Sigurd Meldal, Kristen Gates, Russell Smith, Xiao Su
Citation
Sigurd Meldal, Kristen Gates, Russell Smith, Xiao Su. "Security, Safety and Privacy – Pervasive Themes for Engineering Education". ICEE 2008, Geza Varady (ed.), iNEER, July, 2008.
Abstract
Computer trustworthiness continues to increase in importance as a pressing scientific, economic, and so-
cial problem. The last decade has seen a rapid increase in computer security attacks at all levels, as more in-
dividuals connect to common networks and as motivations and means to conduct sophisticated attacks in-
crease. A parallel and accelerating trend has been the rapidly growing integration role of computing and
communication in critical infrastructure systems, with complex interdependencies rooted in information
technologies [1][12]. The ubiquitous nature of IT technology deployment also has deep consequences for
personal privacy and ultimately on individual freedom [6]. These overlapping and interacting trends force us
to recognize that trustworthiness of our computer systems is not an IT issue alone; it has a direct and imme-
diate impact on the nation's critical infrastructure and on the core values of our society.
The interplay (and possible conflicts) of these factors compel us to conclude that an understanding of the
policy and security issues of IT deployment is part and parcel of being an educated member of society. Fur-
thermore, an understanding of these issues is a necessary requirement for every professional engineer, and in
particular for engineers in the IT domains: Trustworthiness is a key concept to be taught in general educa-
tion, and in particular in engineering education.
Engineering education currently lacks a holistic view of the interplay of security in systems design. Secu-
rity appears in engineering curricula (if at all) as add-ons, and discussions of public policy issues are insig-
nificant.
Creating a new generation of professionals who understand the technology and policy aspects of trustwor-
thiness in our critical infrastructure systems is part of the US national agenda and a central objective for
TRUST, the NSF Science and Technology Center for Research in Ubiquitous Secure Technology [1].
Based on work done at and with NSF STC TRUST we are adopting a multi-pronged approach to integrat-
ing trustworthiness into the general and the engineering education experiences.
• In the general education curriculum (which all students have to complete) we have created a course
where security and privacy issues serve as a vehicle for the social issues education requirement.
• In the engineering core classes we are introducing security as a key design component.
• Internships in security organizations are offered to students across the US as part of engineering degrees.
• The role of national certification and accreditation standards (such as the NSA CAEIAE certification,
ABET EAC and CAC accreditation) are evaluated for curricular adoption and adaption.
• National and regional workshops that establish security development communities are organized, and
they assist universities in understanding and achieving such standards.
Our ultimate goal is to change the current situation and to engage the educational community to work to-
wards a broader understanding of systems, security and policy options among future technologists and policy
shapers.
In this paper we will present three aspects of this strategy: The introduction of security and privacy to the
general student population through a general education course, secondly the more technical introduction to
security in the context of a network security course, and thirdly, the confirmation of these academic modes
through the placement of students into internships in security organizations in Silicon Valley.
Electronic downloads
- ICEE2008_MeldalGatesSmithSuFull.pdf · application/pdf · 700 kbytes
| Citation formats |
- HTML
Sigurd Meldal, Kristen Gates, Russell Smith, Xiao Su. <a href="http://www.truststc.org/pubs/431.html" >Security, Safety and Privacy – Pervasive Themes for Engineering Education</a>, ICEE 2008, Geza Varady (ed.), iNEER, July, 2008.
- Plain text
Sigurd Meldal, Kristen Gates, Russell Smith, Xiao Su. "Security, Safety and Privacy – Pervasive Themes for Engineering Education". ICEE 2008, Geza Varady (ed.), iNEER, July, 2008.
- BibTeX
@inproceedings{MeldalGatesSmithSu08_SecuritySafetyPrivacyPervasiveThemesForEngineering, author = {Sigurd Meldal and Kristen Gates and Russell Smith and Xiao Su}, title = {Security, Safety and Privacy – Pervasive Themes for Engineering Education}, booktitle = {ICEE 2008}, editor = {Geza Varady}, organization = {iNEER}, month = {July}, year = {2008}, abstract = {Computer trustworthiness continues to increase in importance as a pressing scientific, economic, and so- cial problem. The last decade has seen a rapid increase in computer security attacks at all levels, as more in- dividuals connect to common networks and as motivations and means to conduct sophisticated attacks in- crease. A parallel and accelerating trend has been the rapidly growing integration role of computing and communication in critical infrastructure systems, with complex interdependencies rooted in information technologies [1][12]. The ubiquitous nature of IT technology deployment also has deep consequences for personal privacy and ultimately on individual freedom [6]. These overlapping and interacting trends force us to recognize that trustworthiness of our computer systems is not an IT issue alone; it has a direct and imme- diate impact on the nation's critical infrastructure and on the core values of our society. The interplay (and possible conflicts) of these factors compel us to conclude that an understanding of the policy and security issues of IT deployment is part and parcel of being an educated member of society. Fur- thermore, an understanding of these issues is a necessary requirement for every professional engineer, and in particular for engineers in the IT domains: Trustworthiness is a key concept to be taught in general educa- tion, and in particular in engineering education. Engineering education currently lacks a holistic view of the interplay of security in systems design. Secu- rity appears in engineering curricula (if at all) as add-ons, and discussions of public policy issues are insig- nificant. Creating a new generation of professionals who understand the technology and policy aspects of trustwor- thiness in our critical infrastructure systems is part of the US national agenda and a central objective for TRUST, the NSF Science and Technology Center for Research in Ubiquitous Secure Technology [1]. Based on work done at and with NSF STC TRUST we are adopting a multi-pronged approach to integrat- ing trustworthiness into the general and the engineering education experiences. • In the general education curriculum (which all students have to complete) we have created a course where security and privacy issues serve as a vehicle for the social issues education requirement. • In the engineering core classes we are introducing security as a key design component. • Internships in security organizations are offered to students across the US as part of engineering degrees. • The role of national certification and accreditation standards (such as the NSA CAEIAE certification, ABET EAC and CAC accreditation) are evaluated for curricular adoption and adaption. • National and regional workshops that establish security development communities are organized, and they assist universities in understanding and achieving such standards. Our ultimate goal is to change the current situation and to engage the educational community to work to- wards a broader understanding of systems, security and policy options among future technologists and policy shapers. In this paper we will present three aspects of this strategy: The introduction of security and privacy to the general student population through a general education course, secondly the more technical introduction to security in the context of a network security course, and thirdly, the confirmation of these academic modes through the placement of students into internships in security organizations in Silicon Valley. }, URL = {http://www.truststc.org/pubs/431.html} }
Posted by Sigurd Meldal on 18 Aug 2008.
For additional information, see the
Publications FAQ or
contact webmaster at www truststc org.
Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.