TurtleMCU: A Platform for Teaching a Holistic View Into Embedded Computer Architecture and Security

Abstract

This Innovative Practice Full Paper introduces an educational tool that combines a simple HDL processor design with a suite of simple, exploitable programs to teach hardware security concepts to students in introductory computer architecture. Recent high profile cyber-attacks that rely on vulnerabilities in computing hardware (including Spectre and Meltdown) have highlighted the need for hardware and software security principles to be taught at all levels of computer architecture and hardware design. Unfortunately, there are currently few tools available that make hardware security concepts accessible to introductory computer architecture students. To address this gap, We propose a new platform called TurtleMCU.TurtleMCU provides introductory students with a holistic view into the security of embedded microcontrollers, allowing them to combine reverse engineering, vulnerability discovery and exploitation, and vulnerability response and mitigation techniques at both the hardware and software level. Notably, where other environments for teaching CPU architecture or software security provide only software simulations, TurtleMCU incorporates a fully synthesizeable HDL view of a basic microprocessor, allowing students to implement the design on FPGA development platforms and incorporate their designs into real hardware and peripherals. This paper discusses the design and proposed educational use cases of TurtleMCU, and provides the entire TurtleMCU platform as an open-source project for inclusion in readers’ curricula.