races, maintain safety and atomicity, or arrive at consensus; Fault tolerance: Handling failures in parties or communication, including (Byzantine) misbehavior due to untrusted parties and protocols, when necessary to maintain progress or availability (See also: SF-Reliability); Tradeoffs are one focus of evaluation (See also: PDC-Evaluation) One or more of the following mappings and mechanisms across layered systems:; CPU data- and instruction-level-parallelism (See also: AR-Organization); SIMD and heterogeneous data parallelism (See also: AR-Heterogeneity); Multicore scheduled concurrency, tasks, actors (See also: OS-Scheduling); Clusters, clouds; elastic provisioning. (See also: SPD-Common); Networked distributed systems (See also: NC-Applications); Emerging technologies such as quantum computing and molecular computing Graphically show (as a Directed Acyclic Graph (DAG)) how to parallelize a compound numerical expression; for example, a = (b + c) * (d + e).; Explain why the concepts of consistency and fault tolerance do not arise in purely sequential programs.; Write a function that efficiently counts events such as networking packet receptions.; Write a filter/map/reduce program in multiple styles.; Write a service that creates a thread (or other procedural form of activation) to return a requested web page to each new client. PDC.2 Communication (parallel communication, distributed communication) Media; Varieties: channels (message passing or I/O), shared memory, heterogeneous, data stores; Reliance on the availability and nature of underlying hardware, connectivity, and protocols; language support, emulation (See also: AR-IO); Channels; Explicit (usually named) party-to-party communication media; APIs: Sockets, architectural, language-based, and toolkit constructs, such as Message Passing Interface (MPI), and layered constructs such as Remote Procedure Call (RPC) (See also: NC-Fundamentals); I/O channel APIs; Memory 221; Shared memory architectures in which parties directly communicate only with memory at given addresses, with extensions to heterogeneous memory supporting multiple memory stores with explicit data transfer across them; for example, GPU local and shared memory, Direct Memory Access (DMA); Memory hierarchies: Multiple layers of sharing domains, scopes, and caches; locality: latency, false-sharing; Consistency properties: Bitwise atomicity limits, coherence, local ordering; Data Stores; Cooperatively maintained data structures implementing maps and related ADTs; Varieties: Owned, shared, sharded, replicated, immutable, versioned One or more of the following properties and extensions; Topologies: Unicast, Multicast, Mailboxes, Switches; Routing via hardware and software interconnection networks; Media concurrency properties: Ordering, consistency, idempotency, overlapping communication with computation; Media performance: Latency, bandwidth (throughput) contention (congestion), responsiveness (liveness), reliability (error and drop rates), protocol-based progress (acks, timeouts, mediation); Media security properties: integrity, privacy, authentication, authorization (See also: SEC- Secure Coding); Data formats: Marshaling, validation, encryption, compression; Channel policies: Endpoints, sessions, buffering, saturation response (waiting vs dropping), rate control; Multiplexing and demultiplexing many relatively slow I/O devices or parties; completion- based and scheduler-based techniques; async-await, select and polling APIs; Formalization and analysis of channel communication; for example, CSP; Applications of queuing theory to model and predict performance.; Memory models: sequential and release/acquire consistency; Memory management; including reclamation of shared data; reference counts and alternatives; Bulk data placement and transfer; reducing message traffic and improving locality; overlapping data transfer and computation; impact of data layout such as array-of-structs vs struct-of-arrays; Emulating shared memory: distributed shared memory, Remote Direct Memory Access (RDMA); Data store consistency: Atomicity, linearizability, transactionality, coherence, causal ordering, conflict resolution, eventual consistency, blockchains; Faults, partitioning, and partial failures; voting; protocols such as Paxos and Raft.; Design tradeoffs among consistency, availability, partition (fault) tolerance; impossibility of meeting all at once; Security and trust: Byzantine failures, proof of work and alternatives Explain the similarities and differences among: (1) Party A sends a message on channel X with contents 1 received by party B (2) A sets shared variable X to 1, read by B (3) A sets 'X=1’ in a distributed shared map accessed by B.; Write a program that distributes different segments of a data set to multiple workers, and collects results (for the simplest example, summing segments of an array).; Write a parallel program that requests data from multiple sites and summarizes them using some form of reduction.; Compare the performance of buffered versus unbuffered versions of a producer-consumer program.; Determine whether a given communication scheme provides sufficient security properties for a given usage.; Give an example of an ordering of accesses among concurrent activities (e.g., program with a data race) that is not sequentially consistent.; Give an example of a scenario in which blocking message sends can deadlock.; Describe at least one design technique for avoiding liveness failures in programs using multiple locks.; Write a program that illustrates memory-access or message reordering.; Describe the relative merits of optimistic versus conservative concurrency control under different rates of contention among updates.; Give an example of a scenario in which an attempted optimistic update may never complete.; Modify a concurrent system to use a more scalable, reliable, or available data store.; Using an existing platform supporting replicated data stores, write a program that maintains a key-value mapping even when one or more hosts fail. PDC.3 Coordination (parallel coordination) Dependencies; Initiation or progress of one activity may be dependent on other activities, so as to avoid race conditions, ensure termination, or meet other requirements; Ensuring progress by avoiding dependency cycles, using monotonic conditions, removing inessential dependencies; Control constructs and design patterns; Completion-based: Barriers, joins, including termination control; Data-enabled: Queues, producer-consumer designs; Condition-based: Polling, retrying, backoffs, helping, suspension, signaling, timeouts; Reactive: Enabling and triggering continuations; Atomicity; Atomic instructions, enforced local access orderings; Locks and mutual exclusion; lock granularity; Using locks in a specific language; maintaining liveness without introducing races 223; Deadlock avoidance: Ordering, coarsening, randomized retries; backoffs, encapsulation via lock managers; Common errors: Failing to lock or unlock when necessary, holding locks while invoking unknown operations; Avoiding locks: replication, read-only, ownership, and non-blocking constructions One or more of the following properties and extensions; Progress properties including lock-free, wait-free, fairness, priority scheduling, interactions with consistency, reliability; Performance with respect to contention, granularity, convoying, scaling; Non-blocking data structures and algorithms; Ownership and resource control; Lock variants and alternatives: sequence locks, read-write locks; Read-Copy-Update (RCU), reentrancy; tickets; controlling spinning versus blocking; Transaction-based control: Optimistic and conservative; Distributed locking: reliability; Alternatives to barriers: Clocks; counters, virtual clocks; dataflow and continuations; futures and RPC; consensus-based, gathering results with reducers and collectors; Speculation, selection, cancellation; observability and security consequences; Resource control using semaphores and condition variables; Control flow: Scheduling computations, series-parallel loops with (possibly elected) leaders, pipelines and streams, nested parallelism; Exceptions and failures. Handlers, detection, timeouts, fault tolerance, voting Show how to avoid or repair a race error in a given program.; Show how to ensure that a program correctly terminates when all of a set of concurrent tasks have completed.; Write a function that efficiently counts events such as sensor inputs or networking packet receptions.; Write a filter/map/reduce program in multiple styles.; Write a program in which the termination of one set of parallel actions is followed by another.; Write a program that speculatively searches for a solution by multiple activities, terminating others when one is found.; Write a program in which a numerical exception (such as divide by zero) in one activity causes termination of others.; Write a program for multiple parties to agree upon the current time of day; discuss its limitations compared to protocols such as network transfer protocol (NTP).; Write a service that creates a thread (or other procedural form of activation) to return a requested web page to each new client. PDC.4 Evaluation (parallel evaluation) Safety and liveness requirements in terms of temporal logic constructs to express 'always' and 'eventually' (See also: FPL-Parallel); Identifying, testing for, and repairing violations, including common forms of errors such as failure to ensure necessary ordering (race errors), atomicity (including check-then-act errors), and termination (livelock); Performance requirements metrics for throughput, responsiveness, latency, availability, energy consumption, scalability, resource usage, communication costs, waiting and rate control, fairness; service level agreements (See also: SF-Performance); Performance impact of design and implementation choices, including granularity, overhead, consensus costs, and energy consumption (See also: SEP-Sustainability); Estimating scalability limitations, for example using Amdahl’s Law or Universal Scalability Law (See also: SF-Evaluation) One or more of the following methods and tools:; Extensions to formal sequential requirements such as linearizability; Protocol, session, and transactional specifications; Use of tools such as Unified Modelling Language (UML), Temporal Logic of Actions (TLA), program logics; Security analysis: safety and liveness in the presence of hostile or buggy behaviors by other parties; required properties of communication mechanisms (for example lack of cross-layer leakage), input screening, rate limiting (See also: SEC-Foundations); Static analysis applied to correctness, throughput, latency, resources, energy (See also: SEP-Sustainability); Directed Acyclic Graph (DAG) model analysis of algorithmic efficiency (work, span, critical paths); Testing and debugging; tools such as race detectors, fuzzers, lock dependency checkers, unit/stress/torture tests, visualizations, continuous integration, continuous deployment, and test generators; Measuring and comparing throughput, overhead, waiting, contention, communication, data movement, locality, resource usage, behavior in the presence of excessive numbers of events, clients, or threads (See also: SF-Evaluation); Application domain specific analyses and evaluation techniques Revise a specification to enable parallelism and distribution without violating other essential properties or features.; Explain how concurrent notions of safety and liveness extend their sequential counterparts.; Specify a set of invariants that must hold at each bulk-parallel step of a computation. 225; Write a test program that can reveal a data race error; for example, missing an update when two activities both try to increment a variable.; In a given context, explain the extent to which introducing parallelism in an otherwise sequential program would be expected to improve throughput and/or reduce latency, and how it may impact energy efficiency.; Show how scaling and efficiency change for sample problems without and with the assumption of problem size changing with the number of processors; further explain whether and how scalability would change under relaxations of sequential dependencies.; Specify and measure behavior when a service is requested by unexpectedly many clients.; Identify and repair a performance problem due to sequential bottlenecks.; Empirically compare throughput of two implementations of a common design (perhaps using an existing test harness framework).; Identify and repair a performance problem due to communication or data latency.; Identify and repair a performance problem due to communication or data latency.; Identify and repair a performance problem due to resource management overhead.; Identify and repair a reliability or availability problem. PDC.5 Algorithms (parallel algorithm, distributed algorithm) Expressing and implementing algorithms in given languages and frameworks, to initiate activities (for example threads), use shared memory constructs, and channel, socket, and/or remote procedure call APIs. (See also: FPL-Parallel).; Data parallel examples including map/reduce.; Using channel, socket, and/or RPC APIs in a given language, with program control for sending (usually procedural) vs receiving. (usually reactive or RPC-based).; Using locks, barriers, and/or synchronizers to maintain liveness without introducing races.; Survey of common application domains across multicore, reactive, data parallel, cluster, cloud, open distributed systems, and frameworks One of more of the following algorithmic domains. (See also: AL-Strategies):; Linear algebra: Vector and matrix operations, numerical precision/stability, applications in data analytics and machine learning.; Data processing: sorting, searching and retrieval, concurrent data structures.; Graphs, search, and combinatorics: Marking, edge-parallelization, bounding, speculation, network-based analytics.; Modeling and simulation: differential equations; randomization, N-body problems, genetic algorithms.; Computational logic: satisfiability (SAT), concurrent logic programming.; Graphics and computational geometry: Transforms, rendering, ray-tracing.; Resource management: Allocating, placing, recycling and scheduling processors, memory, channels, and hosts; exclusive vs shared resources; static, dynamic and elastic algorithms; Real-time constraints; Batching, prioritization, partitioning; decentralization via work-stealing and related techniques.; Services: Implementing web APIs, electronic currency, transaction systems, multiplayer games. Implement a parallel/distributed component based on a known algorithm.; Write a data-parallel program that for example computes the average of an array of numbers.; Write a producer-consumer program in which one component generates numbers, and another computes their average. Measure speedups when the numbers are small scalars versus large multi-precision values.; Extend an event-driven sequential program by establishing a new activity in an event handler (for example a new thread in a GUI action handler).; Improve the performance of a sequential component by introducing parallelism and/or distribution.; Choose among different parallel/distributed designs for components of a given system.; Design, implement, analyze, and evaluate a component or application for X operating in a given context, where X is in one of the listed domains, for example, a genetic algorithm for factory floor design.; Critique the design and implementation of an existing component or application, or one developed by classmates.; Compare the performance and energy efficiency of multiple implementations of a similar design, for example, multicore versus clustered versus GPU. SDF Software Development Fundamentals (software development basics, dev ops) Fluency in the process of software development is fundamental to the study of computer science. To use computers to solve problems most effectively, students must be competent at reading and writing programs. Beyond programming skills, however, they must be able to select and use appropriate data structures and algorithms and use modern development and testing tools. The SDF knowledge area brings together fundamental concepts and skills related to software development, focusing on concepts and skills that should be taught early in a computer science program, typically in the first year. This includes fundamental programming concepts and their effective use in writing programs, use of fundamental data structures which may be provided by the programming language, basics of programming practices for writing good quality programs, reading, and understanding programs, and some understanding of the impact of algorithms on the performance of the programs. The 43 hours of material in this knowledge area may be augmented with core material from other knowledge areas as students progress to mid- and upper-level courses. This knowledge area assumes a contemporary programming language with built-in support for common data types including associative data types like dictionaries/maps as the vehicle for introducing students to programming (e.g., Python, Java). However, this is not to discourage the use of older or lower-level languages for SDF — the knowledge units below can be suitably adapted for the actual language used. The emergence of generative AI and Large Language Models (LLMs), which can generate programs for many programming tasks, will undoubtedly affect the programming profession and consequently the teaching of many CS topics. However, to be able to effectively use generative AI in programming tasks, a programmer must have a good understanding of programs, and hence must still learn the foundations of programming and develop basic programming skills - which is the aim of SDF. Consequently, we feel that the desired outcomes for SDF should remain the same, though different instructors may now give more emphasis to program understanding, documenting, specifications, analysis, and testing. (This is like teaching students multiplication, addition,; even though calculators can be used to do them) SDF.1 Fundamental Programming Concepts and Practices (programming concepts, coding best practices) Basic concepts such as variables, primitive data types, expressions, and their evaluation 231; How imperative programs work: state and state transitions on execution of statements, flow of control; Basic constructs such as assignment statements, conditional and iterative statements, basic I/O; Key modularity constructs such as functions (and methods and classes, if supported in the language) and related concepts like parameter passing, scope, abstraction, data encapsulation (See also: FPL-OOP); Input and output using files and APIs; Structured data types available in the chosen programming language like sequences (e.g., arrays, lists), associative containers (e.g., dictionaries, maps), others (e.g., sets, tuples) and when and how to use them (See also: AL-Foundational); Libraries and frameworks provided by the language (when/where applicable); Recursion; Dealing with runtime errors in programs (e.g., exception handling).; Basic concepts of programming errors, testing, and debugging (See also: SE-Construction, SEC- Coding); Documenting/commenting code at the program and module level.