Friday, December 15, 2023

Trusted CI Webinar Series: Planning for 2024, review of 2023

The 2023 season of the Trusted CI Webinar series has concluded and we are looking forward to the presentations scheduled in the next year. 

We are currently booking the 2024 season.  See our call for presentations to submit a request to present.

In case you missed them, here are the webinars from 2023: 

  • January ‘23: Real-Time Operating System and Network Security for Scientific Middleware with Gedare Bloom (NSF Award #2001789) (Video)(Slides) 
  • February ‘23: Security Program for the NIH’s Common Fund Data Ecosystem with Rick Wagner (Video)(Slides)
  • March ‘23: Mutually Agreed Norms for Routing Security (MANRS) with Steven Wallace (Video)(Slides)
  • April ’23: Advanced Cyberinfrastructure Coordination Ecosystem: Services and Support (ACCESS) with Derek Simmel (NSF Award #2138296) (Video)(Slides)
  • May ’23: Deception Awareness and Resilience Training (DART) with Anita Nikolich (NSF Award #2230494) (Video)(Slides)
  • June ‘23: SecureMyResearch with Will Drake, Tim Daniel, and Anurag Shankar (Video)(Slides) 
  • July ‘23: The Technical Landscape of Ransomware: Threat Models and Defense Models with Barton Miller and Elisa Heymann (Video)(Slides) 
  • August ‘23: Leveraging Adaptive Framework for Open Source Data Access Solutions with Jeremy Grieshop (Video)(Slides) 
  • September ‘23: Improving the Privacy and Security of Data for Wastewater-based Epidemiology with Ni Trieu (NSF Award #2115075) (Video)(Slides)
  • December 4th: Enhancing Integrity and Confidentiality for Secure Distributed Data Sharing (Open Science Chain) with Subhashini Sivagnanam (NSF Award #2114202) (Video)(Slides)

Join Trusted CI's announcements mailing list for information about upcoming events. Our complete catalog of webinars and other presentations are available on our YouTube channel. See our call for presentations to submit a request to present. For questions or feedback, email us at

Announcing publication of the Operational Technology Procurement Vendor Matrix

RCRV Photo: The Glosten Associates

The Trusted CI Secure by Design team has completed work on “The Operational Technology Procurement Vendor Matrix.” The purpose of this document is to assist those in leadership roles during the procurement process. It’s meant to help formulate questions for vendors to discuss security controls on devices that will be used for maritime research.

The matrix includes a list of controls, requirements for the control, potential questions for vendors, tips, and real world examples justifying a given control.

For example, Item #3 in the matrix is an inventory requirement stating that security vulnerabilities in vendor-provided software must be patched. The Threat Actor Example we cite to justify the requirement is the WannaCry vulnerability. We include an example question that could be used when discussing with the vendor. (Click the image below to see in better detail.)

The document can be viewed and downloaded here (Note: The file is available in many formats):

This document represents the work of many people, including critical feedback from maritime operational technology practitioners (Scripps Institution of Oceanography’s CCRV, and Oregon State University’s RCRV and OOI). We are grateful for their contributions to this effort.

Our goal is to share this matrix and continue to develop its utility after receiving feedback from the Trusted CI community. To contact us, email

Wednesday, December 6, 2023

Student Program at the 2023 NSF Cybersecurity Summit

In October, we hosted our annual NSF Cybersecurity Summit, which was a hybrid event hosted at Berkeley Lab. Our student program welcomed nine students to attend the in-person training sessions, present posters, network with fellow attendees, and introduce themselves to our community. We also matched students with mentors to help facilitate networking opportunities.

We give special thanks to our mentors: Ishan Abhinit, Jim Basney, Phuong Cao, Eric Cross, Wei Feinstein, Mark Krenz, Jim Marsteller, Sean Peisert, Kelli Shute, and Susan Sons.

We asked the students to share their thoughts on their experiences at the Summit. Below are their responses. These statements have been lightly edited for clarity.

Chad Callegari, University of South Alabama:
My experience at the 2023 Trusted CI Cybersecurity Summit completely exceeded my expectations in the best ways possible. I had never before attended a conference before this event, and as a student it was initially intimidating to be in a new environment with professionals from the field. I quickly learned just how inviting everyone at the event was, and everyone quickly made the environment one that I could feel comfortable in. I was able to learn so many new things from the trainings that were put on, and meet so many great people both other students and professionals. The event allowed me to learn about the different opportunities that I had not ever known about before and I was also able to talk with many of these professionals about potential opportunities for the future. The event was a great success for me and I hope to participate in other Trusted CI events in the future!

Matheu Fletcher, University of Illinois at Urbana-Champaign:
The summit was a great experience as my first real conference. My biggest personal takeaway was the friendliness and helpful nature of the community present. Similarly, the biggest technical aspect I learned from the event was gaining a better understanding of Zeek, along with various development tools I heard discussed that I can make use of to be more efficient in both work and personal projects. Additionally, I gained a better understanding of the ever-changing balance between creating and detecting AI generated texts.

Robert Johnson, The University of Tennessee at Chattanooga:
I thoroughly enjoyed my experience at the NSF Summit cybersecurity conference held at UC Berkeley. Not only were the surroundings gorgeous, but the organizers and attendees were extremely inviting. The more experienced members went out of their way to speak to first-time attendees providing networking opportunities. I believe it is important for students to familiarize themselves with the experience of attending a professional development conference. I enjoyed many of the talks and remained engaged despite the topics being niche and specific to different areas of cybersecurity. I am grateful to be able to speak with people from a variety of institutions, businesses, and countries and exchange knowledge.

Kaneesha Moore, Mississippi State University:
As a rather curious yet reserved individual, I was delighted to have TrustedCI’s 2023 NSF Cybersecurity Summit as my first professional conference. The atmosphere felt welcoming and inviting, and one could feel the passion for cybersecurity in the air – as cliché as it sounds. The workshops were intriguing and encouraged hands-on participation from other attendees which reinforced the topics discussed during the sessions. It is hard to choose a favorite, but I really enjoyed the workshops on artificial intelligence/machine learning and intrusion detection topics – Zeek, deep machine learning intrusion detection for SCADA (and similar) systems, and tutorials on detecting deepfake messages. It felt like an educational getaway with like-minded individuals who wanted to share and gain knowledge. I thoroughly enjoyed my time, and I hope to attend next year’s conference!

