A Powerpoint summary is also available: TRUST Powerpoint Summary

See also The TRUST 2006-2007 Annual Report and the 1st 5 year Strategic Plan (available only to TRUST website members)

See also the TRUST section of "Profiles in Team Science."

Computer trustworthiness continues to increase in importance as a pressing scientific, economic, and social problem. The last decade has seen a rapid increase in computer security attacks at all levels, as more individuals connect to common networks and as motivations and means to conduct sophisticated attacks increase. A parallel and accelerating trend of the last decade has been the rapidly growing integration role of computing and communication in critical infrastructure systems, such as financial, energy distribution, telecommunication and transportation, which now have complex interdependencies rooted in information technologies. These overlapping and interacting trends force us to recognize that trustworthiness of our computer systems is not an IT issue alone; it has a direct and immediate impact on our nation's critical infrastructure. As a consequence, there is an acute need for developing a much deeper understanding of the scientific foundations of cyber security and critical infrastructure systems, as well as their implications for economic and public policy.

In response to this need, the Team for Research in Ubiquitous Secure Technology (TRUST) will be devoted to the development of a new science and technology that will radically transform the ability of organizations (software vendors, operators, local and federal agencies) to design, build, and operate trustworthy information systems for our critical infrastructure. The Center will bring together a team with a proven track record in relevant areas of computer security, systems modeling and analysis, software technology, economics, and social sciences. The research team will be advised and supported by an External Advisory Committee with strong representation of vendors of information technology, critical infrastructure protection providers, and other relevant stakeholders.

Through the active coordination and integration of efforts, TRUST researchers will consider security in a hierarchy of approaches that ranges from secure embedded systems to complex interdependent systems, each approach informing and building upon the others. Equally important, TRUST will address economic, social, and privacy considerations as the technology is acquired and absorbed into cyber-security products and the critical infrastructure. The integrated, multidisciplinary approach made possible by the Center mode of funding will allow solutions to synergistically emerge from a "holistic systems" view of computer security, software technology, analysis of complex interacting systems, and economic and public policy.

The unifying approach and major technical goal of TRUST is composition and computer security for component technologies. Leveraging the prior investments of NSF, DoD and others in various application testbeds, TRUST will continuously test the technologies resulting from its research. The role of the testbeds will be to integrate and evaluate technologies in specific and realistic systems, keep the research on track to answer societal objectives, and demonstrate the technologies for stakeholders in real systems.

To achieve and demonstrate the core objectives in the selected real-life testbeds, TRUST will pursue a strongly coordinated research agenda in the following areas:

TRUST will have an education and outreach component that focuses on integrating research and inquiry-based education and on transferring new and existing knowledge to undergraduate colleges, educational institutions serving under-represented populations, and the K-12 community. In so doing, TRUST will help lay the groundwork for training the scientists and engineers who will develop the next generation of trustworthy systems, as well as to help prepare the individuals who will ultimately become the users, consumers and beneficiaries of such systems.

TRUST will also take a comprehensive approach to knowledge transfer. Since TRUST addresses well defined and long term societal needs, the results in computer security, privacy and critical infrastructure protection will be easily communicated to decision makers, policy makers, and government agencies. With respect to industry, the selected integrative testbeds will be the focal points to interact with major stakeholder industries: power, telecommunication and embedded systems. Since TRUST will comprise multiple institutions, including technology vendors, infrastructure providers and leading research universities, the result will be wide spread dissemination, adaptation and continued evolution of ubiquitous secure technology.

The legacy of TRUST to the nation will be the creation of a science and technology base, policy base, educational base, and technology transfer methodology for cybersecurity. The long-term research agenda of TRUST will not only advance the frontiers of knowledge in trustworthy computing; it will influence on a national scale future academic research, industrial R&D and education as TRUST researchers identify new directions of inquiry, disseminate their findings to the broader community, and produce skilled graduates who will advance the field further yet.

Intellectual Merit: TRUST will address fundamental problems of science and technology for cyber security and critical infrastructure protection. This goal requires a multi-disciplinary approach, which can span layers of policy, technology and societal concerns. To date, research efforts in information security have tended to focus on individual components. TRUST will provide a unique opportunity for a wide range of cybersecurity issues to be addressed from many points of view (technological, scientific, and social science). Areas of new science creation include new cryptographic protocols and supporting systems, high confidence software science, security functionality, policy and management, and complex interconnected networked systems. Furthermore, TRUST will have strong, well proven ties with IT vendors and infrastructure providers, which will serve to both ground its research in real-world problems and ensure avenues for knowledge transfer. TRUST will have a significant impact at a national scale, as its research results will lead to new concepts and doctrine for application to: public policy issues around privacy, access control, and security; technology for protecting and preventing information security breaches; and increased protection of the nation's critical infrastructures, most notably in the areas of telecommunication, electric power, and transportation.

Broader Impacts: TRUST research will provide the science and technology on which to establish a fundamental foundation for addressing infrastructure security problems well into the next decade. Solutions to today's problems are an essential requirement to fulfilling the vision of ubiquitous computing. TRUST investigations and subsequent results will be directed so as to lend maximum benefit to social questions such as those in the area of policy, security and privacy and economics and incentives. Increasing the number of students who will join the nation's technical enterprise as researchers is vital to American prosperity in the new millennium. Accordingly, TRUST brings a strong focus on educational outreach activities through its members' many activities. Educational activities will be integrated with TRUST research, through K-12 programs, graduate programs, summer programs and directed research projects with educational institutions that primarily serve underrepresented populations

Academic Partner Institutions: Carnegie Mellon University, Cornell University, Mills College, San Jose State University, Smith College, Stanford University, University of California, Berkeley, and Vanderbilt University

Industrial Partners: BellSouth, British Telecom, Cisco Systems, ESCHER Research Institute (Boeing, General Motors, Raytheon), Hewlett Packard, IBM, Intel, Microsoft, Oak Ridge National Laboratory, Pirelli, Qualcomm, Sun, Symantec, Tata Consultancy Services, Telecom Italia, United Technologies