(See also: SE-Construction); Develop a security mindset. (See also: SEC-Foundations) Develop programs that use the fundamental programming constructs: assignment and expressions, basic I/O, conditional and iterative statements.; Develop programs using functions with parameter passing.; Develop programs that effectively use the different structured data types provided in the language like arrays/lists, dictionaries, and sets.; Develop programs that use file I/O to provide data persistence across multiple executions.; Develop programs that use language-provided libraries and frameworks (where applicable).; Develop programs that use APIs to access or update data (e.g., from the web).; Develop programs that create simple classes and instantiate objects of those classes (if supported by the language).; Explain the concept of recursion and identify when and how to use it effectively.; Develop recursive functions.; Develop programs that can handle runtime errors.; Read a given program and explain what it does.; Write comments for a program or a module specifying what it does.; Trace the flow of control during the execution of a program.; Use appropriate terminology to identify elements of a program (e.g., identifier, operator, operand). SDF.2 Fundamental Data Structures (data structures, data types) Standard abstract data types such as lists, stacks, queues, sets, and maps/dictionaries, including operations on them. 232; Selecting and using appropriate data structures.; Performance implications of choice of data structure(s).; Strings and string processing. Write programs that use each of the key abstract data types provided in the language (e.g., arrays, tuples/records/structs, lists, stacks, queues, and associative data types like sets, dictionaries/maps).; Select the appropriate data structure for a given problem.; Explain how the performance of a program may change when using different data structures or operations.; Write programs that work with text by using string processing capabilities provided by the language SDF.3 Algorithms (basic algorithms) Concept of algorithm and notion of algorithm efficiency; Some common algorithms (e.g., sorting, searching, tree traversal, graph traversal); Impact of algorithms on time-space efficiency of programs Explain the role of algorithms for writing programs.; Demonstrate how a problem may be solved by different algorithms, each with different properties.; Explain some common algorithms (e.g., sorting, searching, tree traversal, graph traversal).; Explain the impact on space/time performance of some algorithms. SDF.5 Software Development Practices (software development, dev best practice) Basic testing, including test case design; Use of a general-purpose IDE, including its debugger; Programming style that improves readability; Specifying functionality of a module in a natural language. Develop tests for modules and apply a variety of strategies to design test cases.; Explain some limitations of testing programs.; Build, execute, and debug programs using a modern IDE and associated tools such as visual debuggers. 233; Apply basic programming style guidelines to aid readability of programs such as comments, indentation, proper naming of variables,;; Write specifications of a module as module comment describing its functionality. SDF.6 Society, Ethics, and the Profession (society ethics profession) Intellectual property rights of programmers for programs they develop.; Plagiarism and academic integrity.; Responsibility and liability of programmers regarding code they develop for solutions. (See also: SEC-Foundations); Basic professional work ethics of programmers. Explain/understand some of the intellectual property issues relating to programs.; Explain/understand when code developed by others can be used and proper ways of disclosing their;; Explain/understand the responsibility of programmers when developing code for an overall solution (which may be developed by a team).; Explain/understand one or more codes of conduct applicable to programmers. SE Software Engineering (software engineering) As far back as the early 1970s, British computer scientist Brian Randell allegedly said, 'Software engineering is the multi-person construction of multi-version programs.' This is an essential insight: while programming is the skill that governs our ability to write a program, software engineering is distinct in two dimensions: time and people. First, a software engineering project is a team endeavor; being a solitary programming expert is insufficient. Skilled software engineers must demonstrate expertise in communication and collaboration. Programming may be an individual activity, but software engineering is a collaborative one, deeply tied to issues of professionalism, teamwork, and communication. Second, a software engineering project is usually 'multi-version.' It has an expected lifespan; it needs to function properly for months, years, or decades. Features may be added or removed to meet product requirements. The engineering team itself will likely change. The technological context will shift, as our computing platforms evolve, programming languages change, dependencies upgrade,; This exposure to matters of time and change is novel when compared to a programming project: it isn’t enough to build a thing that works, instead it must work and stay working. Many of the most challenging topics in tech share 'time will lead to change' as a root cause: backward compatibility, version skew, dependency management, schema changes, protocol evolution. Software engineering presents a particularly difficult challenge for learning in an academic setting. Given that the major differences between programming and software engineering are time and teamwork, it is hard to generate lessons that require successful teamwork and that faithfully present the challenges of time. Additionally, some topics in software engineering will be more authentic and more relevant if our learners experience collaborative and long-term software engineering projects in vivo rather than in the classroom. Regardless of whether that happens as an internship, involvement in an open-source project, or full-time engineering role, a month of full-time hands-on experience has more available hours than the average software engineering course. SE.1 Teamwork (teamwork) Effective communication, including oral and written, as well as formal (email, docs, comments, presentations) and informal (team chat, meetings). (See also: SEP-Communication); Common causes of team conflict, and approaches for conflict resolution.; Cooperative programming:; Pair programming or Swarming; Code review; Collaboration through version control; Roles and responsibilities in a software team: (See also: SEP-Professional-Ethics); Advantages of teamwork; Risks and complexity of such collaboration; Team processes – responsibilities for tasks, effort estimation, meeting structure, work schedule; Importance of team diversity and inclusivity. (See also: SEP-Communication) Interfacing with stakeholders, as a team:; Management & other non-technical teams; Customers; Users; Risks associated with physical, distributed, hybrid, and virtual teams – including communication, perception, structure, points of failure, mitigation, and recovery, etc. Follow effective team communication practices.; Articulate the sources of, hazards of, and potential benefits of team conflict – especially focusing on the value of disagreeing about ideas or proposals without insulting people. 241; Facilitate a conflict-resolution and problem-solving strategy in a team setting.; Collaborate effectively in cooperative development/programming.; Propose and delegate necessary roles and responsibilities in a software development team.; Compose and follow an agenda for a team meeting.; Facilitate through involvement in a team project, the central elements of team building, establishing healthy team culture, and team management including creating and executing a team work plan.; Promote the importance of and benefits that diversity and inclusivity brings to a software development team.; Reference, as a team, the importance of, and strategies to interface with stakeholders outside the team on both technical and non-technical levels.; Enumerate the risks associated with physical, distributed, hybrid, and virtual teams and possible points of failure and how to mitigate against and recover/learn from failures. SE.2 Tools and Environments (se tools, se environments) Software configuration management and version control: (See also: SDF-Practices); Configuration in version control, reproducible builds/configuration.; Version control branching strategies. Development branches vs release branches. Trunk-based development.; Merging/rebasing strategies, when relevant. Release management.; Testing tools including static and dynamic analysis tools. (See also: SDF-Practices, SEC-Coding); Software process automation:; Build systems – the value of fast, hermetic, reproducible builds, compare/contrast approaches to building a project.; Continuous Integration (CI) – the use of automation and automated tests to do preliminary validation that the current head/trunk revision builds and passes (basic) tests.; Dependency management – updating external/upstream dependencies, package management, SemVer.; Design and communication tools (docs, diagrams, common forms of design diagrams like UML).; Tool integration concepts and mechanisms. (See also: SDF-Practices); Use of modern IDE facilities – debugging, refactoring, searching/indexing, ML-powered code assistants,; (See also: SDF-Practices) Describe the difference between centralized and distributed software configuration management.; Describe how version control can be used to help manage software release management.; Identify configuration items and use a source code control tool in a small team-based project. 242; Describe how available static and dynamic test tools can be integrated into the software development environment.; Understand the use of CI systems as a ground-truth for the state of the team’s shared code (build and test success).; Describe the issues that are important in selecting a set of tools for the development of a specific software system, including tools for requirements tracking, design modeling, implementation, build automation, and testing.; Demonstrate the capability to use software tools in support of the development of a software product of medium size. SE.3 Product Requirements (product requirements) Describe functional requirements using, for example, use cases or user stories.; Using at least one method of documenting and structuring functional requirements.; Understanding how the method supports design and implementation.; Strengths and weaknesses of using a specific approach.; Properties of requirements including consistency, validity, completeness, and feasibility.; Requirements elicitation.; Sources of requirements, for example, users, administrators, or support personnel.; Methods of requirement gathering, for example, surveys, interviews, or behavioral analysis.; Non-functional requirements, for example, security, usability, or performance, also called as Quality Attributes. (See also: SEP-Sustainability); Risk identification and management, including ethical considerations surrounding the proposed product. (See also: SEP-Professional-Ethics); Communicating and/or formalizing requirement specifications Prototyping a tool for both eliciting and validating/confirming requirements.; Product evolution: when requirements change, how to understand what effect that has and what changes need to be made.; Effort estimation:; Learning techniques for better estimating the effort required to complete a task;; Practicing estimation and comparing it to how long tasks take;; Effort estimation is quite difficult, so students are likely to be way off in many cases, but seeing the process play out with their own work is valuable. Compare different methods of eliciting requirements along multiple axes.; Identify differences between two methods of describing functional requirements (e.g., customer interviews, user studies) and the situations where each would be preferred.; Identify which behaviors are required, allowed, or barred from a given set of requirements and a list of candidate behaviors. 243; Collect a set of requirements for a simple software system.; Identify areas of a software system that need to be changed, given a description of the system and a set of new requirements to be implemented.; Identify the functional and non-functional requirements in a set of requirements.; Create a prototype of a software system to validate a set of requirements – building a mock-up, MVP,;; Estimate the time to complete a set of tasks, then compare estimates to the actual time taken.; Determine an implementation sequence for a set of tasks, adhering to dependencies between them, with a goal to retire risk as early as possible.; Write a requirement specification for a simple software system. SE.4 Software Design (software design) System design principles. (See also: SF-Reliability); Levels of abstraction (e.g., architectural design and detailed design); Separation of concerns; Information hiding; Coupling and cohesion; Software architecture. (See also: SF-Reliability); Design paradigms; Top-down functional decomposition/layered design; Data-oriented architecture; Object-oriented analysis and design; Event-driven design; Standard architectures (e.g., client-server and microservice architectures including REST discussions, n-layer, pipes-and-filters, Model View Controller); Identifying component boundaries and dependencies; Programming in the large vs programming in the small. (See also: SF-Reliability); Code smells and other indications of code quality, distinct from correctness. (See also: SEC- Engineering) API design principles; Consistency; Consistent APIs are easier to learn and less error-prone; Consistency is both internal (between different portions of the API) and external (following common API patterns); Composability; Documenting contracts; API operations should describe their effect on the system, but not generally their implementation; Preconditions, postconditions, and invariants 244; Expandability; Error reporting; Errors should be clear, predictable, and actionable; Input that does not match the contract should produce an error; Errors that can be reliably managed without reporting should be managed; Identifying and codifying data invariants and time invariants; Structural and behavioral models of software designs; Data design (See also: DM-Modeling); Data structures; Storage systems; Requirement traceability; Understanding which requirements are satisfied by a design Design modeling, for instance with class diagrams, entity relationship diagrams, or sequence diagrams; Measurement and analysis of design quality; Principles of secure design and coding (See also: SEC-Engineering); Principle of least privilege; Principle of fail-safe defaults; Principle of psychological acceptability; Evaluating design tradeoffs (e.g., efficiency vs reliability, security vs usability) Identify the standard software architecture of a given high-level design.; Select and use an appropriate design paradigm