research-article

Cybersecurity Education: Bridging the Gap Between Hardware and Software Domains

Authors:

Marcin Lukowiak,

Stanisław Radziszowski,

Christopher WoodAuthors Info & Claims

ACM Transactions on Computing Education (TOCE), Volume 14, Issue 1

Article No.: 2, Pages 1 - 20

https://doi.org/10.1145/2538029

Published: 01 March 2014 Publication History

Abstract

With the continuous growth of cyberinfrastructure throughout modern society, the need for secure computing and communication is more important than ever before. As a result, there is also an increasing need for entry-level developers who are capable of designing and building practical solutions for systems with stringent security requirements. This calls for careful attention to algorithm choice and implementation method, as well as trade-offs between hardware and software implementations. This article describes motivation and efforts taken by three departments at Rochester Institute of Technology (Computer Engineering, Computer Science, and Software Engineering) that were focused on creating a multidisciplinary course that integrates the algorithmic, engineering, and practical aspects of security as exemplified by applied cryptography. In particular, the article presents the structure of this new course, topics covered, lab tools and results from the first two spring quarter offerings in 2011 and 2012.

References

[1]

Bertoni, G., Daemen, J., Peeters, M., and Assche, G. V. 2009. Keccak specifications.

[2]

Chodowiec, P. and Gaj, K. 2003. Very compact FPGA implementation of the AES algorithm. In Proceedings of the Cryptographic Hardware and Embedded Systems (CHES). 319--333.

[3]

Daemen, J. and Rijmen, V. 1999. AES Proposal: Rijndael.

[4]

Dandass, Y. 2008. Teaching application implementation on FPGAs to computer science and software engineering students. Comput. Educ. J. 18, 1.

[5]

Dworkin, M. 2001. SP 800-38A 2001 Edition. Recommendation for block cipher modes of operation: Methods and techniques. Tech. rep., NIST, Gaithersburg, MD.

Digital Library

[6]

Dworkin, M. 2004. SP 800-38C. Recommendation for block cipher modes of operation: The CCM mode for authentication and confidentiality. NIST, Gaithersburg, MD.

[7]

Dworkin, M. 2005. SP 800-38B. Recommendation for block cipher modes of operation: The CMAC mode for authentication. NIST, Gaithersburg, MD.

[8]

Dworkin, M. 2007. SP 800-38D. Recommendation for block cipher modes of operation: Galois/Counter Mode (GCM) and GMAC. NIST, Gaithersburg, MD.

Digital Library

[9]

Dworkin, M. 2010a. Recommendation for block cipher modes of operation, cipher modes of operation: Three variants of ciphertext stealing for CBC mode. NIST, Gaithersburg, MD.

[10]

Dworkin, M. 2010b. SP 800-38E. Recommendation for block cipher modes of operation: The XTS-AES mode for confidentiality on storage devices. NIST, Gaithersburg, MD.

[11]

Hadim, H. and Esche, S. 2002. Enhancing the engineering curriculum through project-based learning. In Proceedings of IEEE 32nd Annual Frontiers in Education (FIE).

[12]

Hake, R. 1998. Interactive-engagement versus traditional methods: A six-thousand-student survey of mechanics test data for introductory physics courses. Amer. J. Physics 66, 64.

[13]

Kayser, R. 2007. Announcing request for candidate algorithm nominations for a new cryptographic hash algorithm (SHA-3) family. Federal Register 72, 212.

[14]

Lukowiak, M., Meneely, A., Radziszowski, S., Wood, C., and Vallino, J. 2012. Developing an applied, security-oriented computing curriculum. In Proceedings of the ASEE Annual Conference. American Society of Engineering Education.

[15]

National Institute of Standards and Technology. Cryptographic Hash project website, Computer Security Division.

[16]

National Institute of Standards and Technology. 2001. Specification for the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197.

[17]

National Institute of Standards and Technology 2012. NIST selects winner of secure hash algorithm (SHA-3) competition. http://www.nist.gov/itl/csd/sha-100212.cfm.

[18]

Pellerin, D. and Thibault, S. 2005. Practical FPGA Programming in C. Prentice Hall.

Digital Library

[19]

Prince, M. 2004. Does active learning work? A review of the research. J. Eng. Educ.-Washington 93, 223--232.

[20]

Schaumont, P. 2007. A senior-level course in hardware-software codesign. In Proceedings of IEEE International Conference on Microelectronic Systems Education (MSE). 7--8.

Digital Library

[21]

Stinson, D. 2006. Cryptography: Theory and Practice 3rd Ed. CRC Press.

Digital Library

[22]

Vallino, J. and Czernikowski, R. 2005. Thinking inside the box: A multi-disciplinary real-time and embedded systems course sequence. In Proceedings of the 35th Annual Conference Frontiers in Education (FIE) Conference. FT3G--12.

[23]

Vallino, J. and Czernikowski, R. 2008. Interdisciplinary teaming as an effective method to teach real-time and embedded systems courses. In Proceedings of the Workshop on Embedded Systems Education.

