Setting an Interagency HCS Research Agenda
Released May 1998 		leftright
4.  HCS Research Agenda Development

4.  HCS Research
Agenda Development
HCS Research Agenda Development
 
This brainstorming session began with additional context setting. The NCO representative provided organizational background information on the CIC HCS effort and where it fits in with other CIC Program Component Areas. It was suggested that, in the course of setting the HCS research agenda, a document like the NGI Implementation Plan (NGI IP) be produced (the NGI IP took a little over a year to complete). Proposed research issues that might be included in such a document were mentioned (e.g., open systems, cost reduction, integration across technologies and applications) along with organizational/operational issues related to the HCS research agenda (e.g., role of the Federal government, individual agency roles, multi-agency coordination).
 
To further set the context, a short presentation on NSA's perspective of researching high confidence in INFOSEC systems was provided. NSA has moved away from the old world Government-off-the-shelf (GOTS) approach to assurance (i.e., government control, lots of effort placed on assurance because systems are in the field for a long time, high quality secure products). It is moving towards the new world commercial-off-the-shelf (COTS) approach to assurance (i.e., government has no control, little effort is invested in assurance because of short product life cycles, layered security). The main problems with assurance are finding and keeping experts and needing tools that have assurance built into them. Five "Pillars for Success" were identified as potential starting points for our brainstorming (fundamental property research, design tools, administration tools, composition, and education). Additionally, six "Stretch Goals" (reduce credit card interest, safeguard children in cyberspace, privacy of consumer transactions, decrease system intrusions, eliminate junk email, and dominate the electronic battlespace) were identified.
 
The Executive Secretary of the HCS Working Group proposed a strawman HCS vision and a set of technology research goals for 2010:
 
Vision
 
High Confidence Systems research will produce a body of knowledge and a set of tools that will promote safe, reliable, dependable, secure, and survivable computing systems. Achieving high confidence systems will enable a world radically different and much improved from the world of today in providing for the general welfare of the public and meeting key performance goals of Federal agencies.
 
HCS Technology Research 2010 Goals

  • Develop the foundational capabilities to specify and ensure implementation of requisite behaviors in highly complex, large-scale systems
  • Develop techniques to measure system qualities
  • Develop techniques to incorporate user-centered needs
  • Develop and integrate tools and techniques that support HCS implementation and assessment
  • Validate that HCS tools and techniques scale to real problems
  • Lower the costs of HCS implementation and assessment
  • Integrate HCS approaches more widely into all government and commercial system development environments.
To continue setting the context, a NASA folder (illustrating the results of NASA's efforts to shape their research agenda) was distributed as an example for getting an HCS research agenda established. A strawman strategic roadmap for HCS with five "pillars" (reliability and fault tolerance, security, survivability, safety, and assurance technologies) was proposed to get the group started (see Appendix B).
 
The brainstorming began with the moderator pointing out that the group needed to get to clear, concise goals established to convey the research agenda to the Administration, Congress, and the public in a way that all could understand almost immediately. With that perspective, it was suggested that the group identify the problem(s) first, in a way that the average person can understand (e.g., delivery of government services); otherwise, the group's output would be a solution chasing a problem. Once again, there was some discussion about the role of research related to standards. There also was a question about the scope of the research agenda:

  • Government's role in national security
  • Government's role to itself and to private industry
  • Private industry's role unto itself
It was suggested that other groups are already handling the first and last items of scope. The scope of the interagency HCS research agenda should focus on Government's role to itself (efficiency of Government services) and to private industry (items of public interest, leading standards, and working issues that industry will not address on its own). There was an open question about being able to influence OMB, which is making a lot of decisions for the various agencies, in its apparent reluctance to support needed research.
 
A number or slides were developed as the group brainstormed ideas and how to structure them. Three slides were developed at the end of the afternoon to capture the group's thoughts at that point on high level goals that might convey the importance of HCS:

  1. Protect the public:  Increase confidence in critical infrastructures.
     
    • "Confidence" includes safe, reliable, accurate, trustworthy, secure, adaptable, and timely.
    • "Critical infrastructures" includes medical, transportation (e.g., aviation, trains), power, telecommunications (e.g., GPS radio navigation), public safety and emergency services, national security and defense, command and control, financial services, and the environment.
    • Measurement, design analysis, and formal methods are important.

  2. Protect the consumer:  Enable higher reliability and ease-of-use in commercial products.
     
    • "Reliability and ease-of-use" includes expedited certification, validation & verification, shortened time to market, simplicity of use, affordability, lower life cycle cost, and plug & play.
    • "Commercial products" includes smart cars (Intelligent Vehicle Systems), medical devices, consumer electronics, business systems, smart houses, sensor technologies (e.g., alarms), GPS receivers, consumer Internet, smart cards, education technologies, digital libraries.
    • Informal test and evaluation are important.

  3. Enhance Government services:  Increase confidence in Government services.
     
    • "Confidence" includes timely, accurate, private, adaptable, safe, secure, dependable, accountable, responsive, easy to use, and efficient.
    • "Government services" includes entitlement programs, IRS modernization, Social Security modernization, Medicare modernization, law enforcement modernization, emergency management modernization, Patent and Trademark Office (PTO), air traffic control, and NOAA.
These three slides were delivered to all attendees who were tasked to provide feedback. A smaller group will examine the feedback and create a polished set of ideas for discussion at a future workshop. The goal is to continue the development of a document for HCS research similar to the NGI IP, and to publish a first draft of that document by the end of this summer.
 
The Workshop Chair closed the meeting by thanking everyone for their contributions and by encouraging increased participation in the HCS Working Group.

leftright