Skip directly to content

Minimize RSR Award Detail

Research Spending & Results

Award Detail

Doing Business As Name:University of Utah
  • Mu Zhang
  • (801) 581-4558
  • Sneha K Kasera
  • Hari Sundar
Award Date:05/11/2021
Estimated Total Award Amount: $ 499,834
Funds Obligated to Date: $ 499,834
  • FY 2021=$499,834
Start Date:07/01/2021
End Date:06/30/2024
Transaction Type:Grant
Awarding Agency Code:4900
Funding Agency Code:4900
CFDA Number:47.070
Primary Program Source:040100 NSF RESEARCH & RELATED ACTIVIT
Award Title or Description:CICI:SIVD:Context-Aware Vulnerability Detection in Configurable Scientific Computing Environments
Federal Award ID Number:2115167
DUNS ID:009095365
Parent DUNS ID:009095365
Program:Cybersecurity Innovation
Program Officer:
  • Robert Beverly
  • (703) 292-7068

Awardee Location

Street:75 S 2000 E
County:Salt Lake City
Awardee Cong. District:02

Primary Place of Performance

Organization Name:University of Utah
Street:50 S. Central Campus Drive
City:Salt Lake City
County:Salt Lake City
Cong. District:02

Abstract at Time of Award

Computational infrastructures have increasingly become the enabling factor for scientific discovery, in critical application domains including seismic imaging, air quality monitoring, epidemiology, drug discovery and nuclear engineering. The security of these infrastructures is thus of crucial importance, as the vulnerabilities in their unique software stacks can cause significant damage to economy, environment, public health, and national security. This project aims to safeguard scientific computing infrastructures via automatically identifying hidden software vulnerabilities in a timely manner. Particularly, the goal of this project is to address the challenging problem of configuration-related security bugs in highly customizable high-performance computing environments. Detecting such vulnerabilities is a hard problem. The stateof- the-art general vulnerability analyzers are unable to capture the specific runtime contexts of multiple interdependent software elements in specialized scientific computing environments. To bridge this gap, this project connects advanced bug-finding techniques to dedicated high-performance computing settings. In addition, it also seeks to leverage the unique characteristics of scientific computing environments to facilitate vulnerability discovery. Hence, this research provides a comprehensive understanding of the software security problems in real-world scientific computing systems, and builds robust solutions to secure these systems. Specifically, this project develops novel deployment-specific vulnerability detection techniques, that can (a) discover seemingly well-formed, yet inconsistent configuration values within scientific computing contexts, (b) detect cross-component vulnerabilities caused by the settings of interconnected computing software, and (c) take full advantage of the de facto workflow of high-performance computing systems to reduce the complexity of finding bugs. This research consists of three tasks: (1) it investigates the deployment contexts in real-world high-performance computing systems and develops both offline and online tools to automatically collect contextual information; (2) it applies extracted contexts to detecting misconfiguration and configuration-triggered code vulnerabilities at both deployment time and incrementally at runtime; (3) it tests the novel technique in real-world testbeds and scientific computing environments to evaluate its accuracy, efficiency and effectiveness. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

For specific questions or comments about this information including the NSF Project Outcomes Report, contact us.