National Science and Technology Council, Subcommittee on Networking and Information Technology Research and Development, Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program (Dec. 6, 2011) (full-text).
This plan was developed by the NITRD agencies and directly responds to the need for a new cybersecurity R&D strategy. It replaces the piecemeal approaches of the past with a set of coordinated research priorities whose promise is to "change the game," resulting in a trustworthy cyberspace.
As a research and development strategy, this plan defines four strategic thrusts: Inducing Change; Developing Scientific Foundations; Maximizing Research Impact; and Accelerating Transition to Practice.
These thrusts provided a framework for prioritizing cybersecurity R&D in a way that concentrates research efforts on limiting current cyberspace deficiencies, precluding future problems, and expediting the infusion of research accomplishments into the marketplace. The principal objectives of the thrusts include achieving greater cyberspace resiliency, improving attack prevention, developing new defenses, and enhancing the capabilities to design software that is resistant to attacks.
The Inducing Change thrust includes a new priority theme named Designed-in Security, together with the existing themes of Tailored Trustworthy Spaces, Moving Target, and Cyber Economic Incentives. The Designed-in Security theme focuses on developing capabilities to design and evolve high-assurance systems resistant to cyberattacks, whose assurance properties can be verified. Such development capabilities offer the path to dramatic increases in the security and safety of software systems.
Explicit in the execution of this plan is the coordination process across government agencies through the NITRD Program and the leadership function of the NITRD Cyber Security and Information Assurance Interagency Working Group (CSIA IWG), the federal government's principal group for coordinating cybersecurity R&D activities. In conjunction with OSTP, the NITRD Senior Steering Group for Cybersecurity R&D, and the Special Cyber Operations Research and Engineering (SCORE) Interagency Working Group, the CSIA IWG assures that the execution of this plan by individual federal research agencies is coordinated, cohesive, and complementary.