Trusted CI Webinar: SPHERE - Security and Privacy Heterogeneous Environment for Reproducible Experimentation, Monday April 22nd

Dr. Jelena Mirkovic and David Balenson are presenting the talk, SPHERE - Security and Privacy Heterogeneous Environment for Reproducible Experimentation, on April 22nd at 12pm Eastern time.

NOTE: This webinar is scheduled one hour later than the usual time.

Please register here.

Cybersecurity and privacy threats increasingly impact our daily lives, our national infrastructures, and our industry. Recent newsworthy attacks targeted nationally important infrastructure, our government, our researchers, and research facilities. The landscape of what needs to be protected and from what threats is rapidly evolving as new technologies are released and threat actors improve their capabilities through experience and close collaboration. Meanwhile, defenders often work in isolation, use private data and facilities, and produce defenses that are quickly outpaced by new threats. To transform cybersecurity and privacy research into a highly integrated, community-wide effort, researchers need a common, rich, representative research infrastructure that meets the needs across all members of the community, and facilitates reproducible science.

To meet these needs, USC Information Sciences Institute and Northeastern University have been funded by the NSF mid-scale research infrastructure program to build Security and Privacy Heterogeneous Environment for Reproducible Experimentation (SPHERE). This infrastructure will offer access to an unprecedented variety of hardware, software, and other resources connected by user-configurable network substrate, and protected by a set of security policies uniquely aligned with cybersecurity and privacy research needs. SPHERE will offer six user portals, closely aligned with needs of different user groups. It will support reproducible research through a combination of infrastructure services (easy experiment packaging, sharing and reuse) and community engagement activities (development of realistic experimentation environments and contribution of high-quality research artifacts).

Speaker Bios:

Dr. Jelena Mirkovic is Principal Scientist at USC-ISI and Research Associate Professor at USC. She received her MS and PhD from UCLA, and her BSc from University of Belgrade, Serbia. Jelena's research interests span networking and cybersecurity fields, as well as testbed experimentation. Her current research is focused on authentication, use of machine learning for network attack detection, large-scale dataset labeling for security, and user privacy. She is the lead PI on the SPHERE project.

Mr. David Balenson is Senior Supervising Computer Scientist and Associate Director of the Networking and Cybersecurity Division at USC-ISI. He received his MS and BS in Computer Science from the University of Maryland. His current research interests include cybersecurity and privacy for critical infrastructure and cyber-physical systems including automotive and autonomous vehicles, experimentation and test, technology transition, and multidisciplinary research. He is the Community Outreach Director for SPHERE.

---
Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Tapis more secure following Trusted CI code-level review

Trusted CI has published a new success story on its collaboration with Tapis. In 2023, the Texas Advanced Computing Center engaged Trusted CI, the NSF Cybersecurity Center of Excellence, to assess the security of its Tapis software. Applying First Principles Vulnerability Assessment methodology, the Trusted CI team found four serious security vulnerabilities and one bug in the Tapis code and made several recommendations to improve Tapis’ security. 

Trusted CI Webinar: Lessons from the ACCORD project, March 18th @11am Eastern

Ron Hutchins and Tho Nguyen are presenting the talk, Lesson from the ACCORD Project, on March 18th at 11am Eastern time.

Please register here.

The ACCORD cyberinfrastructure project at the University of Virginia (UVA) successfully developed and deployed a community infrastructure providing access to secure research computing resources for users at underserved, minority-serving, and non-PhD-granting institutions. ACCORD's operational model is built around balancing data protection with accessibility. In addition to providing secure research computing resources and services, key outcomes of ACCORD include creation of a set of policies that enable researchers external to UVA to access and use ACCORD. While the ACCORD expedition achieved its technical and operational goals, its broader mission of broadening access to underserved users had limited success. Toward gaining a better understanding of the barriers to researchers accessing ACCORD, our team carried out two community outreach efforts to engage with researchers and computing service leaders to hear their pain points as well as solicit their input for an accessible community infrastructure.

In this talk, we will describe the ACCORD infrastructure and its operational model. We will also discuss insights from our effort to develop policies to balance accessibility with security. And finally, we wil share lessons learned from community outreach efforts to understand institutional and social barriers to access.

Speaker Bios:

Ron Hutchins: In the early 1980’s, Ron worked at the Georgia Institute of Technology to create a networking laboratory in the College of Computing teaching data communications courses there. After moving to the role of Director of Campus Networks in 1991, Ron founded and led the Southern Crossroads network aggregation (SoX) across the Southeast. In 2001 after receiving his PhD in computer networks, he took on the role of Chief Technology Officer for the campus. In August of 2015, Ron moved into the role of Vice President of Information Technology for the University of Virginia, working to build partnerships across the campus. Recently, Ron has moved from VP to research faculty in the Computer Science department at UVA and is participating broadly across networking and research computing in general including work with the State of California building out the broadband fiber network backbone across the state. 

