The National Security Agency Research Directorate began funding foundational research at Lablet institutions beginning in 2012 through the Science of Security (SoS) Initiative. The Lablets were funded in order to promote foundational cybersecurity science that is needed to mature the cybersecurity discipline and to underpin advances in cyberdefense. In 2014, the SURE project was founded to investigate cybersecurity in the cyber-physical systems realm. The Lablet and SURE projects are listed below.

Project Title Lead PI Project Abstract All terms Last Updatedsort icon
Policy Analytics for Cybersecurity of Cyber-Physical Systems Nazli Choucri Cyber-physical systems (CPS) are embedded in an increasingly complex ecosystem of cybersecurity policies, guidelines, and compliance measures designed to support all aspects of operation during all phases of system’s life cycle. By definition, such... Analytics for Cyber-Physical System Cybersecurity, Policy-Governed Secure Collaboration, Vanderbilt Nov 5 2020 - 10:30am
A Human-Agent-Focused Approach to Security Modeling William Sanders Although human users can greatly affect the security of systems intended to be resilient, we lack a detailed understanding of their motivations, decisions, and actions. The broad aim of this project is to provide a scientific basis and techniques for... A Human-Agent-Focused Approach to Security Modeling, Human Behavior, Understanding and Accounting for Human Behavior, UIUC Oct 21 2020 - 10:34am
Obsidian: A Language for Secure-By-Construction Blockchain Programs Jonathan Aldrich This project considers models for secure collaboration and contracts in a decentralized environment among parties that have not established trust. A significant example of this is blockchain programming, with platforms such as Ethereum and HyperLedger.... CMU, Human Behavior, Policy-Governed Secure Collaboration, Resilient Architectures, Scalability and Composability, Understanding and Accounting for Human Behavior, Obsidian Language for Blockchain, Policy-Governed Secure Collaboration, Resilient Architectures, Scalability and Composability Jan 30 2020 - 5:13pm
Side-Channel Attack Resistance Heechul Yun Cyber-Physical Systems (CPS)--cars, airplanes, power plants, and etc.--are increasingly dependent on powerful and complex hardware for higher intelligence and functionalities. However, this complex hardware may also introduce new attack vectors--hardware... KU, Scalability and Composability, Side-Channel Attack Resistance, Scalability and Composability Jan 30 2020 - 1:39pm
Scalable Trust Semantics & Infrastructure Warren Alexander Remote attestation provides a run-time capability for appraising system behavior and establishing trust. Using remote attestation, an appraiser requests evidence describing a target. The target responds by performing measurement to gather evidence then... KU, Policy-Governed Secure Collaboration, Scalability and Composability, Policy-Governed Secure Collaboration, Scalable Trust Semantics & Infrastructure, Scalability and Composability Jan 30 2020 - 1:39pm
Formal Approaches to the Ontology & Epistemology of Resilience John Symons Security Science requires reflection on its foundational concepts. Our contention is that in order to make informed decisions about trade-offs with respect to resilient properties of systems we must first precisely characterize the differences between the... KU, Resilient Architectures, Formal Approaches to the Ontology & Epistemology of Resilience, Resilient Architectures Jan 30 2020 - 1:39pm
Cloud-Assisted IoT Systems Privacy Fengjun Li The key to realizing the smart functionalities envisioned through the Internet of Things (IoT) is to securely and efficiently communicate, store, and make sense of the tremendous data generated by IoT devices. Therefore, integrating IoT with the cloud... Cloud-Assisted IoT Systems Privacy, KU, Resilient Architectures, Scalability and Composability, Security Metrics Driven Evaluation, Design, Development, and Deployment, Metrics, Resilient Architectures, Scalability and Composability Jan 30 2020 - 1:38pm
Designing for Privacy Deidre Mulligan Methods, approaches, and tools to identify the correct conceptualization of privacy early in the design and engineering process are important. For example, early whole body imaging technology for airport security were analyzed by the Department of... ICSI, Policy-Governed Secure Collaboration, Privacy, Designing for Privacy, Policy-Governed Secure Collaboration Jan 30 2020 - 1:36pm
Operationalizing Contextual Integrity Serge Egelman According to Nissenbaum's theory of contextual integrity (CI), protecting privacy means ensuring that personal information flows appropriately; it does not mean that no information flows (e.g., confidentiality), or that it flows only if the information... ICSI, Policy-Governed Secure Collaboration, Policy-Governed Secure Collaboration, Operationalizing Contextual Data Jan 30 2020 - 1:36pm
Contextual Integrity for Computer Systems Michael Tschantz Despite the success of Contextual Integrity (see project "Operationalizing Contextual Integrity"), its uptake by computer scientists has been limited due to the philosophical framework not meeting them on their terms. In this project we will both refine... Contextual Integrity for Computer Systems, ICSI, Policy-Governed Secure Collaboration, Policy-Governed Secure Collaboration Jan 30 2020 - 1:35pm
Governance for Big Data Deidre Mulligan Privacy governance for Big Data is challenging--data may be rich enough to allow the inference of private information that has been removed, redacted, or minimized. We must protect against both malicious and accidental inference, both by data analysts and... ICSI, Governance for Big Data Jan 30 2020 - 1:34pm
Scalable Privacy Analysis Serge Egelman One major shortcoming of the current "notice and consent" privacy framework is that the constraints for data usage stated in policies--be they stated privacy practices, regulation, or laws--cannot easily be compared against the technologies that they... ICSI, Policy-Governed Secure Collaboration, Security Metrics Driven Evaluation, Design, Development, and Deployment, Metrics, Policy-Governed Secure Collaboration, Scalable Privacy Analysis Jan 30 2020 - 1:34pm
Characterizing user behavior and anticipating its effects on computer security with a Security Behavior Observatory Lorrie Cranor Systems that are technically secure may still be exploited if users behave in unsafe ways. Most studies of user behavior are in controlled laboratory settings or in large-scale between-subjects measurements in the field. Both methods have shortcomings:... CMU, Security Behavior Observatory Jan 30 2020 - 1:30pm
Securing Safety-Critical Machine Learning Algorithms Lujo Bauer Machine-learning algorithms, especially classifiers, are becoming prevalent in safety and security-critical applications. The susceptibility of some types of classifiers to being evaded by adversarial input data has been explored in domains such as spam... CMU, Resilient Architectures, Security Metrics Driven Evaluation, Design, Development, and Deployment, Metrics, Resilient Architectures, Securing Safety-Critical Machine Learning Algorithms Jan 30 2020 - 11:58am
Model-Based Explanation For Human-in-the-Loop Security David Garlan Effective response to security attacks often requires a combination of both automated and human-mediated actions. Currently we lack adequate methods to reason about such human-system coordination, including ways to determine when to allocate tasks to each... CMU, Human Behavior, Resilient Architectures, Security Metrics Driven Evaluation, Design, Development, and Deployment, Understanding and Accounting for Human Behavior, Metrics, Model-Based Explanation For Human-in-the-Loop Security, Resilient Architectures Jan 30 2020 - 11:58am
Development of Methodology Guidelines for Security Research Jeffrey Carver This project seeks to aid the security research community in conducting and reporting methodologically sound science through (1) development, refinement, and use of community-based security research guidelines; and (2) characterization of the security... Security Metrics Driven Evaluation, Design, Development, and Deployment, Development of Methodology Guidelines for Security Research, Metrics, NCSU Jan 30 2020 - 11:55am
Monitoring, Fusion, and Response for Cyber Resilience William Sanders We believe that diversity and redundancy can help us prevent an attacker from hiding all of his or her traces. Therefore, we will strategically deploy diverse security monitors and build a set of techniques to combine information originating at the... Human Behavior, Policy-Governed Secure Collaboration, Resilient Architectures, Understanding and Accounting for Human Behavior, Monitoring, Fusion, and Response for Cyber Resilience, Policy-Governed Secure Collaboration, UIUC, Resilient Architectures Jan 30 2020 - 11:39am
Resilient Control of Cyber-Physical Systems with Distributed Learning Sayan Mitra Investigators: Sayan Mitra, Geir Dullerud, and Sanjay Shakkotai

