INTRODUCTION
The Critical Infrastructure Protection Grants Program (CIPGP) of the National Institute of Standards and Technology has had a tremendous amount of interest during the program’s first year. The objective of the CIPGP is improvement of the robustness, resilience, and security information in all the critical infrastructures. This is to be accomplished by funding research leading to commercial solutions to those information technology security problems central to critical infrastructure protection.

During FY01, the CIPGP had received 133 proposals requesting roughly $73M. Since only $5M was made available this was a very competitive program. After a thorough review process, we were able to select nine proposals for full or partial funding. For a list of FY01 awards click here.

Unfortunately, Congress has not approved FY02 funding. Although, a variety of bills have been introduced into the House that could authorize funding, future funding is not guaranteed. In the event that additional funding does become available, details on grants applications will be posted on this website.

BACKGROUND
Critical infrastructures are those physical and cyber-based systems essential to the minimum operations of the economy and government. They include telecommunications, energy, banking and finance, transportation, water systems and emergency services.

Due to advances in information technology (IT) and the necessity of improved efficiency, infrastructures have become increasingly automated and interlinked. Most modern commercial infrastructures are composed of a collection of interconnected networks that serve different purposes and have different owners. Indeed, even parts of the information resident on a single sub-network may have different purposes and different owners. Critical information is passed between these component elements to coordinate necessary functions. The complexity and interdependency of this critical information flow introduces vulnerabilities into the entire critical infrastructure. Deliberate attacks or accidental system failure may result in serious consequences to the nation.

Proposed research should investigate innovative approaches and techniques that lead to or enable significant advances in the state-of-the-art of IT security applicable to commercial critical infrastructures. Integrated solution sets embodying significant technological advances are strongly encouraged over narrowly defined research endeavors. We encourage proposals involving cooperation among academic and commercial groups.

In order to provide satisfactory infrastructure security, additional research must be conducted on the unique infrastructure security problems. The United States Government has sponsored considerable research in the area of computer security for military and intelligence systems. Some of this research applies to the critical infrastructure problem, but much remains to be done. The new grants program, administered by NIST, will target infrastructure IT security issues applicable to civilian and commercial systems.

Full details are contained in the Federal Register Notice. Please note that the Federal Register Notice pertains to the FY01 and FY02 competitions which are already closed.