March 06, 2006

First Monday in February, thereafter

In furtherance of the President's Management Agenda, in Fiscal Year 2006, NSF has identified programs that will offer proposers the option to utilize Grants.gov to prepare and submit proposals, or will require that proposers utilize Grants.gov to prepare and submit proposals. Grants.gov provides a single Government-wide portal for finding and applying for Federal grants online. A complete listing of these programs is available on the Policy Office website at: https://www.nsf.gov/bfa/dias/policy.

In response to this program solicitation, proposers may opt to submit proposals via Grants.gov or via the NSF FastLane system. In determining which method to utilize in the electronic preparation and submission of the proposal, please note the following:

1. Collaborative Proposals. All collaborative proposals must be submitted via the NSF FastLane system. This includes collaborative proposals submitted:

• by one organization (and which include one or more subawards); or
• as separate submissions from multiple organizations.

Proposers are advised that collaborative proposals submitted in response to this Program Solicitation via Grants.gov will be requested to be withdrawn and proposers will need to resubmit these proposals via FastLane. (Chapter II, Section D.3 of the Grant Proposal Guide provides additional information on collaborative proposals.)

2. All Other Types of Proposals That Contain Subawards. All other types of proposals that contain one or more subawards also must be submitted via the NSF FastLane system.

The following items are major revisions to the previous program solicitation:

1. The Center-scale category has been eliminated for the Fiscal Year 2006 solicitation. If the Center-scale category is added in Fiscal Year 2007, this solicitation will be revised.
2. Projects will be supported in three categories: (1) Exploratory Research projects, (2) Single Investigator or Small Group projects, and (3) Team projects.
3. Education-only proposals are not solicited. All proposals must have research and educational outreach components.

Cyber Trust (CT)

Computers reside at the heart of systems on which people now rely, both in critical national infrastructures and in their homes, cars, and offices. Today, many of these systems are far too vulnerable to cyber attacks that can inhibit their operation, corrupt valuable data, or expose private information. Future systems will include “sensors and computers everywhere”, exacerbating the attainment of security and privacy. Current security practices largely address current and known threats, but there is a need for research to take account of future threats.

Cyber Trust promotes a vision of a society in which networked computer systems are:

• more predictable, more accountable, and less vulnerable to attack and abuse;
• developed, configured, operated and evaluated by a well-trained and diverse workforce; and
• used by a public educated in their secure and ethical operation.

To improve national cyber security and to achieve the Cyber Trust vision, NSF will support a collection of projects that together:

• advance the relevant knowledge base;
• creatively integrate research and education for the benefit of technical specialists and the general populace; and
• effectively integrate the study of technology with the policy, economic, institutional and usability factors that often determine its deployment and use.

Proposals funded will cover a broad range of disciplines contributing to the Cyber Trust vision. Projects will be supported in three categories: Exploratory Research projects, Single Investigator or Small Group projects, and Team projects. The resulting Cyber Trust award portfolio will: advance the cyber security research frontier; build national education and workforce capacity (including undergraduate, graduate, and faculty development and training); and ensure that new knowledge can be put into practice.

All awards made are subject to the requirements of P.L. 107-305, the Cyber Security Research and Development Act.

Today’s computing systems comprise a broad range of processors, communication networks, and information repositories. They are increasingly ubiquitous, and consequently they are increasingly subject to attack, misuse, and abuse. Computing systems are vulnerable to these threats due to technical factors, to economic factors in that often security-enhancements can increase the ownership cost of systems and reduce performance, to policy decisions and to the inability of human administrators to manage complex systems. For example, it is exceedingly difficult to reason about the behavior of a complex digital system, particularly about its ability to withstand attacks. It is an art to design usable control interfaces for complex systems. Specifications and designs often neglect security and privacy concerns. It is hard to find security policies that are simple and flexible enough for users to tolerate, yet clear enough to guide system design and implementation. Power and bandwidth limitations constrain the security features in lightweight wireless devices. Cost and time-to-market considerations limit the use of high assurance implementation methods. Economics often dictates having bundled software distributions that include vulnerable functions many users may not need or be aware. The data and technology needed to understand the range and severity of security problems and to evaluate the effectiveness of alternative solutions are lacking or closely held. Finally, the consequences of insecure system designs are borne by individuals and organizations that use them rather than by those who produce them.

