Trusted CI helps FABRIC build secure scientific infrastructure

Trusted CI has posted a new success story on its collaboration with FABRIC, a national-scale testbed that is providing a new research infrastructure enabling scientists to share massive amounts of data. As FABRIC was being built in 2021, project leaders turned to Trusted CI, the NSF Cybersecurity Center of Excellence, to ensure they designed security into the project from the beginning. FABRIC continues its involvement with Trusted CI as a member of the Research Infrastructure Security Community. The cohort offers an opportunity to share challenges and solutions with others in the same research space. 

Testbed Facility Security Workshop at 2021 NSF Cybersecurity Summit

The 2021 NSF Summit Workshop on Testbed Facility Security will be held Monday, October 18 from 1pm to 5pm Eastern Time as part of the 2021 NSF Cybersecurity Summit. The workshop will explore the unique cybersecurity challenges of testbed facilities, stemming from their mission to enable experimental use, including configuration of facility resources for novel networking and security experiments, which may span multiple facilities. The workshop is being co-organized by Chameleon, Colosseum, DETERLab, FABRIC, PAWR, and Trusted CI.
If you are interested in the cybersecurity challenges of experimental cloud-based testbeds, please plan to attend. Visit https://www.trustedci.org/2021-testbed-facility-security-workshop for more details.
The workshop is a follow-on activity from the Trusted CI FABRIC engagement. See https://blog.trustedci.org/search/label/FABRIC for more information about that engagement.
 

Trusted CI Concludes Engagement with FABRIC

FABRIC: Adaptive Programmable Research Infrastructure for Computer Science and Science Applications, funded under NSF grants 1935966 and 2029261, is a national scale testbed that connects to existing NSF testbeds (e.g., PAWR), as well as NSF Clouds (e.g., Chameleon and CloudLab), HPC Facilities, and the real Internet. FABRIC aims to expand its outreach, enabling new science applications, using a diverse array of networks, integrating machine learning, and preparing the next generation of computer science researchers.

FABRIC received its initial funding in 2019 and is projected to go into operational phase in September of 2023. FABRIC reached out to Trusted CI to request a review of its software development process, the trust boundaries in the FABRIC system, and the FABRIC security and monitoring architecture.

The five-month engagement began in February and completed in June. In that time the teams worked together to review FABRIC’s project documentation, which included a deep analysis of the security architecture. We moved on to completing an asset inventory and risk assessment, covering over 70 project assets, identifying attack surfaces and potential threats, and documenting current and planned security controls. Lastly, we documented engagement findings in an internal report shared with FABRIC project leadership.

FABRIC also assisted with the Trusted CI 2021 Annual Challenge (Software Assurance) by participating in an interview with members of the software assurance team. The results of that interview will provide input to Trusted CI's forthcoming guide on software assurance for NSF projects.

Trusted CI Begins Engagement with FABRIC

FABRIC: Adaptive Programmable Research Infrastructure for Computer Science and Science Applications, funded under NSF grants 1935966 and 2029261, is a national scale testbed that connects to prior existing testbeds, such as PAWR, as well as the real Internet. FABRIC aims to expand its outreach, enabling new science applications, using a diverse array of networks, integrating machine learning, and preparing the next generation of computer science researchers.

The FABRIC project began in 2019 and reached out to Trusted CI for an engagement during this early phase of development. The engagement goals are focused on reviewing FABRIC's software development process, the trust boundaries in the FABRIC system, and the FABRIC security and monitoring architecture.

We will be publishing a report from the engagement when it concludes in June.

Trusted CI Webinar Feb 24th at 11am ET: FABRIC with Anita Nikolich

Illinois Tech's Anita Nikolich is presenting a talk on FABRIC, the Adaptive programmaBle networked Research Infrastructure for Computer science, on February 24
th at 11am (Eastern).

Please register here. Be sure to check spam/junk folder for registration confirmation email.

Testbeds can be great for trying out new ideas and not taking down a production network, or they can be useless and impossible to figure out. FABRIC took the best of past testbeds and is creating a new, useful national research infrastructure to enable cutting-edge, exploratory research at-scale in computer networking, security, machine learning, distributed computing and applications.

It will be a nation-wide high-speed (100-1000 Gbps) network interconnecting major research centers and computing facilities that will allow researchers, operators and engineers to develop and experiment with new distributed application, compute and network architectures not possible today. FABRIC nodes can store and process information "in the network" in ways not possible in the current Internet, which will lead to completely new networking protocols, architectures and applications that address pressing problems with performance, security and adaptability in the Internet. Reaching deep into university campuses, FABRIC will connect university researchers and their local compute clusters and scientific instruments to the larger FABRIC infrastructure. The infrastructure will also provide access to public clouds, such as Amazon Web Services, Google Cloud Platform, and Microsoft Azure. This experimental facility will allow multiple experiments to be conducted simultaneously, and is capable of incorporating real traffic and real users into experiments. For more information about FABRIC visit https://www.fabric-testbed.net.

Anita Nikolich is a Research Professor in Computer Science at Illinois Tech, Fellow at the Cyber Policy Initiative at the Harris School of Public Policy at The University of Chicago, co-organizer of the DEFCON AI Village, and ARIN Advisory Council member. She is Co-Director of FABRIC.

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."