From air traffic control systems and electrical power grids to emergency life-support systems and bank and insurance record-processing, advanced IT systems and networks power highly complex large-scale infrastructures critical to the safety, security, and well-being of society. Nearly everyone today relies on such networks for a vast assortment of everyday activities, from sending letters and paying bills to listening to music and conducting research. HCSS R&D focuses on the software and systems technologies necessary to ensure that the IT systems we count on achieve extremely high levels of reliability, availability, protection, restorability, and security. High confidence technologies make systems resistant to component failure and hostile intrusions-such as the massive denial-of-service (DoS) attacks on large commercial sites that took place in February 2000-and enable them to adapt or reconfigure themselves in response to damage or a perceived threat. Research in HCSS technologies encompasses all facets of IT systems, including the computing platform, the network, systems and applications software, the information in the system, and the interactions among all these components.

HCSS applications span national security, law enforcement, life- and safety-critical systems, transportation, telecommunications, personal privacy, and the protection of core elements of the Nation's information infrastructure. Federal agencies participating in HCSS research include NSA, NSF, DARPA, NIST, NASA, NIH, and OSD's URI. This section highlights some key current HCSS activities and FY 2001 goals.

control of virtually unlimited global connectivity will depend on SMI technologies. The fabric of this infrastructure will be woven from government and commercial key management infrastructures (KMIs)-- systems to manage authentication and access protocols--augmented by security tools for software downloading, system audit, intrusion detection, and access management. Using HACP and NSANet, researchers will formulate public key infrastructure (PKI) and KMI roadmaps and develop or enhance security features for evolving SMI-related protocols and techniques for security-critical SMI functions.

Research topics include transport layer security, secure shells and a secure mail protocol, security features for ATM and multicast, SMI for optical and wireless networks, functional SMI elements such as cross-certification, certification revocation, and key recovery, and trust management in open systems.

• A project jointly sponsored with OSD and DARPA to explore a minimum essential information infrastructure (MEII) for DoD
• Development of novel, patternless anomaly detection technologies that identify unusual behavior in networks. Early test results of a prototype implementation correlate with anomalies identified by a proven intrusion detection system.
• An investigation of the vulnerabilities of SS7 commercial telephony signaling systems and strategies for strengthening them. The effort, undertaken in conjunction with GTE, extends the DARPA-funded Kingsman program, using an NSA testbed. Researchers are working with the University of Maryland on improving SS7 network security standards.
• An ATM mapping and monitoring tool that employs network-based sensors to monitor and respond in real time to certain ATM protocol events. The system allows multiple users to ask the same sensor to listen for different types of events and to respond to the user only when those events are encountered. The sensor can be used for monitoring tasks besides security, including network configuration and behavior and bandwidth management. Prototype implementations in multiple ATM domains found network problems within minutes. Researchers are enhancing the prototype, which offers capabilities not yet available in Federal or COTS implementations, to include additional monitoring tasks and an ATM network access control policy.
  
  

• Speech coding, to develop low bit rate algorithms often required for digitizing, encrypting, and transmitting tactical voice communication, and noise preprocessing and forward error correction research to enhance the quality of the voice signal.
  
  Researchers are concluding work, for example, on Mixed Excitation Linear Prediction (MELP), a system that will compete to be selected in March 2001 as NATO's standard system for seamless, end-to-end encryption of Allied voice communications.
  
  
• Wireless communications, to investigate and counteract the vulnerabilities of wireless services, use the results to influence the standards, provide select demonstrations for critical wireless technologies, and perform the testing, evaluation, and verification needed to ensure that the solutions work effectively.
  