to design a simple software system and explain how system design principles have been applied in this design.; Adapt a flawed system design to better follow principles such as separation of concerns or information hiding.; Identify the dependencies among a set of software components in an architectural design.; Design an API for a single component of a large software system, including identifying and documenting each operation’s invariants, contract, and error conditions.; Evaluate an API description in terms of consistency, composability, and expandability.; Expand an existing design to include a new piece of functionality.; Design a set of data structures to implement a provided API surface.; Identify which requirements are satisfied by a provided software design.; Translate a natural language software design into class diagrams.; Adapt a flawed system design to better follow the principles of least privilege and fail-safe defaults.; Contrast two software designs across different qualities, such as efficiency or usability SE.5 Software Construction (software construction) Practical small-scale testing (See also: SDF-Practices); Unit testing; Test-driven development – This is particularly valuable for students psychologically, as it is far easier to engage constructively with the challenge of identifying challenging inputs for a given API (edge cases, corner cases) a priori. If they implement first, the instinct is often to avoid trying to crash their new creation, while a test-first approach gives them the intellectual satisfaction of spotting the problem cases and then watching as more tests pass during the development process.; Documentation (See also: SDF-Practices); Interface documentation – describe interface requirements, potentially including (formal or informal) contracts, pre and post conditions, invariants.; Implementation documentation should focus on tricky and non-obvious pieces of code, whether because the code is using advanced language features, or the behavior of the code is complex. (Do not add comments that re-state common/obvious operations and simple language features.); Clarify dataflow, computation, etc., focusing on what the code;; Identify subtle/tricky pieces of code and refactor to be self-explanatory if possible or provide appropriate comments to clarify. Coding style (See also: SDF-Practices); Style guides; Commenting; Naming; 'Best Practices' for coding: techniques, idioms/patterns, mechanisms for building quality programs (See also: SEC-Coding, SDF-Practices); Defensive coding practices; Secure coding practices and principles; Using exception handling mechanisms to make programs more robust, fault-tolerant; Debugging (See also: SDF-Practices); Logging; Use of libraries and frameworks developed by others (See also: SDF-Practices) Larger-scale testing; Test doubles (stubs, mocks, fakes); Dependency injection; Work sequencing, including dependency identification, milestones, and risk retirement; Dependency identification: Identifying the dependencies between different tasks; Milestones: A collection of tasks that serve as a marker of progress when completed. Ideally, the milestone encompasses a useful unit of functionality.; Risk retirement: Identifying what elements of a project are risky and prioritizing completing tasks that address those risks.; Potential security problems in programs (See also: SEC-Coding) 246; Buffer and other types of overflows; Race conditions; Improper initialization, including choice of privileges; Input validation; Documentation (autogenerated); Development context: 'green field' vs existing code base; Change impact analysis; Change actualization; Release management; DevOps practices Write appropriate unit tests for a small component (several functions, a single type, etc.).; Write appropriate interface and (if needed) implementation comments for a small component.; Describe techniques, coding idioms and mechanisms for implementing designs to achieve desired properties such as reliability, efficiency, and robustness.; Write robust code using exception handling mechanisms.; Describe secure coding and defensive coding practices.; Select and use a defined coding standard in a small software project.; Compare and contrast integration strategies including top-down, bottom-up, and sandwich integration.; Describe the process of analyzing and implementing changes to code base developed for a specific project.; Describe the process of analyzing and implementing changes to a large existing code base.; Rewrite a simple program to remove common vulnerabilities, such as buffer overflows, integer overflows and race conditions.; Write a software component that performs some non-trivial task and is resilient to input and run- time errors. SE.6 Software Verification and Validation (verification, validation, v&v) Verification and validation concepts; Verification: Are we building the thing right?; Validation: Did we build the right thing?; Why testing matters: Does the component remain functional as the code evolves?; Testing objectives; Usability; Reliability; Conformance to specification 247; Performance; Security; Test kinds; Unit; Integration; Validation; System; Stylistic differences between tests and production code: DAMP vs DRY – more duplication is warranted in test code. Test planning and generation; Test case generation, from formal models, specifications,;; Test coverage; Test matrices; Code coverage – how much of the code is tested?; Environment coverage – how many hardware architectures, operating systems, browsers,; are tested?; Test data and inputs; Test development; Test-driven development; Object oriented testing, mocking, and dependency injection; Opaque-box (previously, black-box) and transparent-box (previously, white-box) testing techniques; Test tooling, including code coverage, static analysis, and fuzzing; Verification and validation in the development cycle; Code reviews; Test automation, including automation of tooling; Pre-commit and post-commit testing; Tradeoffs between test coverage and throughput/latency of testing; Defect tracking and prioritization: reproducibility of reported defects; Domain specific verification and validation challenges; Performance testing and benchmarking; Asynchrony, parallelism, and concurrency; Safety-critical; Numeric Verification and validation tooling and automation; Static analysis; Code coverage; Fuzzing; Dynamic analysis and fault containment (sanitizers, etc.); Fault logging and fault tracking; Test planning and generation 248; Fault estimation and testing termination including defect seeding; Use of random and pseudo random numbers in testing; Performance testing and benchmarking; Throughput and latency; Degradation under load (stress testing, FIFO vs LIFO handling of requests); Speedup and scaling; Amdahl’s law; Gustafson's law; Soft and weak scaling; Identifying and measuring figures of merits; Common performance bottlenecks; Compute-bound; Memory-bandwidth bound; Latency-bound; Statistical methods and best practices for benchmarking; Estimation of uncertainty; Confidence intervals; Analysis and presentation (graphs, etc.); Timing techniques; Testing asynchronous, parallel, and concurrent systems; Verification and validation of non-code artifacts (documentation, training materials) Explain why testing is important.; Distinguish between program validation and verification.; Describe different objectives of testing.; Compare and contrast the different types and levels of testing (regression, unit, integration, systems, and acceptance).; Describe techniques for creating a test plan and generating test cases.; Create a test plan for a medium-size code segment which includes a test matrix and generation of test data and inputs.; Implement a test plan for a medium-size code segment.; Identify the fundamental principles of test-driven development methods and explain the role of automated testing in these methods.; Discuss issues involving the testing of object-oriented software.; Describe mocking and dependency injection and their application.; Undertake, as part of a team activity, a code review of a medium-size code segment.; Describe the role that tools can play in the validation of software.; Automate the testing in a small software project.; Explain the roles, pros, and cons of pre-commit and post-commit testing.; Discuss the tradeoffs between test coverage and test throughput/latency and how this can impact verification. 249; Use a defect tracking tool to manage software defects in a small software project.; Discuss the limitations of testing in certain domains.; Describe and compare different tools for verification and validation.; Automate the use of different tools in a small software project.; Explain how and when random numbers should be used in testing.; Describe approaches for fault estimation.; Estimate the number of faults in a small software application based on fault density and fault seeding.; Describe throughput and latency and provide examples of each.; Explain speedup and the different forms of scaling and how they are computed.; Describe common performance bottlenecks.; Describe statistical methods and best practices for benchmarking software.; Explain techniques for and challenges with measuring time when constructing a benchmark.; Identify the figures of merit, construct and run a benchmark, and statistically analyze and visualize the results for a small software project.; Describe techniques and issues with testing asynchronous, concurrent, and parallel software.; Create a test plan for a medium-size code segment which contains asynchronous, concurrent, and/or parallel code, including a test matrix and generation of test data and inputs.; Describe techniques for the verification and validation of non-code artifacts. SE.7 Refactoring and Code Evolution (refactoring) Hyrum’s Law/The Law of Implicit Interfaces; Backward compatibility; Compatibility is not a property of a single entity, it’s a property of a relationship.; Backward compatibility needs to be evaluated in terms of provider + consumer(s) or with a well- specified model of what forms of compatibility a provider aspires to/promises.; Refactoring; Standard refactoring patterns (rename, inline, outline, etc.); Use of refactoring tools in IDE; Application of static-analysis tools (to identify code in need of refactoring, generate changes, etc.); Value of refactoring as a remedy for technical debt; Versioning; Semantic Versioning (SemVer); Trunk-based development 'Large Scale' Refactoring – techniques when a refactoring change is too large to commit safely (large projects), or when it is impossible to synchronize change between provider + all consumers (multiple repositories, consumers with private code).; Express both old and new APIs so that they can co-exist.; Minimize the size of behavior changes. 250; Why these techniques are required, (e.g., 'API consumers I can see' vs 'consumers I can’t see'). Identify both explicit and implicit behavior of an interface and identify potential risks from Hyrum’s Law.; Consider inputs from static analysis tools and/or Software Design principles to identify code in need of refactoring.; Identify changes that can be broadly considered 'backward compatible,' potentially with explicit statements about what usage is or is not supported.; Refactor the implementation of an interface to improve design, clarity,; with minimal/zero impact on existing users.; Evaluate whether a proposed change is sufficiently safe given the versioning methodology in use for a given project.; Plan a complex multi-step refactoring to change default behavior of an API safely. SE.8 Software Reliability (software reliability) Concept of reliability as probability of failure or mean time between failures, and faults as cause of failures; Identifying reliability requirements for different kinds of software; Software failures caused by defects/bugs, and so for high reliability the goal is to have minimum defects – by injecting fewer defects (better training, education, planning), and by removing most of the injected defects (testing, code review, etc.); Software reliability, system reliability and failure behavior; Defect injection and removal cycle, and different approaches for defect removal; Compare the 'error budget' approach to reliability with the 'error-free' approach and identify domains where each is relevant. Software reliability models; Software fault tolerance techniques and models; Contextual differences in fault tolerance (e.g., crashing a flight critical system is strongly avoided, crashing a data processing system before corrupt data is written to storage is highly valuable); Software reliability engineering practices – including reviews, testing, practical model checking; Identification of dependent and independent failure domains, and their impact on system reliability; Measurement-based analysis of software reliability – telemetry, monitoring and alerting, dashboards, release qualification metrics, etc. Describe how to determine the level of reliability required by a software system.; Explain the problems that exist in achieving very high levels of reliability.; Understand approaches to minimizing faults that can be applied at each stage of the software lifecycle.; Demonstrate the ability to apply multiple methods to develop reliability estimates for a software system.; Identify methods that will lead to the realization of a software architecture that achieves a specified level of reliability.; Identify ways to apply redundancy to achieve fault tolerance.; Identify single-point-of-failure (SPF) dependencies in a system design. SE.9 Formal Methods (formal methods) Formal specification of interfaces; Specification of pre- and post- conditions; Formal languages for writing and analyzing pre- and post-conditions.; Problem areas well served by formal methods; Lock-free programming, data races; Asynchronous and distributed systems, deadlock, livelock,;; Comparison to other tools and techniques for defect detection; Testing; Fuzzing; Formal approaches to software modeling and analysis; Model checkers; Model finders Describe the role formal specification and analysis techniques can play in the development of complex software and compare their use as validation and verification techniques with testing.; Apply formal specification and analysis techniques to software designs and programs with low complexity.; Explain the potential benefits and drawbacks of using formal specification languages. SEC Security (security) Computing supports nearly every facet of modern critical infrastructure: transportation, communication, healthcare, education, energy generation and distribution, to name a; With rampant attacks on and breaches of this infrastructure, computer science graduates have an important role in designing, implementing, and operating software systems that are robust, safe, and secure. The Security (SEC) knowledge area focuses on developing a security mindset into the overall ethos of computer science graduates so that security is embedded in all their work products. Computer science students need to learn about system vulnerabilities and understand threats against computer systems. The Security title choice was intentional to serve as a one-word umbrella term for this knowledge area, which also includes concepts to support privacy, cryptography, secure systems, secure data, and secure code. The SEC knowledge area relies on shared concepts pervasive in all the other areas of CS2023. It identifies seven crosscutting concepts of cybersecurity: confidentiality, integrity, availability, risk assessment, systems thinking, adversarial thinking, and human-centered thinking. The seventh concept, human-centered thinking, is additional to the six crosscutting concepts originally defined in the Cybersecurity Curricula 2017 (CSEC2017) [1]. This addition reinforces to students that humans are also a link in the overall chain of security, a theme that is also covered in knowledge areas such as HCI. Principles of protecting systems (also in the DM, OS, SDF, SE and SF knowledge areas) include security-by-design, privacy-by-design, defense-in-depth, and zero-trust. Another concept is the notion of assurance, which is an attestation that security mechanisms need to comply with the security policies that have been defined for data, processes, and systems. Assurance is tied in with the concepts of verification and validation in the SE knowledge area. Considerations of data privacy and security are shared with the DM (technical aspects) and SEP knowledge areas. SEC.1 Foundational Security (security basics) Developing a security mindset incorporating crosscutting concepts: confidentiality, integrity, availability, risk assessment, systems thinking, adversarial thinking, human-centered thinking; Basic concepts of authentication and authorization/access control; Vulnerabilities, threats, attack surfaces, and attack vectors (See also: OS-Protection); Denial of Service (DoS) and Distributed Denial of Service (DDoS) (See also: OS-Protection); Principles and practices of protection, e.g., least privilege, open design, fail-safe defaults, defense in depth, and zero trust; and how they can be implemented (See also: OS-Principles, OS- Protection, SE-Construction, SEP-Security); Optimization considerations