Ololade Odunsi, University of New Haven:
Attending the 2023 NSF Cybersecurity Summit was one of the best decisions I have ever made. I had the opportunity to meet industry professionals who were open to speaking with students and peers about topics they were interested in. From being paired with a mentor, to learning hands-on cybersecurity workshops and listening to seminars - the summit could not have been more value packed. I especially enjoyed the opportunity to present my poster on my background and projects I have worked on to the attendees, who were attentive and supportive.

Henry Schmidt, University of Arkansas:
I had a great experience at the Trusted CI NSF Cybersecurity Summit. It was fantastic to see and talk to the wide array of individuals who came to the conference. There was a considerable variety of seminars, talks, and workshops to attend. I liked in particular the talk on deep learning IDS by Dr. Ismail from Tennessee Tech as well as the security log analysis workshop by Mark Krenz, Ishan Abhinit, and Phuong Cao. It was a pleasure to talk with the other students and professionals from around the world at the conference. Everyone was genuinely interested in the work other people were doing in the cybersecurity space. Thank you to everyone that stopped by my poster to talk with me about the work that CyberHogs is doing with RazorHack Cyber Challenge at the University of Arkansas! I look forward to reaching out to everyone and carrying these connections with me as I move forward in my academic and professional career.

The Student Program has continued to be a very rewarding experience for us. If you are interested in becoming a mentor next year, please contact us at

Monday, November 20, 2023

Trusted CI Webinar: Open Science Chain, Dec. 4th @11am Eastern

San Diego Supercomputer Center's Subhashini Sivagnanam is presenting the talk, Open Science Chain - Enabling Integrity and Metadata Provenance for Research Artifacts Using Open Science Chain, on December 4th at 11am Eastern time.

Please register here.

The envisioned advantage of sharing research data lies in its potential for reuse. Although many scientific disciplines are embracing data sharing, some face constraints on the data they can share and with whom. It becomes crucial to establish a secure method that efficiently facilitates sharing and verification of data and metadata while upholding privacy restrictions to enable the reuse of scientific data. This presentation highlights our NSF-funded Open Science Chain (OSC) project, accessible at Developed using blockchain technologies, the OSC project aims to address challenges related to the integrity and provenance of research artifacts. The project establishes an API-based data integrity verification management service for data-driven research platforms and hubs, aiming to minimize data information loss and provide support for managing diverse metadata standards and access controls.

Speaker Bio:

Subhashini Sivagnanam is the manager of the Cyberinfrastructure Services and Solutions (CISS) group at the San Diego Supercomputer Center/ UCSD. Her research interests predominantly lie in distributed computing, cyberinfrastructure development, scientific data management, and reproducible science. She serves as the PI/Co-PI on various NSF/NIH projects related to scientific data integrity and developing cyberinfrastructure software.  Furthermore, she oversees the management of UC San Diego’s campus research cluster known as the Triton Shared Computing Cluster.


Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Monday, November 13, 2023

Thank You to Debra Chapman and Alec Yasinsac!

Since joining the Trusted CI team in 2021, Debra Chapman and Alec Yasinsac at the University of South Alabama have been leading Trusted CI’s transition to practice (TTP) efforts. Through their work, they have fostered connections between researchers and practitioners and led the creation of a suite of TTP resources based on best practices and successes. In 2023, they hosted two free TTP workshops for researchers and industry professionals to come together and discuss challenges, resources, and how to move forward with transitioning their research.

We thank Debra and Alec for their many contributions to the NSF TTP community and wish them all the best with their future endeavors!

Monday, November 6, 2023

Trusted CI members help Indiana local governments prevent cyber attacks

Trusted CI’s Craig Jackson and Ranson Ricks are leading an effort, called Cybertrack, to help local Indiana governments prevent cyber attacks. Cybertrack was initiated by the Indiana Office of Technology in partnership with cybersecurity experts from Indiana University and Purdue.

To accomplish this, they are relying on the Trusted CI Framework, which has been adopted by the state as part of its standard for local government cybersecurity. The Cybertrack team is expected to complete more than 300 assessments by 2026.

Read the full article published by Indiana University

Tuesday, October 3, 2023

MS-CC Cybersecurity Community of Practice

The Minority Serving - Cyberinfrastructure Consortium (MS-CC) is launching its Cybersecurity Community of Practice on October 10, 2023, from 2-3 p.m. ET. The community of practice will meet monthly, on the second Tuesday of every month. Jim Basney (Trusted CI) and Stephen Bollinger (North Carolina A&T State University) will be co-chairs.

This community of practice aims to create a supportive and collaborative space for faculty, researchers, staff, and students from minority serving institutions to continue their conversations around the topic of cybersecurity.

To participate in this and other MS-CC activities, please submit the MS-CC Participation Form.

Thursday, September 21, 2023

Zeek and Jupyter Full-Day Security Training at the 2023 NSF Summit

This year the Summit is pleased to partner with Zeek and Project Jupyter to offer full-day training and a workshop on Monday October 23, 2023. 

Zeek, an open source network security monitoring tool, will offer two full-day training sessions. “Hands-on Zeek Scripting” will walk attendees through the fundamentals of Zeek Scripting along with some practical exercises. “Intermediate to Zeek” will teach attendees how to set up their own Zeek cluster deployments in production together with all the cluster components and the new Zeek management framework.

Project Jupyter is an open-source project sponsored by the non-profit NumFOCUS,  that supports interactive data science and scientific computing. The “Jupyter Security Workshop” will expand on the current Jupyter security practices by focusing on the following near- and long-term goals: 

  • Bring together people interested in contributing to security in Jupyter.
  • A white paper on “Jupyter Security Best Practices”.
  • Summarizing Jupyter development practices that target security.
  • Recommendations for security governance within the Project Jupyter governance model.
  • Based on any security gaps in documentation, software, processes, or other areas, identify potential support mechanisms to address them.