Researchers: Pulkit Katdare and Negin Musavi

Critical cyber and cyber-physical systems (CPS) are beginning to use predictive AI models. These models help to expand, customize, and optimize...
Resilient Architectures, Security Metrics Driven Evaluation, Design, Development, and Deployment, Metrics, UIUC, Resilient Architectures, Resilient Control of Cyber-Physical Systems with Distributed Learning Jan 30 2020 - 11:34am
Uncertainty in Security Analysis David Nicol Cyber-physical system (CPS) security lapses may lead to catastrophic failure. We are interested in the scientific basis for discovering unique CPS security vulnerabilities to stepping-stone attacks that penetrate through network of intermediate hosts to... Policy-Governed Secure Collaboration, Resilient Architectures, Security Metrics Driven Evaluation, Design, Development, and Deployment, Metrics, Policy-Governed Secure Collaboration, UIUC, Resilient Architectures, Uncertainty in Security Analysis Jan 30 2020 - 11:26am
Automated Synthesis Framework For Network Security and Resilience Matt Caesar We propose to develop the analysis methodology needed to support scientific reasoning about the resilience and security of networks, with a particular focus on network control and information/data flow. The core of this vision is an automated synthesis... Resilient Architectures, Automated Synthesis Framework for Network Security and Resilience, UIUC Jan 30 2020 - 11:25am