between security, privacy, performance, and other design goals (See also: SDF-Practices, SE-Validation, HCI-Design); Impact of AI on security and privacy: using AI to bolster defenses as well as address increased adversarial capabilities due to AI (See also: AI-SEP, HCI-Design, HCI-SEP) Access control models (e.g., discretionary, mandatory, role-based, and attribute-based); Security controls; Concepts of trust and trustworthiness; Applications of a security mindset: web, cloud, and mobile devices (See also: SF-System Design, SPD-Common); Protecting embedded and cyber-physical systems (See also: SPD-Embedded); Principles of usable security and human-centered computing (See also: HCI-Design, SEP-Security); Security and trust in AI/machine learning systems, e.g., fit for purpose, ethical operating boundaries, authoritative knowledge sources, verified training data, repeatable system evaluation tests, system attestation, independent validation/certification; unintended consequences from: adverse effect (See also: AI-Introduction, AI-ML, AI-SEP, SEP-Security); Security risks in building and operating AI/machine learning systems (e.g., algorithm bias, knowledge corpus bias, training corpus bias, copyright violation) (See also: AI-Introduction, AI-ML, AI-SEP); Hardware considerations in security, e.g., principles of secure hardware, secure processor architectures, cryptographic acceleration, compartmentalization, software-hardware interaction (See also: AR-Assembly, AR-Representation, OS-Purpose) Evaluate a system for possible attacks that can be launched by an adversary.; Design and develop approaches to protect a system from a set of identified threats.; Describe how harm to user privacy can be avoided.; Develop a system that incorporates various principles of security and privacy.; Compare the different access control models in terms of functionality and performance.; Show how an adversary could use machine learning algorithms to reduce the security of a system.; Show how a developer could improve the security of a system using machine learning algorithms.; Describe hardware (especially CPU) vulnerabilities that can impact software. SEC.2 Society, Ethics, and the Profession (society ethics profession) Principles and practices of privacy (See also: SEP-Security); Societal impacts on breakdowns in security and privacy (See also: SEP-Context, SEP-Privacy, SEP-Security); Applicability of laws and regulations on security and privacy (See also: SEP-Security); Professional ethical considerations when designing secure systems and maintaining privacy; ethical hacking (See also: SEP-Professional-Ethics, SEP-Privacy, SEP-Security) Security by design (See also: SF-Security, SF-Design); Privacy by design and privacy engineering (See also: SEP-Privacy, SEP-Security); Security and privacy implications of malicious AI/machine learning actors, e.g., identifying deep fakes (See also: AI-Introduction, AI-ML, SEP-Privacy, SEP-Security); Societal impacts of Internet of Things (IoT) devices and other emerging technologies on security and privacy (See also: SEP-Privacy, SEP-Security) Calculate the impact of a breakdown in security of a given system.; Construct a system that conforms to security laws.; Apply a set of privacy regulations to design a system that protects privacy.; Evaluate the legal ramifications of a system not corresponding to applicable laws and regulations.; Construct a system that is designed to avoid harm to user privacy SEC.3 Secure Coding (secure coding) Common vulnerabilities and weaknesses; SQL injection and other injection attacks; Cross-site scripting techniques and mitigations; Input validation and data sanitization (See also: OS-Protection, SDF-Fundamentals, SE-Validation); Type safety and type-safe languages (See also: FPL-Types, FPL-Systems, OS-Protection, SDF- Fundamentals, SE-Validation); Buffer overflows, stack smashing, and integer overflows (See also: AR-Assembly, FPL-Systems, OS-Protection); Security issues due to race conditions (See also: FPL-Parallel, PDC-Evaluation) Principles of noninterference and nondeducibility; Preventing information flow attacks; Offensive security techniques as a defense; AI-assisted malware detection techniques; Ransomware: creation, prevention, and mitigation; Secure use of third-party components (See also: SE-Construction, SE-Validation); Malware: varieties, creation, reverse engineering, and defense against them (See also: FPL- Systems, FPL-Translation); Assurance: testing (including fuzzing and penetration testing), verification, and validation (See also: OS-Protection, SDF-Fundamentals, SE-Construction, SE-Validation); Static and dynamic analyses (See also: FPL-Analysis, MSF-Protection, PDC-Evaluation, SE- Validation); Secure compilers and secure code generation (See also: FPL-Runtime, FPL-Translation) Identify underlying problems in given examples of an enumeration of common weaknesses and explain how they can be circumvented.; Apply input validation and data sanitization techniques to enhance security of a program.; Describe how the selection of a programming language can impact the security of the system being constructed.; Rewrite a program in a type-safe language (e.g., Java or Rust) originally written in an unsafe programming language (e.g., C/C++).; Evaluate a program for possible buffer overflow attacks and rewrite to prevent such attacks.; Evaluate a set of related programs for possible race conditions and prevent an adversary from exploiting them.; Evaluate and prevent SQL injections attacks on a database application.; Evaluate and prevent cross-site scripting attacks against a website.; Describe different kinds of malicious software.; Construct a program that tests for all input handling errors.; Explain the risks of misusing interfaces with third-party code and how to correctly use third-party code.; Discuss the need to update software to fix security vulnerabilities and the lifecycle management of the;; Construct a system that is protected from unauthorized information flows.; Apply static and dynamic tools to identify programming faults.; Evaluate a system for the existence of malware and remove;; Implement preventive techniques to reduce the occurrence of ransomware. SEC.4 Cryptography (cryptography) Differences between algorithmic, applied, and mathematical views of cryptography; Mathematical preliminaries: modular arithmetic, Euclidean algorithm, probabilistic independence, linear algebra basics, number theory, finite fields, complexity, asymptotic analysis (See also: MSF- Discrete, MSF-Linear); Basic cryptography: symmetric key and public key cryptography (See also: AL-Foundational, MSF- Discrete); Basic cryptographic building blocks, including symmetric encryption, asymmetric encryption, hashing, and message authentication (See also: MSF-Discrete); Classical cryptosystems, such as shift, substitution, transposition ciphers, code books, and machines (See also: MSF-Discrete); Kerckhoff’s principle and use of vetted libraries (See also: SE-Construction); Usage of cryptography in real-world applications, e.g., electronic cash, secure channels between clients and servers, secure electronic mail, entity authentication, device pairing, steganography, and voting systems (See also: NC-Security, GIT-Image) Additional mathematics: primality, factoring, and elliptic curve cryptography (See also: MSF- Discrete) 261; Private-key cryptosystems: substitution-permutation networks, linear cryptanalysis, differential cryptanalysis, DES, and AES (See also: MSF-Discrete, NC-Security); Public-key cryptosystems: Diffie-Hellman and RSA (See also: MSF-Discrete); Data integrity and authentication: hashing, and digital signatures (See also: MSF-Discrete, DM- Security); Cryptographic protocols: challenge-response authentication, zero-knowledge protocols, commitment, oblivious transfer, secure two- or multi-party computation, hash functions, secret sharing, and applications (See also: MSF-Discrete); Attacker capabilities: chosen-message attack (for signatures), birthday attacks, side channel attacks, and fault injection attacks (See also: NC-Security); Quantum cryptography; Post Quantum/Quantum resistant cryptography (See also: AL- Foundational, MSF-Discrete); Blockchain and cryptocurrencies (See also: MSF-Discrete, PDF-Communication) Explain the role of cryptography in supporting security and privacy.; Discuss the risks of inventing one’s own cryptographic methods.; Discuss the importance of prime numbers in cryptography and explain their use in cryptographic algorithms.; Implement and cryptanalyze classical ciphers.; Describe how crypto keys can be managed securely.; Compare the space and time performance of a given set of cryptographic methods.; Discuss how modern private-key cryptosystems work and ways to cryptanalyze them.; Discuss how modern public-key cryptosystems work and ways to cryptanalyze them.; Compare different cryptographic algorithms in terms of security.; Explain key exchange protocols and show approaches to reduce their failure.; Describe real-world applications of cryptographic primitives and protocols.; Discuss how quantum cryptography works and the impact of quantum computing on cryptographic algorithms. SEC.5 Security Analysis, Design, and Engineering (security analysis, security engineering) Security engineering goals: building systems that remain dependable despite errors, accidents, or malicious adversaries (See also: SE-Construction, SE-Validation, SEP-Security); Privacy engineering goals: building systems that design, implement, and deploy privacy features and controls (See also: SEP-Privacy); Problem analysis and situational analysis to address system security (See also: SE-Validation); Engineering tradeoff analysis based on time, cost, risk tolerance, risk acceptance, return on investment, and so on (See also: PDC-Evaluation, SE-Validation) Security design and engineering, including functional requirements, security subsystems, information protection, security testing, security assessment, and evaluation (See also: PDC- Evaluation, SE-Requirements, SE-Validation); Security analysis, covering security requirements analysis; security controls analysis; threat analysis; and vulnerability analysis (See also: FPL-Analysis, PDC-Evaluation); Security attack domains and attack surfaces, e.g., communications and networking, hardware, physical, social engineering, software, and supply chain (See also: NC-Security); Security attack modes, techniques, and tactics, e.g., authentication abuse; brute force; buffer manipulation; code injection; content insertion; denial of service; eavesdropping; function bypass; impersonation; integrity attack; interception; phishing; protocol analysis; privilege abuse; spoofing; and traffic injection (See also: NC-Security, OS-Protection, SE-Validation); Attestation of software products with respect to their specification and adaptiveness (See also: SE- Requirements, SE-Validation); Design and development of cyber-physical systems; Considerations for trustworthy computing, e.g., tamper resistant packaging, trusted boot, trusted kernel, hardware root of trust, software signing and verification, hardware-based cryptography, virtualization, and containers (See also: SE-Construction, SE-Validation) Create a threat model for a system or system design.; Apply situational analysis to develop secure solutions under a specified scenario.; Evaluate a given scenario for tradeoff analysis for system performance, risk assessment, and costs.; Design a set of technical security controls, countermeasures, and information protections to meet the security requirements and security objectives for a system.; Evaluate the effectiveness of security functions, technical controls, and componentry for a system.; Identify and mitigate security vulnerabilities and weaknesses in a system.; Evaluate and predict emergent behavior in areas such as Data Science, AI, and Machine Learning. SEC.6 Digital Forensics (digital forensics) Basic principles and methodologies for digital forensics; System design for forensics; Forensics in different situations: operating systems, file systems, application forensics, web forensics, network forensics, mobile device forensics, use of database auditing (See also: NC- Security); Attacks on forensics and preventing such attacks; Incident handling processes; Rules of evidence – general concepts and differences between jurisdictions (See also: SEP- Security); Legal issues: digital evidence protection and management, chains of custody, reporting, serving as an expert witness (See also: SEP-Security) Explain what a digital investigation is and how it can be implemented (See also: SEP-Security); Design and implement software to support forensics.; Describe legal requirements for using seized data and its usage. (See also: SEP-Security); Describe and implement an end-to-end chain of custody from initial digital evidence seizure to evidence disposal. (See also: SEP-Privacy, SEP-Security); Extract data from a hard drive to comply with the law (See also: SEP-Security); Discuss a person’s professional responsibilities and liabilities when testifying as a forensics expert (See also: SEP-Professional-Ethics); Recover data based on a given search term from an imaged system; Reconstruct data and events from an application history, or a web artifact, or a cloud database, or a mobile device. (See also: SPD-Mobile, SPD-Web); Capture and analyze network traffic. (See also: NC-Security); Develop approaches to address the challenges associated with mobile device forensics.; Apply forensics tools to investigate security breaches.; Identify and mitigate anti-forensic methods. SEC.7 Security Governance (security governance) Protecting critical assets from threats; Security governance: organizational objectives and general risk assessment; Security management: achieve and maintain appropriate levels of confidentiality, integrity, availability, accountability, authenticity, and reliability (See also: SE-Validation); Security policy: organizational policies, issue-specific policies, system-specific policies; Approaches to identifying and mitigating risks to computing infrastructure; Data lifecycle management policies: data collection, backups, and retention; cloud storage and services; breach disclosure (See also: DM-Security) Describe critical assets and how they can be protected.; Differentiate between security governance, management, and controls, giving examples of each.; Describe a technical control and implement it to mitigate specific threats.; Identify and assess risk of programs and database applications causing breaches.; Design and implement appropriate backup strategies conforming to a given policy.; Discuss a breach disclosure policy based on legal requirements and implement the policy.; Identify the risks and benefits of outsourcing to the cloud. SEP Society, Ethics, and the Profession (society ethics profession) The ACM Code of Ethics and Professional Conduct states: 'Computing professionals' actions change the world. To act responsibly, they should reflect upon the wider impacts of their work, consistently supporting the public good.' The IEEE Code of Ethics starts by recognizing 'the importance of our technologies in affecting the quality of life throughout the world.' The AAAI Code of Professional Ethics and Conduct begins with 'Computing professionals, and in particular, AI professionals’ actions change the world. To act responsibly, they should reflect upon the wider impacts of their work, consistently supporting the public good.' While technical issues dominate the computing curriculum, they do not constitute a complete educational program in the broader context. It is more evident today than ever that students must also be exposed to the larger societal context of computing to develop an understanding of the critical and relevant social, ethical, legal, and professional issues and responsibilities at hand. This need to incorporate the study of these non-technical issues into the ACM curriculum was formally recognized in 1991, as articulated in the following excerpt from CS1991 [1]. Undergraduates also need to understand the basic cultural, social, legal, and ethical issues inherent in the discipline of computing. They should understand where the discipline has been, where it is, and where it is heading. They should also understand their individual roles in this process, as well as appreciate the philosophical questions, technical problems, and aesthetic values that play an important part in the development of the discipline. Students also need to develop the ability to ask serious questions about the social impact of computing and to evaluate proposed answers to those questions. Future practitioners must be able to anticipate the impact of introducing a given product into a given environment. Will that product enhance or degrade the quality of life? What will the impact be upon individuals, groups, and institutions? Finally, students need to be aware of the basic legal rights of software and hardware vendors and users, and they also need to appreciate the ethical values that are the basis for those rights. Future practitioners must understand the responsibility that they will bear, and the possible consequences of failure. They must understand their own limitations as well as