The National Science Foundation announced this month that it had awarded nearly $20 million in "Frontier" grants to a handful of teams developing tools and programs to secure U.S. information systems, including a $10 million award for a multi-institution program for securing sensitive healthcare data.
The NSF doled out $10 million for the 5-year Trustworthy Health & Wellness program. The interdisciplinary, multi-university project includes researchers from Dartmouth College, University of Illinois at Urbana-Champaign, Johns Hopkins University and University of Michigan Ann Arbor.
"Our research is motivated by the rapid deployment of mobile and cloud information technologies in healthcare, both in clinical settings and at home," lead investigator and Dartmouth computer science professor David Kotz said in prepared remarks. "We aim to help these technologies reach their full potential by ensuring they can protect the integrity of medical data and the privacy of patient information."
The THaW team is working on medical device controls systems, privacy tools, malware detection and more. The researchers are also working on educational summer programs for undergraduate and K-12 students as well as an exchange program for postdoctoral fellow and research students.
"Cybersecurity is one of the most significant economic and national security challenges facing our nation today," NSF computer and information science and engineering assistant director Farnam Jahanian said. "NSF’s investments in foundational research will transform our capacity to secure personal privacy, financial assets, and national interests. These new Frontier awards will enable innovative approaches to cybersecurity, with potential benefits to all sectors of our economy."
The agency has been supporting cybersecurity research for more than a decade, highlighting and supporting programs that take a solutions-based approach to bringing security issues into the spotlight. The Frontier grants include funding ranging from $100,000 to $10 million granted to more than 110 new projects based in 33 states.
Medical device cybersecurity has garnered an ever-growing spotlight as more hospitals worry about the integrity of their networks and their patient medical records and cybersecurity researchers and ethical hackers, like the recently deceased Barnaby Jack, divulge more potential exploits.
Earlier this month researchers from the University of Michigan Ann Arbor’s Center for Medical Device Security unveiled a "behavior-monitoring system" that they say can detect malware infecting medical devices, giving users greater insight into their technologies and prompting further action should a device become compromised.
"The fundamental tension for owners of these devices is that they can have the devices they need to perform critical functions, but they cannot adequately protect the devices using conventional, software-based means," the researchers wrote. It also leaves hospitals and their IT administrators to identify and meaningfully report problems to public adverse events databases.