Title: Frequently Asked Questions (FAQ) for the Secure and Trustworthy Cyberspace (SaTC) Program (NSF 13-578) Date: 9/20/2013 NSF 13-130 Frequently Asked Questions (FAQ) for the Secure and Trustworthy Cyberspace (SaTC) Program ([1]NSF 13-578) Program Objectives & Perspectives 1. What are the objectives of the SaTC program? To read about the objectives of SaTC, please review the Introduction and Program Description in the solicitation. 2. Is SaTC interested in efforts that indirectly help, prevent, or ameliorate cybersecurity issues? Yes. We fund research that addresses a wide variety of topics, including research on behavior, motivation, and other factors that indirectly help to ensure that cyberspace systems can be effectively and safely utilized. 3. How can I determine whether a particular topic is suitable for submission to SaTC as opposed to Core solicitations within the Directorate for Computer & Information Science & Engineering (CISE) or the Directorate for Social, Behavioral & Economic Sciences (SBE)? While a proposal may overlap with SaTC and other programs, in general, SaTC proposals should take account of cyberattack and defense. However, there is no hard line between program boundaries. It is particularly helpful for a PI to consider what research field will be advanced by the proposed work. It is less helpful to consider the application domain of the research in deciding which program is most appropriate. Consider whether the proposed work primarily aims to advance the topics of CISE or SBE core solicitations (for example, a focus on networked systems or economics, etc.) and incidentally addresses (for example) improving system resilience to attack, or whether its primary contribution is in improving system resilience under attack, but there are incidental contributions to topics in core solicitations. It is the latter proposal that should be submitted to SaTC. If you are unsure which is the most relevant program for your proposal, please contact the Program Officers to help resolve the issue. While Program Officers do have the discretion to transfer or share a proposal between programs, it is better to resolve such ambiguities before the proposal is submitted. 4. How do these Perspectives-Trustworthy Computing Systems (TWC), Social, Behavioral and Economic (SBE), and Education (EDU)-affect how I submit my proposal? As specified in the solicitation, all proposals must be submitted to the CISE/CNS division, regardless of which perspective is most relevant. After your proposal is received, those with primary SBE perspectives will generally be managed by the Directorate for Social Behavioral and Economic Sciences; those with EDU perspectives will be managed by the Directorate for Education and Human Resources; and those with primary TWC perspectives will be managed by the Directorate for Computer and Information Science and Engineering. At the discretion of Program Officers, the review of proposals may be managed by a different division than would be indicated by the perspective. 5. Is SaTC's Trustworthy Computing Systems Perspective more narrow in scope than CISE's former Trustworthy Computing program? No. As indicated in the solicitation, SaTC extends the scope of the prior Trustworthy Computing program. Any research that was in scope for the prior program remains in scope for SaTC. The scope for SaTC now specifically includes research based in a Social, Behavioral, and Economic (SBE) perspective as outlined in the solicitation, as well as efforts to promote transition of technology into practice, and to support education in cybersecurity. Frontier Proposals 6. What is the intention of the Frontier award category? A Frontier proposal should support objectives sufficiently comprehensive and coordinated such that they could not be attained by a collection of Small or Medium proposals, provided similar resources. Frontier awards should promote synergy among academic, industrial and other partners. They should address the combined needs for in-depth or multidisciplinary research investigations, education and workforce development, and incorporation of research results into deployed products and systems. If you are considering submitting a Frontier proposal, please contact one of the SaTC Program Officers (see list at the bottom of this document). 7. Are there approval requirements before submitting a Frontier proposal? No. However, PIs are strongly encouraged to contact an NSF Program Officer to discuss the research ideas and the composition and expertise of the team before submitting a Frontier proposal. The Program Officer will provide advice about the proposed project, e.g., the extent to which the scope and purpose relates to the goals of the SaTC program. For FY14, the designated NSF Program Officer for Frontiers is Jeremy Epstein. 8. Can Frontier proposals be submitted to the SBE perspective (only)? No. Although Frontier proposals can have both TWC and SBE perspectives, a Frontier proposal cannot be submitted solely to the SBE perspective, nor can the SBE perspective be primary. 9. Can Frontier proposals contain a Transition to Practice (TTP) Option? Yes. Frontier proposals can have a TTP Option, with a budget of up to $750,000. 10. Can an Education proposal be submitted as a Frontier? No. Frontier proposals must have TWC and SBE perspectives only. See question 8 above for further details. 