All of these sessions will only be offered in-person. There is not a remote participation option and the sessions will not be recorded. More information on these and all of the Summit sessions can be found here.

Due to LBNL site access requirements, in-person registration is required by September 29.  The registration cut-off for inclusion in the Hotel Shattuck room block with the reduced rate is 5:00pm PST on Friday, September 22, 2023. 

Tuesday, September 12, 2023

Trusted CI Webinar: Improving the Privacy and Security of Data for Wastewater-based Epidemiology, Sept. 25th @ 11am ET

Arizona State University's Ni Trieu is presenting the talk, Improving the Privacy and Security of Data for Wastewater-based Epidemiology, on September 25th at 11am Eastern time.

Please register here.

As the use of wastewater for public health surveillance continues to expand, inevitably sample collection will move from centralized wastewater treatment plants to sample collection points within the sewer collection system to isolate individual neighborhoods and communities. Collecting data at this geospatial resolution will help identify variation in select biomarkers within neighborhoods, ultimately making the wastewater-derived data more actionable. However a challenge in achieving this is the nature of the wastewater collection system, which aggregates and commingles wastewater from various municipalities. Thus various stakeholders from different cities must collectively provide information to separate wastewater catchments to achieve neighborhood-specific public health information. Data sharing restrictions and the need for anonymity complicates this process.

This talk presents our approaches to enabling data privacy in wastewater-based epidemiology. Our methodology is built upon a cryptographic technique, Homomorphic Encryption (HE), ensuring privacy. Additionally, we outline a technique to enhance the performance of HE, which could be of independent interest.

Speaker Bio:

Ni Trieu is currently an Assistant Professor at Arizona State University (ASU). Her research interests lie in the area of cryptography and security, with a specific focus on secure computation and its applications such as private set intersection, private database queries, and privacy-preserving machine learning. Prior to joining ASU, she was a postdoc at UC Berkeley. She received her Ph.D. degree from Oregon State University.


Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Friday, September 8, 2023

Registration is open for the 2023 NSF Cybersecurity Summit!

Registration is open for the 2023 NSF Cybersecurity Summit! Please join us at the Lawrence Berkeley National Laboratory in Berkeley, CA from October 23-26. If you are unable to join in person, please register to join virtually instead. Attendees will include cybersecurity practitioners, technical leaders, and risk owners from within the NSF Major Facilities and CI community, as well as key stakeholders and thought leaders from the broader scientific and cybersecurity communities. The Summit provides a forum for National Science Foundation (NSF) funded scientists, researchers, cybersecurity, and cyberinfrastructure (CI) professionals, and stakeholders to develop a community and share best practices. The Summit will offer attendees training sessions and workshops with hands-on learning of security tools, security program development, and compliance for research. 

Due to site access requirements, registration is required by September 29.  Later registration cannot be accommodated.  Please register by September 29. 

Thank you on behalf of the Program and Organizing Committees. We look forward to seeing you there!

Monday, August 21, 2023

Cybersecurity Research Transition To Practice (TTP) Virtual Workshop (Sep 14-15 2023)

Interested in Cybersecurity Research Transition To Practice (TTP)? Join us for a free virtual workshop, funded by NSF, on September 14th (2pm-5pm Central Time) and September 15th (8am-12pm Central Time). See the flyer below for more details.

Please register at:   

For more information about Trusted CI's Cybersecurity Research Transition to Practice (TTP) program, please visit:

Thursday, August 17, 2023

Trusted CI at August 24 MS-CC All Hands Meeting

This month's Minority Serving - Cyberinfrastructure Consortium (MS-CC) All Hands Meeting will feature a presentation by Jim Basney about the Trusted CI Framework for Cybersecurity Programs. Join us on Thursday, August 24 at 12pm ET for Jim's presentation followed by a discussion about cybersecurity at Minority Serving Institutions (MSIs). Visit for Zoom coordinates and additional details, including past meeting recordings. 

Trusted CI also participated in the 2023 MS-CC Annual Meeting in May. Visit for presentation materials and other information from that meeting.

Monday, August 14, 2023

Trusted CI Webinar: Leveraging Adaptive Framework for Open Source Data Access Solutions, August 28th @11am EST

Clemson University's Jeremy Grieshop is presenting the talk, Leveraging Adaptive Framework for Open Source Data Access Solutions, on August 28th at 11am Eastern time.

Please register here.

More than a decade ago, Clemson University outlined the requirements needed to integrate several campus-wide enterprise applications in a way that would automate the exchange of data between them, and establish the relationships of that data to the unique identities that represented all users within the system, including faculty, staff, students, alumni and applicants. There would be no direct access of data, except through applications that were approved and had established Memorandum of Understanding (MOU) contracts in place. This project was known as the Clemson Vault. 

Within the Identity Management space, solutions for automating the provisioning of identities are offered by several vendors these days. However, mileage and cost vary when you wish to integrate arbitrary university resources, such as mailing lists, disk storage, building card access, and course registrations. Open source solutions, with all of the above requirements, are non-existent.

At Clemson University, we combined licensed vendor software and in-house apps, scripts and procedures to create a data integration solution that met the original requirements. This implementation has served us well for many years, but many of the drawbacks to the current design prompted us to begin pulling out many of these features into its own project, where we could collaborate on features and enhancements for the future with institutions outside of our own organization. The patterns, interfaces, and source code that emerged from the original vault were extracted out, embellished and migrated into an open source repository known as Adaptive Framework (

Clemson University has been working on this project for several years now, and has recently released this open source framework for building data access solutions that provide web service API’s, data transformation tools, real-time data provisioning and an authorization architecture. The framework that has emerged offers a built-in scripting language, pre-compiled server-side applications and an administrative web interface.

Although it was originally designed for the implementation of an open source identity vault, we envision a broader adoption of this framework for other data-driven needs, such as extending databases with metadata, building policy-based authorization systems, and integrating data repositories with a metadata catalog, and varying levels of access control, across federated environments.