the limitations of their tools. All practitioners must make a long-term commitment to remaining current in their chosen specialties and in the discipline of computing as a whole. Nonetheless, in recent years myriad high-profile issues affecting society at large have occurred leading to the conclusion that computer science professionals are not as prepared as they should; As technological advances (more specifically, how these advances are used by humans) continue to significantly impact the way we live and work, the critical importance of social and ethical issues and professional practice continues to increase in magnitude and consequence. The ways we usecomputing products and platforms, while hopefully providing opportunities, also introduce ever more challenging problems. A recent example is the emergence of generative AI, including large language models that generate code. A 2020 Communications of the ACM article [4] stated: '... because computing as a discipline is becoming progressively more entangled within the human and social lifeworld, computing as an academic discipline must move away from engineering-inspired curricular models and integrate the analytic lenses supplied by social science theories and methodologies.' In parallel to, and as part of, the heightened awareness of the social consequences computing has on the world, computing communities have become much more aware – and active – in areas of diversity, equity, inclusion, and accessibility. These feature in statements and initiatives at ACM [8], IEEE [9], and AAAI [10] and in their codes of conduct [1-3]. All students deserve an inclusive, diverse, equitable and accessible learning environment. Computing students also have a unique duty to ensure that when put to practice, their skills, knowledge, and competencies are applied in ways that work for, and not against, the principles of diversity, equity, inclusion, and accessibility. These principles are inherently a part of computing, and a new knowledge unit 'Diversity, Equity, Inclusion and Accessibility' (SEP-DEIA) has been added to this knowledge area. Computer science educators may opt to deliver the material in this knowledge area within the contexts of traditional technical and theoretical courses, in dedicated courses, and as part of capstone, project, and professional practice courses. The material in this knowledge area is best covered through a combination of all the above. It is too commonly held that many topics in this knowledge area may not readily lend themselves to being covered in other more traditional computer science courses. However, many of these topics naturally arise in traditional courses, or can be included with minimal effort. The benefits of exposing students to SEP topics within the context of those traditional courses are invaluable. Nonetheless institutional challenges will present barriers; for instance, some of these traditional courses may not be offered at a given institution and, in such cases, it is difficult to cover these topics appropriately without a dedicated SEP course. If social, ethical, and professional considerations are covered only in a dedicated course and not in the context of others, it could reinforce the false notion that technical processes are void of these important aspects, or that they are more isolated than they; Because of the broad relevance of these knowledge units, it is important that as many traditional courses as possible include aspects such as case studies, that analyze ethical, legal, social, and professional considerations in the context of the technical subject matter of those courses. Courses in areas such as software engineering, databases, computer graphics, computer networks, information assurance & security, and introduction to computing, all provide obvious context for analysis of such issues. However, an ethics-related module could be developed for almost any program. It would be explicitly against the spirit of these recommendations to have only a dedicated course within a specific computer science curriculum without great practical reason. Further, these topics should be covered in courses starting from year; Presenting them as advanced topics in later courses only creates an artificial perception that SEP topics are only important at a certain level or complexity. While it is true that the importance and consequence of SEP topics increases with level and complexity, introductory topics are not devoid of SEP topics. Further, many SEP topics are best presented early to lay a foundation for more intricate topics later in the curriculum.Running through all the topics in this knowledge area is the need to speak to the computing practitioner’s responsibility to proactively address issues through both ethical and technical actions. Today it is important not only for the topics in this knowledge area, but for students’ knowledge in general, that the ethical issues discussed in any course should be directly related to – and arise naturally from – the subject matter of that course. Examples include a discussion in a database course of the SEP aspects of data aggregation or data mining; or a discussion in a software engineering course of the potential conflicts between obligations to the customer and users as well as all others affected by their work. Computing faculty who are unfamiliar with the content and/or pedagogy of applied ethics are urged to take advantage of the considerable resources from ACM, IEEE-CS, AAAI, SIGCAS (ACM Special Interest Group on Computers and Society), and other organizations. Additionally, it is the educator’s responsibility to impress upon students that this area is just as important – in ways more important – than technical areas. The societal, ethical, and professional knowledge gained in studying topics in this knowledge area will be used throughout one’s career and are transferable between projects, jobs, and often even industries, particularly as one’s career progresses into project leadership and management. The ACM Code of Ethics and Professional Conduct [5], the IEEE Code of Ethics [6], and the AAAI Code of Professional Ethics and Conduct [7] provide guidance that serve as the basis for the conduct of all computing professionals in their work. The ACM Code emphasizes that ethical reasoning is not an algorithm to be followed, and computer professionals are expected to consider how their work impacts the public good as the primary consideration. It falls to computing educators to highlight the domain- specific role of these topics for our students, but computer science programs should certainly be willing to lean on complementary courses from the humanities and social sciences. Most computing educators are not also moral philosophers. Yet CS2023, along with past CS curricular recommendations, indicate the need for ethical analysis. CS2023 and prior curricular recommendations are quite clear on the required mathematical foundations that students are expected to gain which are often delivered by mathematics departments. Yet, the same is not true of moral philosophy. No one would expect a student to be able to provide a proof by induction until after having successfully completed a course in discrete mathematics. Yet, the parallel with respect to ethical analyses is somehow absent. We seemingly do (often) expect our students to perform ethical analysis without having the appropriate prerequisite knowledge from philosophy. Further, the application of ethical analysis also underlies every other knowledge unit in this knowledge area. We acknowledge that the knowledge unit Methods for Ethical Analysis (SEP-Ethical-Analysis) is the only one in this knowledge area that does not readily lend itself to being taught in the context of other CS2023 knowledge areas. Suggestions in terms of addressing this appear in the Course Packaging Suggestions. The lack of prerequisite training in social, ethical, and professional topics has facilitated graduates operating with a certain ethical egoism (e.g., ‘Here is what I believe/think/feel is right’). Regardless of how well intentioned, one might conclude that this is what brought us to a point in history where there are frequent occurrences of unintended consequences of technology, serious data breaches, and software failures causing economic, emotional. and physical harm. Certainly, computing graduates who have learned how to apply the various ethical frameworks or lenses proposed through the ages would only serve to improve this situation. In retrospect, to ignore the lessons from moral philosophy, whichhave been debated and refined for millennia – on what it means to act justly, or work for the common good – appears as hubris. SEP.1 Social Context (social context) Social implications (e.g., political and cultural ideologies) in a hyper-networked world where the capabilities and impact of social media, artificial intelligence, and computing in general are rapidly evolving.; Impact of computing applications (e.g., social media, artificial intelligence applications) on individual well-being, and safety of all kinds (e.g., physical, emotional, economic).; Consequences of involving computing technologies, particularly artificial intelligence, biometric technologies, and algorithmic decision-making systems, in civic life (e.g., facial recognition technology, biometric tags, resource distribution algorithms, policing software) and how human agency and oversight is crucial. 274; How deficits in diversity and accessibility in computing affect society and what steps can be taken to improve equity in computing. Growth and control of the internet, data, computing, and artificial intelligence; Often referred to as the digital divide, differences in access to digital technology resources and its resulting ramifications for gender, class, ethnicity, geography, and/or developing countries, including consideration of responsibility to those who might be less wealthy, under threat, or who would struggle to have their voices heard.; Accessibility issues, including legal requirements such as Web Content Accessibility Guidelines (www.w3.org/TR/WCAG21); Context-aware computing Describe the different ways that computer technology (networks, mobile computing, artificial intelligence) mediates social interaction at the personal and collective levels.; Identify developers’ assumptions and values embedded in hardware and software design, especially as they pertain to usability for diverse populations including under-served and those with disabilities.; Interpret the social context of a given design and its implementation.; Analyze the efficacy of a given design and implementation using empirical data.; Understand the implications of technology use (e.g., social media) for different identities, cultures, and communities.; Describe the internet’s role in facilitating communication between citizens, governments, and each other.; Analyze the effects of reliance on computing in the implementation of democracy (e.g., delivery of social services, electronic voting).; Describe the impact of a lack of appropriate representation of people from historically minoritized populations in the computing profession (e.g., industry culture, product diversity).; Discuss the implications of context awareness in ubiquitous computing systems.; Express how access to the internet and computing technologies affect different societies.; Identify why/how internet access can be viewed as a human right. SEP.2 Models for Ethical Analysis (ethics model) Avoiding fallacies and misrepresentation in argumentation; Ethical theories and decision-making (philosophical and social frameworks, e.g. [1]); Recognition of the role culture plays in our understanding, adoption, design, and use of computing technology; Why ethics is important in computing, and how ethics is similar to, and different from, laws and social norms Professional checklists; Evaluation rubrics; Stakeholder analysis; Standpoint theory; Introduction to ethical frameworks (e.g., consequentialism such as utilitarianism, non- consequentialism such as duty, rights, or justice, agent-centered such as virtue or feminism, contractarianism, ethics of care) and their use for analyzing an ethical dilemma Describe how a given cultural context impacts decision making.; Express the use of example and analogy in ethical argument.; Analyze (and avoid) basic logical fallacies in an argument.; Analyze an argument to identify premises and conclusion.; Evaluate how and why ethics is so important in computing and how it relates to cultural norms, values, and;; Justify a decision made on ethical grounds.; Distinguish all stakeholder positions in relation to their cultural context in a given situation.; Analyze the potential for introducing or perpetuating ethical debt (deferred consideration of ethical impacts or implications) in technical decisions.; Discuss the advantages and disadvantages of traditional ethical frameworks.; Analyze ethical dilemmas related to the creation and use of technology from multiple perspectives using ethical frameworks. SEP.3 Professional Ethics (professional ethics) Community values and the laws by which we live; The nature of being a professional including care, attention, discipline, fiduciary responsibility, and mentoring; Keeping up to date as a computing professional in terms of familiarity, tools, skills, legal and professional frameworks as well as the ability and responsibility to self-assess and progress in the computing field; Professional certification, codes of ethics, conduct, and practice, such as the ACM, IEEE, AAAI, and other international societies; Accountability, responsibility, and liability (e.g., software correctness, reliability and safety, warranty, negligence, strict liability, ethical approaches to security vulnerability disclosures) including whether a product/service should be built, not just doing so because it is technically possible.; Introduction to theories describing the human creation and use of technology including instrumentalism, sociology of technological systems, disability justice, neutrality thesis, pragmatism, and decolonial models, including developing and using technology to right wrongs and do good; Strategies for recognizing and reporting designs, systems, software, and professional conduct (or their outcomes) that may violate law or professional codes of ethics The role of the computing professional and professional societies in public policy; Maintaining awareness of consequences; Ethical dissent and whistleblowing; The relationship between regional culture and ethical dilemmas; Dealing with harassment and discrimination; Forms of professional credentialing; Ergonomics and healthy computing environments; Time-to-market and cost considerations versus quality professional standards Identify ethical issues that arise in software design, development practices, and software deployment.; Discuss how to address ethical issues in specific situations.; Express the ethical responsibility of ensuring software correctness, reliability and safety including from where this responsibility arises (e.g., ACM/IEEE/AAAI Codes of Ethics, laws and regulations, organizational policies).; Describe the mechanisms that typically exist for a professional to keep up to date in ethical matters.; Describe the strengths and weaknesses of relevant professional codes as expressions of being a professional and guides to decision-making.; Analyze a global computing issue, observing the role of professionals and government officials in managing this problem.; Describe ways in which professionals and professional organizations may contribute to public policy.; Describe the consequences of inappropriate professional behavior.; Be familiar with whistleblowing and have access to knowledge to guide one through an incident.; Identify examples of how regional culture interplays with ethical dilemmas.; Describe forms of harassment and discrimination and avenues of assistance.; Assess various forms of professional credentialing.; State the relationship between ergonomics in computing environments and people’s health.; Describe issues associated with industries’ push to focus on time-to-market versus enforcing quality professional standards. SEP.4 Intellectual Property (intellectual property, ip) Intellectual property rights; Intangible digital intellectual property (IDIP); Legal foundations for intellectual property protection; Common software licenses (e.g., MIT, GPL and its variants, Apache, Mozilla, Creative Commons); Plagiarism and authorship Philosophical foundations of intellectual property 278; Forms of intellectual property (e.g., copyrights, patents, trade secrets, trademarks) and the rights they protect; Limitations on copyright protections, including fair use and the first sale doctrine; Intellectual property laws and treaties that impact the enforcement of copyrights; Software piracy and technical methods for enforcing intellectual property rights, such as digital rights management and closed source software as a trade secret; Moral and legal foundations of the open-source movement; Systems that use others’ data (e.g., large language models) Describe and critique legislation and precedent aimed at digital copyright infringements.; Identify contemporary examples of intangible digital