Cyber Research Efforts in NITRD’s FY 2025 Funding Plans
Published: December 05, 2024
Federal Market AnalysisBudgetCybersecurityInformation TechnologyOSTPResearch and Development
Newly released details show over $1B is slated in fiscal 2025 for cybersecurity-related research and development efforts.
Since its creation in 1991, the National Information Technology Research and Development (NITRD) program has been the primary source of federally funded IT research and development (R&D) activities, coordinating these efforts among federal departments and agencies.
In late November, NITRD released its Supplement to the President’s FY 2025 Budget Request, detailing its key R&D programs and coordination activities planned for the current fiscal year. Since the FY 2019 budget cycle, NITRD has released its budget supplement in August or September before the coming fiscal year begins. However, for the last four years running these supplements have come late in the calendar year, weeks, or months after the beginning of the new fiscal year for which they apply.
NITRD Cybersecurity-related Efforts
NITRD coordinates and supports R&D in computing, networking, and software to address multi-technology and multisector challenges, including cybersecurity. NITRD’s efforts and supporting budgets are organized into Program Component Areas (PCAs), categories of technical R&D focus areas supported by NITRD member agency investments and are the technical areas under which agencies report their funding requests for their NITRD-related activities. Under each PCA, NITRD and its member agencies coordinate their research activities through Interagency Working Groups (IWG). The
Cybersecurity PCAs and their related IWGs include:
- Cyber Security and Privacy (CSP) - Conducts R&D to advance the security and privacy of computing, communication, and information technologies, including R&D on how human behavior and usability interact with technical aspects of cybersecurity and privacy.
CSP IWGs:- Cyber Security and Information Assurance (CSIA)
- Privacy R&D (Privacy)
- Computing-Enabled Networked Physical Systems (CNPS) - Involves R&D for IT-enabled systems that integrate the cyber/information, physical, and human worlds, including R&D of cyber-physical systems (CPS) and Internet of Things (IoT).
CNPS IWGs:- Computing-Enabled Networked Physical Systems (CNPS)
NITRD Budgets for Cybersecurity-Related PCAs
The FY 2025 budget requests for the CSP and CNPS are $778M and $230M respectively, for a combined $1,008M, or just over $1B. This represents a $102M increase over FY 2024 and a $124M jump from the FY 2023 level.
This $1B+ for FY 2025 is spread across ten departments and agencies.
Noteworthy budget request increases for FY 2025 include:
- DARPA receives a nearly $87M increase in CSP for the initiation of Making and Maintaining in Cyber Security and Access in Cyber Systems programs as well as the ramping up of the Constellation program.
- DHS receives an increase of $25M in CSP at DHS Science and Technology (S&T), split between a $16M increase in advanced research and development in AI security and assurance, software assurance, data security and privacy enhancement and a $9M increase in foundational research focused on communications and cyber resiliency, data sciences, and digital identity and trust, with smaller increases and decreases in other programs and PCAs.
Select Cyber R&D Programs
The budget dollars highlighted above support broad R&D efforts across numerous programs and agencies among these two cyber-centric PCAs.
Key cyber programs and participant agencies under CSP include:
- AI-enabled and Autonomous Active Cyber Defense: Establishing new scientific understandings in robust learning under adversarial conditions. Develop techniques to autonomously defend both enterprise platforms and cyber physical systems. ARO, ARL & ONR
- Cybersecurity Best Practices: Developing guidelines in areas such as mitigating cyber supply chain risks, managing the security of mobile devices, automated secure configuration for operating systems, and in advancing digital forensic investigation techniques. NIST
- Ecosystem for Cyber Analytics: Leverages high-performance computing to explore cybersecurity analytical capabilities. HPCMP, ONR, OUSD(R&E) & USCYBERCOM
- Counterfeit Mitigation in Microelectronics Supply Chain: Designs an end-to-end capability for establishing supply chain integrity, provenance of electronic chips, and hardware assurance to mitigate counterfeits in semiconductor supply chain. DHS, NIST, NSA, NSF & ONR
- Energy Cyber Sense Program: A consortium of National Labs, manufacturers, and asset owners to discover, mitigate, and engineer out cyber vulnerabilities in digital components in energy sector industrial base critical supply chains. DOE
Key cyber programs and participant agencies under CNPS include:
- Internet of Things (Cyber-Physical Systems) Devices/Infrastructure Research: Implements IoT CPS engineering-based systems, measurement and testing solutions, standards, and implementation practices for scalable, interoperable, and trustworthy IoT CPS solutions. NIST
- Cyber-Physical Systems for Agriculture: Encourages projects that advance science and technology applied to Smart & Connected Communities (S&CC) (both rural and urban), real-time agricultural data analytics and control. NSF & USDA-NIFA
- Smart & Connected Communities: Accelerates the creation of the scientific and engineering foundations that will enable smart and connected communities to bring economic opportunity and growth, safety and security, health & wellness, and accessibility and inclusivity. DOT, NSF & USDA-NIFA
- U.S. National Standards Strategy for Critical and Emerging Technology: Promotes technologically sound standards that help American industry compete internationally on a level playing field and is intended to support and complement existing private sector-led activities. ITA, NIST & USPTO
- Smart Connected Systems: Enables innovation in IoT systems operations, agility, resilience, reliability, safety, security, and privacy in critical infrastructures including Trustworthy Control Systems, Smart Manufacturing, Automated Vehicles, and Transformational Networks. NIST
Varied and Sustained Opportunities
The wide range of cyber programs highlighted above point to the broad scope and sustained urgency to address the cybersecurity challenges agencies and industry continue to face. NITRD provides additional R&D program information in the FY 2025 Federal Cybersecurity R&D Strategic Plan Implementation Roadmap that accompanied the release of their budget supplement. Many of these initiatives have sustained opportunities for solutions-minded researchers to participate in these federally funded programs.