2011 Report of NSF Workshop Series on Scientific Software Security Innovation Institute
Author(s)
Altunay, Mine
Ananthakrishnan, Rachana
Arrott, Matthew
Barnet, Steve
Barnett, William
Basney, Jim
Beaty, Steve
Butler, Randy
Choudhury, Sayeed
Dempsey, Heidi
Dooley, Rion
Freemon, Michael
Fox, Geoffrey
Keahey, Kate
Klingenstein, Ken
Koranda, Scott
Livney, Miron
Marsteller, James
McGee, John
Meunier, Pascal
Moore, Reagan
Newhouse, Stephen
Pearson, Doug
Petravick, Don
Plale, Beth
Plante, Ray
Poole, Scott
Pordes, Ruth
Serville, Mark
Singer, Abe
Slagell, Adam
Thompson, Kevin
Vieglas, Dave
Welch, Von
West, Patrick
Yahja, Alex
Issue Date
2011
Keyword(s)
Scientific Software Security Innovation Institute
NSF
security
Abstract
Over the period of 2010-2011, a series of two workshops were held in response to NSF Dear Colleague Letter NSF 10-050 calling for exploratory workshops to consider requirements for Scientific Software Innovation Institutes (S2I2s). The specific topic of the workshop series was the potential benefits of a security-focused software institute that would serve the entire NSF research and development community.
The first workshop was held on August 6th, 2010 in Arlington, VA and represented an initial exploration of the topic. The second workshop was held on October 26th, 2011 in Chicago, IL and its goals were to 1) Extend our understanding of relevant needs of MREFC and large NSF Projects, 2) refine outcome from first workshop with broader community input, and 3) vet concepts for a trusted cyberinfrastructure institute. Towards those goals, the participants other 2011workshop included greater representation from MREFC and large NSF projects, and, for the most part, did not overlap with the participants from the 2010 workshop.
A highlight of the second workshop was, at the invitation of the organizers, a presentation by Scott Koranda of the LIGO project on the history of LIGO’s identity management activities and how those could have benefited from a security institute. A key analysis he presented is that, by his estimation, LIGO could have saved 2 senior FTE-years of effort by following suitable expert guidance had it existed.
The overarching finding from the workshops is that security is a critical crosscutting issue for the NSF software infrastructure and recommended a security focused activity to address this issue broadly, for example a security software institute (S2I2) under the SI2 program. Additionally, the 2010 workshop participants agreed to 15 key additional findings, which the 2011 workshop confirmed, with some refinement as discussed in this report.
Use this login method if you
don't
have an
@illinois.edu
email address.
(Oops, I do have one)
IDEALS migrated to a new platform on June 23, 2022. If you created
your account prior to this date, you will have to reset your password
using the forgot-password link below.