The Road to Tomorrow: Cybersecurity Experimentation of the Future
Cyberspace is rapidly evolving with nearly every aspect of society moving toward pervasive computing and networking. These changes bring real and wide-ranging cybersecurity threats and challenges that require new solutions based on sound scientific principles. The scale and complexity of the challenges require that researchers employ experimentation infrastructure to enable discovery, validation, and ongoing analysis.
In 2014-2015, Cybersecurity Experimentation of the Future (CEF) project explored current and expected experimentation infrastructure needs in the context of current and future cybersecurity research challenges and producing a roadmap for developing an accessible, broad, and multi-organizational cybersecurity experimentation capability that supports tomorrow’s research. The collaborative, community-based effort included three main thrusts:
- investigate and assess existing experimentation infrastructure and user community experience;
- identify future cybersecurity experimentation infrastructure needs; and
- organize the requirements and needed capabilities into a strategic plan and roadmap for future cybersecurity infrastructure development.
Future needs were identified through a series of community-based study groups to understand hard cybersecurity problems and use cases that can benefit from experiment-driven research, identify the experimentation infrastructure needed to facilitate research, and identify gaps between needed and current capabilities and prioritize capabilities based on domain needs.
The resulting strategic plan has been helping to shape the development of sustainable experimentation infrastructure in support of evolving cybersecurity research needs. These experimentation capabilities are providing the essential means for research communities to develop a fundamental understanding of and to reason about cybersecurity solutions and ultimately provide for secure and trustworthy cyberspace.
Who We Are
This study was conducted as a joint effort between SRI International (SRI) and the University of Southern California Information Sciences Institute (USC-ISI) under research grants provided by the National Science Foundation (NSF). The effort involved a broad set of stakeholders in cybersecurity research and experimentation.
Principal Investigators were: David Balenson (SRI), Laura S. Tinnel (SRI), and Terry Benzel (USC-ISI).