Harvard University homepage
HARVARD.EDU

Embedded EthiCS @ Harvard Bringing ethical reasoning into the computer science curriculum

We Value Your Feedback! Help us improve by sharing your thoughts in a brief survey. Your input makes a difference—thank you!

Computer Hardware (CS 141) – Spring 2022

First time reviewing a module? Click here.

Click  to access marginalia information, such as reflections from the module designer, pedagogical decisions, and additional sources.

Click “Download full module write-up” to download a copy of this module and all marginalia information available.

Module Topic: Hardware Backdoors and Responsibility
Module Author: Eliza Wells

Download full module write-up

Course Level: Upper Level Undergraduate
AY: 2021-2022

Course Description: “This course introduces fundamentals in designing and building modern information devices and systems that interface with the real world. It focuses on digital devices and systems, and it complements ENG-SCI 152, which focuses on devices and systems that use analog electronics. Topics include: combinational and sequential logic; computer architecture; machine code; and altogether the infrastructure and computational framework composing a MIPS processor. Consideration is given in design to interactions between hardware and software systems. Students will design application specific hardware for an embedded system.” (Course Description

Semesters Taught: Spring 2021, Spring 2022

    Tags

  • Hardware backdoors [CS]
  • Rights [phil]
  • Autonomy [phil]

Module Overview

This module focuses on hardware backdoors, which allow agents to bypass normal security measures on a device. Hardware backdoors can be created by malicious agents, corporations, or governments, and pose security threats to users, while being difficult to detect. The first question the module asks is: is it ethical to create hardware backdoors? The module shows students how security risks like those posed by hardware backdoors threaten users’ rights, and asks what kinds of reasons would count as a strong justification for disrespecting those rights. The second question is: how should we respond to the possibility of hardware backdoors? Given that hardware backdoors pose significant threats but are difficult to detect and prevent, the module encourages students to use their moral judgment to think about the responsibility they have to protect rights as computer scientists.

    Connection to Course Material

Students in this course have encountered different goals in systems design, such as speed and efficiency. Hardware backdoors help bring to light another value that is recently becoming more important for hardware designers: security. Students see how the specific technical elements they learn about in the course can be exploited.

The topic of this course is hardware design. The backdoors discussed in the module exploit design features in microprocessors that students have learned about. Hardware backdoors pose different threats than better-known software backdoors, one of which is that they are more difficult to test for. Being aware of these threats is important for future work that students may do in hardware design.

Goals

Module Goals

  1. Discuss rights and strong justifications for disrespecting rights in the context of security ethics.
  2. Introduce the possibility of hardware backdoors and the threats they pose.
  3. Practice using moral judgment in response to hardware backdoors in different cases.

    Key Philosophical Questions

This module emphasizes rights because, from a corporate or government perspective, it might be tempting to think that the needs of a business or state justify installing or ignoring hardware backdoors. Focusing on users’ rights helps bring out the weighty ethical issues at stake in cybersecurity.

  1. Why is cybersecurity ethically important?
  2. What rights are at stake in cases of hardware backdoors?
  3. What is a strong justification to disrespect a right?

Materials

    Key Philosophical Concepts

The ACM code of ethics says that computing professionals ought to “protect each individual’s right to autonomy.” The module uses this code as a jumping-off point to think about the rights that might be threatened by hardware backdoors.

  • Rights
  • Strong justifications for disrespecting rights
  • The right to autonomy

    Assigned Readings

Because students in this course had not been introduced to hardware backdoors before, this reading served to introduce the concept while also raising concerns about how difficult backdoors are to detect.

Implementation

Class Agenda

  1. Introduction to security ethics: backdoors in one’s house
  2. Rights and strong justifications to disrespect rights
  3. Cybersecurity ethics: hardware backdoors
  4. Discussion of the right to autonomy and how hardware backdoors can threaten it
  5. Is it ethical to create hardware backdoors? Discussion of cases.
  6. How should we respond to the possibility of hardware backdoors? Discussion of case.

    Sample Class Activity

Rather than presenting an easily applicable definition of a strong justification for respecting rights, this module gave students the opportunity to reason through cases where rights were at stake and develop moral judgment about whether the potential justifications for disrespecting those rights were strong. They were asked to present reasons why they chose the course of action they did, practicing justifying their decision. The cases included business and government contexts in which students might find themselves. The example case is one in which students were encouraged to conclude that the proposed justification is not strong enough to violate rights.

Students were presented with several different cases in which they imagined themselves either a) considering whether to create a hardware backdoor or b) considering whether or not to test for hardware backdoors. They were asked to discuss in small groups how that choice might impact users’ rights to autonomy, whether there was a strong justification for making that choice, and what they thought they ought to do and why.

Case example:

You are an engineer at a small company that does not have many resources for testing and customer support. You are considering installing a hardware backdoor to bypass user authentication because that will allow you to more quickly test updates to your product and resolve customer issues remotely.

    Module Assignment

Student responses demonstrated a solid grasp of the rights that might be at stake in cases of hardware backdoors. Because the module emphasized how difficult hardware backdoors are to test for, students tended to conclude that ceasing to manufacture hardware in potentially untrusted environments was the most ethical decision. Because this decision to exit the global supply chain is not a feasible option for most companies, future versions of this module could emphasize internal options that are more feasible (e.g. informing customers of risks; testing random samples; choosing more trusted overseas facilities).

The assignment was a short essay response question on the final exam that was another version of the activity. Students were given the following case and questions.

You are the CEO of a large company that provides motherboards to tech companies. In order to produce the motherboards more cost-efficiently, you are considering using hardware that is manufactured in several different facilities overseas. Testing hardware for backdoors is expensive and time-consuming and may not catch everything.

  • What are the potential consequences of this choice?
  • What rights are at stake?
  • What do you think you should do, and why?

Lessons Learned

  • Students were engaged with module content and were able to bring out the situational dimensions of corporate or government decision-making. In discussion of cases, it was helpful to emphasize the different options that agents have: one reason why it’s difficult to find a strong justification for creating hardware backdoors is that they’re often not the only means to one’s end.
  • One issue that came up in discussion was the idea of informed consent, and whether hardware backdoors would be acceptable if users were aware of their existence and the risks. Future modules could focus more on consent as a way of understanding how these backdoors relate to rights.
  • The question of what burdens computer scientists ought to shoulder to test for hardware backdoors given the ethical issues they face was interesting to the class Students could be better positioned to tackle this question by considering the ethics of risk.
  • Since students are more likely to be in the position of encountering already-instantiated backdoors than the position of choosing to create one, focusing more on this question could be productive.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 4.0 International License.

Embedded EthiCS is a trademark of President and Fellows of Harvard College | Contact us