Tho Nguyen is a computer science and policy expert. He served as project manager for the ACCORD effort from 2019-2021, and continues to support the project implementation and growth.  Nguyen is currently a Senior Program Officer at the National Academies of Sciences, Engineering, and Medicine.  From 2015-2021 Nguyen was on the research staff in the Department of Computer Science at the University of Virginia where he worked on compute-in-memory and developing HPCs for research.  Prior to UVA, he was a AAAS Science and Technology Policy Fellow at the National Science Foundation where he worked primarily on the Cyber Physical Systems program. Nguyen holds a PhD in Systems & Controls (Electrical Engineering) from the University of Washington. 

---
Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Advancing the Cybersecurity of NSF Major Facilities and National Research Cyberinfrastructure: Trusted CI’s Framework Cohort Achievements in 2023

Trusted CI successfully conducted two more six-month engagements in its ongoing Cybersecurity Framework Cohort Program during 2023, mentoring 11 additional research cyberinfrastructure providers through Framework validated self-assessments and cybersecurity program strategic planning. The cohort during the first half of 2023 comprised representatives from the following NSF major facilities, mid-scale projects, and a scientific consortium:

U.S. Academic Research Fleet (ARF), an NSF major facility
IceCube Neutrino Observatory, an NSF major facility
United States Antarctic Program (USAP), an NSF major facility
Deep Soil Ecotron (DSE), an NSF mid-scale project
Network for Advanced NMR (NAN), an NSF mid-scale project
Giant Magellan Telescope Observatory Corporation (GMTO), a scientific consortium

Five of NSF’s leading high performance computing (HPC) centers composed the cohort during the second half of 2023:

National Center for Atmospheric Research (NCAR)
National Center for Supercomputing Applications (NCSA)
Pittsburgh Supercomputing Center (PSC)
San Diego Supercomputer Center at UCSD (SDSC)
Texas Advanced Computing Center (TACC)

The foundation of the cohort program is the Trusted CI Framework. The Framework was created as a minimum standard for cybersecurity programs. In contrast to cybersecurity guidance focused narrowly on cybersecurity controls, the Trusted CI Framework provides a more holistic and mission-focused standard for managing cybersecurity. For these organizations, the cohort was their first formal training in the Trusted CI Framework “Pillars” and “Musts” and how to apply these fundamental principles to assess their cybersecurity programs.

Cohort members entered the engagement with a commitment to adopting the Framework at their sites. They then worked closely with Trusted CI to gather site information and create validated self-assessments of their organization’s cybersecurity programs based on the Trusted CI Framework. Each site emerged from the program with a draft Cybersecurity Program Strategic Plan (CPSP) identifying priorities and directions for further refining their cybersecurity programs.

Several participants provided feedback on the value of the cohort experience to their organizations.

GMTO’s Sam Chan, IT Director and Information Security Officer, and Efren Sandoval, Cybersecurity Analyst, noted that “...the cohort collaboration process has given us a better understanding of a holistic and mission focused approach to cybersecurity. The cohort collaboration process also brought us together with colleagues from different fields and requirements with similar security controls.  Sharing our experiences amongst ourselves helped us learn different approaches to similar areas of concern.”

Michael Wilson, Infrastructure Architect at UConn Health and Cybersecurity Lead of NAN, observed: “As a result of the cohort experience, NAN was not only able to identify gaps in our original cybersecurity implementation plan and significantly advance our cybersecurity posture, but I have also personally expanded my professional network to share and discuss cybersecurity implementation ideas and lessons learned with colleagues from other NSF facilities. While the cohort program demands considerable effort, the NAN executive team found it to be a worthwhile endeavor. I heartily encourage the leadership of NSF facilities that have not yet participated in the cohort training to do so.”

Scott Sakai, Security Analyst at SDSC, found that: “Trusted CI’s Framework cohort provided a supportive environment to explore the strengths and weaknesses of the state of our cybersecurity efforts in the context of the Trusted CI Framework.  While strengths were praised, shortcomings and challenges were met with non-judgmental, matter-of-fact discussion rather than punitive shaming: a response that promotes a path to resolution and understanding.”

Mr. Sakai also noted that: “Importantly, the Trusted CI Framework, and guidance from the Trusted CI cohort team emphasize the significance of governance and mission alignment – two foundational concepts that bring together cybersecurity and leadership, and help formulate what a meaningful dialog between the two might look like. This sets it apart from other approaches to a security program that focus on policy and controls, a difference that will hopefully foster an asset that is approachable and predictable instead of a mysterious line-item expense in the budget.”

In January 2024 Trusted CI began the fifth Framework cohort engagement, whose members include:  

Advanced Simons Observatory
Compact X-ray Free Electron Laser Project
Inter-university Consortium for Political and Social Research
The National High Magnetic Field Laboratory
Security and Privacy Heterogeneous Environment for Reproducible Experimentation
Thirty Meter Telescope International Observatory

Trusted CI is excited to be working with these new sites to advance their understanding and implementation of cybersecurity programs and best practices!

For more information, please contact us at info@trustedci.org.

