CICI: UCSS: Advancing Security in TEE-Enabled Scientific Research Workflows: A Holistic Approach

About This Grant

Scientific breakthroughs in fields such as genomics, drug discovery, and materials science increasingly depend on large-scale computational workflows executed on high-performance computing (HPC) platforms. These workflows coordinate thousands of interdependent computational tasks, creating unprecedented collaboration opportunities but also introducing serious cybersecurity vulnerabilities. A single compromised step can lead to inaccurate scientific conclusions, disruption of critical research, or breaches of confidential data. Foreign adversaries actively target American research infrastructure to steal intellectual property and gain competitive advantages. By establishing a strong foundation of computational trust, this project protects scientific data and ensure research integrity, even when computations run on shared or potentially compromised computer systems. This enables confidence in scientific collaboration, protect sensitives information and helps preserve America's scientific leadership. The SafeSci-TEE award advances the state of the art in cyberinfrastructure by introducing novel techniques in runtime and distributed attestation tailored to scientific workflows. The project develops continuous runtime attestation mechanisms for confidential virtual machines, ensuring that HPC applications within trusted execution environments (TEEs) maintain integrity throughout execution. It also creates a distributed attestation framework that propagates trust across multiple HPC nodes and workflow stages, enabling end-to-end verification of scientific pipelines. In addition, SafeSci-TEE builds a hardware-agnostic TEE runtime and an integrity-aware scheduler that securely maps workflow tasks to trusted resources across heterogeneous computing platforms. These innovations empower scientists to run complex workflows securely and confidently, even in dynamic, multi-institutional environments. The technologies developed by SafeSci-TEE enhance the resilience and reliability of scientific computing, inform secure design practices for HPC systems, and have broad applications including fields such as healthcare, national security, and industrial R&D. Ultimately the SafeSci-TEE award accelerates scientific progress, bolsters U.S. competitiveness, and helps safeguard the nation's cyberinfrastructure by enabling seamless, secure collaboration among researchers and institutions. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.