A technician connecting cables to a supercomputer, an illustration of a padlock, and a person sitting at a personal computer.

Cybersecurity: Safeguarding America's Digital Infrastructure

For decades, NSF has funded research to protect national and personal security in today's highly connected, digital world.
View image credit

NSF Impacts

Cybersecurity safeguards the digital infrastructure we rely on every day — from power grids and online banking to communication networks and personal data.

As society becomes more dependent on digital technology, the stakes are higher than ever: Cyberattacks can disrupt critical systems, harm lives and livelihoods and cause billions in economic losses.

Since the 1960s, the U.S. National Science Foundation has supported pioneering research in computer science, mathematics, psychology and other fields that laid the groundwork for advances in cybersecurity, privacy and trust.

A black-and-white 1970s-era photo of two men looking at data printed on a ream of paper.
In the 1970s, NSF-supported researchers Martin E. Hellman (left) and Whitfield Diffie (right) developed public-key encryption algorithms, which are widely used today.

Credit: Chuck Painter/Stanford News Service, Stanford University Archives

The key to secure communication

In the 1970s, NSF-supported researchers Whitfield Diffie and Martin E. Hellman developed the groundbreaking public-key encryption algorithms, which use mathematical puzzles to create two keys: a public key that allows anyone to encrypt a message, and a private key, known only to the receiver, that decrypts the message.

Public key encryption allows information to be safely transmitted over unsecured connections, facilitating activities that have transformed society. It is now the cornerstone of the modern-day internet's cybersecurity infrastructure, including secure HTTP connections, email communications, e-commerce and teleconferencing.

Next-level network security

In the early 2000s, NSF began funding the researchers behind the groundbreaking open-source cybersecurity software Bro, which analyzes network traffic in real-time, allowing it to identify abnormalities and respond quickly to cyberattacks.

Initially developed for university and national lab networks cyber research, Bro —now called Zeek — expanded into real-world cybersecurity use with NSF funding. Today, it's a critical tool for monitoring and securing networks at top supercomputing centers, national labs, universities and corporations.

A circle composed of many small red and green circles connected to one another with lines.
Zeek's (formerly Bro) Tree of Trust shows information about trusted SSL Certificate Authorities.

Credit: Johanna Amann, ICSI
A close-up of a doctor holding a touchscreen.

Credit: Rene L/peopleimages.com

Making data useful yet private

In the mid-2000s, NSF supported seminal work on differential privacy, a mathematical framework for ensuring the privacy of individual-level data when analyzing privacy-sensitive datasets.

Today, differential privacy is used for data sets including medical studies, search engines and U.S. Census data — guaranteeing privacy protection for individuals while providing valuable information for society.

The road to security

In 2010, NSF-supported researchers exposing vulnerabilities in automotive systems demonstrated the ability to remotely hack a human-operated vehicle and take control of critical functions, including the engine and brakes.

This work prompted significant improvements in automotive security standards and informed new federal government programs, making the road safer for everyone. These advancements transformed the automotive industry and earned Stephen Checkoway, Tadayoshi Kohno, Karl Koscher and Stefan Savage a 2021 Golden Goose Award.

Three technicians sitting inside of a car, viewing a diagnostic screen.
Technicians at the NSF Center for Advanced Automotive Technology use diagnostic tools to check car systems and find possible cybersecurity risks.

Credit: from ATE Centers Impact 2016-2017 (www.atecenters.org (link is external) )
A black electronic box containing an electrical outlet and labeled "PowerGuard" and "VirtaLabs"
PowerGuard™ detects when an infected device is plugged into the outlet by analyzing subtle power consumption patterns.

Credit: Courtesy of Virta Laboratories, Inc.

Securing health care

In 2015, NSF-funded scientists at the health care security company Virta Labs introduced a cybersecurity system, PowerGuard, that protects vulnerable medical devices without requiring software installation or upgrades. The system can detect malware and anomalies on devices without disrupting patient care.

Its developers are credited as pioneers in the field of medical device cybersecurity.

Building stronger defenses

NSF continues to support advancements in cybersecurity, funding cutting-edge research and development with initiatives such as the NSF Security, Privacy, and Trust in Cyberspace program and building a robust workforce through education programs such as the NSF CyberCorps® Scholarship for Service.

Three college students smiling at the camera.
Participants in the NSF CyberCorps Scholarship for Service program, which recognizes students with technical talent, moral integrity and leadership.

Credit: Jaren Wilkey/BYU Photo
Top