Outline. Who conducts research related to CIIP in the U.S.? Universities. What is Critical Information Infrastructure? Who sponsors this research?



Similar documents
NSF Cyber Trust Report

NSF Activities in Cyber Trust

US Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST)

Cyber Security Research and Development: A Homeland Security Perspective

US Federal Cyber Security Research Program. NITRD Program

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC)

Government Perspectives on the Future of Advanced Networking Technologies

Industry involvement in education and research - TCIPG

UNM Information Assurance Scholarship for Service (SFS) Program

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

Cyber Security Research and Development a Homeland Security Perspective

In December 2011, the White House Office of Science. Introducing the federal cybersecurity R&D strategic plan. Leaping ahead on cybersecurity

Science or Security. George O. Strawn NSF & NITRD (retired)

Actions and Recommendations (A/R) Summary

Benefits of Collaborative Science and Innovation - Improve Cyber Security

TRUST:Team for Research in Ubiquitous Secure Technologies

TRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY )

Cyber Security at NSU

Cybersecurity at the Nexus of a Hyper- Connected World

DHS S&T Cyber Security R&D Program

About the National Science and Technology Council

RISK AND RESILIENCE $58,000,000 +$38,000,000 / 190.0%

Toward a Federal Cybersecurity Research Agenda: Three Game-changing Themes

DOE Cyber Security Policy Perspectives

Refining Security: A Case Study of Public/Private Collaboration to Further PCS Security in the Energy Sector

Control Systems Security: Australian Government Activities. Dr. Jason Smith Asst. Director, Operations CERT Australia Attorney-General s Department

White House Response to the National Academy s Report on Strengthening Forensic Science in the United States

I3P SCADA Security Research Plan

DHS S&T Cyber Security Division (CSD) Overview

MS in Computer Science with specialization in Computer Security. Prof. Clifford Neuman

Testimony of. Before the. May 25, 2011

CYBERINFRASTRUCTURE FRAMEWORK FOR 21 ST CENTURY SCIENCE, ENGINEERING, AND EDUCATION (CIF21)

Time: 9:50-12:00 pm on Oct. 9, 2013 Location: TBA. Bios of Panelists

Preventing and Defending Against Cyber Attacks October 2011

PREPARED TESTIMONY OF THE NATIONAL CYBER SECURITY ALLIANCE MICHAEL KAISER, EXECUTIVE DIRECTOR ON THE STATE OF CYBERSECURITY AND SMALL BUSINESS

Preventing and Defending Against Cyber Attacks June 2011

CYBERINFRASTRUCTURE FRAMEWORK $143,060,000 FOR 21 ST CENTURY SCIENCE, ENGINEERING, +$14,100,000 / 10.9% AND EDUCATION (CIF21)

Mary Ellen Seale National Protection and Programs Directorate May 16, 2012

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

The Cyber Security Crisis

Symposium on the Interagency Strategic Plan for Big Data: Focus on R&D

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) $124,250,000 +$1,500,000 / 1.2%

National Communications System. December 6, 2007

CS/ITP Concurrent Degree (CSEN-BS/ITP-MS)

NASCIO 2014 State IT Recognition Awards

DHS, National Cyber Security Division Overview

The Federal Networking and Information Technology Research and Development Program: Background, Funding, and Activities

CYBERINFRASTRUCTURE FRAMEWORK FOR 21 ST CENTURY SCIENCE, ENGINEERING, AND EDUCATION (CIF21) $100,070,000 -$32,350,000 / %

MEETING THE NATION S INFORMATION SECURITY CHALLENGES

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Cybersecurity Definitions and Academic Landscape

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

Cyber Security Education: My Personal Thoughts. Bharat Doshi

Testimony of Eunice Santos. House Oversight and Government Affairs Committee Subcommittee on Information Technology

National Initiative for Cybersecurity Education Strategic Plan. Building a Digital Nation

NIST Cybersecurity Initiatives. ARC World Industry Forum 2014

Department of Homeland Security Federal Government Offerings, Products, and Services

TESTIMONY OF DR. GREGORY D. HAGER JOHNS HOPKINS UNIVERSITY

Frost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends

IEEE-Northwest Energy Systems Symposium (NWESS)

