Wednesday, November 30, 2016

Change of CTSC co-PI and Thank you to Randy Butler

It is with some regret that I announce Randy Butler stepping away from CTSC. Randy Butler has been a CTSC co-PI since CTSC's inception in 2012 and led the Scientific Software Security Innovation Institute Workshops that led to the concepts and documented the community requirements that were the foundation of CTSC.

I wish Randy all the best with his promotion to Senior Associate Director for Integrated Cyberinfrastructure at NCSA.

Jim Basney, already a CTSC co-PI, will be the lead for CTSC activities at NCSA. Bart Miller, currently CTSC senior personnel from the University of Wisconsin, will be taking on a co-PI role in CTSC. Bart’s new role recognizes his strong contributions to software security and training, and CTSC’s growing emphasis on software assurance.


Monday, November 28, 2016

CCoE Webinar Dec. 12th 11am EDT: CICI Regional Cybersecurity Collaboration projects

Our last webinar for the year will be a group presentation on the CICI Regional Cybersecurity Collaboration projects, on December 12th at 11am (EDT). More detailed information about the individual projects is listed below.

The presenters and project names are:
  • Xinwen Fu, New England Cybersecurity Operation and Research Center (CORE)
  • James Joshi & Brian Stengel, SAC-PA: Towards Security Assured Cyberinfrastructure in Pennsylvania
  • Jaroslav Flidr, Substrate for Cybersecurity Education; a Platform for Training, Research and Experimentation (SCEPTRE)
  • Jill Gemmill, SouthEast SciEntific Cybersecurity for University REsearch (SouthEast SECURE)
Anita Nikolich from NSF will provide an introduction to the NSF CICI program.

Please register here. Be sure to check spam/junk folder for registration confirmation with attached calendar file.

More information about this presentation is on the event page.

Presentations are recorded and include time for questions with the audience.

Join CTSC's discuss mailing list for information about upcoming events. To submit topics or requests to present, contact us here. Archived presentations are available on our site under "Past Events."

New England Cybersecurity Operation and Research Center (CORE)

CORE Project Web Site

Presenter: Xinwen Fu (University of Massachusetts Lowell)

The New England Cybersecurity Operation and Research Center (CORE) is a collaboration between cybersecurity researchers and networking experts from the University of Massachusetts Lowell, and Information Technology (IT) support personnel and leadership from the Office of the President of University of Massachusetts (UMass), who work together to improve the security of under-resourced institutions in New England and providing a model of a regional approach to cybersecurity. The researchers have established an open cybersecurity program at UMass, which guides customers through a sequence of steps and selects security controls and technologies from both proprietary solutions and free open source solutions, considering the budget of the institution or enterprise that wants to protect their assets. This project also performs research on emerging threats, trends and defense based on the collected data.

SAC-PA: Towards Security Assured Cyberinfrastructure in Pennsylvania 

Presenters: James Joshi & Brian Stengel (University of Pittsburgh)

Cybersecurity is a growing concern for individuals, communities, nations and the world. Increasing cyberattacks make cybersecurity a critical national security concern. Information technology provides tremendous opportunities to accelerate data-driven scientific research and education. Increasing cybersecurity problems can adversely impact the research and its economic and social benefits if our cyberinfrastructure that supports scientific research and education is not well protected. Beyond innovative cybersecurity solutions, it is critical to establish structured and effective practices and better collaboration among various stakeholders to share cybersecurity resources, expertise and information. This project focuses on establishing a regional collaboration and partnership within the state of Pennsylvania, referred to as SAC-PA. SAC-PA will provide critical support to smaller academic institutions (schools and colleges, etc.) including resource constrained regional institutions that serve under-represented groups, females and high school teachers and students. It will establish a collaboration and partnership framework to enable concerted activities promoting the use of effective cybersecurity techniques and practice of security-assured cyberinfrastructure. While enhancing the cybersecurity posture of PA, SAC-PA will provide a regional cybersecurity collaboration and partnership model that can be adopted by other regions, or be extended for national level collaborations. The SAC-PA project will include participation from the public-private sectors and academic institutions in PA in the following key activities: (i) developing and delivering three regional workshops in Pittsburgh to bring together various regional stakeholders from scientific research related communities with cyberinfrastructure or cybersecurity resources to better understand the regional capabilities; explore existing and emerging cybersecurity challenges/solutions; and devise collaboration and partnerships to enable concerted cybersecurity activities to promote the use of effective cybersecurity techniques and practices; (ii) collaboratively developing training/awareness materials based on the needs and capabilities identified in the workshops, and sharing these extensively with regional partners and beyond through various channels; and (iii) establishing regional partnerships and a shared repository of cybersecurity resources/capabilities to facilitate collaborative and concerted efforts towards protecting scientific cyberinfrastructures.

Substrate for Cybersecurity Education; a Platform for Training, Research and Experimentation (SCEPTRE) 

Presenter: Jaroslav Flidr (The George Washington University)

In collaboration with the Michigan Cyber Range (MCR) facility operated by Merit Network, and the Cyber Academy operated by the College of Professional Studies (CPS) at the George Washington University, the project proposes to establish and deploy an open and flexible technology platform for broad-context cybersecurity education and hands-on training. Initially, the platform will be used in developing and delivering a credit bearing Practicum (2 credit hours) that addresses “Intrusion Detection and Remediation.” The course will be transferable toward the undergraduate certificate in Protection and Defense of Computer Networks, which is part of the Bachelor’s degree completion in cybersecurity. The practicum is a hands-on training that will cover a broad range of network intrusion, prevention, and detection techniques such as implementation and testing of IDS security plans, security monitoring, intrusion detection, alarm management, analysis of events and trends, and vulnerability management. The program will utilize a high-performance, flexible environment built on Cisco’s UCS hardware platform with a modified OpenStack framework. This multi-tenant system, originally developed under an NSF grant, will facilitate the full integration of the Cyber Academy with the MCR resources. Thanks to its virtual nature and its tight coupling with physical cyberinfrastructure components such as HPC, cluster storage arrays, public and private clouds, 100G optical networks, and a wide variety of SDN technologies, the system will be able to deploy nearly any cybersecurity scenario, on demand. The program will start enrolling students immediately after making the platform operational.

