Pictured: Duo Xu, an M.S. in Cybersecurity student on the Vancouver campus, who participated in the project.
Connected devices have become the norm in our day-to-day lives. With the growth of these devices, however, comes an increased threat of data theft and attacks on edge platforms, which feature distributed open IT architecture. Cyber threats to connected utility monitoring systems, automated factories, and automobiles are becoming everyday occurrences.
Cybersecurity students in INCS 870 at New York Tech’s Vancouver campus recently had the unique opportunity to contribute to combatting that threat by working with China-based Gowin Semiconductor, the world’s fastest growing programmable logic company, to solve some security problems on Gowin’s SecureFPGA devices.
Gowin launched its SecureFPGA product line in 2019, targeted for endpoint and server management applications using built-in security functions to eliminate the rise of security attacks and breaches in edge computing.
As part of their graduate capstone project, the students worked with Gowin to develop a Secure Boot for the SecureFPGA system using Gowin’s Broadkey security library. Secure Boot is an industry security standard that ensures that any device boots using only software that is digitally signed and verified by the Original Equipment Manufacturer (OEM), a process designed to protect against malicious software being executed in the boot process. Typically, the secure boot process runs over a small amount of boot code prior to any application software and involves digital signature verification over the application firmware using an asymmetric key pair.
Gowin posed the project via Riipen, a web platform designed to engage faculty and students with companies seeking assistance on specific projects or problems. The Gowin-New York Tech partnership was a win-win, providing students with industry experience while solving a need for the company, which didn’t have to devote employee resources to the project.
“The multifaceted nature of embedded systems makes it challenging to give students exposure to, and experience in, all facets of such systems,” says Yunlong Shao, assistant professor of cybersecurity at NYIT-Vancouver. “This capstone project gave students valuable experience in embedded system development while reinforcing theoretical concepts.”
Graduate student Duo Xu says the experience improved both his technical and communication skills. “The project description is just a piece of paper that needs to be mapped out to real-world conditions,” says Xu. “Working with the product manager helped me push the project forward faster than attempting to resolve questions on my own.”
Xu says working through “massive challenges” helped him develop a procedure to solve future coding and programming questions. “Self-learning is really important in real-world production,” he says. “I think this experience will help a lot with my future study.”
According to Grant Jennings, director of international marketing for Gowin Semiconductor, Secure Boot is one of the most common requests the company receives from customers wanting to add security capabilities to their embedded products. “Partnering with New York Tech gave us incredibly valuable insight into our security product offering from graduate students with domain expertise specifically in cybersecurity,” he says.
An example design based on the students’ work can be found at gowinsemi.com and can be evaluated by developers using the DK-START-GW1NSE-2C development kit from GOWIN.
By Renée Gearhart Levy