Friday, November 20, 2020

Open Science Cyber Risk Profile (OSCRP), and Data Confidentiality and Data Integrity Reports Updated

 In April 2017, Trusted CI released the Open Science Cyber Risk Profile (OSCRP), a document designed to help principal investigators and their supporting information technology professionals assess cybersecurity risks related to open science projects. The OSCRP was the culmination of extensive discussions with research and education community leaders, and has since become a widely-used resource, including numerous references in recent National Science Foundation (NSF) solicitations.

The OSCRP has always been intended to be a living document.  In order to gather material for continued refreshing of ideas, Trusted CI has spent the past couple of years performing in-depth examination of additional topics for inclusion in a revised OSCRP.  In 2019, Trusted CI examined the causes of random bit flips in scientific computing and common measures used to mitigate the effects of “bit flips.”  Its report, “An Examination and Survey of Random Bit Flips and Scientific Computing,” was issued in December 2019.  In order to address the community's need for insights on how to start thinking about computing on sensitive data, in 2020, Trusted CI examined data confidentiality issues and solutions in academic research computing.  Its report, “An Examination and Survey of Data Confidentiality Issues and Solutions in Academic Research Computing,” was issued in September 2020.  

Both reports have now been updated, with the current versions being made available at the links to the report titles above.  In conjunction, the Open Science Cyber Risk Profile (OSCRP) itself has also been refreshed with insights from both data confidentiality and data integrity reports.

All of these documents will continue to be living reports that will be updated over time to serve community needs. Comments, questions, and suggestions about this post, and both documents are always welcome at

Thursday, November 19, 2020

Trusted CI Webinar: Trustworthy Data panel Mon Dec 7 @11am Eastern

The Trustworthy Data Working Group is hosting a panel on Monday December 7th at 11am (Eastern) to discuss tools, standards, community practices for trustworthy scientific data sharing. Our panelists are:

Please register here. Be sure to check spam/junk folder for registration confirmation email.

The Trustworthy Data Working Group (TDWG) is a collaborative effort of Trusted CI, the four NSF Big Data Innovation Hubs, the NSF CI CoE Pilot, the Ostrom Workshop on Data Management and Information Governance, the NSF Engagement and Performance Operations Center (EPOC), the Indiana Geological and Water Survey, the Open Storage Network, and other interested community members. The goal of the working group is to understand scientific data security concerns and provide guidance on ensuring the trustworthiness of data.

This year the TDWG published a survey report about data security concerns and practices amongst the scientific community. And, building off the insights of the survey report, the working group published a guidance report on trustworthy data for science projects, including science gateways, that covers the topics that the panel will be discussing.

This panel is an opportunity to discuss the work of the TDWG in the larger context of related work by PresQT, NIST, and RDA-US.

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Thursday, November 12, 2020

Thank you to Trusted CI alumni

Trusted CI, the NSF Cybersecurity Center of Excellence, has relied on expertise from its staff, multiple internationally recognized institutions, its advisory committee, and its collaboration with numerous NSF-funded research organizations to address the ongoing cybersecurity challenges for higher education and high-performance computing scientific research. We also want to thank our alumni, who made significant contributions to our mission. We wish them the best in their ongoing endeavors. 

Go to Trusted CI alumni to see some of the contributions that alumni have made. (Some of our alumni have opted not to appear on a public website.)

Wednesday, November 4, 2020

Trusted CI Offering Office Hours by Appointment

The purpose of Trusted CI office hours is to provide direct assistance to members of the open science security community. We have decided to move office hours to a "by appointment" format to be more flexible with community members' schedules. To request an appointment, contact us with the subject, “Office Hours,” and any details you can provide about the question or problem you'd like to solve.

Monday, November 2, 2020

PEARC20: Another successful workshop and training at PEARC

Trusted CI had another successful exhibition at PEARC20.

We hosted our Fourth Workshop on Trustworthy Scientific Cyberinfrastructure for our largest audience to date. The topics covered during the year's workshop were:

  • Community Survey Results from the Trustworthy Data Working Group (slides
    • Presenters: Jim Basney, NCSA / Trusted CI; Jeannette Dopheide, NCSA / Trusted CI; Kay Avila, NCSA / Trusted CI; Florence Hudson, Northeast Big Data Innovation Hub / Trusted CI
  • Characterization and Modeling of Error Resilience in HPC Applications (slides)
    • Presenter: Luanzheng Guo, University of California-Merced 
  • Trusted CI Fellows Panel (slides)
    • Moderator: Dana Brunson, Internet2
    • Panelists: Jerry Perez, University of Texas at Dallas; Laura Christopherson, Renaissance Computing Institute; Luanzheng Guo, University of California, Merced; Songjie Wang, University of Missouri; Smriti Bhatt, Texas A&M University - San Antonio; Tonya Davis, Alabama A&M University
  • Analysis of attacks targeting remote workers and scientific computing infrastructure during the COVID19 pandemic at NCSA/UIUC (slides)
    • Presenters: Phuong Cao, NCSA / University of Illinois at Urbana-Champaign; Yuming Wu, Coordinated Science Laboratory / University of Illinois at Urbana-Champaign; Satvik Kulkarni, University of Illinois at Urbana-Champaign; Alex Withers, NCSA / University of Illinois at Urbana-Champaign; Chris Clausen, NCSA / University of Illinois at Urbana-Champaign
  • Regulated Data Security and Privacy: DFARS/CUI, CMMC, HIPAA, and GDPR (slides)
    • Presenters: Erik Deumens, University of Florida; Gabriella Perez, University of Iowa;  Anurag Shankar, Indiana University
  • Securing Science Gateways with Custos Services (slides)
    • Presenters: Marlon Pierce, Indiana University; Enis Afgan, Johns Hopkins University; Suresh Marru, Indiana University; Isuru Ranawaka, Indiana University; Juleen Graham, Johns Hopkins University

We will post links to the recordings when they are made public.

In addition to the workshop, Trusted CI team member Kay Avila co-presented a Jupyter security tutorial titled “The Streetwise Guide to Jupyter Security” (event page) with Rick Wagner.  This presentation was based on the “Jupyter Security” training developed by Rick Wagner, Matthias Bussonnier, and Trusted CI’s Ishan Abhinit and Mark Krenz for the 2019 NSF Cybersecurity Summit.