Feds Release Security R&D Plan

The National Science and Technology Council has released its "Federal Plan for Cyber Security and Information Assurance Research and Development."

The report sets out a framework for multi-agency coordination of federal R&D investments in technologies that can better secure the interconnected computing systems, networks, and information that together make up the U.S. IT infrastructure.

The report outlines strategic objectives for coordinated federal R&D in cyber security and information assurance, presenting a broad range of R&D technical topics and identifies those topics that are multiagency technical and funding priorities. The report's findings and recommendations address R&D priority-setting, coordination, fundamental R&D, emerging technologies, roadmapping, and metrics. Together with commentaries about the R&D technical topics that describe their significance, the current state of the art, and gaps in current capabilities, these elements are intened to provide a baseline for implementing the report's recommendations.

More specifically, the report addresses among other topics the:

• Technology trends, ranging from increasing complexity to wireless connectivity.
• Types of vulnerabilities, threats, and risks, including supply chain attacks, outsourcing, industrial espinonage.
• Top technical and funding priorities. Authentication, authorization, and trust management; access control; attack protection; and software testing and assessment tools, among others.

Posted by Jon Erickson at 10:12 AM  Permalink