The Cyber Trust program supports research and education activities that will lead to trustworthy computing systems. The Cyber Trust vision is of a society in which:

• People can justifiably rely on computer-based systems to perform critical functions securely. These systems include not only critical national-scale infrastructures—such as the computer and communication networks, the electric power grid, gas lines, water systems, and air traffic control systems—but also more localized systems that perform safety-critical functions in aircraft, automobiles, and even home appliances. Future systems, leading to the anticipated world of ubiquitous and pervasive computing, will have computers and sensors everywhere, thus providing ever-increasing openings for attack. These systems must be dependable even in the face of cyber attacks.

• People can justifiably rely on systems to process, store, and communicate sensitive information securely. Increasing volumes of information flow on our financial networks, health networks, and even our library systems, not to mention our conventional communication systems and our networked systems of personal and corporate computers. Confidence that these systems conform to policy (and that the policy is understood) even in the face of cyber attacks will permit people to make informed and rational decisions about their reliance on these systems.

• People can justifiably rely on a well-trained and diverse workforce to develop, configure, modify, and operate essential computer-based systems. Educational organizations must not only be able to graduate qualified technical specialists who can design, develop, and operate critical systems and investigate attacks on them, but they must also be able to educate the general public in secure and ethical use of technology.

Trustworthiness is a system property, and many factors influence how systems are put together. Consequently, Cyber Trust covers both the full spectrum of information processing technologies and the social, legal, organizational, and economic factors surrounding the use of those technologies. To make progress towards the Cyber Trust vision requires:

• Advances in knowledge and technology. This need motivates basic research on ways to make computing systems more secure. Improved understanding of the human, organizational, legal, and economic contexts in which trusted systems are developed and operated. This need motivates multi-disciplinary research to identify overall effects of technical developments. Improved education of both those who will produce systems using new technology and those who will configure, operate, investigate, and use the systems produced. This need motivates activities to develop a diverse and robust workforce.
• Research in a wide range of areas, addressing trustworthiness at all levels of system design, implementation, and use. It is difficult enough to design and build digital systems that work properly in a benign environment. It is far harder to build systems that can withstand attack or abuse. To achieve the Cyber Trust vision, the science and technology of trustworthy systems must be developed, and it must be developed taking account of the social, economic, policy, and legal factors that determine whether and at what rate technology is deployed. Application domains span the scale from global networks and large-scale computing to the ever-smaller processing and network elements finding their way into cars, buildings, and infrastructure systems of all types. Better abstractions are needed for reasoning about system behavior and attributing responsibility for system actions. Better means are needed for benchmarking, measurement, and data collection to build the empirical underpinnings now missing in the security field.
• Innovative approaches in education, so that capable students participate in research and research results are quickly integrated into the educational process. System trustworthiness considerations must be included throughout the computer and information science and engineering curriculum, not just in courses for specialists. The concepts of proper system operation and ethical use of technology must have even broader reach, to touch students throughout the academic enterprise and beyond.

Research Areas

Research must be considered in aspects of the entire system life cycle: development of security and privacy policies; definition of requirements; construction, evaluation and verification of components and systems; operation, monitoring, maintenance, and recovery after failures or incidents; and forensics, sanitization, and disposal in the aftermath of an incident. Research that spans the technical areas affecting integrated information technologies is strongly encouraged. This includes projects to advance or apply combinations of technologies to solve particularly challenging problems, to understand engineering tradeoffs among competing or complementary technical approaches, and to explore synergies among technologies.

