"Design for Security" Badge Program
The world is becoming increasingly more connected and convenient with digital technologies such as the Cloud, Big Data, mobile, Internet of Things, and Artificial Intelligence. But this convenience leads to greater challenges in security, compliance, data protection, regulations, and privacy – and greater costs.* For our protection, security can no longer be just an afterthought. To meet this need, Purdue University and Intel Corporation offer a new “Design for Security” badge program led by Purdue’s School of Industrial Engineering.
“Design for Security” will focus both on the production level – those companies that produce cyber or cyber-physical systems and their components – and on the education level – those universities that produce the engineers and scientists who design the cyber or cyber-physical systems and associated processes.
It will cover design for security principles from the physical secure design of the infrastructure, to the security of the hardware and software that underlie the infrastructure, and then to the technical constraints and processes in place to support operational security. It will introduce security principles that are required to design a system that supports and enforces the necessary authentication, authorization, confidentiality, data integrity, accountability, availability, and non-repudiation requirements, even when the system is under attack. It will demonstrate the importance of taking security into account throughout the secure development life cycle, not just in the implementation and deployment phases.
Purdue University and Intel Corporation are leading the charge in this arena by developing and offering a “deliver with security” concentration within the Purdue curriculum. The program targets student and professional engineers and computer scientists, and includes Intel designers and beta testing components within Intel manufacturing facilities.
Open to all engineering and science disciplines, this concentration will include multiple courses to deal with the complexities of designing and manufacturing components and products that will be delivered and integrated into secure customer solutions. The courses will be developed with a combination of in-class and online instruction.
*Security issues have cost businesses, consumers, and governments significantly in recent years. The 2017 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 15.4 million U.S. consumers in 2016, compared with $15.3 billion and 13.1 million victims just a year earlier. Identity thieves have stolen over $107 billion in the past six years. According to Invesp, the e-commerce industry suffered an estimated revenue loss of $6.7 billion due to chargebacks in 2016, of which 71% ($4.8b) was due to friendly/chargeback fraud. Global Fraud Index notes the value of potential fraud in the eight industries studied as $57.8 billion. In 2016, computer viruses were estimated to have cost the global economy over $450 billion (around 0.5% of the world’s economy). As computing systems pervade various aspects of our daily lives, capturing, storing, accessing, and manipulating a wide range of sensitive personal data, security will become a daunting challenge, and will bring into question the viability of many future electronic products, applications, and services.