Collaborative Research: SaTC: EDU: Hardware Security Education for All Through Seamless Extension of Existing Curricula

合作研究：SaTC：EDU：通过无缝扩展现有课程为所有人提供硬件安全教育

• 批准号: 2114157
• 负责人: Tamzidul Hoque
• 金额: $ 16.3万
• 依托单位: University of Kansas Center for Research Inc
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-07-01 至 2024-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2114157&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; EDU; Hardware

The field of cybersecurity has focused predominantly on the security of software and the communication network due to the assumption that the underlying hardware is trustworthy and reliable. However, emerging hardware attack methods have originated from untrustworthy global supply chain sources and vulnerabilities inherent to the hardware. To address these challenges, the government and industry are in urgent need of cybersecurity professionals trained to counter hardware-oriented attacks. However, most students are insufficiently prepared because existing undergraduate curricula for electrical and computer engineering, computer science, and related programs focus primarily on the software and network aspects of cybersecurity. Few institutions have introduced dedicated hardware security courses and even when these courses exist, they are typically electives. This project aims to facilitate hardware security education for engineering undergraduate students by incorporating the relevant concepts into existing core courses. The project will broaden undergraduate students’ participation; advance their knowledge; and create a well-trained and diversified cybersecurity workforce with essential knowledge of hardware security. The security-integrated contents of various core courses will be made available online for all universities and community colleges nationwide. The participation of students who are members of underrepresented groups in cybersecurity education and research should also be catalyzed by this effort. This project aims to integrate theoretical and practical training on six foundational hardware security concepts in core courses related to digital design and embedded systems. Course modules will be distributed to the broader community after evaluation by industry and academic experts. Existing theory and lab modules within the target core courses will be augmented with security-oriented concepts through a ‘contextual learning’ process, so that they will strengthen the materials of the core course while educating on security. The course materials, modules, and findings will be shared publicly using the PIs’ webpages and well-established online platforms for hardware security, such as Trust-Hub and CADforAssurance. This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

网络安全领域主要集中在软件和通信网络的安全性上，因为假设底层硬件是值得信赖和可靠的。然而，新兴的硬件攻击方法起源于不可信赖的全球供应链来源和硬件固有的漏洞。为了应对这些挑战，政府和行业迫切需要经过培训的网络安全专业人员来应对面向硬件的攻击。然而，大多数学生准备不足，因为现有的电气和计算机工程，计算机科学和相关课程的本科课程主要集中在网络安全的软件和网络方面。很少有机构推出专门的硬件安全课程，即使这些课程存在，它们通常也是选修课。本项目旨在通过将相关概念融入现有核心课程，促进工程本科生的硬件安全教育。该项目将扩大本科生的参与;提高他们的知识;并创建一个训练有素的和多样化的网络安全劳动力与硬件安全的基本知识。将在网上向全国所有大学和社区学院提供各种核心课程的安全综合内容。 这一努力还应促进代表性不足群体的学生参与网络安全教育和研究。该项目旨在将与数字设计和嵌入式系统相关的核心课程中的六个基本硬件安全概念的理论和实践培训相结合。 课程模块将在行业和学术专家评估后分发给更广泛的社区。目标核心课程中的现有理论和实验室模块将通过“情境学习”过程增强以安全为导向的概念，以便在进行安全教育的同时加强核心课程的材料。课程材料、模块和研究结果将通过PI的网页和成熟的硬件安全在线平台（如Trust-Hub和CADforAssurance）公开共享。该项目得到了安全和值得信赖的网络空间（SaTC）计划的支持，该计划为解决网络安全和隐私问题的提案提供资金，在这种情况下，特别是网络安全教育。SATC计划与联邦网络安全研究和发展战略计划和国家隐私研究战略保持一致，以保护和维护网络系统日益增长的社会和经济效益，同时确保安全和隐私。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。