Cybersecurity Center of Excellence Receives Five-year, $6M/Year Award from NSF

The U.S. National Science Foundation has awarded Trusted CI, the NSF Cybersecurity Center of Excellence, a five-year, $6-million per-year award to run through September 2029. Lawrence Berkeley National Laboratory (Berkeley Lab) will now serve as Trusted CI’s central steward.

The Trusted CI team stands outside Berkeley Lab’s Shyh Wang Hall during a recent meeting (Credit: Linda Vu).

Trusted CI empowers trustworthy discovery and innovation funded by NSF by partnering with cyberinfrastructure (CI) operators to build and maintain effective cybersecurity programs that secure the progress of NSF-funded research. The center started in 2012 and consists of a multi-institutional, cross-functional team that addresses the complex challenges facing the NSF’s cyberinfrastructure research ecosystem.

The center’s cornerstone is the Trusted CI Framework, which guides research institutions in launching and maintaining cybersecurity programs. Trusted CI hosts the annual NSF Cybersecurity Summit, hosts webinars, assesses the assurance of software developed for use in research computing, runs Fellows and students programs to enable cybersecurity workforce development, and engages with research cyberinfrastructure operators designing and constructing new facilities on “secure-by-design” approaches. Trusted CI has helped research CI operators at over 547 NSF Science Directorate projects, including all NSF Major Facilities and numerous NSF Major Facilities under construction (MREFCs).

Many cybersecurity experts have contributed to Trusted CI, and the center continues to thrive because of ongoing collaborations with leaders from multiple institutions. Indiana University led Trusted CI from 2010 through 2022. Subsequently, the University of Illinois Urbana-Champaign (UIUC) helmed the center from 2022 through 2024. The UIUC has now passed the baton to Berkeley Lab, which facilitates the center’s ongoing activities. “Berkeley Lab also has a very long history of collaboration with NSF science,” says Trusted CI Director and PI Sean Peisert of Berkeley Lab’s Scientific Data Division, “including contributions to ATLAS at CERN, IceCube, the Rubin Observatory (née LSST), and DESI among other joint DOE/NSF efforts.”

Trusted CI staff span seven institutions, including Berkeley Lab, Arizona State University, Indiana University, the National Center for Supercomputing Applications at the University of Illinois Urbana-Champaign, the Pittsburgh Supercomputing Center, University of Wisconsin-Madison, and the Sustainable Horizons Institute.

With this award, Trusted CI will accommodate a rapidly growing community need by supporting regulated research. Trusted CI will expand with the addition of NSF's successful Regulated Research Community of Practice (RRCoP). RRCoP's inclusion expands Trusted CI’s reach into research institutions with more than 300 higher education institutions participating from every state."There is a tremendous value to the science community as we expand to include regulated research,” says Co-PI Carolyn Ellis. “Trusted CI helps to both sustain RRCoP and is able to distill the past 12 years of valuable lessons learned to a young community. RRCoP will help by weaving regulated research support into other Trusted CI activities."

Trusted CI will address pressing national cybersecurity workforce development needs with NSF’s support. Trusted CI’s Fellows Program trains and empowers scientific community members with basic cybersecurity knowledge to support their professional development. “We plan to develop this program by engaging students over a more extended period and offering expanded training to professionals in our community to promote employment opportunities within the NSF CI community,” said Cybersecurity Community Engagement Lead James Marsteller.

Going forward, Trusted CI will expand the Fellows program and develop a new Students program. In both cases, Trusted CI will invite participation from the missing millions in traditionally underserved communities and leverage partnerships with the Sustainable Horizons Institute (SHI) and the NSF-funded Minority-Serving Cyberinfrastructure Consortium (MS-CC). Trusted CI will also work with these partners to host “regional summits” to engage with Minority Serving Institutions (MSIs). Trusted CI is also pleased to have Dr. Damian Clarke of Alabama State University as Special Advisor for Trusted CI’s Diversity Efforts. “Our goal,” said Clarke, “is not just to increase the numbers, but to create a cybersecurity ecosystem that truly reflects the diversity of our nation. Through Trusted CI's expanded initiatives, we're working to ensure that the 'missing millions' in underserved communities have access to the training and opportunities they need to become the cybersecurity leaders of tomorrow."

Additionally, with support from the Berkeley Lab IDEA Office, Trusted CI will establish a center-wide inclusivity, diversity, equity, and accountability (IDEA) program that will comprehensively and systematically guide Trusted CI’s approach to IDEA elements internally and in its public-facing activities. “Developing a diverse pipeline of cybersecurity professionals is essential,” said Senior IDEA Integration Partner Kevin Nichols, “to ensure that these populations are represented in the wealth-building and protection that these communities deserve, and the IDEA office is excited to participate in its growth.”

The activities emphasized in Trusted CI’s award proposal grew out of a months-long strategic planning activity that included introspection and discussion within the Trusted CI team. This included feedback from the Trusted CI Advisory Committee, engagement with the broader community, and study of many forward-looking reports, such as National Academies’ decadal surveys. These activities helped Trusted CI’s leadership team forecast the research needs of the cyberinfrastructure community in the next 5 to 10 years. Trusted CI presented its plans in, “A Vision for Securing NSF's Essential Scientific Cyberinfrastructure - Trusted CI Five-Year Strategic Plan (2024-2029)” in mid-2023.

The NSF award will also support the expansion of the Trusted CI Framework and augmentation of its “Ambassador” program with NSF Major Facilities with “residencies” — ongoing, deep engagements with NSF Major Facilities that monitor and sustain improvements over time. It also supports the development of new materials. For example, a 2021 Trusted CI study discovered that most NSF Major Facilities develop software without software assurance processes. Trusted CI plans to address this gap by creating a Trusted CI Software Assurance Framework (SAF), to help organizations establish software assurance processes and programs and a SAF Implementation Guide (SAFIG) to provide clear direction to organizations developing software on the processes necessary to achieve those minimum standards. “There is so much bespoke software being developed and deployed by the science community,” said Head of Trusted CI Software Assurance Barton Miller. “It is crucial for a project to have clear software security processes in place to ensure that our cyber infrastructure continues to operate and be secure. We are excited to be able to help the project establish processes that are effective and appropriate for the science community.”

To provide sustained assistance to CI operators, Trusted CI establishes a “residency” program, which complements its one-to-one “Ambassador” mapping of Trusted CI staff to each NSF Major Facility. With residencies, Trusted CI staff will be embedded with Major Facilities for several days at a time to perform more focused work. Residencies are ongoing, deep engagements that monitor and sustain improvements over time.

As Trusted CI develops these programs, they will continue to host their annual NSF Cybersecurity Summit. The Summit is a valuable forum for NSF cyberinfrastructure operators, researchers, and security experts. It helps the community advance cybersecurity awareness and practice. Going forward, Trusted CI will also partner with MS-CC and SHI to host “regional summits” to be geographically closer to engage, particularly with Minority Serving Institutions (MSIs) and the traditionally underserved populations at MSIs.

Trusted CI gratefully acknowledges the entire NSF research cyberinfrastructure community that has provided input to help guide and refine Trusted CI’s activities. They particularly acknowledge their Advisory Committee that regularly meets to provide invaluable feedback to Trusted CI’s leadership on the ways in which Trusted CI can maximize its impact to stakeholders.

Please visit Trusted CI’s website to learn more about the Trusted CI Framework, the NSF Cybersecurity Summit, summits, Trusted CI webinars, and Trusted CI’s other activities.