§ 7403. National Science Foundation research

(a) Computer and network security research grants
(1) In general
The Director shall award grants for basic research on innovative approaches to the structure of computer and network hardware and software that are aimed at enhancing computer security. Research areas may include—
(A) authentication, cryptography, and other secure data communications technology;
(B) computer forensics and intrusion detection;
(C) reliability of computer and network applications, middleware, operating systems, control systems, and communications infrastructure;
(D) privacy and confidentiality;
(E) network security architecture, including tools for security administration and analysis;
(F) emerging threats;
(G) vulnerability assessments and techniques for quantifying risk;
(H) remote access and wireless security; and
(I) enhancement of law enforcement ability to detect, investigate, and prosecute cyber-crimes, including those that involve piracy of intellectual property.
(2) Merit review; competition
Grants shall be awarded under this section on a merit-reviewed competitive basis.
(3) Authorization of appropriations
There are authorized to be appropriated to the National Science Foundation to carry out this subsection—
(A) $35,000,000 for fiscal year 2003;
(B) $40,000,000 for fiscal year 2004;
(C) $46,000,000 for fiscal year 2005;
(D) $52,000,000 for fiscal year 2006; and
(E) $60,000,000 for fiscal year 2007.
(b) Computer and network security research centers
(1) In general
The Director shall award multiyear grants, subject to the availability of appropriations, to institutions of higher education, nonprofit research institutions, or consortia thereof to establish multidisciplinary Centers for Computer and Network Security Research. Institutions of higher education, nonprofit research institutions, or consortia thereof receiving such grants may partner with 1 or more government laboratories or for-profit institutions, or other institutions of higher education or nonprofit research institutions.
(2) Merit review; competition
Grants shall be awarded under this subsection on a merit-reviewed competitive basis.
(3) Purpose
The purpose of the Centers shall be to generate innovative approaches to computer and network security by conducting cutting-edge, multidisciplinary research in computer and network security, including the research areas described in subsection (a)(1) of this section.
(4) Applications
An institution of higher education, nonprofit research institution, or consortia thereof seeking funding under this subsection shall submit an application to the Director at such time, in such manner, and containing such information as the Director may require. The application shall include, at a minimum, a description of—
(A) the research projects that will be undertaken by the Center and the contributions of each of the participating entities;
(B) how the Center will promote active collaboration among scientists and engineers from different disciplines, such as computer scientists, engineers, mathematicians, and social science researchers;
(C) how the Center will contribute to increasing the number and quality of computer and network security researchers and other professionals, including individuals from groups historically underrepresented in these fields; and
(D) how the center [1] will disseminate research results quickly and widely to improve cyber security in information technology networks, products, and services.
(5) Criteria
In evaluating the applications submitted under paragraph (4), the Director shall consider, at a minimum—
(A) the ability of the applicant to generate innovative approaches to computer and network security and effectively carry out the research program;
(B) the experience of the applicant in conducting research on computer and network security and the capacity of the applicant to foster new multidisciplinary collaborations;
(C) the capacity of the applicant to attract and provide adequate support for a diverse group of undergraduate and graduate students and postdoctoral fellows to pursue computer and network security research; and
(D) the extent to which the applicant will partner with government laboratories, for-profit entities, other institutions of higher education, or nonprofit research institutions, and the role the partners will play in the research undertaken by the Center.
(6) Annual meeting
The Director shall convene an annual meeting of the Centers in order to foster collaboration and communication between Center participants.
(7) Authorization of appropriations
There are authorized to be appropriated for the National Science Foundation to carry out this subsection—
(A) $12,000,000 for fiscal year 2003;
(B) $24,000,000 for fiscal year 2004;
(C) $36,000,000 for fiscal year 2005;
(D) $36,000,000 for fiscal year 2006; and
(E) $36,000,000 for fiscal year 2007.


[1] So in original. Probably should be capitalized.