The objective of this project at Florida Gulf Coast University is to improve the quality of teaching security for embedded systems in computer science and software engineering. Embedded systems are ubiquitous in our everyday lives in microwave ovens, garage door openers, cars, cell phones, and point-of-sale credit card transactions to name a few. However, the explosive growth in embedded technology has not been accompanied by substantial educational activities particularly in the area of the security of embedded systems. The issues in the security of embedded systems are substantially different from those in traditional enterprise systems and desktop computing. First, embedded systems are highly distributed and essentially unattended, which makes them vulnerable; and second, embedded applications involve the use of sensors and actuators, which are themselves computerized and thus subject to security breaches if not protected properly. The diversity of potential threats makes it difficult to provide general countermeasures to protect embedded devices and, consequently, teach protection techniques. The embedded systems curriculum at Florida Gulf Coast University involves junior and senior level courses on Embedded Systems Programming, Data Acquisition and Control, Computer Network Programming and Senior Software Engineering Projects. In this curriculum, students work on real life projects, designing and implementing embedded systems using microprocessors, microcontrollers and FPGA circuits. The project is developing course materials with the following goals: 1) studying and learning professional issues in embedded systems security; 2) developing eight learning modules on the subject; 3) presenting them as web-based lectures; 4) creating lab exercises for practical applications; 5) evaluating the project results by two professional evaluators; and 6) assessing the project's effectiveness and impact in the classroom by the students. The broader impact of this project lies in exposing undergraduate students to the security aspects of embedded systems, which is rarely covered at the undergraduate level. Development and dissemination of comprehensive learning modules is helping to create a knowledgeable workforce in an area that is critical to U.S. national security.
" involved creation and testing of eight modules on security of embedded computer systems. An embedded system is a computer system that is part of a larger system and performs some of the requirements of that system (IEEE Software and Systems Engineering Vocabulary). Embedded systems and devices penetrate literally every aspect of our lives. A quick look at a daily routine of an average middle class American reveals at least a dozen encounters with embedded systems before one even gets to the office (alarm clock or wrist watch, microwave oven, garage door opener, car or other means of transportation saturated with embedded systems, traffic lights, automatic pass onto a highway, gate to the parking lot, cell phone, office door lock, coffee brew at Starbucks, credit card payment at the cash register, etc.). This demand creates a tremendous market for software engineers knowledgeable in designing embedded systems and ensuring their security. The development of these modules responds to this demand. The topics selected for the development include: (1) General educational modules on security, such as "General Introduction to Computer Security", "Introduction to Cryptography" and "Embedded Systems Security"; (2) Security of specific technologies used in embedded systems, which involve "FPGA Security", "RFID Security" and "SCADA Security"; and (3) Software aspects of embedded systems security, such as "Java Security" and "Threat Modeling". Each module consists of the following components: Objectives and Introduction, Student Activities, Suggested Readings, Hands-on Exercise, and Assessment. Eight modules developed have been tested in undergraduate courses on embedded systems and computer networks at Florida Gulf Coast University, and are available on the Internet for use at any other university or organization across the nation or internationally. The associated images include an interview with the Principal Investigator, Dr. Janusz Zalewski, on the lab into which these modules have been incorporated, and an article discussing broader aspects of online education with the use of remote software engineering labs to teach embedded systems and their security.