Our goal with this project is to gather external support from both commercial and public institutions to help make this framework sustainable moving forward.

Speaker Bio:

Jeremy Grieshop is a software engineer (B.S. Miami University, M.S. Clemson University) and has been employed by Clemson University since 2001. His role has been in software development for the Identity Management team and has been directly involved in the software design and implementation of many of the authentication and provisioning software, along with self service tools that are in place at Clemson University today.


Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Wednesday, August 9, 2023

Trusted CI and NSF RSI-ISAO

As NSF's Cybersecurity Center of Excellence (CCoE), Trusted CI is engaged with the connections between cybersecurity and research security - see the recently published Trusted CI Five-Year Strategic Plan for details. An effective cybersecurity program enables NSF facilities and projects to protect cyberinfrastructure from misuse by a breadth of adversaries, including adversaries that may be motivated by foreign government interference. While Trusted CI's cybersecurity mission is distinct from the research security mission of NSF's planned Research Security and Integrity Information Sharing Analysis Organization (RSI-ISAO), Trusted CI looks forward to coordinating and collaborating with the RSI-ISAO when appropriate, with a common goal for "research that is as open as possible, but as secure as necessary" [1].

RSI-ISAO proposing organizations, please note: Trusted CI will not be providing letters of commitment for the NSF 23-613 solicitation [1], but proposals may cite this blog post when discussing plans for collaboration with Trusted CI. 

Trusted CI welcomes inquiries and feedback. If you have any questions or comments, please contact us.


Wednesday, August 2, 2023

Feedback Requested on Trusted CI Five-Year Strategic Plan

NSF cyberinfrastructure is an engine of scientific research and innovation and underlies much of the science that Major Facilities enable. Key cyberinfrastructure components, including supercomputers, data repositories, sensor arrays, ships, software systems, and telescopes, are essential to scientific productivity, such that cybersecurity incidents can have a major impact on the scientific enterprise. For the cyberinfrastructure operators, implementing effective cybersecurity programs for these unique components is a complex challenge.

Trusted CI, the NSF Cybersecurity Center of Excellence (CCoE), has been working to overcome this challenge for over ten years. Its success has been noted both by the NSF community and the former director of the NSF Office of Advanced Cyberinfrastructure. The 2021 JASON Report on Cybersecurity at Major Facilities indicated Trusted CI's demonstrable impact on improving the cybersecurity posture of many NSF Major Facilities.

In light of new and unprecedented challenges facing our community, Trusted CI is making a new strategic plan for the next five years, with a vision of secure operation of essential cyberinfrastructure enabling NSF’s vision of a nation that leads the world in scientific research and innovation. This plan will guide the creation of our renewal proposal.

We are seeking input on our strategic plan from key constituencies including our Advisory Committee and NSF Major Facilities representatives and welcome insights from the broader community as well. Please click the link below to view our five-year strategic plan covering 2024-2029 and provide feedback via email to 

Thank you in advance for your thoughtful feedback and insights!

Monday, July 24, 2023

Updates on Trusted CI’s Efforts in Cybersecurity by Design of NSF Academic Maritime Facilities

As part of its “Annual Challenge” in 2023, Trusted CI has been engaging with current and future NSF Major Facilities undergoing design or construction with the goal of building security into those Facilities from the outset.  To date, this effort has focused on working with cyberinfrastructure operators in the the academic maritime domain, and has included support of the cybersecurity aspects of the acceptance testing process of the NSF-funded Research Class Research Vessels (RCRVs) at Oregon State University as well as Scripps Institution of Oceanography’s design of the California Coastal Research Vessel (CCRV).  These vessels are all expected to eventually become a part of the U.S. Academic Research Fleet (ARF).

In 2022, Trusted CI studied cybersecurity issues in operational technology (OT) in science and produced a roadmap to help lead to greater security of such systems, and thus Trusted CI’s efforts with security by design of Major Facilities this year are seeking to both refine and apply OT insights gained previously.  The U.S. Antarctic Program (USAP)’s design of the Antarctic Research Vessel (ARV) has also been contributing to Trusted CI’s understanding of cybersecurity issues in operational technology  Trusted CI has also benefited from insights from numerous conversations with domain experts in the academic maritime domain across a variety of ARF institutions, including IT personnel, marine technicians, oceanographers, ship captains, project leadership, and NSF Program Managers.

One of the highlights of this year's security-by-design efforts has been site visits to ships and facilities. The team has made site visits to the R/V Sally Ride and Oregon State University’s Hatfield Marine Science Center in Newport, Oregon, where the R/V Taani — one of the initial three RCRVs being constructed — will be based upon completion of its construction.  These in-person visits, including extensive discussion with personnel involved with the facilities, have provided invaluable insight to supporting Trusted CI’s efforts.

In the second half of 2023, Trusted CI will continue working on security by design with the aforementioned organizations and will also be working with the NSF Ocean Observatories Initiative (OOI) Major Facility, which is in the process of planning a refresh of its autonomous underwater vehicle (AUD) and glider fleets.

Recent site visit photographs:

Trusted CI’s Sean Peisertleft, in a crawlspace on the R/V Sally Ride examining operational technology systems.

The R/V Sally Ride, docked in Alameda, CA.

Trusted CI’s Dan Arnold, left, conferring with marine technicians on the R/V Sally Ride.

Trusted CI’s John Zage, left, looks on as RCRV’s Chris Romsos, right, explains some of the scientific instruments that will be part of the newly constructed ships at the RCRV’s offices at OSU, Corvallis, OR.

Trusted CI’s John Zage left, and RCRV’s Chris Romsos, right, view part of the expansive warehouse of items and gear to outfit the new ships under construction. OSU, Corvallis, OR.  

Tuesday, July 18, 2023

Trusted CI releases updated guide to software security

As part of its ongoing efforts to support software assurance, Trusted CI has released a major update (version 2.0) of our Guide to Securing Scientific Software.

