Outline. Who conducts research related to CIIP in the U.S.? Universities. What is Critical Information Infrastructure? Who sponsors this research?

Transcription

1 Critical Information Infrastructure Research in the U.S. An informal status report The 2nd US-Japan Experts Workshop on Critical Information Infrastructure Protection (CIIP) Tokyo, Japan Outline Definitions, participants, coordination Dept of Homeland Security overview National Science Foundation overview Carl Landwehr Cyber Trust Coordinator National Science Foundation June 26, 2005 What is Critical Information Infrastructure? Critical: damage/outage would have severe impact Personal injury Economic loss Critical to whom? Information infrastructure: Computer and communication networks per se Control of national infrastructures for electric power, oil and gas, water, etc. Other networks, e.g. medical records, banking, voting Who conducts research related to CIIP in the U.S.? Universities Computer Sci. depts,, Elect. and Comp. Eng. depts,, etc. Non-profit research organizations Federally funded: MITRE, Aerospace, RAND, SEI, etc. Other: SRI, Applied Research Lab, JHU/APL, Industry Vendors: Telecomm, software, control (AT&T, Honeywell, Rockwell-Collins, Microsoft, HP, ) Integrators: Raytheon, Lockheed Martin, etc. Government Military/govt. labs: NRL, AFRL, NIST, NSA National Labs (DoE( DoE,, primarily): Sandia,, PNNL, LANL, LLNL, ANL, Who sponsors this research? Industry To suit their corporate needs Amounts and topics often not public Government In-house research Sponsored research NSF: National Science Foundation DHS: Dept of Homeland Security DOE: Dept of Energy DARPA: Defense Advanced Research Projects Agency ARDA: Advanced Research and Development Agency Dept of Justice, Treasury, Who coordinates the government-funded research? National Science and Technology Council (NSTC) Environment and Natural Resources Cabinet level office Science NSTC Dir. OSTP (Dr. Marburger) Technology Net & IT R&D Nanoscale S&T Aerospace Homeland Security Infrastructure Subcommittee CIIP Interagency Working Group PITAC Physical Structures and Systems Interagency Working Group

2 How are these research funds budgeted/reported? Networking and Information Technology Research and Development (NITRD) Program Co-Chairs: Chairs: Dr. Peter Freeman, NSF AD for CISE and Dr. Simon Szykman,, NCO Director FY06 requested budget (multi-agency) $2.2B Recent events: Feb., 2005, President s s Information Technology Advisory Committee PITAC issues report on Cybersecurity, emphasizing need for additional research funds and other recommendations May 2005: NSTC Dir. Dr. Marburger,, Testimony to House Science Committee NSTC Dir. Marburger Testimony May to House Science Committee Two important priorities for NITRD are information security and assurance and the management of enormous data flows. assuring the security, safety, and highly dependable performance of systems, networks, and software in critical applications and infrastructures is one of the most significant and difficult challenges in information technology R&D. CIIP [has] begun the process of defining our top cyber security R&D needs and mapping those against current activities. This is crucial if we are to better address the critically important issue of defining priorities. NSF to establish in FY 2005 a new Science and Technology Center devoted to cyber security R&D. Led by the University of California, Berkeley, the multi-institutional institutional collaborative effort will investigate key issues of computer trustworthiness in an era of increasing attacks at all levels on computer systems and information-based technologies. CIIP Interagency Working Group Includes over 20 organizations from over a dozen departments/agencies. Meets monthly, developing National Cyber Security R&D Plan, which includes: Discussion of threats and vulnerabilities Identification of broad cyber security research areas and topics within these categories Definition of area, description of current state-of of- the-art, and technical challenges Identification of interagency priorities Analysis of current R&D investments Recommendations regarding future investments and R&D investment policy guidance for decision-makers Note: initial (FY05) National CIP R&D Plan released jointly by DHS and OSTP in April (from Infrastructure subcommittee) Who coordinates the government-funded research? Infosec Research Council Charter Informally chartered, government sponsored, voluntary Goal Facilitate collaboration of the participating organizations Promote intelligent information security research investments. Provide a bimonthly forum to: Discuss critical information security issues, Convey member s research needs Describe current research initiatives and proposed courses of action for future research investments. Active topic Hard Problem List update Department of Homeland Security Overview DHS Cyber Security R&D Portfolio: Budget FY 2005 cyber security R&D budget: $18M Overall DHS S&T budget for 2005: $1.1B FY 2006 budget: $16.7M (President s s budget request) DHS S&T portfolio budgets developed through a formal strategic planning process DHS: Important R&D Areas Securing the Infrastructure Secure domain name system Secure routing protocols Cyber Security Functional Requirements Attack protection and prevention Secure process control systems (retrofit and future infrastructure) Attack detection, response, and recovery Situational awareness, indications & warning Secure software engineering & development Software assurance, code testing & analysis Lightweight, low-latency authentication Forensics, traceback, attribution Hardware/firmware security Domain-Specific Security Needs Wireless Internet protocol priority service Distributed & embedded Secure operating systems Other Needs Privacy computing platforms Foundations Red teaming for Cyber Security Enabling Metrics and testing Technologies for R&D Economic assessment Testbeds Long term goal of risk-based Modeling and simulation decision making Network mapping Security technology and policy management

