CIST: A Serious Game for Hardware Supply Chain

By Stephen Hart, Basel Halak, and Vladimiro Sassone

Abstract

“The globalisation and outsourcing of the IC supply chain have led to a more complex production cycle. Using threat models to understand the attacks can help engineers build stronger countermeasures and evaluate against different options to create better protection from attacks. Gamification is an alternative to teaching engineers threats using threat models and trying to keep up to date with new threats. Playing a serious game based on the IC hardware supply chain allows players to take control of self-learning and build knowledge through experiences in the gameplay. This paper propose CIST: A serious game for hardware supply chain, designed for hardware security and uses a threat model called CIST, designed to overcome the different requirements for hardware threats and gaps in current generic security threat models. The CIST game covers hardware-related risks through the complete IC life cycle from design, manufacturing, using the IC within a system and finally, recycling the ICs.”

Reference

Hart, S., Halak, B., &; Sassone, V. (2022). Cist: A serious game for hardware supply chain. Computers & Security, 122, 102912. doi:10.1016/j.cose.2022.102912 https://www.sciencedirect.com/science/article/pii/S0167404822003054

Keyword

Serious gaming, cyber security education, gamification, design training effectiveness, threat models, hardware security, research