National Science Foundation NSF Software Development for Cyberinfrastructure (SDCI) Program Office of Cyberinfrastructure
Proposal Number: 0844219 Principal Investigator: Barton Miller Institution: University of Wisconsin-Madison Proposal Title: Vulnerability Assessment of Grid Software Infrastructure
Project Summary
This Small Grants for Exploratory Research (SGER) proposal seeks to identify security vulnerabilities in software for Grid environments. Proposed activities cover a range of research and development in vulnerability identification and analysis. A new process called First Principles based on Vulnerability Assessment (FPVA) will be pursued that includes a 4-level scale to identify high-value assets and deriving threats based on their use. The activities promise to produce algorithms, techniques, and tools used by software developers and the grid community in identifying software vulnerabilities. Assessment will be performed on two security systems used actively in grid environments today. Finally, the work intends to help form the basis of a more involved and longer term research and development effort in software vulnerability assessment and safer coding practices. Intellectual merit of the proposal lies in its potential contributions to fundamental approaches to software vulnerability assessment, including a new process, new algorithms, new tools, and formal characterizations of vulnerabilities. Broader impact is characterized in the work?s potential to significantly improve security and reliability of grid software used in environments supporting the entire NSF community.