The first version of this guide provided concrete advice for anyone involved in developing or managing software for scientific projects. This new version of the guide expands both coverage and depth of the topics. This guide provides an understanding of many of the security issues faced when producing software and actionable advice on how to deal with these issues. New topics include approaches to avoiding software exploits (injection attacks, buffer overflows and overruns, numeric errors, exceptions, serialization, directory traversal, improper set of permissions, and web security); securing the software supply chain; secure design; software analysis tools; fuzz testing; and code auditing.

The new version of the guide is available at

If you write code, this guide is for you. And if you write scientific software, your software is likely to be shared or deployed as a service. Once that step happens, you and the people who use or deploy your software, will be confronted with software security concerns.

To address these concerns, you will need a variety of skills. However, it may be daunting just to know what are the concerns to address and what are the skills that you need. The goal of this guide is to provide an introduction to these topics.

You can read this guide beginning-to-end as a tutorial to introduce you to the topic of secure software development, or you can read it selectively to help understand specific issues. In either case, this guide will introduce you to a variety of topics and then provide you with a list of resources to dive deeper into those topics.

It is our hope that our continued efforts in the area of software assurance will help scientific software projects better understand and ameliorate some of the most important gaps in the security of scientific software, and also to help policymakers understand those gaps so they can better understand the need for committing resources to improving the state of scientific software security. Ultimately, we hope that this effort will support scientific discovery itself by shedding light on the risks to science incurred in creating and using software.

Trusted CI releases a new report on ransomware

As part of its ongoing efforts to support software assurance, Trusted CI has released a new report describing the current landscape of ransomware.

Ransomware has become a global problem, striking almost every sector that uses computers, from industry to academia to government.

Given that ransomware is a global problem, striking almost every sector that uses computers, from industry to academia to government, our report takes a detailed technical approach to understanding ransomware. Ransomware attacks affect the smallest businesses, the largest corporations, research labs, and have even shut down IT operations at entire universities.

We present a broad landscape of how ransomware can affect a computer system and suggest how the system designer and operator might prepare to recover from such an attack. In our report we are focused on detection, recovery, and resilience. As such, we are explicitly not discussing how the ransomware might enter a computer system. The assumption is that systems will be successfully attacked and rendered inoperative to some extent. Therefore, it is essential to have a recovery and continuity of operations strategy.

Some of the ransomware scenarios that we describe reflect attacks that are common and well understood. Many of these scenarios have active attacks in the wild. Other scenarios are less common and do not appear to have any active attacks. In many ways, these less common scenarios are the most interesting ones as they pose an opportunity to build defenses ahead of attacks. Such areas need more research into the possible threats and defenses against these threats.

We start with a discussion of the basic attack goals of ransomware and distinguish ransomware from purely malicious vandalism. We present a canonical model of a computing system, representing the key components of the system such as user processes, the file system, and the firmware. We also include representative external components such as database servers, storage servers, and backup systems. This system model then forms the basis of our discussion on specific attacks.

We then use the system model to methodically discuss ways in which ransomware can (and sometimes cannot) attack each component of the system that we identified. For each attack scenario, we describe how the system might be subverted, the ransom act, the impact on operations, difficulty of accomplishing the attack, the cost to recover, the ease of detection of the attack, and frequency in which the attack is found in the wild. We also describe strategies that could be used to detect these attacks and recover from them.

Based on our study, we present our major takeaway observations and best practices that can help make a system more resilient to attack and easier to recover after an attack. Our report is available at

Wednesday, July 5, 2023

Trusted CI Webinar: The Technical Landscape of Ransomware: Threat Models and Defense Models, July 17th@11am EST

Members of Trusted CI are presenting the talk, The Technical Landscape of Ransomware:  Threat Models and Defense Models, July 17th at 11am (Eastern).

Please register here.

Ransomware has become a global problem.  Given the reality that ransomware will eventually strike your system, we focus on recovery and not on prevention.  The assumption is that the attacker did enter the system and rendered it inoperative to some extent.

We start by presenting the broad landscape of how ransomware can affect a computer system, suggesting how the IT manager, system designer, and operator might prepare to recover from such an attack.

We show the ways in which ransomware can (and sometimes cannot) attack each component of the systems. For each attack scenario, we describe how the system might be subverted, the ransom act, the impact on operations, difficulty of accomplishing the attack, the cost to recover, the ease of detection of the attack, and frequency in which the attack is found in the wild (if at all). We also describe strategies that could be used to recover from these attacks.

Some of the ransomware scenarios that we describe reflect attacks that are common and well understood. Many of these scenarios have active attacks in the wild. Other scenarios are less common and do not appear to have any active attacks. In many ways, these less common scenarios are the most interesting ones as they pose an opportunity to build defenses ahead of attacks.

Speaker Bios:

Barton Miller is the Vilas Distinguished Achievement Professor and the Amar & Belinder Sohi Professor in Computer Sciences at the University of Wisconsin-Madison. He is a co-PI on the Trusted CI NSF Cybersecurity Center of Excellence, where he leads the software assurance effort and leads the Paradyn Tools project, which is investigating performance and instrumentation technologies for parallel and distributed applications and systems. His research interests include software security, in-depth vulnerability assessment, binary and malicious code analysis and instrumentation, extreme scale systems, and parallel and distributed program measurement and debugging.  In 1988, Miller founded the field of Fuzz random software testing, which is the foundation of many security and software engineering disciplines. In 1992, Miller (working with his then­student Prof. Jeffrey Hollingsworth) founded the field of dynamic binary code instrumentation and coined the term “dynamic instrumentation”. Miller is a Fellow of the ACM and recent recipient of the Jean Claude Laprie Award for dependable computing.

Miller was the chair of the Institute for Defense Analysis Center for Computing Sciences Program Review Committee, member of the U.S. National Nuclear Safety Administration Los Alamos and Lawrence Livermore National Labs Cyber Security Review Committee (POFMR), member of the Los Alamos National Laboratory Computing, Communications and Networking Division Review Committee, and has been on the U.S. Secret Service Electronic Crimes Task Force (Chicago Area).