Multi-disciplinary research that includes behavioral and social science disciplines is also strongly encouraged. System engineering tradeoffs are rarely based solely on technical issues. Social, organizational, economic, regulatory, and legal factors often play a major role in determining which technologies are developed, which ones are applied, and how they are used. These choices can have a major influence on overall system trustworthiness. Many technologies that hold great potential for increasing system trustworthiness have seen little use in practice because, for example, they are seen as too time-consuming or as imposing too great a performance penalty in relation to any expected security advantage. Through multi-disciplinary Cyber Trust projects, NSF seeks to increase understanding both of the technical implications and the role of social, economic and other factors in developing trustworthy systems.

The following paragraphs elaborate some areas that require investigation to achieve the Cyber Trust vision. They should be considered representative, not exhaustive.

Security for Applications

The breadth of application of computers and communications continues to expand as computing and communication continues to become faster and cheaper. The needs and policies of applications—whether for computation, information processing, or real-time sensing and control—determine trustworthiness requirements. In some cases, lower system layers can achieve these requirements on behalf of the applications, but lower system layers cannot provide all the needed protection, because they lack knowledge of application semantics. At the same time, information systems and applications cannot stand alone: they need to be integrated securely with middleware, operating systems, networks and hardware. A better understanding is needed of how to make tradeoffs among these layers to achieve desired application security at acceptable cost and performance. Sample research areas include:

• authentication, access control, and privacy protection;
• technologies for policy discovery and specification, trust assessment, negotiation, and collaboration;
• security, trust and privacy in information flow management;
• audit and application forensics;
• security, trust and privacy in databases, data warehouses and other information sources;
• security, trust and privacy in high interest applications (e.g., healthcare, data mining, web services, digital libraries, e-government, e-commerce);
• comprehensible user interfaces and other mechanisms for trust, security and privacy management;
• autonomous adaptation of systems to changes in threats or in the application's environment;
• knowledge integration and management for applications; and
• artificial diversity to produce applications that can survive attacks without increasing the burden of managing the applications.

Security for Computer Systems

Computer systems are controlled by systems software that provides the basis on which applications are built, and governs system behavior, yet cost, power, weight, and response-time constraints—as well as the complexity of the task—often inhibit the development of controls that might prevent misuse or abuse. Security mechanisms in system software are needed that can protect both conventional computers and increasingly pervasive embedded systems at all scales, from lightweight protection for tiny embedded sensors to complex controls for systems that require end-to-end protection. Broadly applicable research results are always desired, but progress in this area may sometimes come through detailed work in a particular platform or system context. Sample research areas include:

• trustworthy operating system architectures, including re-visiting the paradigm of separation kernels and other operating structures that localize security-critical functionality to foster understanding and evaluation;
• secure hierarchical control and trustworthy transaction processing for infrastructure systems;
• long-lived data archiving mechanisms;
• access control for specialized operating systems such as those that support real-time and sensor management;
• combined software/hardware approaches to trustworthiness;
• middleware for trustworthy systems in support of, for example, transaction processing, wireless and sensor systems, fault-tolerant systems and real-time systems; and
• virtualization mechanisms to support separation of processes, with the emphasis on the evaluation of such mechanisms.

To avoid performance degradation attendant to security solutions, special-purpose hardware devices can be provided as enhancements to conventional processing units. Sample research areas are concerned with the following hardware enhancements

• Security co-processors to support critical security functions such as intrusion detection and the encryption of storage;
• Enhanced storage devices to support forensics and recoverability from attacks;
• Devices and related technologies that support the attainment of accountability of actions; and
• Devices to support guaranteed authentication.

Security for Networks

The increasing scale and diversity of the current Internet amplifies its vulnerability by expanding the number of possible failures and providing more points of access to attackers. Patching and retrofitting the networks today can work in the short term for some kinds of threats, but will not solve the growing security needs. NSF in its Networking Technology and Systems (NeTS) Future Internet Design (FIND) focus area (https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=12765&org=CNS) has initiated an initiative to design a "Future Internet" from core functionalities with the objectives of security and robustness, manageability, utility and social needs, new computing paradigms, integration of new network technologies, higher-level service architectures, and new theories of network architecture. Research is needed not only to improve the security of the current Internet; but also to help design the Future Internet with building-in security and robustness from the ground up. Sample research areas include:

