interview

Dr. Douglas Maughan

DHS S&T Cyber Security Director

Solving the research transition problem

August 5, 2013—Dr. Douglas Maughan, Director of Cyber Security at the Department of Homeland Security's Science and Technology (S&T) Directorate, spoke with the CyberWire this morning about organizing research in ways that facilitate transition to operational systems. He'll be moderating the Innovation Summit's panel on "Research Collaboration Models that Work" tomorrow afternoon.

Federal science and technology programs often find it difficult to move the results of research to the end users on whose behalf it's conducted. The challenge of transition is familiar to anyone involved with S&T, but Maughan believes the Department of Homeland Security (DHS) has found some workable models that overcome many of these problems.

In general, DHS S&T finds that involving prospective end-users in defining problems, setting requirements, and funding some of the research (and test and evaluation) has greatly eased transition problems. Posing user-informed challenges to researchers and offering them early adopters for their products have done a great deal to channel research into eventual operational use. Maughan describes three successful public-private engagement models:

  • LOGIIC (Linking the Oil and Gas Industry to Improve Cyber Security). In this program, companies in the oil and gas sector fund research; DHS S&T funds administration and management. The industry partners, via an agreement with the Automation Federation, pose cyber security challenges, then decide which research projects will receive support. This collaborative agreement is structured to avoid the anti-trust issues that often inhibit private-sector cooperation. LOGIIC is a unique public-private partnership that brings five major oil and gas competitors together to work with government on the development and distribution of cybersecurity solutions for protecting the industry's critical infrastructure.
  • Industry-University Research Consortium. A joint National Science Foundation and DHS S&T program, the consortium is housed in Ball State University's Security and Software Engineering Research Center. A dozen universities participatein addition to the private sector. Government agencies and private companies identify research challenges, universities proposes research projects to address them, and the agencies and companies select the proposals to fund. The university performers tend to be highly capable institutions willing to focus on practical, hands-on operational solutions they can deliver in the near term.
  • TCIPG (Trustworthy Cyber Infrastructure for the Power Grid). Hosted by the University of Illinois at Urbana-Champaign, this consortium brings together DHS, the Department of Energy, Dartmouth, Cornell, the University of California, Davis, and Washington State. Funding is provided by the government and the universities themselves, but a key element of the program's success is the contribution of its advisory board: some four hundred owners, operators, and vendors in the electrical power sector who collaborate with the university researchers. The advisory board's members, again, set the research challenges and agree to act as early adopters of TCIPG technologies.

Maughan stresses the importance of a technology's ultimate users setting its research requirements. He notes the importance of intelligence in shaping those requirements. "We're not surprised by the claims made last week at Black Hat, and that critical infrastructure is of interest to attackers," he says. "We're interested in it from the defensive point of view. And we find that the technologies and techniques developed to defend control systems in the power sector have implications across critical infrastructures — some are using the same technologies — that can be of benefit to other infrastructure sectors. Tools developed to protect oil and gas infrastructure, for example, tend to be applicable to other infrastructures as well."