Elisa Heymann is a Senior Scientist on TrustedCI, the NSF Cybersecurity Center of Excellence at the University of Wisconsin-Madison, and an Associate Professor at the Autonomous University of Barcelona. She co-directs the MIST software vulnerability assessment at the Autonomous University of Barcelona, Spain.

She coordinates in-depth vulnerability assessments for NFS Trusted CI, and was also in charge of the Grid/Cloud security group at the UAB, and participated in two major Grid European Projects:  EGI-InSPIRE and European Middleware Initiative (EMI). Heymann's research interests include software security and resource management for Grid and Cloud environments. Her research is supported by the NSF, Spanish government, the European Commission, and NATO.


Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Tuesday, June 13, 2023

Trusted CI Trains NSF ACCESS STEP Students in Miami

Through an invitation by the NSF ACCESS project (NSF grants #2138259, #2138286, #2138307, #2137603, and #2138296), Mark Krenz and Ishan Abhinit from Trusted CI visited Florida International University in Miami on May 24th to conduct a security log analysis workshop for a group of students. The workshop was part of a two week long Student Training and Engagement Program (STEP), which offers success workshops and specialized advising.

Mark and Ishan modified their regular half-day security log analysis workshop to fit into a 2 hour schedule. They also tailored their presentation content so that it would better fit the audience, which consisted of undergrad students from a variety of institutions. They also provided a brief introduction to cybersecurity careers and how they entered the field. The security log analysis workshop was attended by 15 students. Later that day, Mark and Ishan accompanied students to the next workshop given by FIU faculty on 'Sniffing and Password Cracking' where they assisted them in completing the exercises and providing additional insight. They were also able to provide one on one guidance and encouragement to students that had more specific concerns about entering the field of cybersecurity.

Monday, June 12, 2023

Trusted CI Webinar: SecureMyResearch at Indiana University: Effective Cybersecurity for Research, June 26th@11am EST

Members from Indiana University's Center for Applied Cybersecurity Research are presenting the talk, SecureMyResearch at Indiana University: Effective Cybersecurity for Research, June 26th at 11am (Eastern).

Please register here.

The tension between research and cybersecurity has long hampered efforts to secure research. It has kept past institutional cybersecurity effort concentrated on the most sensitive research, but new threats to research integrity and recent federal initiatives such as NSPM-33 are now pointing to a future where securing research holistically is no longer optional. Indiana University launched a pilot in 2020 called SecureMyResearch to expand to the entire campus a research cybersecurity model culminating from years of interaction with biomedical researchers in the School of Medicine. Turning the traditional approach on its head, it aimed to reduce the cybersecurity and compliance burden on the researcher by making cybersecurity invisible. It was laser-focused on the research mission and on accommodating the pace of research. Three years later, the results are showing great promise in breaking the research versus security impasse. Not only have we reached 80 percent penetration on campus, researchers are embracing the service voluntarily and research is being accelerated measurably. In this webinar we will share IU’s research cybersecurity journey and the SecureMyResearch implementation.

Speaker Bios:

Anurag Shankar provides leadership at CACR in regulatory compliance (HIPAA, FISMA, and DFARS/CMMC), research cybersecurity, and cyber risk management. He developed and leads the SecureMyResearch effort at IU.  He has over three decades of experience conducting research, developing and delivering research computing services, building HIPAA compliant solutions for biomedical researchers, conducting cybersecurity assessments, and providing consulting.  He is a computational astrophysicist by training (Ph.D. 1990, U. of Illinois).

Will Drake is a senior security analyst, CISO at CACR, and the SecureMyResearch lead. Will has worked in various IT roles with Indiana University since 2012, including Operations Supervisor for UITS Data Center Operations and Lead Systems Engineer for the Campus Communications Infrastructure team where he was responsible for ensuring the security of IU’s critical telecommunications infrastructure. Will holds an Associate’s Degree in Computer Information Technology from Ivy Tech and is currently pursuing a Bachelor’s Degree in Informatics with a specialization in Legal Informatics from IUPUI’s School of Informatics and Computing.

Tim Daniel is an information security analyst at CACR and a member of the SecureMyResearch team. Previously, Tim worked for a contract research organization carrying out phase 1 and pre-phase 1 clinical trials for veterinary medicine. He holds a bachelor’s degree in biology with a focus in chemistry, and an associate's degree in applied biotechnology. After high school, Tim worked for Stone Belt, a nonprofit that provides resources and supports for individuals with disabilities, where he learned patience and listening skills.


Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Tuesday, June 6, 2023

Call for Participation for the 2023 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure

 October 24th - 26th ✶ Berkeley, CA

It is our pleasure to announce that the 2023 NSF Cybersecurity Summit is scheduled to take place the week of October 23rd. Starting with two  full days of trainings and workshops that will be held on Tuesday, October 24th and Wednesday, October 25th. Concluding with a full day of plenary sessions occurring on Thursday, October 26th.

The final program is still evolving, but we will maintain the mission to provide a format designed to increase the NSF community’s understanding of cybersecurity strategies that strengthen trustworthy science: what data, processes, and systems are crucial to the scientific mission, what risks they face, and how to protect them.

About the Summit

Since 2004, the annual NSF Cybersecurity Summit has served as a valuable part of the process of securing the NSF scientific cyberinfrastructure by providing the community a forum for education, sharing experiences, building relationships, and establishing best practices.

The NSF cyberinfrastructure ecosystem presents an aggregate of complex cybersecurity needs (e.g., scientific data and instruments, unique computational and storage resources, complex collaborations) as compared to other organizations and sectors. This community has a unique opportunity to develop information security practices tailored to these needs, as well as break new ground on efficient, effective ways to protect information assets while supporting science. The Summit will bring together leaders in NSF cyberinfrastructure and cybersecurity to continue the processes initiated in 2013: building a trusting, collaborative community and seriously addressing that community’s core cybersecurity challenges.

The Summit seeks proposals for plenary presentations, workshops/trainings, BoFs/project meetings, poster session and student program. 

