10/31/2011
The University of Illinois at Urbana-Champaign, Carnegie Mellon University, and North Carolina State University are each receiving an initial $1 million in grant funds from the U.S. National Security Agency (NSA) to stimulate the creation of a more scientific basis for the design and analysis of trusted systems.
Written by
The University of Illinois at Urbana-Champaign, Carnegie Mellon University, and North Carolina State University are each receiving an initial $1 million in grant funds from the U.S. National Security Agency (NSA) to stimulate the creation of a more scientific basis for the design and analysis of trusted systems.
To that end, the NSA grant will seed an academic “Lablet” focused on the development of a Science of Security (SoS) and a broad, self-sustaining community effort to advance it. A major goal is the creation of a unified body of knowledge that can serve as the basis of a trust engineering discipline, curriculum, and rigorous design methodologies. The results of SoS Lablet research are to be extensively documented and widely distributed through the use of a new, network-based collaboration environment. The intention is for that environment to be the primary resource for learning about ongoing work in security science, and to be a place to participate with others in advancing the state of the art.
The Illinois Lablet, which will be housed in the Information Trust Institute at Illinois, will contribute broadly to the development of security science while leveraging Illinois expertise in resiliency, which in this context means a system’s demonstrable ability to maintain security properties even during ongoing cyber attacks. David M. Nicol, the Illinois Lablet’s principal investigator, explains, “The complexity of software systems guarantees that there will almost always be errors that can be exploited by attackers. We have a critical need for foundational design principles that anticipate penetrations, contain them, and limit their effects, even if the penetration isn’t detected.”
The Lablet’s work will draw on several fundamental areas of computing research. Some ideas from fault-tolerant computing can be adapted to the context of security. Strategies from control theory will be extended to account for the high variation and uncertainty that may be present in systems when they are under attack. Game theory and decision theory principles will be used to explore the interplay between attack and defense. Formal methods will be applied to develop formal notions of resiliency. End-to-end system analysis will be employed to investigate resiliency of large systems against cyber attack. The Lablet’s work will draw upon ideas from other areas of mathematics and engineering as well.
Nicol, the project’s principal investigator, is a professor of electrical and computer engineering (ECE) at Illinois and the director of the Information Trust Institute. The Lablet’s leadership is shared with co-principal investigators William H. Sanders, who is an ECE professor and director of the Coordinated Science Laboratory at Illinois, and José Meseguer, a professor of computer science.
_______________________
Contact/Writer: Jenny Applequist, Information Trust Institute, 217/244-8920.
If you have any questions about the College of Engineering, or other story ideas, contact Rick Kubetz, editor, Engineering Communications Office, University of Illinois at Urbana-Champaign, 217/244-7716.