  An NSA risk assessment of second generation cellular technologies (TDMA, CDMA, and GSM) guided DoD's "Digital Battlefield" strategy for adding security features in the tactical environment. This included a military version of a CDMA phone developed by NSA to leverage commercial cellular technology and a next generation cell phone for military operations. Using the DoD-developed Fortezza technology and a COTS operating system, NSA researchers have developed a wireless LAN security prototype that allows encrypted file transfer in a wireless Ethernet environment. An NSA analysis of vulnerabilities in commercial wireless standards supports agency efforts to promote security features and standards in commercial products with major industry and standards organizations. In FY 2000, NSA researchers will prototype a remote terminal testbed to demonstrate transmission of secure voice, video, and graphics to the desktop of a tactical warfighter.
  
  
• High-speed secure communications, including high-speed microelectronics and advanced packaging, techniques to incorporate cryptographic algorithms to get higher-speed performance, and consultations with customers to solve security problems.
  
  In FY 1999, NSA completed and published an architecture for a very flexible, high-speed ATM encryptor to be developed with DOE's Sandia National Laboratories (SNL). The design integrates two algorithms, enabling the product to interoperate with both public and classified-level networks. NSA fabricated a prototype 10 Gbps encryption chip that researchers are using to consult on UltraFastLane, an ATM 2.5-10 Gbps encryptor used by the National Reconnaissance Office (NRO) and DOE. NSA collaborates with DARPA to study and test applications for high-speed semiconductor materials in high performance security systems. NSA research in high-speed cryptography developed hardware that can implement fast changes of key--a critical management capability in multicast key exchange, where large numbers of consumers need to communicate--and improved hardware and protocols in high-speed encryptors for satellite downlinks.
  
  
• Encryption. NSA supports NIST's development of an advanced encryption standard to replace the current data encryption standard (DES). NSA is implementing and evaluating the final candidate standard's algorithms and developing performance estimates.
  
  
• Optical networks, with a focus on developing proof-of-concept optical logic technology and switching devices tailored for cryptographic applications.
  
  To support Federal missions requiring transport of very large quantities of encrypted data-such as in DOE's ASCI-NSA is developing photonic circuits for encryption operating at speeds well beyond the upper limits of electronic circuits. Researchers are pursuing longer term research in multigigabit optical devices that can perform at the levels of complexity necessary for high-assurance cryptography--levels not attainable with today's devices. This requires photonic circuits with thousands of gates performing a cryptographic algorithm, occupying no more than one standard rack in a system. NSA is developing and demonstrating proof-of-concept optical logic and switching devices targeted toward implementing an all-optical key generator. Approaches under study include an optically controlled digital diode, a quantum effect device, and optical parallel processing.
  
  

Secure network management research supports SMI by developing secure protocols for information sharing, network control, and monitoring of events within networked information systems, and by participating in industry and standards organizations that shape network security standards and policies. NSA's development of the Internet Security Association Key Management Protocol (ISAKMP) standard through the IETF is enabling secure network connections and network security management. Research includes the following:

• In cooperation with NIST, NSA researchers developed Internet key exchange (IKE), a candidate standard and reference model for access and authentication on the Internet, and are simulating the integration of several Internet key exchange and management capabilities. Researchers are working with the University of Maryland to demonstrate use of key formats and signatures such as the Digital Signature Standard as an authentication component for the Internet's DNS, in order to thwart attacks such as masquerading and interception. NSA proposed revisions to the IETF's SNMP, a basic element of network interconnectivity. Working with industry, NSA developed a reference implementation that strengthens the security features of the commercial standard.
• KMI allows the generation, production, distribution, control, and accounting of public key certificates and symmetric keys--user identification codes and their system-held matches, which must coincide to authenticate a user's identity. NSA researchers uncovered a certificate-masquerading vulnerability and produced a countermeasure, transmitting their results to commercial browser vendors. NSA research developed a way to update trusted certificates without user intervention. Research on security for the radio-based Tactical Internet focuses on authenticating command and control messages via digital signatures, understanding the limits of PKI, and maintaining confidentiality of command and control, employing group key concepts such as multicast.
• Research in multicast security and key management will develop and standardize efficient protocols for secure multicast. NSA has circulated a draft specification of a protocol for logical key hierarchy in Internet multicast that provides a flexible approach to re-keying a group in the presence of compromised users, and has tested the protocol. NSA-funded university research on multicast security concentrates on scalability and detecting malicious behavior.
  
