| |
 |
|
NASA's prototype Spacecraft Micro Robot (SMR) is a mobile IT assistant for astronauts. It is a softball-sized unit integrating an intricate array of technologies: an operating system and monitor, two-way audio and video, wireless
ethernet, propulsion system with remote controls, and environmental and inertial sensors. The SMR patrols the spacecraft, monitoring internal environmental conditions; it can be guided by ground controllers or astronauts, support space-ground teleconferences, and can send and receive timely data in flight. A key issue in SMR design is
engineering for ultra-reliability.
|
Representative FY 2003 agency activities
NSF: Innovative research in trustworthy computing,
including scientific principles for construction of high-confidence
systems, component technologies, composition and decomposition methods,
modeling and analysis techniques,design tradeoffs between security
and performance; safety, security, and privacy for Internet-enabled
systems; real-time distributed, embedded, and hybrid systems; fault-tolerance
approaches for critical infrastructure protection
NIH: Assurance methods and technologies for life-critical
medical devices and telemedicine applications; reliability, privacy,
and security of medical data and IT infrastructures for research
NASA: Software design for safety, including development
of High Dependability Software Consortium with leading universities
and industry for proving methods and techniques to achieve very
high reliability in mission-critical software; artificial intelligence
and formal methods techniques for specification, automated fault
detection, and validation
NSA: Research in secure network management, secure
switched network technologies, and advanced research in cryptography
(key management, algorithms); advanced research in high-confidence
system technologies (formal specification and verification tools,
domain-specific languages for security evaluation); and continuing
advanced research in securing end-user systems (security middleware
such as the security-enhanced operating system LINUX kernel, Object
Request Brokers)
NIST: Security technologies for critical infrastructure
protection; standards, methods, and metrics in
authorization and authentication, including biometric techniques;
tools for NIST's advanced
encryption standard; with NSA, support the National Information
Assurance Partnership to promote
cost-effective international standards for software evaluation,
testing, and certification
ODDR&E: Support for defense-related university
research in technical foundations for high-assurance
technologies, software control systems, information security, public
key infrastructures, and survivability technologies
|
As the NITRD research agenda attests,
today software itself faces the frontier of complexity. On one hand,
software is expected to make enormous systems and networks of systems
- such as power grids, air traffic control systems, financial data
networks, military command and control systems, and the Internet
- function faultlessly. It is also expected to direct the activities
of life-critical embedded devices such as implanted heart monitors,
nanoscale diagnostic instruments, and digital prostheses. Large-scale
systems, which embody hundreds to thousands of platforms, millions
of lines of programming, and trillions of bytes of data, are rapidly
becoming the norm, as are systems in which the processors themselves
are intricately embedded in the fabric of our lives and even our
bodies.
On the other hand, all these systems are being asked to function
at unprecedented levels of reliability, safety, and security. The
events of September 11 pointed to an overarching requirement that
the systems governing the Nation's critical infrastructures and
critical national defense and national security missions be "hardened"
against terrorist attacks, clandestine penetration, and misappropriation.
Systems must somehow become more self-diagnosing, self-correcting,
and self-healing - equally proof against natural failures, deliberate
interference and fraud, and innocent but crucial mistakes by their
users. These two features - rapidly expanding
size and rapidly expanding complexity - are the twin horns of a
difficult dilemma for contemporary software and systems.
To date, U.S. ingenuity in creating and
interconnecting the inventions of the IT revolution has outpaced
the underlying science needed to assure that the systems we build
are engineered for reliability, security, safety, and scalability
(can the system grow without weakening its integrity and reliability?).
In the security and safety areas, for example, techniques in cryptography,
public key infrastructure (PKI), network management, intrusion detection,
and fault/failure tolerance have been developed largely independent
of core functionality and speed.We have not yet integrated the high-confidence
attributes we now know are necessary into the technical design foundations
for both large- and small-scale complex software and systems. In
the current incremental, add-on development process, the responsibility
for determining whether the system works falls largely to a costly,
time-consuming, after-the-fact process of testing, which often fails
nonetheless to catch system failure conditions in the subtle interactions
among software and hardware components.
The fact is that we do not yet understand
the underlying patterns of failures in large complex systems, or
even the systems themselves. The NITRD agencies' focused research
effort in high-confidence software and systems seeks to provide
the missing theoretical and technological underpinnings for assured
construction of secure, highly reliable software and systems. This
revolutionary work will give system designers and engineers a formal
scientific grounding for building sound systems as well as powerful
new diagnostic and forensic tools for cost-effectively assessing
software and system reliability, security, and performance.
In FY 2003, the NITRD agencies will support
research in modeling and reasoning about whole systems and about
their component technologies (operating system, middleware, networking,
safety and especially security attributes) and mathematical and
engineering approaches to specification, component integration,
and interoperability issues. Other research focus areas are languages,
tools, and automated techniques to eliminate sources of error, and
technical strategies for integrating high-confidence properties
in software and systems design.
Major Research Challenges
- Foundations of assurance, including rigorous modeling and reasoning
about high-confidence properties; interoperable methods and tools;
system composition; specification, safety, and security foundations
- Scalable fault prevention, detection, analysis, and recovery,
including robust system architectures and tools for monitoring
and adaptive response
- Correct-by-construction software technologies, including programming
languages, tools, and environments; systems software, middleware,
and networking (reusable middleware services such as efficient,
predictable, scalable, dependable protocols for timing, consensus,
synchronization, and replication for large-scale distributed embedded
applications and domain-specific services)
- Verification and validation technologies
- Forensic and diagnostic tools
- Experimentation with large-scale systems
- Reference implementations
- Domain-specific certification technologies
- Reduction of time, effort, and cost of assurance and certification
- Technological base of public domain, advanced prototype implementations
of high-confidence technologies to enable rapid adoption in the
private sector and in government
|