2023 Summit Report Available, Save the Date for 2024 Summit

The report of the 2023 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure is now available on Zenodo for your review.

Mark your calendar for the 2024 NSF Cybersecurity Summit, which will be held for four full days from October 7-10, 2024, at Carnegie Mellon University in Pittsburgh, PA.

Like last year, Trusted CI is inviting other groups to schedule full-day training on Monday, October 7, that may interest our community. Tuesday through Thursday will include a mix of plenary and shorter training sessions and workshops. If your organization is interested in providing a full-day training session on October 7, please contact the Summit organizers at summit@trustedci.org and include "full-day training" in the subject line.

To stay updated and receive more information about the Summit, please check our website, 2024 NSF Cybersecurity Summit, follow the Trusted CI blog, or subscribe to our announcement email.

If you have any questions, please don't hesitate to contact us at summit@trustedci.org.

Thank you, and we look forward to seeing you at the Summit!

Cyberinfrastructure Vulnerabilities 2023 Annual Report

The Cyberinfrastructure Vulnerabilities team provides concise announcements on critical vulnerabilities that affect science cyberinfrastructure (CI) of research and education centers, including those threats which may impact scientific instruments. This service is freely available by subscribing to Trusted CI's mailing list (see below).

We monitor a number of sources for vulnerabilities, then determine which ones are of critical interest to the CI community. While there are many cybersecurity issues reported in the news, we strive to alert on issues that affect the CI community in particular. These issues are identified using the following criteria:

• the affected technology's or software's pervasiveness in the CI community
• the technology's or software's importance to the CI community
• the type and severity of a potential threat, e.g., remote code execution (RCE)
• the threat's ability to be triggered remotely
• the threat's ability to affect critical core functions
• the availability of mitigations

For issues that warrant alerts to the Trusted CI mailing list, we also provide guidance on how operators and developers can reduce risks and mitigate threats. We coordinate with ACCESS, Open Science Grid (OSG), and the NSF supercomputing centers on drafting and distributing alerts to minimize duplication of effort and maximize benefit from community expertise. Sources we monitor for possible threats to CI include the following:

• OpenSSL and OpenSSH
• US-CERT advisories
• RHEL/EPEL advisories
• REN-ISAC Alerts and Advisories
• Social media, such as Twitter, and Reddit (/r/netsec and /r/cybersecurity)
• News sources, such as The Hacker News, Threatpost, The Register, Naked Security, Slashdot, Krebs on Security, SANS Internet Storm Center, and Schneier on Security

In 2023 the Cyberinfrastructure Vulnerabilities team discussed 43 vulnerabilities and issued 26 alerts to 187 subscribers.

You can subscribe to Trusted CI's Cyberinfrastructure Vulnerability Alerts mailing list by sending email to cv-announce+subscribe@trustedci.org. This mailing list is public and its archives are available at https://groups.google.com/a/trustedci.org/g/cv-announce.

If you have information on a cyberinfrastructure vulnerability, let us know by sending email to alerts@trustedci.org.

Trusted CI Webinar Series: Planning for 2024, review of 2023

The 2023 season of the Trusted CI Webinar series has concluded and we are looking forward to the presentations scheduled in the next year. 

We are currently booking the 2024 season.  See our call for presentations to submit a request to present.

In case you missed them, here are the webinars from 2023: 

• January ‘23: Real-Time Operating System and Network Security for Scientific Middleware with Gedare Bloom (NSF Award #2001789) (Video)(Slides) 
• February ‘23: Security Program for the NIH’s Common Fund Data Ecosystem with Rick Wagner (Video)(Slides)
• March ‘23: Mutually Agreed Norms for Routing Security (MANRS) with Steven Wallace (Video)(Slides)
• April ’23: Advanced Cyberinfrastructure Coordination Ecosystem: Services and Support (ACCESS) with Derek Simmel (NSF Award #2138296) (Video)(Slides)
• May ’23: Deception Awareness and Resilience Training (DART) with Anita Nikolich (NSF Award #2230494) (Video)(Slides)
• June ‘23: SecureMyResearch with Will Drake, Tim Daniel, and Anurag Shankar (Video)(Slides) 
• July ‘23: The Technical Landscape of Ransomware: Threat Models and Defense Models with Barton Miller and Elisa Heymann (Video)(Slides) 
• August ‘23: Leveraging Adaptive Framework for Open Source Data Access Solutions with Jeremy Grieshop (Video)(Slides) 
• September ‘23: Improving the Privacy and Security of Data for Wastewater-based Epidemiology with Ni Trieu (NSF Award #2115075) (Video)(Slides)
• December 4th: Enhancing Integrity and Confidentiality for Secure Distributed Data Sharing (Open Science Chain) with Subhashini Sivagnanam (NSF Award #2114202) (Video)(Slides)
  

Join Trusted CI's announcements mailing list for information about upcoming events. Our complete catalog of webinars and other presentations are available on our YouTube channel. See our call for presentations to submit a request to present. For questions or feedback, email us at webinars@trustedci.org.