NSF - Cybersecurity Innovation for Cyberinfrastructure (CICI)


SAC-PA: Towards Security Assured Cyberinfrastructure in Pennsylvania


SAC-PA project focuses on establishing a regional collaboration and partnership within the state of Pennsylvania.

News


SAC-PA2 Workshop

SAC-PA2, our Second SAC-PA Workshop is being held in Pittsburgh on June 14-15, 2018.
For more information, please visit: SAC-PA2 Workshop.
To register for the SAC-PA Workshop, please click registration.

SAC-PA1 Workshop

Our First SAC-PA Workshop was held in Pittsburgh on June 22-23, 2017.
For more information, please visit: SAC-PA1 Workshop.
To register for the SAC-PA Workshop, please click registration

About SAC-PA


Cybersecurity is a growing concern for individuals, communities, nations and the world. Increasing cyberattacks make cybersecurity a critical national security concern. Information technology provides tremendous opportunities to accelerate data-driven scientific research and education. Increasing cybersecurity problems can adversely impact the research and its economic and social benefits if our cyberinfrastructure that supports scientific research and education is not well protected. Beyond innovative cybersecurity solutions, it is critical to establish structured and effective practices and better collaboration among various stakeholders to share cybersecurity resources, expertise and information. This project focuses on establishing a regional collaboration and partnership within the state of Pennsylvania, referred to as SAC-PA. SAC-PA will provide critical support to smaller academic institutions (schools and colleges, etc.) including resource constrained regional institutions that serve under-represented groups, females and high school teachers and students. It will establish a collaboration and partnership framework to enable concerted activities promoting the use of effective cybersecurity techniques and practice of security-assured cyberinfrastructure. While enhancing the cybersecurity posture of PA, SAC-PA will provide a regional cybersecurity collaboration and partnership model that can be adopted by other regions, or be extended for national level collaborations.

The SAC-PA project will include participation from the public-private sectors and academic institutions in PA in the following key activities:

  1. developing and delivering three regional workshops in Pittsburgh to bring together various regional stakeholders from scientific research related communities with cyberinfrastructure or cybersecurity resources to better understand the regional capabilities; explore existing and emerging cybersecurity challenges/solutions; and devise collaboration and partnerships to enable concerted cybersecurity activities to promote the use of effective cybersecurity techniques and practices;
  2. collaboratively developing training/awareness materials based on the needs and capabilities identified in the workshops, and sharing these extensively with regional partners and beyond through various channels;
  3. establishing regional partnerships and a shared repository of cybersecurity resources/capabilities to facilitate collaborative and concerted efforts towards protecting scientific cyberinfrastructures.

The project will leverage capabilities of LERSAIS, an NSA/DHS designated CAE/CAE-R, and faculty members, University of Pittsburgh’s Computing Services and Systems Department, and local partners with an excellent track record of collaboration in cybersecurity capacity building, education and research projects, as well as that of the major cybersecurity players in PA and an established NSF CyberCorp program.

SAC-PA Project Team Members


Dr. Joshi
James
Joshi

Ph.D.
Professor, Principal Investigator

Brain
Brian
Stengel

IT Service Owner
University of Pittsburgh

Dr. Spring
Michael
Spring

Ph.D.
Associate Professor

Dr. Shrestha
Prashant
Krishnamurthy

Ph.D.
Professor

Dr. Palanisamy
Balaji
Palanisamy

Ph.D.
Assistant Professor

Dr. Tipper
David
Tipper

Ph.D.
Professor

Xu
Runhua
Xu

Ph.D. student
Webmaster

Executive Summary


Cybersecurity is a growing concern at individual, social/community, national and global levels. Several recent high profile cyber attacks indicate that cybersecurity has already become one of the most critical national security concerns. While the rapid progress in IT sectors provides tremendous opportunities to accelerate data-driven scientific research, the increasing cybersecurity problems can adversely impact the scientific research and its economic and social benefits if the cyberinfrastructure that facilitates scientific innovations is not well protected. Besides innovative cybersecurity solutions, it is also critical to establish more structured and effective set of security practices and better collaboration among various stakeholders towards sharing of cybersecurity resources, expertise and information. To address this growing national challenge to secure cyberinfrastructure that, in particular, is in place to foster the scientific research and education community, it is critical that regional collaborations be formed.

Towards this, we propose to develop a regional collaboration and partnership framework called SAC-PA. The key goals of the SAC-PA framework project is thus to establish and foster regional collaboration for sharing resources, and increasing and streamlining regional capabilities in the practice of cybersecurity for cyberinfrastructure area. We propose to carry out the following tasks:

  1. develop and deliver three regional workshops focused on security assured cyberinfrastructure;
  2. collaboratively develop training/awareness materials;
  3. establish regional partnerships and a shared repository of cybersecurity resources/capabilities.

Intellectual Merit: Cyberinfrastructure for scientific research and education are crucial for the vitality and progress of scientific and educational endeavors. The regional collaboration proposed will significantly help address the cybersecurity needs of institutions that support research and education through collaboration, training and sharing. This will help increase the cybersecurity posture of the PA region. The team includes a group of faculty members from LERSAIS, an NSA/DHS designated CAE/CAE-R, with an excellent track record of collaboration on funded capacity building, education and research projects related to cybersecurity; they also collaboratively manage the cybersecurity tracks of study at Pitt and the NSF CyberCorp SFS program. Cybersecurity best practices and tailored approahces for various resource constrained cyberinfrastructure providers will significantly help the cybersecurity community at both regional and national levels. The proposed SAC-PA framework will provide a model for more regional cybersecurity collaborations. In this project, LERSAIS and Pitt’s CSSD will collaborate with major cybersecurity players in the PA region, with whom the team and/or Pitt has significant collaborative relationships.