3 DHS: Initial Research Priorities Securing infrastructural protocols: Securing the Domain Name System and Internet routing protocols. Cyber security testbeds: Large scale testbed network and software testing framework (DETER) Large-scale data sets for security testing (PREDICT): Supports development of cyber security metrics. Economic assessment activities: Along with metrics, will provide a foundation for risk- based cyber security decision making. Next-generation cyber security technologies. Execution of top priorities from IAIP Directorate. NSF Overview NSF Organization Directorate for Biological Sciences Directorate for Computer and Information Science and Engineering Directorate for Education & Human Resources Directorate for Engineering Office of Integrative Activities National Science Board Office of the Director Directorate for Mathematical & Physical Sciences Directorate for Social, Behavioral, & Economic Sciences Directorate for Geosciences Office of Polar Programs What NSF/CISE has been doing For many years: Investments in high ranking proposals addressing trust and security in computing FY 02: Trusted Computing program initiated FY 03: Increasing focus in specific research programs Trusted Computing Security-related related Network Research Data and Application Security Embedded and Hybrid Control Systems Security FY 04: Integrated CISE-wide emphasis on Cyber Trust Two Center-Scale Activities awarded: CIED and STIM Summary of FY04 awards available at: FY 05: Continuing Cyber Trust emphasis; awards due 8/2005 NSF/EHR activities Scholarship for Service (SFS) program Targeting education and capacity building Tuition reimbursement and job placement Curriculum development More than 70 active awards, $58M total; new awards for FY05 expected soon Advanced Technical Education program Targets 2-year 2 colleges; about 10 active awards, about $5M total NSF Science and Technology Center - TRUST Team for Research in Ubiquitous Secure Technology Recent 5-year, 5 roughly $18M award to U California Berkeley leading several other major research institutions: Cornell, Stanford, CMU, Vanderbilt And outreach partners: San Jose State, Smith College, Fisk University, Spelman College, California Community Colleges, Oakland City High Schools, Pittsburgh area schools. Industrial Partners: IBM, HP, Intel, Microsoft, Symantec, Cisco, ESCHER (Boeing, Lockheed Martin, Ford, GM, Raytheon), Qualcomm, Bellsouth, Tennessee Valley Authority Goal: develop new science and technology that will radically transform the ability of organizations (software vendors, operators, local and federal agencies) to design, build, and operate trustworthy information systems for our critical infrastructure. Cyber Trust Vision Society in which People can justifiably rely on computer-based systems to perform critical functions securely People can justifiably rely on systems to process and communicate sensitive information securely People can rely on a well-trained and diverse workforce to develop, configure, and operate essential computer-based systems Without fear of sudden disruption by cyber attacks

4 Critical Infrastructure, Cyber Security, and Cyber Trust Homeland Security NSF NSF Cyber Cyber Trust Trust Critical Infrastructure (CI) Systems with Cyber Security concerns Cyber aspects Important Non-CI of of CI CI Systems Cyber Systems Location of Cyber Trust research institutions (about 180 existing awards) US 5 Digit Zipcode Centers by COUNT attack - relative by solicitation area $M Forensics Recover from attacks Survive attacks Detect/understand att. Prevent attacks Build it right Know what to build FY04 Cyber Trust and related award Funding by Solicitation Area Multi / Inter disciplinary Applications Networks Foundations Systems CT-Fnd CT-Sys CT-Net CT-App CT-MI by discipline Cyber Trust Program FY05 Summary $M OS/FS/ Storage Sec Network security App, DB, Web sec Crypto theory and app Trust, Priv, Sec M&S Sec sys architecture Sec. sys development Discipline Sec test. & eval. Forensics FY05 submissions to Cyber Trust: # proposals # projects #awards Individual / small group ? Team ? Center-scale 16 11? Total funding available about $35M Less than 10% will make it through to award stage Results public by August 2005

5 How to apply for support for CISE US Japan collaboration support Thank you. 1. Have an existing NSF grant 2. Locate a Japanese collaborator 3. File a supplemental request under your existing grant 4. Wait for FY06 Carl Landwehr National Science Foundation Program Director, Cyber Trust CISE/CNS CLandweh@nsf.gov