11. Will Frontier awards involve site visits? NSF may, at its discretion, conduct site visits or reverse site visits prior to issuing Frontier awards. Frontier awards will be administered in accordance with normal NSF procedures for awards of this size and scope. Currently, site visits are required as part of the management of Frontier awards. 12. How do I decide whether to submit a SaTC Frontier proposal or a CISE Expedition proposal? Consider the scope and objectives of the proposed research in relation to the two solicitations, and select the most appropriate one. If in doubt, contact the appropriate NSF Program Officer. 13. Can Frontiers be significantly less than the $10M maximum? Yes, Frontier proposals should request the amount necessary to carry out the research. This could be considerably less than $10M. Education Proposals 14. Can an Education proposal be submitted as a Small, Medium, or Frontier, either on its own or as an additional perspective? No. Education proposals may not be submitted in Small, Medium, or Frontier sizes, or as a perspective on any of these sizes. Instead, the SaTC program seeks proposals addressing Cybersecurity Education with total budgets limited to $300,000 and durations up to two years. Proposals With Transition to Practice Options 15. Is the TTP Perspective that was present in the FY 13 solicitation still available? No, we are instead focusing our TTP funds on supplemental options in FY 14. 16. Is it expected that the TTP option work come only at the end of a project? Not necessarily. Although Transition work often does come at the end of a project, other work plans are possible. For example, a project could be iterative, whereby research and transition activities alternate, each activity building on the previous work. Thus, Transition activities could start earlier in the project. 17. Should the budget for a TTP option be included in the budget submitted with the proposal? No. While the budget documents should not include the TTP option, the five-page supplementary document describing the TTP option should include a sketch of the budget. If a proposal is selected for funding, and if NSF chooses to exercise the option, NSF will request a revised budget that increases the budget amount to include the option. 18. Software developed under the TTP option must be open source. Does that requirement apply to all software developed under any SaTC award? No. The open source requirement applies only to software developed under the TTP option, but not to the base grant. 19. What is the relationship between SaTC's TTP option and NSF's I-Corps program? The programs are independent and have different structures, though both aim to help bring the fruits of research projects to general use. Award sizes, scope and duration are different. Please see the solicitations for details, and consult NSF Program Officers if you have questions. SBE Perspective Proposals 20. My research to some extent involves people-attitudes, cognitions, behaviors, groups, organizations, markets, and/or social systems. Should I submit it as a SaTC proposal under the SBE (Social, Behavioral and Economic) perspective? A proposal should be submitted with SBE first in its title (that is, SBE primary) only if SBE aspects of the proposal are its primary focus and the proposed research is apt to make contributions to the SBE sciences. A proposal may be submitted with SBE second in its title (that is, SBE non-primary) if SBE aspects of the proposal are not its primary focus but the research applies SBE science methods. Alternatively, a proposal that involves applied SBE science may fit under "Trustworthy Computing Systems" alone, as work on human factors has in the past. Groundbreaking SBE science will be beneficial for advancing the goal of a secure and trustworthy cyberspace. The SBE portion of the SaTC program targets SBE research that contributes to this goal and that makes contributions to the basic SBE sciences. 21. What makes research a "contribution" to the SBE sciences? Good SBE science research contributes to the basic SBE sciences, identifying generalizable theories and regularities and "pushing the boundaries" of our understanding of social, behavioral, or economic phenomena in cybersecurity and beyond. In identifying what might contribute to the SBE sciences, we seek research that is generalizable, identifies scope conditions, provides an advance in SBE science methods, or provides valuable data for the SBE community. We seek research that holds the promise of constructing new SBE theory that would apply to a variety of domains (i.e., it is generalizable), or new generalizations of existing theory, which clarify the conditions under which such generalizations hold (i.e., so-called scope conditions). More inductive or interpretative approaches might contribute to the SBE sciences, especially if they provide needed groundwork for generalizable research or reveal broad connections that advance SBE science understandings. SBE/SaTC proposals should clearly state and elaborate how the proposed research will contribute to SBE sciences. A variety of methods can be used, including field data, laboratory experiments, observational studies, simulations, and theoretical development, among others. 