Proposing Content for the Summit

There are many ways to contribute to the Cybersecurity Summit. We are open to proposals for live plenary presentations, focused workshops/trainings, project meetings and birds of a feather(BoFs). More specific information on each of those is available below. Submissions can be made using this online form by June 16, 2023. Responses will be announced by July 14, 2023 to ensure adequate planning time for presenters.

We strongly encourage proposals that address the 2022 Summit themes and challenges such as Framework Adoption, Operational Technology, Preparing for AI, Identity and access management, Compliance challenges and Risk assessment. Additionally, proposals that address topics ranked high by the community are also strongly encouraged/prioritized. These include: 

  1. Human Factors in Cybersecurity
  2. Open Source Software Security
  3. Cloud Security
  4. AI/ML for Security
  5. Trust/Security of AI Tools
  6. Information Asset Management
  7. Supply Chain Attacks
  8. ChatGPT use/banning/enabling for Security
  9. Quantum Computing

Proposing a Plenary Presentation

Please submit brief proposals with a 1-2 page abstract focused on NSF Large Facilities’ unmet cybersecurity challenges, lessons learned, and/or significant successes for presentation during the Summit Plenary Session. Plenary talks are limited to 25 minutes in length including time needed for question and answers if desired. 

Please note that the Summit will offer a ‘hybrid’ model for remote attendees to participate and all plenary talks will be recorded and made available after the event. Proposals should only contain information without sharing restrictions. As a guide, all plenary presentations should be TLP:WHITE “information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction.” 

Submission deadline: June 16th, 2023
Proposals can be submitted using this online form:
Word limit: 1-2 pages
Notification of acceptance: July 14th, 2023

Proposing a Workshop or Training Session

Continuing this year, the Summit will accept proposals for Workshops and Trainings seeking to build communities of practice related to the NSF CyberInfrastructure. Please submit brief proposals with abstract that includes the intended audience, description of what the workshop or training will cover and expected benefits for attendees. Examples may include table top exercises, focused discussions and activities on techniques and skills in a particular field, and collaborative information sharing among security professionals.

Workshops and Trainings will be scheduled to not overlap with the Plenary sessions. They can be of varying length ranging from one hour to a half day (3.5 hours). Workshops can be limited to a specific audience to provide confidentiality. For workshops that intend to limit participation, proposals should include requirements for attendees. For accepted workshops that have admission requirements, members of Trusted CI along with workshop organizers will review workshop registration requests to ensure they meet attendance requirements. Workshop and training organizers may choose to offer either in-person or a hybrid model to include attendees joining remotely via Zoom. Workshop/training organizers are encouraged to offer hybrid sessions to maximize participation. This includes running the Zoom (e.g., monitoring the chat, unmuting remote participants, etc.). 

Submission deadline: June 16th, 2023
Proposals can be submitted using this online form:
Word limit: 1-2 pages
Notification of Acceptance: July 14th, 2023

Birds of a Feather and Project Specific Meeting Proposals

New this year we will be offering Summit attendees to propose Birds of a Feather (BoFs) and Project Specific Meetings. 

Birds of a Feather (BoFs): Informal gatherings of like-minded individuals who wish to discuss a certain topic can be 1-2 hours in length. Proposers of BoF sessions should serve as discussion leaders to explore and address challenges for a specific topic. BoF Proposals should be no more than one page in length and include the proposed topic and description, the activity’s intended audience, and its expected benefits.

Project Specific Meetings: The Summit organizers recognize that the summit attracts many people who work remotely on projects with distributed staff (ACCESS, ESNet, OSG, Zeek, Jupyter).  Attending a conference presents an opportunity for people who work collectively on a shared project to meet in person. This year we have a number of meeting rooms available for projects to hold working sessions. To request a meeting room, please provide a name and description of the project, number of expected participants and meeting duration (1-2 hours suggested). Requests will be reviewed and scheduled based on room availability. 

Submission deadline: June 16th, 2023
Proposals can be submitted using this online form:
Word Limit: 1-2 page description
Notification of Acceptance: July 14th, 2023

Poster Proposals

Also new this year we will be offering individuals to present posters in an informal setting. This is an opportunity to disseminate your work with Summit attendees, receive helpful insights and engage others who are interested in the same subject or focus of your work.

To propose a poster, please provide your name, poster title along with an abstract. Details on shipping posters will be provided upon acceptance.

Submission deadline: June 16th, 2023
Proposals can be submitted using this online form:
Word Limit: 1-2 page description
Notification of Acceptance: July 14th, 2023

Student Program

To support workforce development, the Summit organizers invite several students to attend the Summit in-person. Both undergraduate and graduate students may apply. No specific major or course of study is required, as long as the student is interested in learning and applying cybersecurity innovations to scientific endeavors.

To be considered, students must submit an application form (link below), answering questions about their field of study and interest in cybersecurity. Up to 10 student applicants will receive invitations from the Program Committee to attend the Summit in-person. Attendance includes students’ participation in a poster session.

Travel and hotel accommodations will be provided. Students whose applications are declined are welcome to attend the Summit remotely.

The deadline for applications is Monday, August 28th at 12 am CDT, with notification of acceptance to be sent by Friday September 8th.

Please discuss attendance with your instructors prior to attending.

We cannot select applications to attend in-person from students who live outside the United States.

Student Application to attend the Summit:
Send questions to
Submission deadline: Monday, August 28th at 12 am CDT
Notification of Acceptance: Friday, September 8th

Notes for First-Time Presenters

The Summit organizers want to encourage those who have not presented at previous Summits to share their experiences, expertise, and insights with the NSF cybersecurity community. You don’t need to be perfectly polished, you just need to have something to share about your project or facility's experience with information security. Feedback from past Summits show that there is a great deal of interest in “lessons learned” type presentations from projects who’ve faced cybersecurity challenges and had to rethink some things afterwards. We’ve put together a page of tips and ideas for new presenters, including proposal and presentation tips as well as suggested topics. More direct coaching is available upon request.

