About Trusted CI

Science and engineering are increasingly reliant on computing, digital data, interoperability, and support for collaboration. Cybersecurity is critical to ensuring the integrity and trust of scientific data as well as interoperability.

However, establishing a cybersecurity program, evaluating and choosing technologies for identity management, authentication, authorization, and auditing are major challenges. Cybersecurity should not dictate how science is done; instead it should support and enable workflows and technology choices made by science teams. Cybersecurity is not a “one size fits all” silver bullet, but instead is a process, carefully tailored to a community to create trust while impacting the work as little as possible.

Research cyberinfrastructure (CI) brings unique challenges for cybersecurity due to its open nature, use of unique instruments, large and complex data sets, and rich ecosystems of collaboration across countries and between disciplines.

NSF has as a goal the creation and operation of an “agile, integrated, robust, trustworthy, and sustainable CI ecosystem that drives new thinking and transformative discoveries in all areas of S&E research and education.” However the community faces a real challenge in accessing needed expertise in a timely fashion.

Trusted CI, the NSF Cybersecurity Center of Excellence is comprised of cybersecurity experts who have spent decades working with science and engineering communities and have an established track record of usable, high-quality solutions suited to the needs of those communities. The team draws from best operational practices and includes leaders in the research and development of new methodologies and high-quality implementations.

Trusted CI addresses the challenge for meeting the needs of NSF research cyberinfrastructure projects through a collection of targeted activities: Trusted CI facilitates the adoption of the Trusted CI Framework by NSF research CI operators via cohorts, and communities of practice, and evaluation of adoption efficacy through regular baseline cybersecurity assessments. It broadens the use of cohorts by developing standards for software and operational technology (OT). To provide sustained assistance to CI operators, Trusted CI establishes residencies, Framework cohorts, and training sessions. To address the cybersecurity workforce shortage, Trusted CI is substantially increasing its Fellows and student programs, and will continue to deliver training at relevant community events, including regional workshops. Trusted CI supports regulated research mainly through the Regulated Research Community of Practice (RRCoP). Trusted CI supports the assurance of scientific software by creating software assurance standards and an implementation guide and running cohorts of scientific software developers to help align with those standards. Trusted CI expands its secure-by-design efforts for essential CI undergoing significant construction or equipment acquisition. Trusted CI hosts the annual NSF Cybersecurity Summit, which brings together cybersecurity professionals across the NSF CI community for a week of workshops, training, and information sharing.

Mission

The mission of Trusted CI is to enable trustworthy NSF science by partnering with cyberinfrastructure (CI) operators to build and maintain effective cybersecurity programs, publishing resources that are valuable to the broader NSF community, and supporting the processes, tools, and knowledge to secure NSF research progress.