22. When is research not a "contribution" to the SBE sciences? Research that applies an existing SBE proposition or theory to a cybersecurity context will not be considered a SBE science contribution, unless it promises to make a novel contribution to the originating theory. 23. Is it enough for my SBE/SaTC proposal to contribute to the SBE sciences? No. A successful SBE/SaTC proposal must also contribute toward the goal of creating a secure and trustworthy cyberspace. The SBE science contribution of any SBE/SaTC proposal should be related to bringing about that goal. It is not sufficient for a proposal submitted under SBE/SaTC to only have an SBE science contribution. Such proposals are best submitted to a standing (core) SBE program. You can find a list of SBE Core programs at [2]http://www.nsf.gov/dir/index.jsp?org=SBE. Supplementary Documents 24. What is the difference between the required personnel list and the collaborators list? Both are mandatory. They must be included even if the only person on the list is the PI him/herself. The personnel list includes all PIs, co-PIs, other senior personnel (paid or unpaid), advisors, etc. The collaborators list includes anyone with whom those on the personnel list have collaborated on a project, book, article, report, or paper within the preceding 48 months; or anyone with whom those on the personnel list have co-edited a journal, compendium, or conference proceeding within the preceding 24 months. 25. Why do you need both personnel and collaborators lists? Both are used to avoid accidental conflicts of interest in the course of reviewing proposals. Individuals on the first list are precluded from being panelists or ad hoc reviewers on any panel of the same size as your proposal, while those on the second list are precluded from being panelists or ad hoc reviewers for your proposal in particular (but could be panelists or ad hoc reviewers for other proposals of the same size). 26. In the list of personnel, how should we list cases where the person has not been identified yet (e.g., future graduate students)? List the person's name as "TBD," and include the institution and role he/she is likely to have. Miscellaneous 27. Are multi-perspective proposals encouraged or discouraged? Neither. A PI should decide to which perspectives to submit his/her proposal based upon the research components of his/her proposed work. A proposal will be negatively affected if its impact is lessened by its failure to consider a highly-relevant perspective. Similarly, a perspective that appears "tacked on" and irrelevant to the main focus of the work will also not be favorably reviewed. 28. What about proposals for workshops and other meetings or infrastructure? Given the nascent state of research in cybersecurity, we welcome proposals for workshops and other opportunities for intellectual engagements. Please do talk with a SaTC Program Officer before submitting such a proposal. You will need to clarify how the efforts are likely to enable future scientific contributions, and an infrastructure-oriented proposal should include components that go beyond merely providing a resource for other researchers and should contribute directly to research. PIs should indicate which perspective(s) apply to their proposals, as with non-workshop/infrastructure proposals. 29. Will SaTC review panels contain reviewers from all of the CISE, SBE, Education, and Mathematics communities? Every attempt is made to ensure that all proposals are evaluated by qualified reviewers. Proposals with similar topics are generally paneled together. Some may focus more (or only) on CISE, SBE, Education, or Math topics. If so, only experts in these areas will review the corresponding proposals. 30. I have a general question about SaTC - is there an email address for the program? Yes, you may e-mail [3]satc@nsf.gov. 31. Should I discuss my proposal with NSF Program Officers? Yes, as with all programs at NSF, PIs are encouraged to discuss planned proposals with Program Officers so they can assist in determining whether SaTC is a suitable program for the proposed work. 32. Who are the SaTC program officers, and which one should I talk with? The list of current SaTC program officers is at the end of this document and will be available on NSF web pages for the program. PIs should discuss potential proposals with the Program Officer whose area is closest to that of the proposed research. 33. Do SaTC proposals count against the CISE Core program limits on numbers of proposals allowable per year? No. SaTC is an NSF cross-cutting program, so the limits imposed by the CISE Core programs do not apply. However, no person can be PI, co-PI or senior personnel on more than three SaTC proposals per NSF fiscal year, two of which may be Small, Medium or Frontier, and one Education. 34. Does SaTC allow international cooperation? Yes. We encourage collaboration with the international community, and actively support it. For such efforts, NSF funds the US participants, and international participants are funded by their respective countries. If a proposal is to be simultaneously submitted to a non-US funding agency and the work cannot proceed without being co-funded by the other agency, please discuss the situation with a Program Officer as soon as possible, preferably before submitting your proposal. 