skip to main content


Title: Improving Student Learning in Hardware Security: Project Vision, Overview, and Experiences
Practical, hands-on experience is an essential component of computer science and engineering education, especially in the cybersecurity domain. In this project, we are investigating techniques for improving student learning in such courses, first by developing a new hands-on hardware security course, then by testing the impact of gamification on student learning. The experiments utilize only inexpensive, open-source or freely-available software and hardware, and upon project completion, the modules themselves will also be made freely available online. Improving student learning in this critical area can have a wide-spread positive societal impact as we encourage students to have a security-first, secure-by-design mindset.  more » « less
Award ID(s):
1954259
PAR ID:
10407662
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
2022 IEEE International Symposium on Smart Electronic Systems (iSES)
Page Range / eLocation ID:
297 to 301
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Hardware security is an emerging field with far-ranging impacts on the design and implementation of the devices we use in our everyday lives – from wearable and implantable medical devices to personal mobile devices, and even cloud devices powering the software services that drive our society forward. Practical, hands-on experience is vital to the training of students in this and other security-related fields. We are developing a new model for hardware security education using readily available, cost-efficient, off-the-shelf development boards, with hands-on experiments that offer new learning opportunities for students. Beyond this, we are experimenting with different pedagogical methods to improve student engagement. In particular, we aim to gamify a subset of the experiments and evaluate the impact on student engagement and learning. This work-in-progress paper describes our initial approach to the gamification of hardware security labs and reports on baseline results from our control study using a more traditional, non-gamified approach. 
    more » « less
  2. This paper presents an innovative approach to DevOps security education, addressing the dynamic landscape of cybersecurity threats. We propose a student-centered learning methodology by developing comprehensive hands-on learning modules. Specifically, we introduce labware modules designed to automate static security analysis, empowering learners to identify known vulnerabilities efficiently. These modules offer a structured learning experience with pre-lab, hands-on, and post-lab sections, guiding students through DevOps concepts and security challenges. In this paper, we introduce hands-on learning modules that familiarize students with recognizing known security flaws through the application of Git Hooks. Through practical exercises with real-world code examples containing security flaws, students gain proficiency in detecting vulnerabilities using relevant tools. Initial evaluations conducted across educational institutions indicate that these hands-on modules foster student interest in software security and cybersecurity and equip them with practical skills to address DevOps security vulnerabilities. 
    more » « less
  3. This paper presents an innovative approach to DevOps security education, addressing the dynamic landscape of cybersecurity threats. We propose a student-centered learning methodology by developing comprehensive hands-on learning modules. Specifically, we introduce labware modules designed to automate static security analysis, empowering learners to identify known vulnerabilities efficiently. These modules offer a structured learning experience with pre-lab, hands-on, and post-lab sections, guiding students through DevOps concepts and security challenges. In this paper, we introduce hands-on learning modules that familiarize students with recognizing known security flaws through the application of Git Hooks. Through practical exercises with real-world code examples containing security flaws, students gain proficiency in detecting vulnerabilities using relevant tools. Initial evaluations conducted across educational institutions indicate that these hands-on modules foster student interest in software security and cybersecurity and equip them with practical skills to address DevOps security vulnerabilities. 
    more » « less
  4. The field of DevOps security education necessitates innovative approaches to effectively address the ever evolving challenges of cybersecurity. Adopting a student-centered approach, there is the need for the design and development of a comprehensive set of hands-on learning modules. In this paper, we introduce hands-on learning modules that enable learners to be familiar with identifying known security weaknesses, based on taint tracking to accurately pinpoint vulnerable code. To cultivate an engaging and motivating learning environment, our hands-on approach includes a pre-lab, hands-on and post-lab sections. They all provide introduction to specific DevOps topics and software security problems at hand, followed by practicing with real world code examples having security issues to detect them using tools. The initial evaluation results from a number of courses across multiple schools show that the hands-on modules are enhancing the interests among students on software security and cybersecurity, while preparing them to address DevOps security vulnerabilities. 
    more » « less
  5. The field of DevOps security education necessitates innovative approaches to effectively address the ever evolving challenges of cybersecurity. Adopting a student-centered approach, there is the need for the design and development of a comprehensive set of hands-on learning modules. In this paper, we introduce hands-on learning modules that enable learners to be familiar with identifying known security weaknesses, based on taint tracking to accurately pinpoint vulnerable code. To cultivate an engaging and motivating learning environment, our hands-on approach includes a pre-lab, hands-on and postlab sections. They all provide introduction to specific DevOps topics and software security problems at hand, followed by practicing with real world code examples having security issues to detect them using tools. The initial evaluation results from a number of courses across multiple schools show that the hands-on modules are enhancing the interests among students on software security and cybersecurity, while preparing them to address DevOps security vulnerabilities. 
    more » « less