  

NSA's network security engineering research focuses on achieving high systemic levels of physical and operational performance and security, including network boundary definition and protection, security architectures, policy invocation and enforcement, assurance techniques such as trusted operating systems, and identification and authentication.

The DoS attacks by Internet hackers that briefly crippled leading Web sites such as Yahoo! and CNN.com in February 2000 made use of a technique called "spoofing" that is one subject of NSA's network security research. The hackers were able to spoof or fool Internet identification and authentication systems into helping them send myriad fake messages that then eluded the identification protocols of major sites, literally clogging their entranceways. NSA researchers are working to improve identification and authentication to provide a foundation for secure systems.

• Drawing on the scientific knowledge base in biology, physiology, and engineering, NSA develops and evaluates secure, cost-effective, accurate technologies and devices for detection and identification, such as fingerprint scanners and face-recognition systems. These provide a biometric component of authentication, eliminating spoofing vulnerabilities with techniques to assure that the person recognized by the system is alive and not an image. NSA's Tokeneer project combines smartcard tokens, biometrics, and cryptography to increase identification assurance to augment or replace password-based access systems. Researchers are evaluating a small fingerprint technology for remote log-in and an elliptic curve cryptographic algorithm for smartcards, and in partnership with DataKey/RSA have developed a downloadable cryptographic code for a Java-based smartcard.
• NSA is examining prototype Distributed Object Computing Security (DOCS) software products to raise security levels in a heterogeneous interoperable object-based networked environment.
• The goal of NSA research on a viable secure Trusted Operating System (TOS) is to create an efficient architecture that provides the necessary support for security, executes programs user-transparently, and is attractive to vendors. NSA is working with DARPA, GSA, and NIST to integrate this architecture and security mechanisms to develop a secure version of Linux.
• NSA researchers developed and are evaluating Crackerbox-prototype system software to provide packet filtering and basic IP security. In demonstrations on an experimental platform, the software controlled access to system resources, provided a Web browser interface, operated as a firewall against network-based attacks, and secured hard drive files.
• NSA-developed SONET network interfaces have shown the ability to apply user-defined policies at OC-12 data rates to make sure that all incoming traffic is authorized. In collaboration with DARPA, researchers have developed prototype methods to streamline processing for application-level filtering in a high-speed firewall. In FY 2000, NSA is evaluating prototype security features on the NSANet testbed that provide access control for distributed enclaves without affecting quality of service, as well as monitoring the routing and switching layers of the network to detect anomalies. This product is being transitioned to a commercial network management software developer.
  
  

NSF's HCSS research focuses on developing correct, safe, "no-surprise" software--software that behaves predictably in normal use and under unanticipated conditions. Research activities span systems, software, networks, and communication. Information Technology Research (ITR), NSF's newest and largest IT program, begun in FY 2000, supports research needed to create and use the software-based systems of the future in as yet unimagined environments and applications.

Specific research areas include:

• Cryptography and other security mechanisms
• Hardware and software verification for guaranteeing system behaviors
• Formal software analysis techniques and fault-tolerant system concepts as bases for correctness and reliability

NSF-funded researchers are studying ways to integrate hardware and software analysis and testing to produce more reliable systems, and risk management and application of risk-based analyses to the design, construction, and certification of software systems. Project topics include certifying compilers, proof-carrying code, and data typing for automatic checking of desired software properties that traditionally have been difficult to assure.

Research in component-based software development includes design disciplines, testing methods, and methods that support systematic reuse of high-confidence components to reduce the sources of potential errors and development time. Projects explore different approaches, including theoretical investigations, empirical studies, construction of experimental systems, and creation of environments and tools used as exploratory testbeds.