• Creating secure networks from insecure components;
• Network support for end-node security;
• Development of security mechanisms that are robust to normal extensions to the technologies by users and operators (e.g. secure tunneling);
• Creating new secure approaches to network functions such as addressing, routing, forwarding, naming, etc.;
• Development of mechanisms that support security evaluation, by simulation, analytical reasoning (including formal methods), and emulation;
• Approaches for the realistic empirical evaluation of the security of networks too large to be faithfully represented on necessarily size-limited testbeds (e.g. DETER/EMIST);
• Designing mechanisms that enable socially aware trade-offs in security and privacy;
• Design principles for secure network services and protocols that will yield network structures much more secure than current structures;
• Network security architectures for both wired and wireless systems;
• Security for collaborative environments and grid computing;
• Analytical or empirical methods to evaluate the capability of security solutions to prevent or recover from attacks;
• Anonymity and accountability in networks;
• Network forensics;
• Artificial diversity to reduce the exposure of networks to scripted attacks.

New Security Foundations

The Cyber Trust program is also interested in research that establishes a sound scientific foundation and technological basis for computing and communications in a world that may include malicious actors. Results of fundamental research are expected to have broad application and not be limited to a particular platform or operating system. Sample research areas include:

• Methods for specifying, reasoning about, and developing trustworthy components and systems, including novel hardware/firmware designs; of particular interest are lightweight methods to verification (such as static analysis) of program code and configuration files;
• The synergistic combination of static and dynamic evaluation methods;
• The use of static and dynamic evaluation methods to identify security flaws in the stages of the life-cycle;
• Methods that effectively and efficiently address such problems as the identification of life-cycle vulnerabilities in a system;
• Composition methods;
• Automatic generation of security configurations;
• Methods to assure that information flow in complex systems complies with security and privacy policies;
• Maintaining trustworthiness as systems change and adapt;
• Quantifying trade-offs in trustworthy systems for example between security and performance;
• Measuring, modeling, analyzing, and validating system trust properties, for example the determination of the effort required by an attacker to defeat security features;
• New mechanisms that provide quantifiable guarantees of trust;
• Methods to assure the trustworthiness of security features themselves; and
• Methods to achieve trustworthiness in the presence of attacks more complex and lethal than those currently observed.

The attainment of security for complex systems will require attention to all components that are subject to attack or that support the management of attacks; it is not possible to attain security by focusing attention, for example, to just a single layer in a complex system organization. Sample research areas include:

• Aggregation of alerts across layers;
• Prediction of the path of an attack in progress;
• Determination of possible remediation actions against an attack;
• Efficient management of security mechanisms across a complex system; and
• Dynamic dispatching of security-enhancement actions.

To develop, maintain, and enhance the critical Cyber Trust educational infrastructure, all proposals must include an educational synergy component. The Cyber Trust Program seeks educational synergy components that will build the national capacity to educate the Cyber Trust experts needed to design, develop, manage, and operate secure systems of the future. All proposals must specifically describe their education synergy contributions, including the planned benefits and impact of the activities.

Educational synergy components may take many forms. However, there should be a strong research basis for synergy projects and Cyber Trust research faculty must participate. Educational synergy components should be natural extensions of the research activity and not simply detached activities. Collaboration between researchers and educators are encouraged. Innovation and clear vision and linkage to the current state of Cyber Trust research are essential.

Award Categories

Awards will be made in three categories: Exploratory Research Awards, Single Investigator or Small Group awards, and Team awards. Projects In the Exploratory Research category are supposed to be fresh starts that aim at developing new expertise or formulating new research and education directions; completion of these projects will position the PIs to prepare proposals for larger projects. The Single Investigator or Small Group awards are expected to be small scale, focused, and intensive. Team awards support intensive research and education activities undertaken by teams of researchers and educators. Team projects should focus on challenging Cyber Trust problems that may cross disciplinary boundaries.

