Cybersecurity is critical to safeguarding infrastructure, keeping supply chains moving, and ensuring privacy in cloud computing and health care. Adapting to ever changing threats requires cutting-edge research and transformative solutions.

The U.S. National Science Foundation is pleased to announce an investment of $25.4 million to advance ambitious research and center-scale projects in cybersecurity and privacy.

"The Secure and Trustworthy Cyberspace program is one of NSF's largest research programs, recognizing the criticality of cybersecurity and privacy to the nation’s economy and to citizens," said NSF Director Sethuraman Panchanathan. "These investments support cybersecurity research across the country that can be translated into solutions that improve our quality of life."

The NSF grantees will work to strengthen open-source supply chain security, increase computing privacy for marginalized populations, and ensure trustworthy cloud computing. In addition to the scientific research, these efforts will support the NSF Directorate for Computer and Information Science and Engineering's Broadening Participation in Computing initiative that seeks to bring more people from underrepresented groups into the computing research community.

"Now celebrating its 10th year, Secure and Trustworthy Cyberspace continues to support a wide range of research topics, with approximately 200 research awards this year and over 3800 total lifetime awards," said Jeremy Epstein, Lead Program Officer for the Secure and Trustworthy Cyberspace program. "These projects demonstrate the breadth of topics of importance in cybersecurity and privacy and the commitment of NSF to advance research on topics of national importance."

The projects include:

Enabling a Secure and Trustworthy Software Supply Chain

Led by North Carolina State University, this collaborative research will focus on open source supply chain security. All modern software includes open source software, and there is a high risk of malicious, criminal manipulation. Researchers on this project will work with industry and government agencies to develop scientific principles, create tools and processes, and develop metrics for supply chain security to reduce risks with software used by consumers, government, industry and academia. The project will aid the software industry by creating a diverse workforce of technical leaders and practitioners educated and trained in secure software supply chain methods. Other members of the team include Carnegie Mellon University, The George Washington University and the University of Maryland College Park.

Securing the Future of Computing for Marginalized and Vulnerable Populations

Led by the University of Florida, this project will address privacy and security issues in marginalized and vulnerable populations. These populations have unique security and privacy needs, concerns and capabilities that are underserved, leaving them at risk of harm. Researchers will develop solutions that support these populations. This project will bring together computer and social scientists from the University of Florida, University of Washington and Indiana University.

Center for Distributed Confidential Computing

Led by Indiana University, this project will use the "trusted execution environment" hardware capability in modern chips to run secure computation in a way that can’t be compromised by malicious software across distributed computing systems such as cloud computing environments. Researchers will work to provide solutions for data in use such as training machine learning models on private data, across cloud and edge systems. Indiana University will be joined by Purdue University, Penn State, Carnegie Mellon University, The Ohio State University, Spelman College, Duke University and Yale University will participate.

Learn more about the Secure and Trustworthy Cyberspace program and visit nsf.gov.