ITU National Cybersecurity/CIIP Self-Assessment Toolkit. Background Information for National Pilot Tests

DHSR&D and Its Importance to the Military

Facilitated Self-Evaluation v1.0

Cyber Security for Advanced Manufacturing Next Steps

Discover Viterbi: Cyber Security Engineering & Informatics Programs

New Era in Cyber Security. Technology Development

Next Generation Internet (NGI) Initiative. George Strawn (NSF) Co-chair Large Scale Networking WG CIC R&D Subcommittee

Cybersecurity for Energy Delivery Systems 2010 Peer Review. William H. Sanders University of Illinois TCIPG Center Overview

How To Protect Your Data From Being Hacked

cyberr by e-management The Leader in Cybersecurity Risk Intelligence (RI) Cybersecurity Risk: What You Don t Know CAN Hurt You!

Research and Development Trends in Critical Infrastructure Protection in the U.S.

Cyber Legislation & Policy Developments 2014

University of Maryland Cybersecurity Center (MC 2 )

TUSKEGEE CYBER SECURITY PATH FORWARD

Testimony of. Cita M. Furlani Director

One Hundred Thirteenth Congress of the United States of America

Security Research at the Center for Advanced Technology in Telecommunications

Cyber Security Research and Education Institute (CSI) The University of Texas at Dallas

Big Data R&D Initiative

CYBERINFRASTRUCTURE FRAMEWORK FOR 21 st CENTURY SCIENCE AND ENGINEERING (CIF21)

The Case for Support: The Center for Cyber Security Studies at the U. S. Naval Academy

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

ARC INDUSTRY FORUM 2015

Toward Curricular Guidance in the Cyber Sciences

A New Standards Project on Avoiding Programming Language Vulnerabilities

Moraine Valley Community College. Strategic Technology Priorities and Goals

NIST CYBERSECURITY FRAMEWORK IMPLEMENTATION: ENERGY SECTOR APPROACH

How To Write A Book On Risk Management

Agenda Item 2. USM Cyber Security Landscape and Contributions to the State

A Rhode Island Academic Collaboration. Cybersecurity Technology and Policy (CCTP)

The Comprehensive National Cybersecurity Initiative

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC)

National Science Foundation Models for Funding Undergraduate Research

Cybersecurity Guidance for Industrial Automation in Oil and Gas Applications

Teaching Information Security to Engineering Managers

National Railroad Passenger Corp. (AMTRAK) Session 1 Threats and Constraints. Continuous. - Continuous Monitoring. - Continuous Assessment

Cloud Cyber Incident Sharing Center (CISC) Jim Reavis CEO, Cloud Security Alliance

Cybersecurity Workforce Training Partnership

Grand Challenges, Federal Priorities and Funding an NSF/CISE view

Transcription:

Critical Information Infrastructure Research in the U.S. An informal status report The 2nd US-Japan Experts Workshop on Critical Information Infrastructure Protection (CIIP) Tokyo, Japan Outline Definitions, participants, coordination Dept of Homeland Security overview National Science Foundation overview Carl Landwehr (clandweh@nsf.gov) Cyber Trust Coordinator National Science Foundation June 26, 2005 What is Critical Information Infrastructure? Critical: damage/outage would have severe impact Personal injury Economic loss Critical to whom? Information infrastructure: Computer and communication networks per se Control of national infrastructures for electric power, oil and gas, water, etc. Other networks, e.g. medical records, banking, voting Who conducts research related to CIIP in the U.S.? Universities Computer Sci. depts,, Elect. and Comp. Eng. depts,, etc. Non-profit research organizations Federally funded: MITRE, Aerospace, RAND, SEI, etc. Other: SRI, Applied Research Lab, JHU/APL, Industry Vendors: Telecomm, software, control (AT&T, Honeywell, Rockwell-Collins, Microsoft, HP, ) Integrators: Raytheon, Lockheed Martin, etc. Government Military/govt. labs: NRL, AFRL, NIST, NSA National Labs (DoE( DoE,, primarily): Sandia,, PNNL, LANL, LLNL, ANL, Who sponsors this research? Industry To suit their corporate needs Amounts and topics often not public Government In-house research Sponsored research NSF: National Science Foundation DHS: Dept of Homeland Security DOE: Dept of Energy DARPA: Defense Advanced Research Projects Agency ARDA: Advanced Research and Development Agency Dept of Justice, Treasury, Who coordinates the government-funded research? National Science and Technology Council (NSTC) Environment and Natural Resources Cabinet level office Science NSTC Dir. OSTP (Dr. Marburger) Technology Net & IT R&D Nanoscale S&T Aerospace Homeland Security Infrastructure Subcommittee CIIP Interagency Working Group PITAC Physical Structures and Systems Interagency Working Group