Proposal preparation guidance for projects in each of these categories is elaborated in Section V. Proposal Preparation and Submission Instructions of this solicitation.

Organization Limit: Proposals may only be submitted by U.S. academic institutions or non-profit research institutions with a strong educational component. NSF FFRDCs may also submit proposals. For-profit organizations and government laboratories of other agencies may not apply directly; they may receive subcontracts, but such subcontracts should be justified by explaining what unique capability is being made accessible.

PI Eligibility Limit: None Specified.

Limit on Number of Proposals: An individual may appear as PI, co-PI, Senior Personnel, or Consultant on no more than two proposals submitted to each annual Cyber Trust competition.

Awards will support projects working within a broad range of disciplines contributing to the Cyber Trust vision, including those that address, for example, usability, economics, or policy aspects in combination with technological aspects of Cyber Trust. There are three types of awards.

• Exploratory Research awards last up to 2 years and do not exceed $250,000 total.
• Single Investigator and Small Group awards last up to 3 years and do not exceed $500,000 total.
• Team awards last up to 4 years and do not exceed $2,000,000 total.

Estimated program budget, number of awards, and average award size/duration are subject to the availability of funds.

In unusual circumstances, the Cyber Trust program will entertain proposals that are beyond the scope and funding levels noted elsewhere in this solicitation. Such proposals would be expected to explore groundbreaking or paradigm-changing ideas and/or to pursue a grand challenge requiring the work of a substantial number of researchers. Projects of this type might well include multidisciplinary investigators and cross CISE divisions or, even involve funding from U.S. Government agencies beyond NSF. PIs who have in mind such a project must first contact the appropriate Cyber Trust program officers listed in this solicitation to discuss the proposed project. PIs may submit a full proposal only after being given permission to do so. The contact must take place before the program solicitation deadline so the program can plan for the receipt and review of this kind of proposal. It is recommended that the initial contact take place with the primary program officer, Karl Levitt via email at klevitt@nsf.gov.

• Full proposals submitted via FastLane:

Proposals submitted in response to this program announcement/solicitation should be prepared and submitted in accordance with the general guidelines contained in the NSF Grant Proposal Guide (GPG). The complete text of the GPG is available electronically on the NSF Website at: https://www.nsf.gov/publications/pub_summ.jsp?ods_key=gpg. Paper copies of the GPG may be obtained from the NSF Publications Clearinghouse, telephone (703) 292-7827 or by e-mail from pubs@nsf.gov. Proposers are reminded to identify this program announcement/solicitation number in the program announcement/solicitation block on the NSF Cover Sheet For Proposal to the National Science Foundation. Compliance with this requirement is critical to determining the relevant proposal processing guidelines. Failure to submit this information may delay processing.

• Full proposals submitted via Grants.gov:

Proposals submitted in response to this program solicitation via Grants.gov should be prepared and submitted in accordance with the NSF Grants.gov Application Guide: A Guide for the Preparation and Submission of NSF Applications via Grants.gov. The complete text of the NSF Grants.gov Application Guide is available on the Grants.gov website and on the NSF website at: (https://www.nsf.gov/bfa/dias/policy/docs/grantsgovguide.pdf). To obtain copies of the Application Guide and Application Forms Package, click on the Apply tab on the Grants.gov site, then click on the Apply Step 1: Download a Grant Application Package and Application Instructions link and enter the funding opportunity number, (the program solicitation number without the NSF prefix) and press the Download Package button. Paper copies of the Grants.gov Application Guide also may be obtained from the NSF Publications Clearinghouse, telephone (703) 292-7827 or by e-mail from pubs@nsf.gov.

In determining which method to utilize in the electronic preparation and submission of the proposal, please note the following:

1. Collaborative Proposals. All collaborative proposals must be submitted via the NSF FastLane system. This includes collaborative proposals submitted:

• by one organization (and which include one or more subawards); or
• as separate submissions from multiple organizations.

Proposers are advised that collaborative proposals submitted in response to this Program Solicitation via Grants.gov will be requested to be withdrawn and proposers will need to resubmit these proposals via FastLane. (Chapter II, Section D.3 of the Grant Proposal Guide provides additional information on collaborative proposals.)