intellectual property.; Select an appropriate software license for a given project.; Defend legal and ethical uses of copyrighted materials.; Interpret the intent and implementation of software licensing.; Discuss whether a use of copyrighted material is likely to be fair;; Analyze the ethical issues inherent in various plagiarism detection mechanisms.; Identify multiple forms of plagiarism beyond verbatim copying of text or software (e.g., intentional paraphrasing, authorship misrepresentation, and improper attribution).; Discuss the philosophical bases of intellectual property in an appropriate context (e.g., country).; Distinguish the conflicting issues involved in securing software patents.; Contrast the protections and obligations of copyright, patent, trade secret, and trademarks.; Describe the rationale for the legal protection of intellectual property in the appropriate context (e.g., country).; Analyze the use of copyrighted work under the concepts of fair use and the first sale doctrine.; Identify the goals of the open-source movement and its impact on fields beyond computing, such as the right-to-repair movement.; Summarize the global nature of software piracy.; Criticize the use of technical measures of digital rights management (e.g., encryption, watermarking, copy restrictions, and region lockouts) from multiple stakeholder perspectives.; Discuss the nature of anti-circumvention laws in the context of copyright protection. SEP.5 Privacy and Civil Liberties (privacy, civil liberties) Privacy implications of widespread data collection including but not limited to transactional databases, data warehouses, surveillance systems, cloud computing, and artificial intelligence; Conceptions of anonymity, pseudonymity, and identity; Technology-based solutions for privacy protection (e.g., end-to-end encryption and differential privacy); Civil liberties, privacy rights, and cultural differences Philosophical and legal conceptions of the nature of privacy including the right to privacy; Legal foundations of privacy protection in relevant jurisdictions (e.g., GDPR in the EU); Privacy legislation in areas of practice (e.g., HIPAA in the US, AI Act in the EU); Basic Principles of human-subjects research and principles beyond what the law requires (e.g., Belmont Report, UN Universal Declaration on Human Rights and how this relates to technology); Freedom of expression and its limitations; User-generated content, content moderation, and liability Evaluate solutions to privacy threats in transactional databases and data warehouses.; Describe the role of data collection in the implementation of pervasive surveillance systems (e.g., RFID, face recognition, toll collection, mobile computing).; Distinguish the concepts and goals of anonymity and pseudonymity.; Describe the ramifications of technology-based privacy protections, including differential privacy and end-to-end encryption.; Identify cultural differences regarding the nature and necessity of privacy and other civil liberties.; Discuss the philosophical basis for the legal protection of personal privacy in an appropriate context (e.g., country).; Critique the intent, potential value, and implementation of various forms of privacy legislation and principles beyond what the law requires.; Identify strategies to enable appropriate freedom of expression. SEP.6 Communication (communication) Oral, written, and electronic team and group communication; Technical communication materials (e.g., source code, and documentation, tutorials, reference materials, API documentation); Communicating with different stakeholders such as customers, leadership, or the public; Team collaboration (including tools) and conflict resolution; Accessibility and inclusivity requirements for addressing professional audiences; Cultural competence in communication including considering the impact of difference in natural language Tradeoffs in competing factors that affect communication channels and choices; Communicating to solve problems or make recommendations in the workplace, such as raising ethical concerns or addressing accessibility issues Understand the importance of writing concise and accurate technical documents following well- defined standards for format and for including appropriate tables, figures, and references.; Analyze written technical documentation for technical accuracy, concision, lack of ambiguity, and awareness of audience.; Compose and deliver an audience-aware, accessible, and organized formal presentation.; Plan interactions (e.g., virtual, face-to-face, shared documents) with others in ways that invite inclusive participation, model respectful consideration of others’ contributions, and explicitly value diversity of ideas.; Identify and describe qualities of effective communication (e.g., virtual, face-to-face, intragroup, shared documents).; Understand how to communicate effectively and appropriately as a member of a team including conflict resolution techniques.; Discuss ways to influence performance and results in diverse and cross-cultural teams.; Assess personal strengths and weaknesses to work remotely as part of a team drawing from diverse backgrounds and experiences.; Choose an appropriate way to communicate delicate ethical concerns. SEP.7 Sustainability (sustainability) Environmental, social, and cultural impacts of implementation decisions (e.g., sustainability goals, algorithmic bias/outcomes, economic viability, and resource consumption); Local/regional/global social and environmental impacts of computing systems and their use (e.g., carbon footprints, resource usage, e-waste) due to hardware (e.g., e-waste, data centers, rare element and resource utilization, recycling) and software (e.g., cloud-based services, blockchain, AI model training and use). This includes everyday use of hardware (cheap hardware replaced frequently) and software (web-browsing, email, and other services with hidden/remote computational demands).; Guidelines for sustainable design standards. Systemic effects of complex computing technologies and phenomena (e.g., generative AI, data centers, social media, offshoring, remote work).; Pervasive computing: Information processing that has been integrated into everyday objects and activities, such as smart energy systems, social networking, and feedback systems to promote sustainable behavior, transportation, environmental monitoring, citizen science and activism.; How the sustainability of software systems is interdependent with social systems, including the knowledge and skills of its users, organizational processes and policies, and its societal context (e.g., market forces, government policies) Identify ways to be a sustainable practitioner in a specific area or with a specific project.; Assess the environmental impacts of a given project’s deployment (e.g., energy consumption, contribution to e-waste, impact of manufacturing).; Describe global social and environmental impacts of computer use and disposal.; List the sustainable effects of modern practices and activities (e.g., remote work, e-commerce, cryptocurrencies, AI models, data centers).; Describe the environmental impacts of design choices within the field of computing that relate to algorithm design, operating system design, networking design, database design,;; Analyze the social and environmental impacts of new system designs.; Design guidelines for sustainable IT design or deployment in areas such as smart energy systems, social networking, transportation, agriculture, supply-chain systems, environmental monitoring, and citizen activism.; Assess computing applications in respect to environmental issues (e.g., energy, pollution, resource usage, recycling and reuse, food management and production). SEP.8 Computing History (computing history) The history of computing: hardware, software, and human/organizational.; The role of history in the present including within different social contexts, and the relevance of this history on the future. Age I (Pre-digital): Ancient analog computing (Stonehenge, Antikythera mechanism, Salisbury Cathedral clock, etc.), human-calculated number tables, Euclid, Lovelace, Babbage, Gödel, Church, Turing, pre-electronic (electro-mechanical and mechanical) hardware; Age II (Early modern computing): ENIAC, UNIVAC, Bombes (Bletchley Park and codebreakers), computer companies (e.g., IBM), mainframes,;; Age III (PC era): PCs, modern computer hardware and software, Moore’s Law; Age IV (Internet): Networking, internet architecture, browsers and their evolution, standards, born- on-the-internet companies, and services (e.g., Google, Amazon, Microsoft, etc.), distributed computing; Age V (Mobile & Cloud): Mobile computing and smartphones, cloud computing and models thereof (e.g., SaaS), remote servers, security and privacy, social media; Age VI (AI): Decision making systems, recommender systems, generative AI and other machine learning driven tools and technologies Understand the relevance and impact of computing history on recent events, present context, and possible future outcomes, from more than one cultural perspective.; Discuss how perspectives held today have been shaped by history, and that alternative perspectives exist (e.g., fears of AI replacing human workers vs AI augmenting human work, various views on Moore’s Law).; Identify formative and consequential trends in the history of the computing field.; Identify the contributions of pioneering individuals or organizations (research labs, computer companies, government offices) in the computing field.; Discuss the historical context for important moments in history of computing, such as the move from vacuum tubes to transistors (TRADIC), early seminal operating systems (e.g., OS 360), Xerox PARC and the first Apple computer with a GUI, the creation of specific programming language paradigms, the first computer virus, the creation of the internet, the creation of the WWW, the dot com bubble, Y2K, the introduction of smartphones,;; Compare daily life before and after the advent of milestone developments (e.g., personal computers or the internet) SEP.9 Economies of Computing (economy, money) Economic models: regulated and unregulated, monopolies, network effects, and open market; knowledge and attention economies; Pricing and deployment strategies: planned obsolescence, subscriptions, freemium, software licensing, open-source, free software, adware; Impacts of differences in access to computing resources, and the effect of skilled labor supply and demand on the quality of computing products; Automation, AI, and their effects on job markets, developers, and users; Ethical concerns surrounding the attention economy and other economies of computing (e.g. informed consent, data collection, use of verbose legalese in user agreements) Summarize the social effects of economic models (e.g., the knowledge and attention economies).; Describe the differences and similarities of competing strategies (e.g., subscription vs freemium vs free).; Discuss examples of digital divides.; Understand the effects of automation and AI on society.; Understand the ethical implications of computing economies that rely on attention and data. SEP.10 Security Policies, Laws, and Computer Crimes (security policy, law, computer crime) Computer crimes, legal redress for computer criminals and impact on victims and society; Social engineering, computing-enabled fraud, identity theft and recovery from these; Cyber terrorism, criminal hacking, and hacktivism; Malware, viruses, worms; Attacks on critical infrastructure such as electrical grids and pipelines; Non-technical fundamentals of security (e.g., human engineering, policy, confidentiality) Benefits and challenges of existing and proposed computer crime laws; Security policies and the challenges of change and compliance; Responsibility for security throughout the computing life cycle; International and local laws and how they intersect List classic examples of computer crimes and social engineering incidents with societal impact.; Identify issues with laws that apply to computer crimes.; Describe the motivation and ramifications of cyber terrorism, data theft, hacktivism, ransomware, and other attacks.; Examine the ethical and legal issues surrounding the misuse of access and various breaches of security.; Discuss the professional's role in security and the tradeoffs and challenges involved.; Investigate measures that can be taken by both individuals and organizations including governments to prevent or mitigate the undesirable effects of computer crimes.; Design a company-wide security policy, which includes procedures for managing passwords and employee monitoring.; Understand how legislation from one region may affect activities in another (e.g., how EU GDPR applies globally, when EU persons are involved). SEP.11 Diversity, Equity, Inclusion, and Accessibility (dei, accessibility, diversity, equity, inclusion) How identity impacts and is impacted by computing technologies and environments (academic and professional); The benefits of diverse development teams and the impacts of teams that are not diverse; Inclusive language and charged terminology, and why their use matters; Inclusive behaviors and why they matter; Designing and developing technology with accessibility in mind; How computing professionals can influence and impact diversity, equity, inclusion and accessibility, including but not only through the software they create Experts and their practices that reflect the identities of the classroom and the world through practical DEIA principles; Historic marginalization due to systemic social mechanisms, technological supremacy and global infrastructure challenges to diversity, equity, inclusion, and accessibility; Cross-cultural differences in, and needs for, diversity, equity, inclusion, and accessibility Define and distinguish equity, equality, diversity, inclusion, and accessibility.; Identify language, practices, and behaviors that may make someone feel included in a workplace and/or a team, and why is it relevant. Avoid charged terminology - see Words Matter (www.acm.org/diversity-inclusion/words-matter) – this includes identifying and accommodating users who are often excluded without thought and not considered at;; Evaluate the accessibility of your classroom or; Evaluate the accessibility of your webpage. (See www.w3.org/WAI and www.w3.org/TR/WCAG21).; Demonstrate collegiality and respect when working with team members who do not share your identity. It is not enough to merely assign team projects. Faculty should prepare students for teamwork and monitor, mentor, and assess the effectiveness of their student teams throughout a project.; Compare the demographics of your institution’s computer science and STEM majors to the overall institutional demographics. If they differ, identify factors that contribute to inequitable access, engagement, and achievement in computer science among marginalized groups. If they do not, assess why;; Identify developers’ assumptions and values embedded in hardware and software design, especially as they pertain to usability by diverse populations.; Identify examples of the benefits that diverse teams can bring to software products, and how a lack of diversity has costs.; Analyze the work of experts who reflect the identities of the classroom and the world.; Assess the impact of power and privilege in the computing profession as it relates to culture, industry, products, and society.; Develop examples of systemic changes that could positively address diversity, equity, inclusion, and accessibility in a familiar context (i.e., in an introductory computing course) and an unfamiliar context and when these might be different, or the same.; Compare the demographics of your institution to the overall community demographics. If they differ, identify factors that contribute to inequitable access, engagement, and achievement among marginalized groups. If they do not, assess why not. SF System Fundamentals (system fundamentals) A computer system is a set of hardware and software infrastructures upon which applications are constructed. Computer systems have become a pillar of people's daily life. As such, it is essential for students to learn knowledge about computer systems, grasp the skills to use and design these systems, and understand the fundamental rationale and principles in computer systems. It could equip students with the necessary competence for a career related to computer science. In the curriculum of computer science, the study of computer systems typically spans multiple knowledge areas, including, but not limited to, operating systems, parallel and distributed systems, communications networks, computer architecture and organization, and software engineering. The System Fundamentals knowledge area, as suggested by its name, focuses on the fundamental concepts and design principles in computer systems that are shared by these courses within their respective cores. The goal of this knowledge area is to present an integrative view of these fundamental concepts and design principles in a unified albeit simplified fashion, providing a common foundation for the different specialized mechanisms and policies appropriate to the specific domain area. The fundamental concepts in this