Cybersecurity

NSA funds 'science of cybersecurity' research

The National Security Agency is funding the creation of small laboratories -- "lablets" in NSA vernacular -- that will support research into the science of cybersecurity at four major universities.

For the past three years, NSA has been partnering with academia with the intent of creating a research community dedicated to the science of security and quantifying behaviors and characteristics of cyberattacks and threats.

According to the statement, lablet research will focus on five particularly difficult cybersecurity problem areas: scalability and composability, policy-governed secure collaboration, security metrics, resilient architectures, and understanding and accounting for human behavior.

NSA assigned three science-of-security grants to universities in 2012 to fund research through June 2014, NSA officials told FCW in an email message. The most recent funding is through contract awards to the University of Maryland, North Carolina State University, Carnegie Mellon University and the University of Illinois to conduct research for one year with optional additional years.

Each of the universities received $1 million to $2.5 million for the first year, for a total of approximately $8.2 million, according to NSA. After the first year, the government has the right to exercise two one-year option periods to continue research at a particular lablet.

According to NSA's email message, all science-of-security research is unclassified, and results for each of the lablets will be published via the Science of Security Virtual Organization.

In an April 22 statement, NSA officials said they had approached almost 300 university departments with an opportunity to fund development of the lablets in partnership with private industry.

NC State is a hotbed for cybersecurity research and education. It is also the site of NSA's Laboratory for Analytic Sciences, and it introduced the first master's of science in analytics for big-data analysis.

NC State was one of the three universities that received a $2.5 million lablet grant in 2012. That lablet, housed in the university's Institute for Next Generation IT Systems, drew on computing research and analytics to adapt ideas ranging from fault-tolerant computing to the context of security, said Laurie Williams, a computer science professor at NC State and a co-principal investigator at the university's lablet.

The new grant will support the same kind of research and facilities, she told FCW. The lablet will focus on the design of trusted systems and encompass contributions from the fields of computer science, mathematics, behavioral science, economics and physics, she added.

About the Author

Mark Rockwell is a staff writer covering acquisition, procurement and homeland security. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.

Featured

Reader comments

Thu, May 8, 2014 James

With all the negativity surrounding the NSA amidst the snooping revelations thi is a step in the right direction. Cybersecurity is critical today with everything including public services interconneted and online. I work for McGladrey and there's a whitepaper on our site that discusses a few points here that may interest readers, it offers very good information on common security concerns for business and ways to mitigate them. @ "Two common Web application attacks illustrate security concerns" @ http://bit.ly/1c0f35M

Thu, May 8, 2014

There is still the problem of knowledge integration, working with universities and the like is like herding cats. No one wants the responsibility.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above