35. Can I be a reviewer for the SaTC program if I've submitted a SaTC proposal? Yes, but only in the funding categories (Small, Medium, Frontier, Education) to which you did not submit any SaTC proposals in a given fiscal year. 36. Can I sign up for a mailing list to receive SaTC announcements? Yes. The SaTC-Announce mailing list provides occasional announcements (no more than a half-dozen per year). To join, simply send an email (from the address to which you would like instructions to be sent) to listserv@listserv.nsf.gov. In the text of the message, put the following command (only): subscribe SaTC-Announce For example: subscribe SaTC-Announce Jane Doe You will receive instructions via return email on how to proceed. Small Businesses and Commercialization 37. Can a small business apply to this solicitation? Yes, small businesses can apply to this solicitation. 38. Can a faculty member be the principal investigator (PI) for a proposal from a small business? Per the guidelines of the Small Business Innovation Research (SBIR) program (see [4]http://www.nsf.gov/publications/pub_summ.jsp?ods_key=nsf13546), the primary employment of the PI of a small business proposal must be with the small business. A university faculty member can be a PI on a proposal from a small business as long as he/she is employed by the company at least 51% of the time for the duration of the award. Regardless, a faculty member can be on a sub-contract from a small business to the university. 39. Are there companies interested in working with university researchers on transitioning and commercializing university research? Yes, PIs can contact [5]Juan E. Figueroa for companies that have previously received SBIR/STTR awards from NSF and that may have interest in collaborating with university researchers. Optional Checklist for Submission 40. For Education Proposals + Project description up to 15 pages + Must include EDU in title; TWC and SBE may NOT be included in title + Collaboration plan (up to 2 additional pages) ALLOWED if multiple institutions, and must be a Supplementary Document, not part of the Project Description + Extra pages for Collaboration plan NOT PERMITTED if only one institution + Senior personnel list and collaborators list, in the specified format, as a Supplemental Document + TTP Option NOT PERMITTED 41. For Small proposals + Project description up to 15 pages + Must include one or both of TWC and SBE in title; EDU may NOT be included in title + Collaboration plan (up to 2 additional pages) ALLOWED if multiple institutions, and must be a Supplementary Document, not part of the Project Description + Extra pages for Collaboration plan NOT PERMITTED if only one institution + Senior personnel list and collaborators list, in the specified format, as Supplemental Documents + If TTP Option (1) include keyword "TTP Option" in title, (2) do NOT include Option budget in base, (3) required TTP plan as supplemental doc (up to 5 pages including budget sketch up to $167,000) 42. Medium proposals + Project description up to 15 pages + Must include one or both of TWC and SBE in title; EDU may NOT be included in title + Collaboration plan (up to 2 additional pages) REQUIRED if multiple institutions, ALLOWED if only one institution, and must be a Supplementary Document, not part of the Project Summary + Senior personnel list and collaborators list, in the specified format, as Supplemental Documents + If TTP Option (1) include keyword "TTP Option" in title, (2) do NOT include Option budget in base, (3) required TTP plan as supplemental doc (up to 5 pages including budget sketch up to $400,000) 43. Frontier proposals + Discussion with a SaTC Program Officer STRONGLY ENCOURAGED before submitting + Project description up to 20 pages + Must be either TWC or TWC SBE perspective (SBE-only or SBE-primary are not permitted); EDU may NOT be included in title + Collaboration plan (up to 2 additional pages) REQUIRED, and must be a Supplementary Document, not part of the Project Description + Senior personnel list and collaborators list, in the specified format, as Supplemental Documents + If TTP Option (1) include keyword "TTP Option" in title, (2) do NOT include budget in base, (3) required TTP plan as supplemental doc (up to 5 pages including budget sketch up to $750,000) Contact 44. Who should I contact? Following are current Program Officers for the Secure and Trustworthy Computing program: CISE: CNS: Jeremy Epstein [6]jepstein@nsf.gov Angelos Keromytis [7]adkeromy@nsf.gov Ralph Wachter [8]rwachter@nsf.gov CCF: Sol Greenspan [9]sgreensp@nsf.gov Nina Amla [10]namla@nsf.gov IIS: Vijay Atluri [11]vatluri@nsf.gov ACI: Kevin Thompson [12]kthompso@nsf.gov SBE: SES: Peter Muhlberger [13]pmuhlber@nsf.gov MPS: DMS: Andrew Pollington [14]adpollin@nsf.gov EHR: DUE: Victor Piotrowski [15]vpiotrow@nsf.gov ENG: ECCS: Zhi (Gerry) Tian [16]ztian@nsf.gov References 1. http://www.nsf.gov/publications/pub_summ.jsp?ods_key=nsf13605 2. http://www.nsf.gov/dir/index.jsp?org=SBE 3. mailto:satc@nsf.gov 4. http://www.nsf.gov/publications/pub_summ.jsp?ods_key=nsf13546 5. http://nsf.gov/staff/staff_bio.jsp?lan=jfiguero 6. mailto:jepstein@nsf.gov 7. mailto:adkeromy@nsf.gov 8. mailto:rwachter@nsf.gov 9. mailto:sgreensp@nsf.gov 10. mailto:namla@nsf.gov 11. mailto:vatluri@nsf.gov 12. mailto:kthompso@nsf.gov 13. mailto:pmuhlber@nsf.gov 14. mailto:adpollin@nsf.gov 15. mailto:vpiotrow@nsf.gov 16. mailto:ztian@nsf.gov