knowledge area include an overview of computer systems, basic concepts such as state and state transition, resource allocation and scheduling, and so; Moreover, this knowledge area introduces basic design principles to improve the reliability, availability, efficiency, and security of computer systems. SF.1 Overview of Computer Systems (computer architecture) Basic building blocks and components of a computer (gates, flip-flops, registers, interconnections; datapath + control + memory); Hardware as a computational paradigm: Fundamental logic building blocks; Logic expressions, minimization, sum of product forms (See also: AR-Logic); Programming abstractions, interfaces, use of libraries (See also: PDC-Programs); Distinction and interaction between application and OS services, remote procedure call (See also: OS-Purpose); Basic concept of pipelining, overlapped processing stages (See also: AR-Organization); Basic concept of scaling: performance vs problem size Describe the basic building blocks of computers and their role in the historical development of computer architecture.; Design a simple logic circuit using the fundamental building blocks of logic design to solve a simple problem (e.g., adder).; Describe how computing systems are constructed of layers upon layers, based on separation of concerns, with well-defined interfaces, hiding details of low layers from the higher layers.; Describe that hardware, OS, VM, and application are additional layers of interpretation/processing.; Describe the mechanisms of how errors are detected, signaled back, and handled through the layers.; Construct a simple program (e.g., a TCP client/server) using methods of layering, error detection and recovery, and reflection of error status across layers.; Identify bugs in a layered program by using tools for program tracing, single stepping, and debugging.; Understand the concept of strong vs weak scaling, i.e., how performance is affected by the scale of the problem vs the scale of resources to solve the problem. This can be motivated by simple, real- world examples. SF.2 Basic Concepts (basic computing concepts) Digital vs Analog/Discrete vs Continuous Systems; Simple logic gates, logical expressions, Boolean logic simplification; Clocks, State, Sequencing; State and state transition (e.g., starting state, final state, life cycle of states) (See also: AL-Models); Finite state machines (e.g., NFA, DFA) (See also: AL-Models); Combinational Logic, Sequential Logic, Registers, Memories (See also: AR-Logic); Computers and Network Protocols as examples of State Machines (See also: NC-Fundamentals); Sequential vs parallel processing. (See also: PDC-Programs, OS-Concurrency); Application-level sequential processing: single thread (See also: PDC-Programs, OS-Concurrency); Simple application-level parallel processing: request level (web services/client-server/distributed), single thread per server, multiple threads with multiple servers, pipelining (See also: PDC- Programs, OS-Concurrency) Describe the differences between digital and analog systems, and between discrete and continuous systems. Can give real-world examples of these systems.; Describe computations as a system characterized by a known set of configurations with transitions from one unique configuration (state) to another (state).; Describe the distinction between systems whose output is only a function of their input (stateless) and those with memory/history (stateful).; Develop state machine descriptions for simple problem statement solutions (e.g., traffic light sequencing, pattern recognizers).; Describe a computer as a state machine that interprets machine instructions. 294; Explain how a program or network protocol can also be expressed as a state machine and that alternative representations for the same computation can exist.; Derive the time-series behavior of a state machine from its state machine representation (e.g., TCP connection management state machine).; Write a simple sequential problem and a simple parallel version of the same program.; Evaluate the performance of simple sequential and parallel versions of a program with different problem sizes and be able to describe the speed-ups achieved.; Describe on an execution timeline how parallelism events and operations can take place simultaneously (i.e., at the same time). Explain how work can be performed in less elapsed time if this can be exploited. SF.3 Resource Management (resource management) Different types of resources (e.g., processor share, memory, disk, net bandwidth) (See also: OS- Scheduling, OS-Memory, OS-Files, NC-Fundamentals); Common resource allocation/scheduling algorithms (e.g., first-come-first-serve, priority-based scheduling, fair scheduling, and preemptive scheduling) (See also: OS-Scheduling) Advantages and disadvantages of common scheduling algorithms (See also: OS-Scheduling) Define how finite computer resources (e.g., processor share, memory, storage, and network bandwidth) are managed by their careful allocation to existing entities.; Describe how common resource allocation/scheduling algorithms work.; Develop common scheduling algorithms and evaluate their performances.; Describe the pros and cons of common scheduling algorithms. SF.4 System Performance (system performance) Latencies in computer systems; Speed of light and computers (one foot per nanosecond vs one GHz clocks) (See also: AR- Organization); Memory vs disk latencies vs across-the-network memory (See also: AR-Memory, AR- Performance-Energy); Caches and the effects of spatial and temporal locality on performance in processors and systems (See also: AR-Memory, AR-Performance-Energy, OS-Memory); Caches and cache coherency in databases, operating systems, distributed systems, and computer architecture (See also: OS-Memory, AR-Memory, DM-Internals); Introduction to the processor memory hierarchy (See also: AR-Memory, AR-Performance-Energy) The formula for average memory access time (See also: AR-Memory); Rationale of virtualization and isolation: protection and predictable performance (See also: OS- Virtualization); Levels of indirection, illustrated by virtual memory for managing physical memory resources (See also: OS-Virtualization); Methods for implementing virtual memory and virtual machines (See also: OS-Virtualization) Describe the breakdown of the latency of computer systems in terms of memory, disk, and network.; Explain the importance of locality in determining system performance.; Calculate average memory access time and describe the tradeoffs in memory hierarchy performance in terms of capacity, miss/hit rate, and access time.; Explain why it is important to isolate and protect the execution of individual programs and environments that share common underlying resources.; Describe how the concept of indirection can create the illusion of a dedicated machine and its resources even when physically shared among multiple programs and environments.; Evaluate the performance of two application instances running on separate virtual machines and determine the effect of performance isolation. SF.5 Performance Evaluation (performance evaluation) Performance figures of merit (See also: AR-Performance-Energy, PDC-Evaluation); Workloads and representative benchmarks, and methods of collecting and analyzing performance figures of merit (See also: AR-Performance-Energy, PDC-Evaluation); CPI (Cycles per Instruction) equation as a tool for understanding tradeoffs in the design of instruction sets, processor pipelines, and memory system organizations (See also: AR- Performance-Energy, PDC-Evaluation); Amdahl’s Law: the part of the computation that cannot be sped up limits the effect of the parts that can (See also: AR-Performance-Energy, PDC-Evaluation); Order of magnitude analysis (Big O notation) (See also: AL-Complexity); Analysis of slow and fast paths of a system (See also: AR-Organization); Events on their effect on performance (e.g., instruction stalls, cache misses, page faults) (See also: OS-Memory, AR-Organization) Analytical tools to guide quantitative evaluation; Understanding layered systems, workloads, and platforms, their implications for performance, and the challenges they represent for evaluation; Microbenchmark pitfalls Explain how the components of system architecture contribute to improving its performance.; Explain the circumstances in which a given figure of a system performance metric is useful.; Explain the usage and inadequacies of benchmarks as a measure of system performance.; Describe Amdahl’s law and discuss its limitations.; Apply limit studies or simple calculations to produce order-of-magnitude estimates for a given performance metric in a given context.; Apply software tools to profile and measure program performance.; Design and conduct a performance-oriented experiment of a common system (e.g., an OS and Spark).; Design a performance experiment on a layered system to determine the effect of a system parameter on system performance. SF.6 System Reliability (system reliability) Distinction between bugs, faults, and failures (See also: PDC-Coordination, SE-Reliability); Reliability vs availability; Reliability through redundancy; check and retry (See also: OS-Faults, NC-Reliability); redundant encoding (error correction codes, CRC, FEC, RAID) (See also: AR-Memory, NC- Reliability, DM-Distributed); duplication/mirroring/replicas (See also: DM-Distributed) Other approaches to reliability (e.g., journaling) (See also: OS-Faults, NC-Reliability, SE-Reliability) Explain the distinction between program errors, system errors, and hardware faults (e.g., corrupted memory) and exceptions (e.g., attempt to divide by zero).; Articulate the distinction between detecting, handling, and recovering from faults and the methods for their implementation.; Describe the role of error correction codes in providing error checking and correction techniques in memories, storage, and networks.; Apply simple algorithms for exploiting redundant information for the purposes of data correction.; Compare different error detection and correction methods for their data overhead, implementation complexity, and relative execution time for encoding, detecting, and correcting errors. SF.7 System Security (system security) Common system security issues (e.g., viruses, denial-of-service attacks, and eavesdropping) (See also: OS-Protection, NC-Security, SEC-Foundations, SEC-Engineering); Countermeasures (See also: OS-Principles, OS-Protection, NC-Security); Cryptography (See also: SEC-Crypto); Security architecture (See also: SEC-Engineering) Representative countermeasure systems; Intrusion detection systems, firewalls (See also: NC-Security); Antivirus systems Describe some common system security issues and give examples; Describe some countermeasures against system security issues; Describe representative countermeasure systems SF.8 System Design (computer system design) Common criteria of system design (e.g., liveness, safety, robustness, scalability, and security) (See also: PDC-Evaluation) Designs of representative systems (e.g., Apache web server, Spark, and Linux) Describe common criteria of system design.; Given the functionality requirements of a system and its key design criteria, provide a high-level design of this system.; Describe the design of some representative systems. SF.9 Society, Ethics, and the Profession (society ethics profession) Intellectual property rights of computer systems (See also: SEP-IP); Common software licenses (See also: SEP-IP); Computer crimes (See also: SEP-Security) Describe the intellectual property rights of computer systems.; List representative software licenses and compare their differences.; List representative computer crimes. SPD Specialized Platform Development (specialized platform development) The Specialized Platform Development (SPD) knowledge area refers to attributes involving the creation of software targeting non-traditional hardware platforms. Developing for each specialized platform, for example, robots, mobile systems, web-based systems, and embedded systems, typically involves unique considerations. Societal and industry needs have created a high demand for developers on specialized platforms, such as mobile applications, web platforms, robotic platforms, and embedded systems. Some unique professional abilities relevant to this knowledge area include the following. - Creating applications that provide a consistent user experience across various devices, screen sizes, and operating systems. - Developing application programming interfaces (APIs) to support the functionality of each specialized platform. - Managing challenges related to resource constraints such as computation, memory, storage, and networking and communication. - Applying cross-cutting concerns such as optimization, security, better development practices, etc. SPD.1 Common Aspects/Shared Concerns (development platform concerns) Overview of development platforms (i.e., web, mobile, game, robotics, embedded, and interactive).; Input/sensors/control devices/haptic devices; Resource constraints; Computational; Data storage; Memory; Communication; Requirements – security, uptime availability, fault tolerance (See also: SE-Reliability, SEC- Engineering); Output/actuators/haptic devices; Programming via platform-specific Application Programming Interface (API) vs traditional application construction; Overview of platform Languages (e.g., Python, Swift, Lua, Kotlin); Programming under platform constraints and requirements (e.g., available development tools, development, security considerations) (See also: SEC-Foundations); Techniques for learning and mastering a platform-specific programming language List the constraints of mobile programming.; List the characteristics of scripting languages.; Describe the three-tier model of web programming. 303; Describe how the state is maintained in web programming. SPD.2 Web Platforms (web platforms) Web programming languages (e.g., HTML5, JavaScript, PHP, CSS); Web platforms, frameworks, or meta-frameworks; Cloud services; API, Web Components; Software as a Service (SaaS); Web standards such as document object model, accessibility (See also: HCI-Accessibility); Security and Privacy Considerations (See also: SEP-Security) Analyzing requirements for web applications; Computing services (See also: DM-NoSQL); Cloud Hosting; Scalability (e.g., Autoscaling, Clusters); Cost estimation for services; Data management (See also: DM-Core); Data residency: where the data is located and what paths can be taken to access it; Data integrity: guaranteeing data is accessible and that data is deleted when required; Architecture; Monoliths vs Microservices; Micro-frontends; Event-Driven vs RESTful architectures: advantages and disadvantages; Serverless, cloud computing on demand; Storage solutions (See also: DM-Relational, DM-NoSQL); Relational Databases; NoSQL databases Design and implement a web-based application using a microservice architecture design.; Describe the constraints, such as hosting, services, and scalability, related to web platforms.; Compare and contrast web programming with general-purpose programming.; Describe the differences between Software-as-a-Service (SaaS) and traditional software products.; Discuss how web standards impact software development.; Evaluate an existing web application against current web standards. SPD.3 Mobile Platforms (mobile platforms) Development with; Mobile programming languages 304; Mobile programming environments; Mobile platform constraints; User interface design (See also: HCI-User); Security; Access; Accessing data through APIs (See also: DM-Querying); Designing API endpoints for mobile apps: pitfalls and design considerations; Network and web interfaces (See also: NC-Fundamentals, DM-Modeling) Development; Native versus cross-platform development; Software design/architecture patterns for mobile applications (See also: SE-Design); Mobile platform constraints; Responsive user interface design (See also: HCI-Accessibility); Heterogeneity and mobility of devices; Differences in user experiences (e.g., between mobile and web-based applications); Power and performance tradeoff; Mobile computing affordances; Location-aware applications; Sensor-driven computing (e.g., gyroscope, accelerometer, health data from a watch); Telephony and instant messaging; Augmented reality (See also: GIT-Immersion); Specification and testing (See also: SDF-Practices, SE-Validation); Asynchronous computing (See also: PDC-Algorithms); Difference from traditional synchronous programming; Handling success via callbacks; Handling errors asynchronously; Testing asynchronous code and typical problems in testing Compare mobile programming with general-purpose programming.; Develop a location-aware mobile application with data API integration.; Build a sensor-driven mobile application capable of logging data on a remote server.; Create a communication app incorporating telephony and instant messaging.; Evaluate the pros and cons of native and cross-platform mobile application development SPD.4 Robot Platforms (robot platforms, robotic platforms) Types of robotic platforms and devices (See also: AI-Robotics); Sensors, embedded computation, and effectors (actuators) (See also: GIT-Physical); Robot-specific languages and libraries (See also: