The increasing importance of supply chain security for digital devices -- from consumer electronics to critical infrastructure -- has created a high demand for skilled cybersecurity experts. These experts use Hardware Reverse Engineering (HRE) as a crucial technique to ensure trust in digital semiconductors. Recently, the US and EU have provided substantial funding to educate this cybersecurity-ready semiconductor workforce, but success depends on the widespread availability of academic training programs. In this paper, we investigate the current state of education in hardware security and HRE to identify efficient approaches for establishing effective HRE training programs. Through a systematic literature review, we uncover 13 relevant courses, including eight with accompanying academic publications. We identify common topics, threat models, key pedagogical features, and course evaluation methods. We find that most hardware security courses do not prioritize HRE, making HRE training scarce. While the predominant course structure of lectures paired with hands-on projects appears to be largely effective, we observe a lack of standardized evaluation methods and limited reliability of student self-assessment surveys. Our results suggest several possible improvements to HRE education and offer recommendations for developing new training courses. We advocate for the integration of HRE education into curriculum guidelines to meet the growing societal and industry demand for HRE experts.
翻译:暂无翻译