New NSF-funded project fills the cybersecurity gap for science

10.09.12 -

by Nicole Schiffer

NCSA's cybersecurity group is collaborating with Indiana University to form the Center for Trustworthy Scientific Cyberinfrastructure (CTSC) using a newly funded three-year, $4.297 million grant from the National Science Foundation.

CTSC will help NSF cyberinfrastructure projects improve security by offering assistance in identifying problems and designing and implementing solutions. The center will also expand education and training opportunities in cybersecurity. CTSC aims to capitalize on a wealth of cybersecurity expertise in computational science both within and outside of the center, which often is not readily available to individual projects.

"The goal of CTSC is to improve cybersecurity for science projects while allowing them to focus on what they do best," says Von Welch, CTSC principle investigator and deputy director of Indiana University's Center for Applied Cybersecurity Research.

Randy Butler, director of NCSA's Cybersecurity Directorate and CTSC deputy director, will lead training and education activities. He says that practical cybersecurity knowledge for computation science is a scarce resource for project teams. CTSC aims to fill that hole by passing the team's knowledge to a wide breadth of users. Training materials that include best practices guides, case studies, and lessons learned throughout the project will target project managers, developers, and operations staff. In collaboration with the University of Illinois, the center will support students with new cybersecurity course materials, especially for scientific computing, that will be available to other institutions.

CTSC will work directly with cyberinfrastructure project teams to tailor security to each project. Six projects are already identified for the first year, and future projects will be evaluated through an open call.

"The members of CTSC have been working in cybersecurity for the NSF community for decades," says Butler. "CTSC represents a great opportunity to expand and coordinate those efforts and look comprehensively at community needs and how research could be applied to improve cybersecurity in practice."

Each member contributes to a different aspect of security. NCSA's Jim Basney specializes in identity management, Barton Miller of the University of Wisconsin-Madison is a software security expert, and Jim Marsteller from the Pittsburgh Supercomputing Center works in operational security. Scott Koranda from the University of Wisconsin-Milwaukee supplies an inside "scientific needs" view from previous work with LIGO, one of the initial six projects. CTSC represents the culmination of the members' efforts to use their knowledge to advance the state of security practice in NSF cyberinfrastructure projects of all sizes.