Additional Call for Participation (CFP) Guidance

The Summit organizers wish to encourage and support participation from throughout the wider NSF community. To further that mission, we’ve provided some information (below) to aid in the preparation of CFP responses. Please don’t hesitate to direct questions to

What to Present

The CFP presents an opportunity for the community to make progress on shared challenges identified in prior summits. The organizers especially appreciate proposals that drive this home; however, not every presentation or activity has to be centered around just that topic. Please submit any idea that you think may be relevant to our audience but note that proposals that address community challenges from prior years will be given higher preference. 

We strongly encourage proposals that address the 2022 Summit findings and topics identified of high interest as outlined above.

How to Build a CFP Response

The proposal you submit will be used in two ways: to tell the organizers about what you plan to present and to be included in the summit findings as a sort of after-action report. It should include:

  1. Session Format: Plenary (Lecture, Panel, Open Format) or workshop
  2. An executive summary/abstract (short description of the topic and content).
  3. Who the presenter(s) is/are.
  4. Either an abstract of the topic or a narrative you’d like to share with the community. (For activities that are not plenary sessions, this may be replaced with a description of the planned activity and the activity’s intended audience.)
  5. Contact information (preferably email) for the presenter(s) in case the organizers have any questions. This can be in a separate note in the email body instead of the proposal itself if presenter(s) don’t wish it to be published.
  6. Expected length of the session/activity. All plenary sessions will be limited to 25 minutes, Workshops and Trainings can range from one to 3.5 hours. BoFs and Project specific meetings are suggested to run 1-2 hours.
  7. Intended audience and expected benefits of the proposal

Our community has expressed in the past that many find it helpful if they can download a copy of a presentation’s slides. Therefore we will require all presenters to submit their slides in advance of the summit. 

The easiest way to get help/feedback from the organizing committee prior to submitting your final proposal is to create a Google Doc containing your proposal and sending an edit link to

Tips for Presenting

There are many different presentation formats that can work well depending on the topic. Consider the following:

  1. Lecture format: The presenter(s) talk to the audience and show slides to support their dialogue, then do a short Q&A session at the end of the presentation.
  2. Panel format: 3-5 persons answer questions offered by a moderator on a specific topic or set of topics, then do a short Q&A with the audience. This tends to work out best when the panel contains people with very different backgrounds or viewpoints, and the moderator is good at keeping folks to the topic and time constraints.
  3. Open Forum format: 2-3 persons answer questions offered by the audience. Works best if there is an extra person gathering questions and presenting them, and if the speakers can keep things succinct so that the presentation keeps moving and many questions get answered.
  4. Hands-on format(workshops/trainings): The presenter(s) walk the audience through a demo or tutorial as the audience follows along on their computers (or on paper, if the topic supports it).  If you are doing a training that will have many hands-on activities, consider having more than one presenter, or a presenter plus a helper or two who can go around the room and help participants who get stuck, allowing the group as a whole to move on.

Monday, May 8, 2023

Trusted CI Webinar: Senior Citizens Striking Back at Scammers, May 22nd @11am EST

Anita Nikolich is presenting the talk, Senior Citizens Striking Back at Scammers, May 22nd at 11am (Eastern).

Please register here.

Thousands of people fall for online scams every year. Anyone can be scammed, but older adults in the US are the most targeted population in the world. By far. Those over age 60 lost over $3 Billion last year—and that’s just the ones who reported it. One of the fastest growing scams aimed at seniors is romance scams, especially those involving cryptocurrency, which is largely impossible for US law enforcement to prosecute. Websites and education programs to inform seniors about scams exist, but they’re not interactive and engaging and often treat seniors like they are clueless. Our project – Deception Awareness and Resilience Training (DART) is building a fun, spy themed mobile video game for senior citizens that will be released this summer. This talk will give some background on how the latest scams work, especially ones based around cryptocurrency, and show you how we’ve assembled a multidisciplinary team, including a professional game development company, to arm seniors to defend themselves against scammers!

Speaker Bio:

Anita Nikolich is a Research Scientist and the Director of Research and Technology Innovation at the University of Illinois's School of Information Sciences and Director of Research at Inca Digital, a digital asset analytics company. She is Co-PI of the NSF-funded FABRIC Midscale Research Infrastructure, Co-PI of an NSF-funded Convergence Accelerator project, Deception Awareness and Resilience Training (DART) and PI on a DARPA funded SBIR, Mapping the Impact of Digital Financial Assets (MIDFA).


Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Wednesday, April 19, 2023

Registration Open for ’23 NSF Research Infrastructure Workshop

Trusted CI invites cybersecurity staff from NSF Major Facilities and NSF Mid-Scale Facilities to join us at the 2023 NSF Research Infrastructure Workshop, hosted by NSF’s Large Facilities Office (LFO). The Research Infrastructure Workshop (RIW) is a collaborative forum for all the NSF research infrastructure projects.

The workshop is a hybrid format and will be held Tuesday through Friday, June 27th - 30th at the Washington Marriott at Metro Center. 

Registration is currently open.

There will be many opportunities to join discussions on cyberinfrastructure and cybersecurity. A few highlights include:

  • A dedicated Cybersecurity track on Day 2, which will cover the Trusted CI Framework, operational cybersecurity with ResearchSOC, and Regulated Research Community of Practice (RRCoP). Also, Robert Beverly (NSF) will provide introductory remarks for the Cybersecurity track.
  • Trusted CI Director, Jim Basney, and Roland Roberts presenting, “Overview of Cybersecurity at Research Infrastructure: Balancing the Need to Be Secure and Also Open,” during the plenary session on Day 3.
  • Tony Beasley (NRAO) presenting "Lessons from the 2022 Ransomware Attack on ALMA" during the plenary session on Day 3.
  • Partner project CI Compass are presenting, “Overview of CI Compass and the Relevance of AI in Cyberinfrastructure,” during the plenary session on Day 1.
  • And, a dedicated Cyberinfrastructure track on Day 1 covering "Models of Data Governance" and "Expanding use of AI in Research Infrastructure applications."

The drafted agenda is available (pdf) on RIW’s event site. The event includes a poster session, welcome reception, and a tour of the National Air and Space Museum.

Join Trusted CI's announcements mailing list for information about upcoming events.