Developing an Applied, Security-Oriented Computing Curriculum

Software and hardware security is a reality that all stakeholders must face, from hardware engineers to software developers to customers. As a direct result, the technology industry is facing a growing need for engineers who understand security principles at varying levels of abstraction. These engineers will need security-oriented perspectives stemming from both theoretical and practical disciplines, including software engineering, computer engineering, and computer science. Unfortunately, in traditional academic settings, secure software and hardware are typically taught independently despite being intertwined in practice. Consequently, the objective of this initiative is to prepare students to apply a security-oriented awareness to a broad range of hardware and software systems by developing a multi-disciplinary curriculum involving three departments. Our efforts at Rochester Institute of Technology focus on integrating security into software design and implementations, hardware design and implementations, and hardwaresoftware co-design. In the cluster of courses described in this paper, we use cryptographic applications as the motivating security focus. We describe changes made to an existing introductory cryptography course, report on a recently-developed course entitled Hardware and Software Design for Cryptographic Applications, and present our plans for a Secure Software Engineering course.