Collaborative Research: CICI: Regional: SouthEast SciEntific Cybersecurity for University REsearch (SouthEast SECURE)

Presenter: Jill Gemmill (Clemson)

The SouthEast SciEntific Cybersecurity for University REsearch (SECURE) project helps protect the National Science Foundation's investments in scientific research while providing scientists with tools to safeguard intellectual property and ensure data integrity. The project team provides education, training, and selected cybersecurity services to NSF-funded researchers across the Southeast. The team is multidisciplinary, comprised of cybersecurity experts (both research and practitioner), scientists, and experts in communication. Team members are located in South Carolina, Alabama and Mississippi, with strong representation from Historically Black Colleges and Universities (HBCU). This program raises investigators' awareness of their essential role in creating a secure and trustworthy cyberspace and offers concrete assistance in risk assessment, vulnerability testing, and mitigation tailored to NSF-funded scientists? workflow and program size. Through past collaborations, the team is well positioned to leverage both national and regional cybersecurity organizations and programs to effectively reach the target audience.

SouthEast SECURE impacts the region by raising cybersecurity awareness; providing concise training, assessment, tools and one-on-one help; and assisting in preparation of select cybersecurity metrics. Student interns are conducting many of these activities by means of practicum-based deployment and support, thus developing capabilities in the next generation of cyber professionals. An online survey of NSF-funded investigators in the region will be conducted to learn about their primary cybersecurity challenges and concerns. Training is then tailored to provide concrete and practical assistance in how to do right-sized risk assessment and mitigation. A "toolkit" is provided to test and validate local cybersecurity, and measures of cybersecurity are created and field-tested. The team's approach facilitates communication between research faculty and university IT/Data Security staff. A long-term goal is building communities with common interests in cybersecurity and a commitment to helping others; and building connections with other regions and with national centers and programs.

Wednesday, November 16, 2016

CTSC at Gateways 2016

The Gateways 2016 conference (Nov 2-3, 2016) drew about 120 attendees to learn more about science gateways and the communities they serve. As the lead for CTSC’s collaboration with the Science Gateways Community Institute (SGCI), Randy Heiland (CTSC) led a tutorial on Secure Software Engineering Best Practices and presented an overview of CTSC and its partnership with SGCI.
Science gateways help expand and broaden participation in science - research and education, by providing user-friendly interfaces to computing, data, networking and scientific instrumentation. The goal of the SGCI is to speed the development and application of robust, cost-effective, sustainable gateways and address the needs of scientists and engineers. Within the five-component design of SGCI, CTSC will formally be part of the Incubator component and will focus on security education for gateway software developers and operators.

One of many “open spaces” topical sessions at Gateways 2016.
To learn more about CTSC’s training, including Secure Software Engineering Best Practices, visit:
To apply for a one-on-one engagement with CTSC, visit

Monday, November 14, 2016

NTP Rescue: one year later

Over the past two weeks I've gotten to take a look back at one of CTSC's 2015 projects, the rescue of the Network Time Protocol reference implementation, and see how far-reaching its impact has been and will be. It began with a presentation titled "Saving Time" at O'Reilly Security Conference. In this presentation I talked about the rescue and what it meant as a model for saving other failing infrastructure software.

I told the story of how NTP had become a liability not just to the science projects that depend on accurate time, but to the internet as a whole.  CTSC had a chance to make a difference in a failing system by partnering with nonprofit ICEI in a short, intense intervention. About a year later the work we made possible has been carried on by others. The NTP Security Project (NTPSec) has taken the lead, resulting in a new life for this critical infrastructure:
  • NTPSec's code base is down to 75kloc (75,000 lines of code) from the original 227klok.  That 2/3 reduction in attack surface has paid off: NTPSec has been immune to about half of old NTP's vulnerabilities before discovery, and 84% in the past year.
  • NTPSec's code is now stored in a standard git repository, accessible to all.  Its documentation has been brought up to date, and the project has begun onboarding and training new developers.
  • NTPSec's success has helped increase awareness of critical infrastructure in need, and made fixing it approachable.  Recent articles by Brady Dale of the NY Observer and the (in)famous Cory Doctorow helped spread the story.
At the time it felt like a scurrying few months amid a busy year. It seemed like a last ditch effort to ensure that our friends in science could get accurate time signals without taking on a security nightmare.  It's nice to see how much more it became.

Friday, November 4, 2016

Engagement Launched with OSiRIS Project

CTSC is pleased to announce our engagement with OSiRIS, the Open Storage Research Infrastructure (NSF Award # 1541335). CTSC will assist OSiRIS with evaluation of their authentication and authorization implementation, and will also provide direction for utilizing current software solutions such as COmanage. The engagement began in October 2016 and is expected to continue through March 2017.

Wednesday, November 2, 2016

Engagement launched with IRNC TransPAC project

CTSC is happy to announce we have undertaken an engagement with the IRNC TransPAC project (NSF Award #1450904). The TransPAC project is developing a cybersecurity plan using CTSC’s Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects and CTSC will be assisting them through the process by answering questions and providing advice. Please watch the CTSC blog for updates.