Secure and Trustworthy Cyberspace (SaTC)

 
  • Grants Office Grantwriting service fee is currently unavailable for this grant
    Get more information on grantwriting

    CFDA#

    47.041; 47.049; 47.070; 47.075; 47.076
     

    Funder Type

    Federal Government

    IT Classification

    B - Readily funds technology as part of an award

    Authority

    National Science Foundation (NSF)

    Summary

    The goals of the Secure and Trustworthy Cyberspace (SaTC) program are aligned with the National Science and Technology Council's (NSTC) Federal Cybersecurity Research and Development Strategic Plan (RDSP) and National Privacy Research Strategy (NPRS) to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.


    The RDSP identified six areas critical to successful cybersecurity research and development:

    1. scientific foundations;
    2. risk management;
    3. human aspects;
    4. transitioning successful research into practice;
    5. workforce development; and
    6.  enhancing the research infrastructure.

    The NPRS, which complements the RDSP, identifies a framework for privacy research, anchored in characterizing privacy expectations, understanding privacy violations, engineering privacy-protecting systems, and recovering from privacy violations. In alignment with the objectives in both strategic plans, the SaTC program takes a multidisciplinary, comprehensive, and holistic approach to cybersecurity research, development, and education, and encourages the transition of promising research ideas into practice.


    The SaTC program welcomes proposals that address cybersecurity and privacy, drawing on expertise in one or more of these areas: computing, communication, and information sciences; engineering; education; mathematics; statistics; and social, behavioral, and economic sciences. Proposals that advance the field of cybersecurity and privacy within a single discipline or interdisciplinary efforts that span multiple disciplines are both welcome.


    The SaTC program spans the interests of NSF's Directorates for Computer and Information Science and Engineering (CISE), Engineering (ENG), Mathematical and Physical Sciences (MPS), Social, Behavioral and Economic Sciences (SBE), and STEM Education (EDU). Proposals must be submitted pursuant to one of the following designations, each of which may have additional restrictions and administrative obligations as specified in the program solicitation.

    • CORE: This designation is the main focus of the multidisciplinary SaTC research program.
    • TTP: The Transition to Practice (TTP) designation will be used to label proposals that are focused exclusively on transitioning existing research results to practice.
    • EDU: The Education (EDU) designation is used to label proposals focusing on cybersecurity and privacy education and training.

    The focus of each designation is described below:


    Secure and Trustworthy Cyberspace core research (CORE) Designation

    This solicitation focuses only on research directly supporting a safe, privacy-aware, secure, resilient, and trustworthy cyberspace, conducted ethically with the highest scientific standards. Of special interest are proposals that are transformative, forward-looking, and offer innovative or clean-slate approaches that provide defenders a distinct advantage. Proposals whose security science exposes underlying principles having predictive value that extends across different security domains are especially encouraged. The program discourages proposals that address a sole vulnerability or device without advancing security science or considering the broader consequences of the proposed remedy. The program discourages proposals that simply address quick fixes or ad-hoc solutions without much scientific merit. The program likewise discourages research focused primarily on the design, development, or use of offensive techniques when it would be harmful to the operation of existing cyberinfrastructure and/or are at odds with ethical, legal, and diplomatic concerns and US rules and regulations. Proposers should give considerable thought to unintended consequences of offensive research.


    All proposals should (a) include a clear and concise description of the threat model(s) or specific risk(s) to privacy, security, or trustworthy cyberspace that the proposed research addresses; (b) discuss the generalizable theories and research methods that will be developed; and (c) discuss the trade-offs and risks involved in the research plan.


    Some specific research topics of interest for CORE proposals include, but are not limited to: Authentication and Access Control, Cryptography (Applied and Theoretical), Cyber-Physical Systems (CPS), Data Science, Machine Learning (ML), and Artificial Intelligence (AI), Formal Methods and Language-based Security, Hardware Security Architecture, Hardware Security Design, Human-Centric Computing, Information Integrity, Intrusion Detection, Mathematics and Statistics, Networking, Wired and Wireless, Privacy (Applied and Theoretical), Social, Behavioral, and Economic Sciences, Software, and Systems. These specific research topics of interest for CORE proposals are defined in the full program solicitation.


    Transition to Practice (TTP) Designation

    The objective of the TTP designation is to support the development, implementation, and deployment of later-stage and applied security or privacy research into an operational environment. The TTP program seeks to mature technologies that have been validated in a lab or have shown promise as a proof of concept but have not been evaluated or deployed in operation. A TTP-designated proposal must describe how technology from prior successful research results will be deployed into an organization, system, or community. The outcome of a TTP project should be demonstrable advancement in the technology's readiness, robustness, validation, or functionality.


    Collaborations with industry are strongly encouraged; however, a TTP project may transition later-stage research by other means such as licensing to commercial or government end users, or deployment into scientific research cyberinfrastructure or Research and Education Networks. A TTP project should bridge the gap between research and production via technology maturation and is not intended for pure operational support.


    A TTP proposal must include a project plan that addresses major tasks and system development milestones as well as an evaluation plan with quantifiable metrics for the working system. The eligibility constraints described in Section IV of the program solicitation apply to proposals within the SaTC TTP designation.


