Dr. Swarup Bhunia and Dr. Greg Stitt Aim to Extend Security Education to All

Dr. Swarup Bhunia, Director of the Warren B. Nelms Institute, and Dr. Greg Stitt, both professors in the Department of Electrical and Computer Engineering, are working to make hardware security education more accessible to undergraduate engineering students.

The collaborative, three-year project, titled “Hardware Security Education for All Through Seamless Extension of Existing Curricula” is funded by the National Science Foundation (NSF).

The field of cybersecurity has focused predominantly on the security of software and the communication network, due to the assumption that the underlying hardware is trustworthy and reliable. However, emerging hardware attack methods have originated from untrustworthy global supply chain sources and vulnerabilities inherent to the hardware.

“Understanding the innards of an Internet of Things (IoT) endpoint device, such as a smart camera or a smart thermostat, and their security issues, is becoming essential for our students. This is because hardware-based attacks and security solutions are growing rapidly in the IoT era,” Dr. Bhunia said.

Many students who enter the workforce are insufficiently prepared to counter hardware-oriented attacks because existing undergraduate curricula for electrical and computer engineering, computer science, and related programs focus primarily on the software and network aspects of cybersecurity. Few institutions have introduced dedicated hardware security courses, and even when these courses exist, they are typically electives.

“This NSF-funded project will enable us to explore a new paradigm of security education,” Dr. Bhunia said. “It aims to seamlessly extend existing curriculum to include a set of well-designed hands-on educational modules explaining the fundamental notions in hardware security. An approach, we believe, that provides an organic way of teaching hardware security concepts to a large student body, without forcing them to take specialized courses.”

The goals of the project are to broaden undergraduate students’ participation; advance their knowledge; and create a well-trained and diversified cybersecurity workforce with essential knowledge of hardware security. The security-integrated contents of various core courses will be made available online for all universities and community colleges nationwide.

The project is in collaboration with University of Kansas (PI: Tamzidul Hoque) and Florida International University (PI: Md Rahman). This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education.