How are these research funds budgeted/reported? Networking and Information Technology Research and Development (NITRD) Program Co-Chairs: Chairs: Dr. Peter Freeman, NSF AD for CISE and Dr. Simon Szykman,, NCO Director FY06 requested budget (multi-agency) $2.2B Recent events: Feb., 2005, President s s Information Technology Advisory Committee PITAC issues report on Cybersecurity, emphasizing need for additional research funds and other recommendations May 2005: NSTC Dir. Dr. Marburger,, Testimony to House Science Committee NSTC Dir. Marburger Testimony May 12 2005 to House Science Committee Two important priorities for NITRD are information security and assurance and the management of enormous data flows. assuring the security, safety, and highly dependable performance of systems, networks, and software in critical applications and infrastructures is one of the most significant and difficult challenges in information technology R&D. CIIP [has] begun the process of defining our top cyber security R&D needs and mapping those against current activities. This is crucial if we are to better address the critically important issue of defining priorities. NSF to establish in FY 2005 a new Science and Technology Center devoted to cyber security R&D. Led by the University of California, Berkeley, the multi-institutional institutional collaborative effort will investigate key issues of computer trustworthiness in an era of increasing attacks at all levels on computer systems and information-based technologies. CIIP Interagency Working Group Includes over 20 organizations from over a dozen departments/agencies. Meets monthly, developing National Cyber Security R&D Plan, which includes: Discussion of threats and vulnerabilities Identification of broad cyber security research areas and topics within these categories Definition of area, description of current state-of of- the-art, and technical challenges Identification of interagency priorities Analysis of current R&D investments Recommendations regarding future investments and R&D investment policy guidance for decision-makers Note: initial (FY05) National CIP R&D Plan released jointly by DHS and OSTP in April (from Infrastructure subcommittee) Who coordinates the government-funded research? Infosec Research Council Charter Informally chartered, government sponsored, voluntary Goal Facilitate collaboration of the participating organizations Promote intelligent information security research investments. Provide a bimonthly forum to: Discuss critical information security issues, Convey member s research needs Describe current research initiatives and proposed courses of action for future research investments. Active topic Hard Problem List update Department of Homeland Security Overview DHS Cyber Security R&D Portfolio: Budget FY 2005 cyber security R&D budget: $18M Overall DHS S&T budget for 2005: $1.1B FY 2006 budget: $16.7M (President s s budget request) DHS S&T portfolio budgets developed through a formal strategic planning process DHS: Important R&D Areas Securing the Infrastructure Secure domain name system Secure routing protocols Cyber Security Functional Requirements Attack protection and prevention Secure process control systems (retrofit and future infrastructure) Attack detection, response, and recovery Situational awareness, indications & warning Secure software engineering & development Software assurance, code testing & analysis Lightweight, low-latency authentication Forensics, traceback, attribution Hardware/firmware security Domain-Specific Security Needs Wireless Internet protocol priority service Distributed & embedded Secure operating systems Other Needs Privacy computing platforms Foundations Red teaming for Cyber Security Enabling Metrics and testing Technologies for R&D Economic assessment Testbeds Long term goal of risk-based Modeling and simulation decision making Network mapping Security technology and policy management