    In addition, TTP proposals will be evaluated with careful attention to the:

    • Description of the problem or need being addressed;
    • Description of the technology being transitioned, including substantiating evidence from prior research of the technology's potential to
    • materially impact the problem;
    • Novelty of the intended system, software, or architecture;
    • Identification of an intended population or organization that will serve as an early adopter of the technology;
    • Deployment plan for implementing the pilot or prototype system into an operational environment;
    • Composition of the proposal team, which should demonstrate not only technical expertise in areas such as software engineering, but also
    • skills in project management and systems development;
    • Explanation of the post-grant, long-term software and/or system sustainability;
    • The extent to which production experience will feed back into research, if applicable; and
    • Appropriateness of the budget for the effort.

    Software developed under the TTP designation is not required to be open-source. However, if open-source software is developed, it should be released under an open-source license listed by an Open-Source Initiative. If software will not be open-source, a strong case must be provided justifying this approach.


    Cybersecurity Education (EDU) Designation

    The EDU designation is interested in inquiry into and the development of evidence-based and evidence-generating approaches that will improve cybersecurity education and workforce development at the K-12, undergraduate, graduate, and professional education levels. EDU supports projects that: improve cybersecurity learning and learning environments (both in formal and informal settings), conduct education research, develop new educational materials and methods of instruction, develop new assessment tools to measure student learning, promote teacher recruitment and training in the field of cybersecurity, and improve the diversity of the cybersecurity workforce. In addition to innovative work at the frontier of cybersecurity education, the program also encourages applications of effective research studies at different types of institutions and with different student bodies to produce novel knowledge about the efficacy and transferability of findings. 


    Competitive proposals submitted to the EDU designation will leverage results from basic and/or applied research in cybersecurity and research on student learning, both in terms of intellectual merit and broader impacts, and will articulate how they will address the challenge of expanding existing educational opportunities and resources in cybersecurity and/or privacy. This may include, but is not limited to, the following efforts: 

    • Conduct research that advances improvements in teaching and student learning in cybersecurity and/or privacy; 
    • Based on the results of basic research in cybersecurity, define a cybersecurity body of knowledge and establish curricular activities for new courses, degree programs, and educational pathways leading to wide dissemination and adoption; 
    • Investigate approaches to make cybersecurity and/or privacy education and workforce development broadly diverse and inclusive, including the effects of instructional strategies on the culture of the STEM classroom; 
    • Design and execute innovative strategies to increase enrollment in graduate programs, aimed at nurturing cybersecurity professionals with research expertise in critical areas such as secure software design and development (including use of memory safe languages), the secure use of AI, quantum computing, advanced manufacturing, and emerging wireless technologies; 
    • Implement innovative strategies to increase cybersecurity faculty numbers by supporting those proficient in cyber curricula integration, offering faculty development opportunities, and equipping faculty with pertinent cybersecurity resources;
    • Improve teaching methods for delivering cybersecurity content to K-12 students that promote correct and safe online behavior, and understanding of the foundational principles of cybersecurity; 
    • Develop and implement activities to help K-12 teachers integrate cybersecurity into formal and informal learning settings; 
    • Support institutional collaborations between community colleges and four-year colleges and universities; 
    • Develop educational approaches or pathways to foster industry-relevant skills for cybersecurity jobs of the future; 
    • Develop effective evidence-based co-curricular activities for students studying cybersecurity at the K-12, undergraduate, or graduate level; and 
    • Evaluate the effectiveness of cybersecurity competitions and other engagement, outreach, and retention activities.


    Broadening Participation in Computing (Medium proposals only)

    CISE has long been committed to Broadening Participation in Computing (BPC). This commitment means addressing the underrepresentation of many groups in CISE relative to their participation in postsecondary education (https://ncses.nsf.gov/pubs/nsb20223/data). Broadening participation will require a range of measures, including institutional programs and activities as well as culture changes across colleges, departments, classes, and research groups.


    With this solicitation, CISE is continuing the BPC effort started in 2018 that encourages the research community to engage in meaningful BPC activities. The CISE BPC effort builds on many of the programs, research, and resources created through CISE's past and ongoing investments in BPC, and it aligns with the recommendations of the Strategic Plan for Broadening Participation produced by the CISE Advisory Committee in 2012. Specifically, each Medium project with a lead or non-lead organization (department, school, or institute) that primarily carries out research and education in computer science, computer engineering, information science, and/or other closely-related field, must include a BPC plan (see details in Proposal Preparation). CISE encourages the use of the resources available at the NSF-funded BPCnet Resource Portal (https://bpcnet.org). BPCnet provides BPC project and departmental plan templates, suggested activities, and opportunities for consultant services, and publicly available data to support PIs and Departments in creating their BPC Plans. CISE encourages PIs to leverage departmental plans verified by BPCnet to coordinate efforts within their institution. BPC plans must include roles for all PIs and co-PIs and be included as a Supplementary Document, following the guidelines as described in the Proposal Preparation Instructions.