AI-Robotics); Robotic software architecture (e.g., using the Robot Operating System (ROS)) 305; Robotic platform constraints and design considerations (See also: AI-Robotics); Interconnections with physical or simulated systems (See also: GIT-Physical, GIT-Simulation); Robotic Algorithms (See also: AI-Robotics, GIT-Animation); Forward kinematics; Inverse kinematics; Dynamics; Navigation and path planning; Grasping and manipulation; Safety and interaction considerations (See also: SEP-Professional-Ethics, SEP-Context) Design and implement an application on a given robotic platform.; Integrate an Arduino-based robot kit and program it to navigate a maze.; Compare robot-specific languages and techniques with those used for general-purpose software development.; Explain the rationale behind the design of the robotic platform and its interconnections with physical or simulated systems.; Given a high-level application, design a robot software architecture using ROS specifying all components and interconnections (ROS topics) to accomplish that application.; Discuss the constraints a given robotic platform imposes on developers. SPD.5 Embedded Platforms (embedded platform) Introduction to the unique characteristics of embedded systems; Real-time vs soft real-time and non-real-time systems; Resource constraints, such as memory profiles and deadlines (See also: AR-Memory); API for custom architectures; GPU technology (See also: AR-Heterogeneity, GIT-Shading); Field Programmable Gate Arrays (FPGA) (See also: AR-Logic); Cross-platform systems; Embedded Systems; Microcontrollers; Interrupts and feedback; Interrupt handlers in high-level languages (See also: SF-Overview); Hard and soft interrupts and trap-exits (See also: OS-Principles); Interacting with hardware, actuators, and sensors; Energy efficiency; Loosely timed coding and synchronization; Software adapters; Embedded programming; Hard real-time systems vs soft real-time systems (See also: OS-Real-time); Timeliness; Time synchronization/scheduling 306; Prioritization; Latency; Compute jitter; Real-time resource management; Memory management; Mapping programming construct (variable) to a memory location (See also: AR-Memory); Shared memory (See also: OS-Memory); Manual memory management.; Garbage collection (See also: FPL-Translation); Safety considerations and safety analysis (See also: SEP-Context, SEP-Professional-Ethics); Sensors and actuators; Analysis and verification; Application design Design and implement a small embedded system for a given platform (e.g., a smart alarm clock or a drone).; Describe the unique characteristics of embedded systems versus other systems.; Interface with sensors/actuators.; Debug a problem with an existing embedded platform.; Identify different types of embedded architectures.; Evaluate which architecture is best for a given set of requirements.; Design and develop software to interact with and control hardware.; Design methods for real-time systems.; Evaluate real-time scheduling and schedulability analysis.; Evaluate formal specification and verification of timing constraints and properties. SPD.6 Game Platforms (game platform, game engine) Historical and contemporary platforms for games (See also: AR-Logic); Evolution of Game Platforms (e.g., Brown Box to Metaverse and beyond; Improvement in Computing Architectures (CPU and GPU); Platform Convergence and Mobility); Typical Game Platforms (e.g., Personal Computer; Home Console; Handheld Console; Arcade Machine; Interactive Television; Mobile Phone; Tablet; Integrated Head-Mounted Display; Immersive Installations and Simulators; Internet of Things enabled Devices; CAVE Systems; Web Browsers; Cloud-based Streaming Systems); Characteristics and Constraints of Different Game Platforms (e.g., Features (local storage, internetworking, peripherals); Run-time performance (GPU/CPU frequency, number of cores); Chipsets (physics processing units, vector co-processors); Expansion Bandwidth (PCIe); Network throughput (Ethernet); Memory types and capacities (DDR/GDDR); Maximum stack depth; Power consumption; Thermal design; Endian); Typical Sensors, Controllers, and Actuators (e.g., distinctive control system designs – peripherals (mouse, keypad, joystick), game controllers, wearables, interactive surfaces;electronics and bespoke hardware; computer vision, inside-out tracking, and outside-in tracking; IoT-enabled electronics and I/O (See also: GIT-Interaction); eSports Ecosystems (e.g., evolution of gameplay across platforms; games and eSports; game events such as LAN/arcade tournaments and international events such as the Olympic eSports Series; streamed media and spectatorship; multimedia technologies and broadcast management; professional play; data and machine learning for coaching and training); Real-time Simulation and Rendering Systems; CPU and GPU architectures (e.g., Flynn’s taxonomy; parallelization; instruction sets; standard components – graphics compute array, graphics memory controller, video graphics array basic input/output system; bus interface; power management unit; video processing unit; display interface) (See also: AR-Heterogeneity); Pipelines for physical simulations and graphical rendering: (e.g., tile-based, immediate- mode). (See also: GIT-Rendering); Common Contexts for Algorithms, Data Structures, and Mathematical Functions (e.g., game loops; spatial partitioning, viewport culling, and level of detail; collision detection and resolution; physical simulation; behavior for intelligent agents; procedural content generation) (See also: MSF-Discrete, AL-Foundational); Media representations (e.g., I/O, and computation techniques for virtual worlds: audio; music; sprites; models and textures; text; dialogue; multimedia (e.g., olfaction, tactile) (See also: GIT-Fundamentals); Game Development Tools and Techniques; Programming Languages (e.g., C++; C#; Lua; Python; JavaScript); Shader Languages (e.g., HLSL, GLSL; Shader Graph); Graphics Libraries and APIs (e.g., DirectX; SDL; OpenGL; Metal; Vulkan; WebGL). (See also: GIT-Rendering, HCI-Design); Common Development Tools and Environments (e.g., IDEs; Debuggers; Profilers; Version Control Systems including those handling binary assets; Development Kits and Production/Consumer Kits; Emulators) (See also: SDF-Practices, SE-Tools); Game Engines; Open Game Engines (e.g., Unreal; Unity; Godot; CryEngine; Phyre; Source 2; Pygame and Ren’Py; Phaser; Twine; Spring RTS); Techniques (e.g., Ideation, Prototyping, Iterative Design and Implementation, Compiling Executable Builds, Development Operations and Quality Assurance – Play Testing and Technical Testing, Profiling; Optimization, Porting; Internationalization and Localization, Networking) (See also: AR-Performance-Energy, SE-Requirements); Game Design; Vocabulary (e.g., game definitions; mechanics-dynamics-aesthetics model; industry terminology; experience design; models of experience and emotion); Design Thinking and User-Centered Experience Design (e.g., methods of designing games; iteration, incrementing, and the double-diamond; phases of pre- and post-production; quality assurance, including alpha and beta testing; stakeholder and customer involvement; community management) (See also: SE-Design) 308; Genres (e.g., adventure; walking simulator; first-person shooter; real-time strategy; multiplayer online battle arena (MOBA); role-playing game (rpg)); Audiences and Player Taxonomies (e.g., people who play games; diversity and broadening participation; pleasures, player types, and preferences; Bartle, yee) (See also: HCI-User); Proliferation of digital game technologies to domains beyond entertainment (e.g., Education and Training; Serious Games; Virtual Production; eSports; Gamification; Immersive Experience Design; Creative Industry Practice; Artistic Practice; Procedural Rhetoric) (See also: AI-SEP) Recall the characteristics of common general-purpose graphics processing architectures.; Identify the key stages of the immediate-mode rendering pipeline.; Describe the key constraints a specific game platform will likely impose on developers.; Explain how eSports are streamed to large audiences over the internet.; Translate complex mathematical functions into performant source code.; Use an industry-standard graphics API to render a 3D model in a virtual scene.; Modify a shader to change a visual effect according to stated requirements.; Implement a game for a particular platform according to the specification.; Optimize a function for processing collision detection in a simulated environment.; Assess a game's run-time and memory performance using an industry-standard tool and development environment.; Compare the interfaces of different game platforms, highlighting their respective implications for human-computer interaction.; Recommend an appropriate set of development tools and techniques for implementing a game of a particular genre for a given platform.; Discuss the key challenges in making a digital game that is cross-platform compatible.; Express how game developers can enhance the accessibility of a game interface.; Create novel forms of gameplay using frontier game platforms. SPD.7 Interactive Computing Platforms (interactive computing platforms) Data Analysis Platforms; Jupyter notebooks; Google Colab; R; SPSS; Observable.; Cloud SQL/data analysis platforms (e.g., BigQuery) (See also: DM-Querying); Apache Spark; Data Visualizations (See also: GIT-Visualization); Interactive presentations backed by data; Design tools requiring low-latency feedback loops; Rendering tools; Graphic design tools; Prompt programming; Generative AI (e.g., OpenAI’s ChatGPT, OpenAI’s Codex, GitHub’s Copilot) and LLMs are accessed/interacted 309; Quantum Platforms (See also: AR-Quantum); Program quantum logic operators in quantum machines.; Use API for available quantum services; Signal analysis/Fourier analysis/Signal processing (for music composition, audio/RF analysis) (See also: GIT-Image) Analyze large datasets interactively.; Create a backing track for a musical performance, such as live coding.; Create compelling computational notebooks that construct a narrative for a given journalistic goal/story.; Implement interactive code that uses a dataset and generates exploratory graphics.; Create a program that performs a task using LLM systems.; Contrast a program developed by an AI platform and by a human.; Implement a system that interacts with a human without using a screen.; Contextualize the attributes of different data analysis styles, such as interactive vs engineered pipeline.; Write a program using a notebook computing platform (e.g., searching, sorting, or graph manipulation).; Demonstrate a quantum gate outcome using a quantum platform. SPD.8 Mobile (mobile technology) Privacy and data protection; Accessibility in mobile design; Security and cybersecurity; Social impacts of mobile technology; Ethical use of AI and algorithms Understand and uphold ethical responsibilities for safeguarding user privacy and data protection in mobile applications.; Design mobile applications with accessibility in mind, ensuring effective use by people with disabilities.; Demonstrate proficiency in secure coding practices to mitigate risks associated with various security threats in mobile development.; Analyze the broader social impacts of mobile technology, including its influence on communication patterns, relationships, and mental health.; Comprehend the ethical considerations of using AI in mobile applications, ensuring unbiased and fair algorithms. SPD.9 Web (web technology) Privacy concerns with mobile apps; Designing for inclusivity and accessibility; Ethical use of AI in mobile apps; Sustainable app development and server hosting; Avoiding spam or intrusive notifications; Addressing cyberbullying and harassment; Promoting positive online communities; Monetization and advertising; Ethical use of gamification Understand how mobile computing impacts communications and the flow of information within society.; Design mobile apps that have made daily tasks easier/faster.; Recognize how the ubiquity of mobile computing has affected work-life balance.; Understand how mobile computing impacts health monitoring and healthcare services.; Define how mobile apps are used to educate about and help achieve UN sustainability goals. SPD.10 Game (game technology) Intellectual Property Rights in Creative Industries; Intellectual Property Ownership: copyright, trademark; design right, patent, trade secret, civil versus criminal law; international agreements; procedural content generation and the implications of generative artificial intelligence; Licensing: Usage and fair usage exceptions; open-source license agreements; proprietary and bespoke licensing; enforcement; Fair Access to Play; Game Interface Usability: user requirements, affordances, ergonomic design, user research, experience measurement, and heuristic evaluation methods for games; Game Interface Accessibility: forms of impairment and disability; means to facilitate game access; universal design; legislated requirements for game platforms; compliance evaluation; challenging game mechanics and access; Game-Related Health and Safety; Injuries in Play: ways of mitigating common upper body injuries, such as repetitive strain injury; exercise psychology and physiotherapy in eSports; Risk Assessment for Events and Manufacturing: control of substances hazardous to health (COSHH); fire safety; electrical and electronics safety; risk assessment for games and game events; risk assessment for manufacturing; Mental Health: motivation to play; gamification and gameful design; game psychology – internet gaming disorder 311; Platform Hardware Supply Chain and Sustainability; Platform Lifecycle: platform composition – materials, assembly; mineral excavation and processing; power usage; recycling; planned obsolescence.; Modern Slavery: supply chains; forced labor and civil rights; working conditions; detection and remission; certification bodies and charitable endeavors.; Representation in the Media and Industry; Inclusion: identity and identification; inclusion of a broad range of characters for diverse audiences; media representation and its effects; media literacy; content analysis; stereotyping; sexualization; Equality: histories and controversies, such as gamergate, quality of life in the industry, professional discourse and conduct in business contexts, pathways to game development careers, social mobility, the experience of developers from different backgrounds and identities, gender, and technology Discuss how creators can protect their intellectual property.; Identify common pitfalls in game interfaces that exclude players with impaired or non-functional vision.; Describe how heuristic evaluation can be used to identify usability problems in game interfaces.; Explain why upper body injuries are common in eSports.; Discuss how to reform characters and dialogues in a scene to reduce stereotype threat.; Illustrate how the portrayal of race in a game can influence the risk of social exclusion in the associated online community around the game.; Modify a policy for a LAN party event to include mitigations that lower the risk of fire.; Design a gamification strategy to motivate serious play for an awareness-raising game.; Analyze the role of company hiring policies and advocacy on social mobility.; Assess the appropriateness of two manufacturers for producing a new game console.; Compare options for open-source licensing of a game development tool.; Recommend changes to a specific game interface to improve access to players who are deaf or whose hearing is otherwise impaired.; Discuss whether games are addictive.; Suggest how the portrayal of women in video games influences how players perceive members of those groups.; Create a video game that successfully advocates for climate science. SPD.11 Robotics (robotics technology) Fairness, transparency, and accountability in robotic algorithms; Mitigating biases in robot decision-making; Public safety in shared spaces with robots; Compliance with data protection laws; Patient consent and trust in medical robots Identify instances of bias in robotic algorithms and propose strategies to mitigate them.; Evaluate and critique robotic systems for ethical and fairness considerations, suggesting improvements where necessary.; Analyze real-world examples of biases in robot decision-making and develop strategies to reduce bias in robotic systems.; Assess the potential risks associated with robots in public spaces and propose safety measures to mitigate those risks.; Evaluate the impact of patient consent and trust on the effectiveness of medical robot deployments in healthcare contexts. SPD.12 Interactive (interactive technology) Ethical guidelines when using AI models to assist in journalism and content creation; Accountability for AI-generated outputs; Behavior among prompt programmers and AI developers; Trust with the public when using AI models Indicate a framework for accountability in AI model deployment, including clear documentation and attribution.; Discuss ethical codes of conduct and professional standards relevant to prompt programming and AI development.; Create communication plans and materials to educate the public about AI capabilities, limitations, and ethical safeguards.