DHS: Initial Research Priorities Securing infrastructural protocols: Securing the Domain Name System and Internet routing protocols. Cyber security testbeds: Large scale testbed network and software testing framework (DETER) Large-scale data sets for security testing (PREDICT): Supports development of cyber security metrics. Economic assessment activities: Along with metrics, will provide a foundation for risk- based cyber security decision making. Next-generation cyber security technologies. Execution of top priorities from IAIP Directorate. NSF Overview NSF Organization Directorate for Biological Sciences Directorate for Computer and Information Science and Engineering Directorate for Education & Human Resources Directorate for Engineering Office of Integrative Activities National Science Board Office of the Director Directorate for Mathematical & Physical Sciences Directorate for Social, Behavioral, & Economic Sciences Directorate for Geosciences Office of Polar Programs What NSF/CISE has been doing For many years: Investments in high ranking proposals addressing trust and security in computing FY 02: Trusted Computing program initiated FY 03: Increasing focus in specific research programs Trusted Computing Security-related related Network Research Data and Application Security Embedded and Hybrid Control Systems Security FY 04: Integrated CISE-wide emphasis on Cyber Trust Two Center-Scale Activities awarded: CIED and STIM Summary of FY04 awards available at: http://tinyurl.com/84qjf FY 05: Continuing Cyber Trust emphasis; awards due 8/2005 NSF/EHR activities Scholarship for Service (SFS) program Targeting education and capacity building Tuition reimbursement and job placement Curriculum development More than 70 active awards, $58M total; new awards for FY05 expected soon Advanced Technical Education program Targets 2-year 2 colleges; about 10 active awards, about $5M total NSF Science and Technology Center - TRUST Team for Research in Ubiquitous Secure Technology Recent 5-year, 5 roughly $18M award to U California Berkeley leading several other major research institutions: Cornell, Stanford, CMU, Vanderbilt And outreach partners: San Jose State, Smith College, Fisk University, Spelman College, California Community Colleges, Oakland City High Schools, Pittsburgh area schools. Industrial Partners: IBM, HP, Intel, Microsoft, Symantec, Cisco, ESCHER (Boeing, Lockheed Martin, Ford, GM, Raytheon), Qualcomm, Bellsouth, Tennessee Valley Authority Goal: develop new science and technology that will radically transform the ability of organizations (software vendors, operators, local and federal agencies) to design, build, and operate trustworthy information systems for our critical infrastructure. Cyber Trust Vision Society in which People can justifiably rely on computer-based systems to perform critical functions securely People can justifiably rely on systems to process and communicate sensitive information securely People can rely on a well-trained and diverse workforce to develop, configure, and operate essential computer-based systems Without fear of sudden disruption by cyber attacks

Critical Infrastructure, Cyber Security, and Cyber Trust Homeland Security NSF NSF Cyber Cyber Trust Trust Critical Infrastructure (CI) Systems with Cyber Security concerns Cyber aspects Important Non-CI of of CI CI Systems Cyber Systems Location of Cyber Trust research institutions (about 180 existing awards) US 5 Digit Zipcode Centers by COUNT 11 5.5 1.1 attack - relative by solicitation area $M 12 10 8 6 4 2 0 Forensics Recover from attacks Survive attacks Detect/understand att. Prevent attacks Build it right Know what to build FY04 Cyber Trust and related award Funding by Solicitation Area Multi / Inter disciplinary Applications Networks Foundations Systems CT-Fnd CT-Sys CT-Net CT-App CT-MI by discipline Cyber Trust Program FY05 Summary $M 12 10 8 6 4 2 0 OS/FS/ Storage Sec Network security App, DB, Web sec Crypto theory and app Trust, Priv, Sec M&S Sec sys architecture Sec. sys development Discipline Sec test. & eval. Forensics FY05 submissions to Cyber Trust: # proposals # projects #awards Individual / small group 332 290? Team 141 94? Center-scale 16 11? Total funding available about $35M Less than 10% will make it through to award stage Results public by August 2005

How to apply for support for CISE US Japan collaboration support Thank you. 1. Have an existing NSF grant 2. Locate a Japanese collaborator 3. File a supplemental request under your existing grant 4. Wait for FY06 Carl Landwehr National Science Foundation Program Director, Cyber Trust CISE/CNS E-mail: CLandweh@nsf.gov 703-292 292-8950

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information