    A meaningful BPC plan can answer positively to the following questions:

    1. Goal and Context: Does the plan describe a goal and the data from your institution(s) or local community that justifies that goal?
    2. Intended population(s): Does the plan identify the characteristics of participants, including school level?
    3. Strategy: Does the plan describe activities that address the stated goal(s) and intended population(s)?
    4. Measurement: Is there a plan to measure the outcome(s) of the activities?
    5. PI Engagement: Is there a clear role for each PI and co-PI? Does the plan describe how the PI is prepared (or will prepare or collaborate) to do the proposed work?
     

    History of Funding

    Previous recipients can be viewed online at https://nsf.gov/awardsearch/advancedSearchResult?WT.si_n=ClickedAbstractsRecentAwards&WT.si_x=1&WT.si_cs=1&WT.z_pims_id=504709&ProgEleCode=&BooleanElement=Any&BooleanRef=Any&ActiveAwards=true&#results.

    Additional Information

    All proposals must include a prioritized list of 1-3 keywords separated by ";". The keywords must be drawn from the list of topic areas listed below, that best characterizes the project. Proposals submitted to the EDU designation must choose Cybersecurity Education as one of the keywords; proposals submitted to the TTP designation must choose Transition to Practice as one of the keywords.

    • Authentication and Access Control
    • Cryptography, Applied
    • Cryptography, Theoretical
    • Cyber-Physical Systems
    • Cybersecurity Education
    • Data Science, ML and AI
    • Formal Methods and Language-based Security
    • Hardware Security Architecture
    • Hardware Security Design
    • Human-Centric Computing
    • Information Integrity
    • Intrusion Detection
    • Mathematics and Statistics
    • Networking, Wired
    • Networking, Wireless
    • Privacy, Applied
    • Privacy, Theoretical
    • Social, Behavioral and Economic Sciences
    • Software
    • Systems
    • Transition to Practice

    Contacts

    Nina Amla

    Nina Amla

    , (703) 292-8910

    SaTC Questions

    SaTC Questions
    4201 Wilson Boulevard
    Arlington, VA 22230

    Victor P. Piotrowski

    Victor P. Piotrowski
    Directorate for Education and Human Resources
    4201 Wilson Boulevard
    Arlington, VA 22230
    (703) 292-5141
    (703) 292-9015

    Jeremy Epstein

    Jeremy Epstein
    4201 Wilson Blvd
    Arlington, VA 22230
    (703) 292-8338

    SaTC Questions

    SaTC Questions
    4201 Wilson Boulevard
    Arlington, VA 22230
     

  • Eligibility Details

    Proposals may only be submitted by the following:

    • Institutions of Higher Education (IHEs): Two- and four-year IHEs (including community colleges) accredited in, and having a campus located in the US, acting on behalf of their faculty members.
      • Special Instructions for International Branch Campuses of US IHEs: If the proposal includes funding to be provided to an international branch campus of a US institution of higher education (including through use of subawards and consultant arrangements), the proposer must explain the benefit(s) to the project of performance at the international branch campus, and justify why the project activities cannot be performed at the US campus.
    • Non-profit, non-academic organizations: Independent museums, observatories, research labs, professional societies and similar organizations in the U.S. that are directly associated with educational or research activities.

    Deadline Details

    Proposals are accepted anytime.

    Award Details

    The estimated total funding available is $69,000,000 per year, dependent on the availability of funds. Cost-sharing is not required. The NSF anticipates approximately 15 EDU awards, 35 Small awards and 25 Medium awards.


    CORE and TTP proposals may be submitted in one of the following project size classes:

    • Small projects: up to $600,000 in total budget, with durations of up to three years; and
    • Medium projects: $600,001 to $1,200,000 in total budget, with durations of up to four years.

    EDU proposals:

    • Limited to $400,000 in total budget, with durations of up to three years.
    • Proposals that demonstrate collaboration, reflected in the PI, co-PI, and/or Senior Personnel composition, between a cybersecurity subject matter expert (researcher or practitioner) and an education researcher may request up to $500,000 for three years. 

    Related Webcasts Use the links below to view the recorded playback of these webcasts


    • NSF Funding for Campus Cyberinfrastructure in Higher Education - Sponsored by NetApp - Playback Available
    • Funding High Performance Computing in Support of University Research – Sponsored by NetApp - Playback Available
    • Getting A Virtualization Project Funded - Sponsored by NetApp - Playback Available

 

You have not selected any grants to Add


Please select at least one grant to continue.


Selections Added


The selected grant has been added to your .



  Okay  

Research Reports


One of the benefits of purchasing an UPstream® subscription is
generating professional research reports in Microsoft® Word or Adobe® PDF format
Generating research reports allows you to capture all the grant data as
well as a nice set of instructions on how to read these reports


Watchlists and Grant Progress


With an UPstream® subscription you can add grants to your
own personal Watchlist. By adding grants to your watchlist, you will
receive emails about updates to your grants, be able to track your
grant's progress from watching to awards, and can easily manage any
step in the process through simplified workflows.

Email this Grant


With an UPstream® subscription, you can email grant details, a research report,
and relevant links to yourself or others so that you never lose your
details again. Emailing grants is a great way to keep a copy of the
current details so that when you are ready to start seeking funding
you already know where to go