Accomplishments of NSF research activities include advances in generating correct-by-construction software, behavior verification, security guarantees in distributed systems, and programming languages and environments that improve productivity and limit the possibilities for errors in constrained application domains.

This FM program is developing the conceptual and technical frameworks for a body of engineering science principles and knowledge to govern construction of high-confidence computing systems, and the tools to test and validate system designs. The work grows out of the recognition among scientists, underscored in the PITAC's 1999 report, that the software infrastructure of today's computing systems and networks is a vast patchwork of often idiosyncratically designed and non-interoperable codes whose fragility manifests itself daily in unreliability, lack of security, performance lapses, errors, and difficulties in upgrading. At the same time, software complexity is increasing exponentially, including software used in safety- and mission-critical applications. This very complex software is extremely costly to develop but technically and economically nearly impossible to debug and validate.

These fundamental weaknesses in the contemporary software infrastructure led the PITAC to declare that scientifically grounded software was one of the Nation's top IT research priorities. The FM program starts from the premise that public confidence in IT will remain limited unless research can generate radically higher levels of system security and reliability. FM activities are geared to enable systems and software designers to evaluate the quality of their work against rigorous scientific benchmarks, and customers to test and debug software products to be used in critical applications. Formal science-based methods will allow increased automation of software design, cost-effective approaches to the design process such as reusable software "modules," and a systemic engineering focus on interoperability and scalability--fundamental requirements for constructing the scalable information infrastructure of the future.

FM research covers a wide range of techniques and theories, including:

• Mathematics and logic
• Specification languages and methods (including both general purpose and domain-specific languages and logics)
• Formalization of desirable system properties
• Formal verification
• Application areas

Using these foundations from mathematics and computer science, FM research creates enabling technologies--tools for evaluating and verifying designs at various stages of development. FM tools will for the first time allow science-based analysis of requirements specifications, algorithm and protocol design, and executable programs.

Software designs incorporate mathematical and logical formulas called algorithms and algorithm-based instructions called protocols that reflect agreement by the IT community on how software modules should interact with other parts of the system. FM advanced modeling tools can analyze the mathematical validity of algorithms and protocols, identify weaknesses and unexpected interactions, and define better solutions. This analytical capability is particularly vital in distributed computing networks, where algorithm and protocol designs are far more complex than those for stand-alone computing systems and play critical roles in security, telecommunications links, and fault tolerance. The Verinet tool developed at the University of Pennsylvania, for example, can analyze network protocols from the algorithm level up through the routers that move messages through the Internet. A tool called Ensemble, developed at Cornell University to prove protocol properties, resulted in fast-path optimizations with no loss of system robustness.

In the National Information Assurance Partnership (NIAP) program (http://niap.nist.gov), NIST and NSA are developing security requirements for IT products and measures to evaluate their effectiveness. NIAP's long-term goal is to help increase consumer trust in information systems through cost-effective security testing, evaluation, and validation. Working closely with industry partners, NIAP also fosters R&D in security requirements definitions, test methods, tools, techniques, and assurance metrics, and facilitates developing a commercial security testing industry in the U.S.

Other NIAP accomplishments include:

• An automated tool to generate security requirements and security specifications for IT products and systems in accordance with the Common Criteria, an international standard
• Common Criteria-based protection profiles for technology areas such as commercial operating systems, database management systems, and firewalls
• An emerging evaluation and validation program for IT security
• A Health Care Security Forum that helps consumers define security requirements for health care information systems and applications
• A Smart Card Security Users Group that helps the financial payment industry define requirements for smartcards and appropriate accreditation criteria and methods for security testing laboratories
• A Telecommunications Security Forum that helps define security requirements for PBX and ATM switches, routers, and gateways
• A mutual recognition arrangement with Canada, the United Kingdom, France, Germany, Australia, and New Zealand to recognize results of IT product security evaluations against the Common Criteria

In FY 2000, NIAP is continuing work toward a fully operational IT security evaluation and validation program employing accredited, private-sector security testing laboratories; Common Criteria certificates for validated IT products; Common Criteria-based protection profiles for technologies such as operating systems, database management systems, telecommunications and network devices, smartcards, and Internet browsers; and an automated tool for generating security tests. Another NIAP goal is to raise to 15 the number of nations participating in the mutual recognition protocol.