[24]

Virginia Tech. Secure Hardware Design. ECE 5520.

[25]

Worcester Polytechnic Institute. Advanced Cryptography. ECE 673.

Cited By

Crabb JHundhausen CGebremedhin AStephenson BStone JBattestilli LRebelsky SShoop L(2024)A Critical Review of Cybersecurity Education in the United StatesProceedings of the 55th ACM Technical Symposium on Computer Science Education V. 110.1145/3626252.3630757(241-247)Online publication date: 7-Mar-2024
https://dl.acm.org/doi/10.1145/3626252.3630757
Ismail MMadathil NAlalawi MAlrabaee SAl Bataineh MMelhem SMouheb D(2024)Cybersecurity activities for education and curriculum design: A surveyComputers in Human Behavior Reports10.1016/j.chbr.2024.10050116(100501)Online publication date: Dec-2024
https://doi.org/10.1016/j.chbr.2024.100501
Rahman AHossain SBose D(2021)Exercise Perceptions: Experience Report from a Secure Software Development CourseQuality of Information and Communications Technology10.1007/978-3-030-85347-1_37(521-535)Online publication date: 25-Aug-2021
https://doi.org/10.1007/978-3-030-85347-1_37
Show More Cited By

Index Terms

Cybersecurity Education: Bridging the Gap Between Hardware and Software Domains
1. Social and professional topics
  1. Professional topics
    1. Computing education
      1. Computing education programs
        Information systems education

Recommendations

Shaping Curricular Guidelines for Associate-Degree Cybersecurity Programs
SIGCSE '19: Proceedings of the 50th ACM Technical Symposium on Computer Science Education

As projections of the shortage of cybersecurity workers grow [4], the spotlight is on cybersecurity education. In December of 2017, the Joint Task Force on Cybersecurity Education published Cybersecurity Curricula 2017: Curriculum Guidelines for Post-...
A Capstone Design Project for Teaching Cybersecurity to Non-technical Users
SIGITE '16: Proceedings of the 17th Annual Conference on Information Technology Education

This paper presents a multi-year undergraduate computing capstone project that holistically contributes to the development of cybersecurity knowledge and skills in non-computing high school and college students. We describe the student-built Vulnerable ...
Bringing Up Cybersecurity Degree Programs: (Abstract Only)
SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science Education

Due to the ongoing demand for cybersecurity professionals, universities have begun to step up to the challenge of providing degrees in cybersecurity or related disciplines. However, growth in academic programs has been unfocused, in part because there ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Computing Education

ACM Transactions on Computing Education Volume 14, Issue 1

March 2014

98 pages

EISSN:1946-6226

DOI:10.1145/2600089

Editors:
Robert McCartney
University of Connecticut, USA
,
Josh Tenenberg
University of Washington--Tacoma, USA

Issue’s Table of Contents

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 2014

Accepted: 01 October 2013

Revised: 01 September 2013

Received: 01 December 2012

Published in TOCE Volume 14, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Division of Undergraduate Education

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
926
Total Downloads

Downloads (Last 12 months)37
Downloads (Last 6 weeks)2

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Crabb JHundhausen CGebremedhin AStephenson BStone JBattestilli LRebelsky SShoop L(2024)A Critical Review of Cybersecurity Education in the United StatesProceedings of the 55th ACM Technical Symposium on Computer Science Education V. 110.1145/3626252.3630757(241-247)Online publication date: 7-Mar-2024
https://dl.acm.org/doi/10.1145/3626252.3630757
Ismail MMadathil NAlalawi MAlrabaee SAl Bataineh MMelhem SMouheb D(2024)Cybersecurity activities for education and curriculum design: A surveyComputers in Human Behavior Reports10.1016/j.chbr.2024.10050116(100501)Online publication date: Dec-2024
https://doi.org/10.1016/j.chbr.2024.100501
Rahman AHossain SBose D(2021)Exercise Perceptions: Experience Report from a Secure Software Development CourseQuality of Information and Communications Technology10.1007/978-3-030-85347-1_37(521-535)Online publication date: 25-Aug-2021
https://doi.org/10.1007/978-3-030-85347-1_37
Luburić NSladić GSlivka JMilosavljević B(2019)A Framework for Teaching Security Design Analysis Using Case Studies and the Hybrid Flipped ClassroomACM Transactions on Computing Education10.1145/328923819:3(1-19)Online publication date: 16-Jan-2019
https://dl.acm.org/doi/10.1145/3289238
Pastel RZhang W(2018)Achieving Effective Communication between Diverse Disciplines in Small Teams2018 IEEE Frontiers in Education Conference (FIE)10.1109/FIE.2018.8659206(1-9)Online publication date: 3-Oct-2018
https://dl.acm.org/doi/10.1109/FIE.2018.8659206
Pastel RSeigel MZhang WMayer A(2015)Team Building in Multidisciplinary Client-Sponsored Project CoursesACM Transactions on Computing Education10.1145/270051815:4(1-23)Online publication date: 24-Nov-2015
https://dl.acm.org/doi/10.1145/2700518

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents