Digital innovation is the source of competitiveness and value creation for many types of businesses. The universal desire for rapid digital innovation demands efficient reuse of software code building blocks, which has increased the dependence upon open source and third-party libraries and tools that comprise the software supply chain. Adversaries have moved from finding and exploiting vulnerabilities in end products to a new generation of supply chain attacks where attackers aggressively implant malicious code directly into artifacts in the supply chain and find their way into build and deployment pipelines. Digital innovation depends upon confidence in the software supply chain. As such, our research will enable the following vision: The software industry can rapidly innovate with confidence in the security of their software supply chain. The challenge of software supply chain security has recently received significant interest from industry and government. However, discussions with key stakeholders indicate that the state-of-the-art is preliminary, motivating scientific research to address the underlying fundamental challenges that will limit the practical success of existing approaches. We tackle the challenges of secure software supply chain through three thrusts: prevention, detection, and response, with an explicit objective of moving toward preventing security failures. For each thrust, we consider five hard security problems: (1) Scalability and Composability, such as detecting malicious commits and hardening containers; (2) Policy-governed Secure Collaboration, such as effective use of Software Bill of Materials; (3) Predictive Security Metrics, such as measuring the exploitability of vulnerabilities; (4) Resilient Architectures, such as isolation and sandboxing of components; and (5) Human Behavior, such as studying how to make software developers make more secure decisions. The project will impact the software industry by engaging with current industry players/community, enabling their participation in our research thrusts. Additionally, the project will involve educating the next generation of engineers to eradicate software supply chain security issues and training current employees to make them aware of these issues to help reduce them. To solve these challenging issues, we have created a multidisciplinary proposing team committed to diversity.

The global cellular telecommunication system is critical infrastructure that has become a ubiquitous platform for Internet connectivity supporting a wide range of use cases for both consumers and industry. We are now on the cusp of widespread adoption of 5G technology. While 5G is widely marketed for its gigabit per second rates and ultra-low latency, it also also fundamentally changes the internal network architecture, providing dynamic provisioning of software-defined services that offer enhanced control to network tenants including virtual operators and enterprises. This new threat model necessitates deep investigation of the many technical components that comprise the cellular system. Whereas several initial studies have formally modeled and evaluated the security of 5G cryptographic protocols, little is known about the security of software and hardware systems that implement them. To this end, the goal of this work is to aid mobile network operators in deploying secure cellular systems through the development of tools and techniques that extract, model, and analyze security-sensitive logic of the source and binary code that exists within cellular system functional entities.

The goal of this work is to detect, measure, and remediate a software project's use of external, open source software dependencies with security flaws. First,we will introduce two new static analysis primitives: a global dependency graph (GDG) and a global vulnerable-dependency graph (GVDG) to simplify the detection and measurement of the extent and effects of vulnerable dependencies. We will then create novel techniques for analyzing code and textual artifacts of software projects to identify when a new version has fixed a vulnerability,even if a security advisory has not been announced. In doing so, we will help developers know when dependencies must be updated, ultimately leading to more secure software.

Existing networking technologies are primarily focused on functionality, not security. Consequently, requirements of these technologies, such as fixed network topologies, lead to rigid architectures that fail to enable the network access control requirements of current and future computing environments. We propose the creation of a novel primitive called network views that allows a physical or virtual host to have a different set of accessible peers,regardless of network address or topological placement of those peers. We seek to explore and characterize the utility and practicality of network views in different network environments, ranging from traditional LANs to multi-site, multi-tenant networks such as those emerging in cloud and cellular networks. Our proposed design combines concepts from software-defined networking (SDN),operating systems access control, and distributed consensus protocols. Through these efforts, we seek to provide a new security foundation for the growing security needs of both public and private sector network operations.

Holding a large PI meeting like the proposed SaTC PIs meeting is a complex undertak-ing, and the time commitment for the participating PIs is considerable. As such, it is important that such meetings only be held when the attendees and community as a whole will benefit substantially.The proposed PI meeting for the NSF SaTC program would provide a valuable venue for SaTC researchers to engage with others in the community and in other areas, as well as to think about the broader issues in cybersecurity research and education. These interactions are unlikely to occur at other research conferences that are organized around narrow research disciplines and focus on presenting recent works.

Consumer operating systems are changing. Modern platforms such as Android, iOS, and Windows 8 provide new abstractions for specifying and enforcing access control policy on third-party applications run by end users. The new abstractions add complexity to both policy specification and enforcement. In this proposal, we focus specifically on the correctness of enforcement in these modern platforms. The proposed work seeks to extract a formal semantics of access control policy by mining existing code bases. We then analyze the extracted model for correct enforcement of security goals. The models will also be compared across platform variations, as well as across different platforms. In doing so, we seek to harden existing platforms and establish stronger trustworthiness in a security-critical layer of platforms relied upon by consumers, enterprises, and governments.

Increased use of cloud computing services is becoming a reality in today's IT management. The security risks of this move are active research topics, yielding cautionary examples of attacks enabled by the co-location of competing tenants. In this project, we propose to mitigate such risks through a new approach to cloud architecture defined by leveraging cloud providers as trusted (but auditable) security enablers. We will exploit cooperation between cloud providers and tenants in preventing attacks as a means to tackle long-standing open security problems, including protection of tenants against outsider attacks, improved intrusion detection and security diagnosis, and security-monitoring inlays.

Computing systems that make security decisions often fail to take into account human expectations. This failure occurs because human expectations are commonly drawn from textual sources (e.g., mobile application description) and are hard to extract and codify. This proposal seeks to extract expectation context from natural-language text artifacts presented to users as they find, install, and run software. The proposed work focuses specifically mobile applications to demonstrate concrete and practical advances in our scientific understanding of applying user expectation context to security decisions. These findings will advance the state-of-the-art in identifying and classifying malware and grayware, as well as identify better methods of communicating risk to users. We will also gain a better understanding of the unique challenges of applying text analytics the security domain.

Controlling the access and use of information is a fundamental challenge of computer security. Emerging computing platforms such as Android and Windows 8 further complicate access control by relying on sharing and collaboration between applications. When more than two applications participate in a workflow, existing permission systems break down due to their boolean nature. In this proposal, we seek to provide applications with residual control of their data and its copies. To do this, we propose secure OS views, which combines a new abstraction for accessing data with whole-system information tracking. We apply secure OS views to modern operating systems (e.g., Android and Windows 8), which use database-like abstractions for sharing and accessing information. Similar to a database view, secure OS views uses runtime context to dynamically define the protection domain, allowing the return of the value, a fake value, or nonexistence of the record.

The 9th Association for Computing Machinery (ACM) Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2016) will be held at the Darmstadtium in Darmstadt, Germany, from July 18 to July 20, 2016 [1]. This proposal requests $5,000 in funding to assist approximately five (5) United States-based graduate students to attend WiSec 2016.