National Science Foundation: Cybersecurity Innovation for CyberinfrastructureDeadline: June 4, 2018
The objective of the Cybersecurity Innovation for Cyberinfrastructure (CICI) program is to develop, deploy, and integrate security solutions that benefit the scientific community by ensuring the integrity, resilience, and reliability of the end-to-end scientific workflow. CICI seeks three categories of projects:
1. Secure Scientific Cyberinfrastructure: These awards seek to secure the scientific workflow by encouraging novel and trustworthy architectural and design approaches, models and frameworks for the creation of a holistic, integrated security environment that spans the entire scientific CI ecosystem. Areas of interest include, but are not limited to:
- New approaches that demonstrate substantive improvements to secure and protect operational scientific cyberinfrastructure.
- New deployment of key secure networking infrastructure services in R&E environments such as secure routing (Border Gateway Protocol Security/Resource Public Key Infrastructure) and Domain Name System Security (DNSSEC).
- Re-design of the campus or facility border security and current approaches such as the “Science DMZ” (see http://fasterdata.es.net/fasterdata/science-dmz/ for more information); Science DMZ’s are rapidly scaling to accommodate increasing amounts of scientific data transfers and becoming more complex as Science DMZs are now stretching between sites and traversing multiple organizations; designs to improve the authentication and usability for the Science DMZ and the data transfer systems within it are encouraged.
- Techniques and tools that provide improved granularity in the correlation and analysis of behavioral anomalies across scientific cyberinfrastructure as well as improved detection of actionable security events. Security management systems and infrastructure monitoring tools, both proprietary and open source, provide a large and potentially overwhelming amount of information through which to sort. Tools that mine the data, detect, and identify the tools and techniques of an attack and lead to a greater understanding of what constitutes both normal and anomalous behavior are encouraged.
2. Research Data Protection: These awards provide solutions that both ensure the provenance of research data and reduce the complexity of protecting research data sets regardless of funding source. Activities in this area may include, but are not limited to:
- Technical proof-of-concept implementations demonstrating assurance that unauthorized parties are prevented from modifying data at any point in the scientific workflow in order to ensure integrity and/or provenance for scientific data.
- Frameworks that align the security policies of institutions, facilities, and scientific collaborations with the grant-required controls and requirements, and that combine both into implementable cyberinfrastructure tools. Tools should be developed for use across multiple institutions and collaborations while taking into account combinations of data on site locally, in the cloud, and accessed across a network and virtualized resources.
- Methods of providing outreach and assistance to the scientific communities on topics in this area.
3. Collaborative Security Response Center: This single award targets the development of a community resource to provide security monitoring, analysis, expertise, and resources Research & Education (R&E) cyberinfrastructure staff, regardless of physical location or organization.
Amount: A total of $10,000,000-$12,000,000 is available to award 6-12 grants. Award ranges depend on the category, as follows:
- Secure Scientific Cyberinfrastructure and Research Data Protection: Awards range up to $1,000,000 total for up to three years
- Collaborative Security Response Center: One award of up to $5,000,000 for up to three years
Eligibility: 1) Institutions of Higher Education (IHEs), including two- and four-year IHEs (including community colleges) accredited in, and having a campus located in the US, acting on behalf of their faculty members; and 2) nonprofit, non-academic organizations including independent museums, observatories, research labs, professional societies and similar organizations in the U.S. associated with educational or research activities.