The
Department of Commerce's
National Institute of Standards
and Technology today awarded $5 million total in funding
for nine research grants that will enhance security for
critical infrastructures such as electrical grids and air
traffic control systems.
Awards
under the Critical
Infrastructure Protection Grants Program will accelerate
efforts to make the computer and telecommunications systems
that support our essential services more secure. These efforts
are necessary because many critical infrastructuresthe
physical and cyber-based systems that are essential to the
nation's economyare increasingly automated and interdependent.
NIST
awarded the nine grants to five companies, three universities
and two commercial/academic partnerships. The agency received
133 applications (totaling more than $73 million in requests)
for the available $5 million in funding under the CIPGP.
Proposal reviews were conducted by scientists at NIST, including
those in the agency's Information Technology, Manufacturing
Engineering, and Electronics and Electrical Engineering
laboratories. Additionally, 98 reviewers from eight federal
agenciesincluding the Department of Defense, the Department
of Justice and the National Security Agencyalso participated
in the selection process.
Richard
A. Clarke, national coordinator for security, critical infrastructure
and counter-terrorism at the National Security Council,
applauded the grant awards. "These research grants
will make an important down payment toward addressing the
many cyber challenges we need to surmount to protect America's
critical infrastructures," Clarke said. "We look
forward to the technical progress that the awardees will
be making."
A list
of the 2001 CIPGP awards is attached. More details on the
CIPGP, the first-year competition process and the 2001 grants
are available on the program's web site: http://csrc.nist.gov/grants.
As
a non-regulatory agency of the U.S. Department of Commerce's
Technology Administration, NIST develops and promotes measurements,
standards, and technology to enhance productivity, facilitate
trade, and improve the quality of life.
For
more information on NIST, see our web site at www.nist.gov.
To explore a century of NIST partnerships with U.S. industry,
benefits to the public and impacts on economic growth, go
to the NIST centennial (1901-2001) web site at www.100.nist.gov.
Critical
Infrastructure Protection Grants for 2001
Note:
Dollar amounts listed are fiscal year 2001 funding from
the government. Additional funding requested for some of
the projects is contingent on Congressional approval.
Advanced Security Profiles and Enforcement for Next Generation
Networks
Telcordia Technologies, Morristown, N.J.
The
merging of the Internet and other data networks with traditional
voice telephone networks brings with it new safety concerns
and vulnerabilities. This research will address interactions
and interdependencies in the protocol layers and examine
the emerging interconnection architectures to identify and
mitigate the consequent vulnerabilities and security dependencies.
$997,000
Secure Wireless Infrastructure Test Bed
University of Maryland, College Park, Md.; and NAI Labs,
Glenwood, Md.
The
growing dependency of critical infrastructures upon wireless
communication introduces many new and often misunderstoodsecurity
risks. This work will look at ways to conduct security testing
of the technology in a realistic environment by creating
a secure wireless test bed. Initial focus will be on the
IEEE 802.11 wireless standard, security in intra-domain
and intra-service provider roaming, and other security issues
in wireless area networks.
$861,236
Real-Time Intrusion Detection
University of California, San Diego, Calif.
Before
attacking a system, hackers often use probes to assess the
security, operational characteristics and likely vulnerabilities
of a system. The Sensilla project being funded will use
novel intrusion detection techniques to address the problem
of attackers using surveillance or probing techniques and
then launching denial of service attacks. The results are
likely to enhance our ability to detect these intrusions,
especially on high bandwidth Internet connections used by
the public and private sectors to deliver essential services.
$612,826
Vulnerability Analysis Tools and Attack Management Systems
for Converged Networks
University of Tulsa, Tulsa, Okla.
When
a large complex network is under attack, it is nearly impossible
to get a good picture of the scope and severity of the incursion.
Therefore, managing the attack can be problematic. This
research will create a way to map converged networks (those
that use data, voice and broadband) and develop sophisticated
attack management systems for those networks. The work also
will exploit computer modeling and visualization of the
attacks to better respond and mitigate such attacks.
$691,362
(includes a $500,000 contribution from the National Security
Agency)
Industrial Applications of Information Security to Protect
the Electric Power Infrastructure
Schweitzer Engineering Laboratories Inc. and Washington
State University, Pullman, Wash.; and the University of
Idaho, Moscow, Idaho
Modern
electrical power distribution is managed by complex automated
controls which may be vulnerable to attack. To better understand
the risk and develop appropriate security controls, this
project focuses on cybersecurity for the electrical power
grid by developing a prototype secure information architecture
for substations and control centers. Included are security
and survivability assessments of actual configurations.
$774,736
A Survivable and Secure Wireless Information Architecture
University of Pittsburgh, Pittsburgh, Pa.
This
research effort is centered on survivability and security
of wireless networks. Specifically, it has three main areas
of investigation: survivable networks and protocol design,
development and evaluation of a security architecture for
wireless access networks, and the interaction between survivability
and security.
$432,199
Compiler-Assisted Intrusion Detection/Prevention and
Automated Damage Repair
Rether Networks Inc., Centereach, N.Y.
Many
system outages and security incidents result from poorly
developed or tested computer programs. This work proposes
to use compiler and certain pre-processing techniques aimed
at detecting, correcting and repairing conditions such as
buffer overflow that introduce vulnerabilities into the
development of systems and applications. Correcting these
conditions before they are introduced into operational systems
promises significant cost savings over retroactive detection
and patching.
$448,146
Metrics and Tools for Evaluating Intrusion Detectors
Decision Science Associates, Vienna, Va.; and Lockheed
Martin, Gaithersburg, Md.
This
work will develop ways to assess the effectiveness of computer
intrusion detection systemsa measure not always well
understoodto help improve the security of these systems.
While addressing computer intrusion, this work is aimed
primarily at addressing metrics and testing capabilities.
$99,999
Engineered
Compositions for Infrastructure Design
CygnaCom Solutions Inc., McLean, Va.
Today,
there is no easy way to understand the security risks and
protections provided when two or more information technology
components are connected. This research will develop ways
to evaluate the security of computer systems, focusing both
on the security of individual components and larger systems.
The results should be more secure systems built from individually
tested components.
$84,054
Go
back to NIST News Page