The rapid growth of e-commerce and pervasive computing has generated enormous demand for advanced security technologies. Buyers have many products to choose from, but frequently two or more products that individually are secure may actually weaken security through unexpected feature interactions. In addition, there are few widely accepted ways of evaluating the strength of security mechanisms. NIST is working with industry to develop new approaches for designing high assurance security architectures, efficiently using emerging technology products, testing the security of large networks, and evaluating the security of software products and systems. Goals are to develop:

• Definition of security services needed to meet the future needs of e-commerce
• Definition and specification of security components and applications
• A security testbed to evaluate interoperability and effectiveness requirements
• Metrics and benchmarks to develop, evaluate, and acquire security components, applications, and operating systems
• A methodology for testing and evaluating trusted operating systems, Internet security components, and applications

Traditional security components such as firewalls and encryption fail to provide a total security solution because the distinction between data and code is vanishing and damaging executable code is easily imported into large-scale networking environments. To ensure that attacks on networked servers can be defeated, the fundamental security layer must be moved down from the application to the operating system level, where decisions are made about access to file systems, devices, and processes. Trusted secure operating systems must be able, for example, to enforce security at each point of decision, denying or allowing access to a specific Web page or to specific fields in a database record. They also need accountability services that ensure swift and effective investigation of illicit transactions and activities.

NIST's IPsec research develops scalable technologies and tools to make the IP--the basic software framework enabling the routing and flow of Internet message traffic--more secure. IPsec enables a centrally controlled access policy and a multilevel security approach to provide security services including data origin authentication, connectionless integrity, replay protection, data confidentiality, limited traffic flow confidentiality, and key negotiation and management. The IETF has mandated the use of IPsec wherever feasible.

New RBAC systems enable network managers to display and control the roles and privileges of network users and role and privilege inheritance. These tools simplify management of network authorizations but lack support for multiple inheritance relationships, limiting their effectiveness in complex environments and increasing the chances of a security-compromising error.

Presidential Decision Directive 63 on critical infrastructure protection, issued in May 1998, requires Federal agencies to take concerted steps to eliminate vulnerabilities in the Nation's significant IT infrastructure systems. The directive established several entities to coordinate the effort, including the Critical Infrastructure Assurance Office (CIAO) and the Information Sharing and Analysis centers (ISACs). NIST, as a participant in CIAO, works with the ISACs, which are public-private partnerships supporting research across all the critical infrastructure sectors, to expand the current understanding of vulnerabilities, threats, analysis, modeling, system interaction, and especially security and protection. NIST works with the e-commerce industry to reduce those vulnerabilities and threats. To help network managers distinguish between anomalies and real attacks, NIST has developed its I-CAT intrusion categorization tool to measure the level of interest in specific Internet penetration and denial-of-service attacks. Other NIST accomplishments related to e-commerce standards include:

• Cryptographic module validation program (CMVP), which validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-1 and other cryptography-based standards
• Statistical profiles of the hacker community and published attack scripts
• IT Security Training and Awareness Resource center
  
  Expected results include:
  
  
• Identification of popular attack scenarios for critical infrastructure networks
• Security models and simulations for demonstrating essential security properties
• Security standards and test methods for critical infrastructure networks
• Security architectures to include security services for authentication, authorization, PKI, and intrusion detection
• Reference implementations to demonstrate security services and interoperability
• Security APIs to support the use and interoperability of cryptography, smartcards, access control, and intrusion detection