Broader Impact: The three tasks will have significant impact on the regional cybersecurity community with regards to securing cyberinfrastructures that support scientific research and education. Many smaller academic institutions (schools and colleges, etc.) that are resource constrained will avail of cybersecurity training and shared resources through the SAC-PA collaboration and partnership framework; These include regional institutions that serve under-represented groups such as Hispanic and Afican-American, and female populations, as well as high school community. SAC-PA also will provide a potential model of regional collaboration and partnership for cybersecurity that can be adopted by other regions, or be extended to incorporate national level collaborations. The participants include public-private sectors, and academic institutions – so more broad based cybersecurity solutions and best practices will be the outcome of this project. Our NSF SFS program students will also be actively engaged in this project – the current distribution of SFS supported students is 50%-50% male-female, with two of the female students also from American-African.

SAC-PA Workshop Series


Project Timeline


PI Joshi will oversee all aspect of the project including organizing the workshops, training materials development and leading the efforts for the SAC-PA framework. Co-PI Spring will help lead the collaboration efforts with NCFTA, CERT and Pittsburgh FBI Office. He has been leading efforts to develop various collaboration with them. These include collaborative research projects in Password systems where several project Co-PIs are currently engaged. Joshi and Spring are also collaborating with CERT on on the topic of Science of Security, and in SFS students’ research projects and MS theses. Current collaboration with FBI include joint work with FBI and NCFTA on high school curriculum on cybersecurity to provide them with college credits at Pitt. Joshi will lead collaboration efforts with UPMC. Stengel will primarily lead efforts to work with other partners listed above. Co-PIs Joshi, Spring and Stengel will work closely on all the tasks. Other LERSAIS members and the CSSD security team will primarily focus on contributing to the development and delivery of training materials. The detailed project plan with milestones is submitted as a supplementary document.

Summary of timeline is depicted in the table below.
Aug 2016
  • Anticipated notice of award
Oct 2016
  • Engage collaborators
  • SME lists
  • Begin planning for first workshop
Nov 2016
  • Begin regular project team meetings
  • To be held monthly or as needed
Dec 2016
  • Conduct marketing, promotion, registration for first workshop
Jan 2017
  • Begin assembling training materials for first workshop
Mar 2017
  • Conduct first workshop (SAC-PA 1)
Apr 2017
  • Execute attendee surveys, and refine
  • Begin development of collaboration site
May 2017
  • Engage collaborators
  • SME lists
  • Begin planning for first workshop
Jul 2017
  • Conduct marketing promotion, registration for second workshop
Aug 2017
  • Begin assembling training materials for second workshop
Oct 2017
  • Conduct second workshop (SAC-PA 2)
Nov 2017
  • Execute attendee surveys and make adjustments based on results
Dec 2017
  • Engage collaborators
  • SME lists
  • Develop collaboration framework
  • Plan SAC-PA 3
  • Bring collaboration site online and available to all participants
Jan 2018
  • Conduct marketing promotion, registration for third workshop
Feb 2018
  • Begin assembling training materials for third workshop
May 2018
  • Conduct second workshop (SAC-PA 3)
Jun 2018
  • Follow up on activities and opportunities focused on regional collaborations – sustainability activities
  • Refinements, and finalize SAC-PA framework
Aug 2018
  • Complete final report and close of project

Project Evaluation Plan


We will continuously evaluate the project throughout its various activities for success. We will use various metrics to evaluate and refine our activities to ensure the success of the project. Some initial metric we will use are as shown in the table below; we plan to incorporate other parameters as the project progresses. The final SAC-PA framework developed will be evaluated based on the sustainability prospect demonstrated, membership, size of the partnerships, etc.

Metrics for Evaluation of Success
Workshops and Participation
  • Number of workshops (3 proposed)
  • Number of attendees and breakdown of positions and responsibilities
  • Number of attendees from smaller colleges, universities, and other similar organizations
  • Number of student attendees
  • Number of faculty participating in the workshops
  • Diversity of attendee pool with regards to demographics
  • Attendees map to locations in the region, state, multi-state
  • List of partners providing content and participation in the workshops
  • Number of campus research groups attending the workshops
  • Web repository for collaboration site for presentations, papers, etc.
  • Attendee survey to be used for subsequent workshop planning
Engagements and Outcomes
  • Number of follow-thru “engagements” resulting from attending the workshops. These could include professional engagements, formal engagements, or informal engagements
  • Demonstrable examples of benefits reported/realized from attendees
  • Number/Examples of tools, materials, information provided to the engaged communities
  • Number/Examples of campus IT to campus scientist engagements resulting from the workshop activities
  • Number/Examples of NSF projects including knowledge, tools, techniques learned in the workshops
  • Number of talks/presentations on the workshops given by PI team at other events, conferences, meetings, etc.
  • Feedback from collaborators and attendees on the training materials - with regards to deliver quality, suitability to attendees’ cyber environment, etc.
Others
  • Feedback from workshop attendees
  • Examples of engagement leading to furthering the practice of CICI in our region
  • Examples of “leadership” opportunities in the region resulting from our CICI community building
  • Demonstrable examples of opportunities for sustainability in the region
  • Evidenced support for similar initiatives at the statewide level

Sponsors & Partners


Contact and Feedback


Dr. James Joshi
706A IS Building, Pittsburgh, PA 15260
Phone:(412) 624-9982
Email: jjoshi(AT)sis(DOT)pitt(DOT)edu