2. All Other Types of Proposals That Contain Subawards. All other types of proposals that contain one or more subawards also must be submitted via the NSF FastLane system.

The following instructions deviate from the GPG guidelines and the NSF Grants.gov Application Guide:

To assist NSF staff in sorting proposals for review, proposal titles should begin with an acronym that identifies the category of proposal being submitted. Use the following acronyms:

• Cyber Trust Exploratory Research proposal = CT-ER
• Cyber Trust Individual or Small Group proposal = CT-ISG
• Cyber Trust Team proposal = CT-T

For example, a Cyber Trust Team proposal might have a title such as "CT-T: New Methods for Assuring Privacy-Compliant Information Flow."

Exploratory Research Proposals

Proposals in this size class must specifically address the new innovative approach to be addressed in the research and the education and workforce development advances that could be an outgrowth of the project. The planned benefits and impact of the activities, even if long range, should be described.

Individual Investigator and Small Group Proposals

Proposals in this size class must specifically describe their integrated research and education and workforce development contributions. Proposals that offer research with innovative educational synergy are welcome in this award category.

Team Proposals

Proposals in this size class must describe substantial and ambitious research and education projects, either to focus a team of researchers and educators on a particularly challenging technical area or to create a multi-disciplinary team to address important cross-disciplinary challenges that will contribute to realization of the Cyber Trust vision.

Proposals for team projects should describe plans for distributing the research results and should strive to assist scientists and engineers to use their results in ways that go beyond traditional academic publications. They must also creatively address education and workforce development contributions, including the planned benefits and impact of the activities described.

The project description should explain why a budget of the requested size is required to carry out the proposed activities and why the work needs to be conducted as a team effort. Midterm external reviews and/or site visits may be expected at NSF's discretion.

March 06, 2006

First Monday in February, thereafter

To comply with section 16 of the Cyber Security Research and Development Act (15 U.S.C.A. 7410), the grantee will ensure that no grant funds go to:

1. any individual who is in violation of the terms of his or her status as a nonimmigrant; or
2. any alien from a country determined by the Secretary of State to be a state sponsor of international terrorism unless that individual has a visa permitting him or her to enter and remain in the United States.

The grantee must immediately notify NSF if its ability to receive nonimmigrant students or exchange visitor program participants has been suspended or terminated.

CAREER proposals that address Cyber Trust research and education issues are encouraged; please see the CAREER announcement and contact one of the Cyber Trust Program Directors listed herein to confirm specific CAREER application procedures for Cyber Trust. Investigators also are encouraged to integrate Cyber Trust education in proposals submitted to other NSF programs that have an education or workforce focus, such as ADVANCE, REU sites, IGERT, and GK-12.

Other NSF programs welcome proposals that address security. This year's Research in Networking and Technology Systems (NeTS) (NSF 06-516) program welcomes proposals that offer innovative and unique approaches to the "new" architectures that offer security and resiliency not possible with current networking structures. If the proposal addresses primarily network architectural features, then it should be submitted to NeTS. On the other hand, if the proposal addresses the security aspects of the new mechanisms, their evaluation with respect to security requirements, or the management of the networks to address security policies, then the proposal can be submitted to Cyber Trust. PIs unsure of the appropriate program best suited for their proposal should contact a cognizant NSF program officer.

This year's Computer Systems Research (CSR) (NSF 05-629) program welcomes proposals that offer innovative approaches to computer system design, evaluation and usability with impact on four topical areas: Embedded and Hybrid Systems, Parallel and Distributed Operating Systems, Advanced Execution Systems, System Modeling and Analysis. Proposals in the area of computer systems that address new features in general, one of which is in support of security, should be submitted to CSR. On the other hand, if the proposal addresses primarily security requirements, or their implementation and evaluation, then the proposal should be submitted to Cyber Trust. PIs unsure of the appropriate program best suited for their proposal should contact a cognizant NSF program officer.