The National Science Foundation (NSF) has declared a $25.4m investment to improve innovative projects in cybersecurity.
Cybersecurity is critical to safeguarding infrastructure, keeping supply chains moving, and ensuring privacy in cloud computing and healthcare. Adapting to ever-changing cybersecurity threats requires cutting-edge research and transformative solutions.
To combat this, the U.S. NSF has announced an investment of $25.4m to advance ambitious research and centre-scale projects in cybersecurity and privacy.
“The Secure and Trustworthy Cyberspace programme is one of NSF’s largest research programmes, recognising the criticality of cybersecurity and privacy to the nation’s economy and to citizens,” said NSF Director, Sethuraman Panchanathan. “These investments support cybersecurity research across the country that can be translated into solutions that improve our quality of life.”
The NSF grantees will work to strengthen open-source supply chain security, increase computing privacy for marginalised populations, and ensure trustworthy cloud computing. In addition to the scientific research, these efforts will support the NSF Directorate for Computer and Information Science and Engineering’s Broadening Participation in Computing initiative that seeks to bring more people from underrepresented groups into the computing research community.
“Now celebrating its tenth year, Secure and Trustworthy Cyberspace continues to support a wide range of research topics, with approximately 200 research awards this year and over 3800 total lifetime awards,” explained Jeremy Epstein, Lead Program Officer for the Secure and Trustworthy Cyberspace programme. “These projects demonstrate the breadth of topics of importance in cybersecurity and privacy and the commitment of NSF to advance research on topics of national importance.”
The cybersecurity projects include:
Enabling a secure and trustworthy software supply chain
Led by North Carolina State University, this collaborative research will focus on open-source supply chain security. All modern software includes open-source software, and there is a high risk of malicious, criminal manipulation. Researchers on this project will work with industry and government agencies to develop scientific principles, create tools and processes, and develop metrics for supply chain security to reduce risks with software used by consumers, government, industry and academia.
The project will aid the software industry by creating a diverse workforce of technical leaders and practitioners educated and trained in secure software supply chain methods. Other members of the team include Carnegie Mellon University, the George Washington University and the University of Maryland College Park.
Securing the future of computing for marginalised and vulnerable populations
Led by the University of Florida, this project will address privacy and security xissues in marginalised and vulnerable populations. These populations have unique security and privacy needs, concerns and capabilities that are underserved, leaving them at risk of harm. Researchers will develop solutions that support these populations. This project will bring together computer and social scientists from the University of Florida, University of Washington and Indiana University.
Centre for distributed confidential computing
Led by Indiana University, this project will use the “trusted execution environment” hardware capability in modern chips to run a secure computation in a way that cannot be compromised by malicious software across distributed computing systems such as cloud computing environments.
Researchers will work to provide solutions for data in use such as training machine learning models on private data, across cloud and edge systems. Indiana University will be joined by Purdue University, Penn State, Carnegie Mellon University, the Ohio State University, Spelman College, Duke University and Yale University will participate.