Cyber Security and Complex Software Systems Program
The Office of Naval Research Software and Computer Systems program focuses on developing the fundamental principles and models for the design and construction of complex software systems that meet required assurances for security, safety, reliability and performance. It builds upon foundations of mathematical logics and computational complexity but takes into account the uncertainties and constraints of the operational environment. The overall goal is to measurably improve the ability of complex software-intensive systems to meet the information-processing challenges of future naval systems.
Cyber Security sub-program investigates and develops wide-ranging principles and techniques for continuously maintaining confidentiality, integrity, and availability of information and information infrastructures, focusing on the software, the hardware and the network. The program heavily emphasizes on automation and autonomy in the cyber environment, preferring human-on-the-loop paradigm over as human-in-the-loop, whenever possible. The program seeks to establish an autonomic, secure and dependable informational infrastructure toward achieving Information Dominance.
Complex Software sub-program investigates principles, algorithms and methods, and develops software engineering tools for achieving efficient, timely, robust and secure software executables, focusing on science for software construction, correctness and efficiency by revisiting software development and deployment methodology. Efficient, timely, robust and secure software is a requirement for secure information infrastructure toward achieving Information Dominance.
The program has several thrust areas that build around the theme of information as a computational resource to be managed, secured and shared in different contexts:
Principles for Correctness and Security Properties: This thrust focuses on developing basic principles to determine the security and performance properties of software systems, the conditions under which these properties hold, and the methods used to prove these properties of interest for systems. Of particular interest are issues involving networked systems adapting to dynamic conditions and threats.
Trusted Network Computing: This thrust focuses on protocols and network configurations that provide a trusted network environment for federated, heterogeneous and distributed computing. It includes the development of new, efficient, provable secure communication protocols, alternative network architectures and new approaches to securing the end hosts. These require better accountability, manageability and performance despite adversarial efforts to disrupt and compromise the network.
Secure Information Management, Sharing and Interaction: This thrust focuses on developing fundamental advancements for secure information sharing between information producers and consumers. As information needs to be shared more widely, it is more susceptible to being compromised, intercepted, modified or fabricated. There is a need for new policy languages and frameworks for federated systems, especially in coalition environments where trust is not fully guaranteed and flexibility of action is needed.
Information Assurance of Cyber-Physical Systems: This thrust focuses on the security of information and processes in systems that involve a tight control and coordination between computational and physical devices, which includes many embedded real-time systems. Problems occur both in ensuring security properties at the boundaries between cyber and physical components as well as ensuring or enforcing any security properties at all for the physical components. Components of both types must be able to generate, share and compute with security-relevant information using a consistent model that enforces a consistent set of security policies.
Note: Proposers are encouraged to contact the program officer to discuss their research interest prior to the submission of formal proposals.
Program Contact Information