NSOE-TSS Grant Call 2019: Trustworthy Software Systems – Core Technologies
Issued by National Satellite of Excellence in Trustworthy Software Systems

Overview

Program analysis is a core activity which is key to software vulnerability detection, patching, testing and certification. Advances in program analysis can thus directly benefit and enhance program certification and hardening capabilities. In the past, we have seen a variety of analysis and verification methods emerging which rely on the maturity of powerful constraint solvers in the back-end. In addition, various security testing and fuzz testing tools which rely on a variety of search-based genetic programming techniques have matured. Bridging the gap between testing and verification by enabling both techniques to contribute to software certification has emerged as a possibility.

Side channel analysis is also an old area of security. Conventionally, the side channel analysis has been focusing on timing properties, but recently there has been greater focus on timing properties, energy, thermal and electromagnetic properties. In this area, there also exists scope for combining and bridging the gap between testing and verification, albeit in the context of ensuring non-functional properties of software.

Important Dates

Submission Opens: 1 March 2019

Submission Closes: 30 April 2019, 11:59pm Singapore time. Grant applicants may be contacted to provide clarifications during the evaluation period after submission closes.

Notification: By 1 August 2019. Successful applicants are to submit final proposals within 14 days of notification.

Grant Award: By 31 August 2019

Project Starts: September/ October 2019. Successful applicants are to set a date to start the project within this period. Award acceptance and research collaboration agreements must be signed before the project start date.

Project Scope

In this grant call, we encourage proposals which build on past advances in this area, and at the same time, investigate combinations of learning techniques to enhance the analysis / certification capabilities with the goal of building trust-worthy and smart systems. Topics of interest include, but are not restricted to the following.

(i) Binary analysis

(ii) Malware detection and rectification

(iii) Intelligent fuzzing techniques

(iv) Patch management in large systems

(v) Combinations of fuzzing and verification

(vi) Testing, analysis and verification of device drivers

(vii) Fuzzing and security testing of mobile apps

(viii) Advances in constraint solving to aid analysis

(ix) Advances in model checking and symbolic execution

(x) Advances in compositional verification and refinement

(xi) Run-time monitoring and its combination with code analysis

(xii) Advances in decision procedures in theorem proving

(xiii) Analysis driven code generation

(xiv) Combination of machine learning and analysis for software security

(xv) Isolated execution mechanisms to enable certification

(xvi) Certification and verification of critical infrastructures and cyberphysical systems

(xvii) Compiler/OS testing and analysis

(xviii) Big-data driven security analysis of software

(xix) Analysis for critical application scenarios such as smart home, water and power systems

(xx) Mobile app analysis

(xxi) Side channels – their analysis, detection and prevention

(xxii) Soft errors – their analysis, detection and prevention

Since the gestation period for building strong analysis and certification tools is high, the research risks can be mitigated by proposing technologies which build on widely available open-source tools, or on previously home grown tools, or both. Each applicant team can make a case on

(a) whether the proposed project touches functional or non-functional certification

(b) show relevance of the proposed research to certification by pointing to possible solutions to challenge problems.

Sample Problems

A set of sample problems for functional and non-functional certification is available at https://www.comp.nus.edu.sg/~nsoe-tss/tssctg-problems.htm

These are merely for getting discussions started and do not constitute benchmarks by any means. Grant applicants may choose to use the provided sample problems to calibrate their proposed approaches, or propose new challenge problem sets of their own which their proposed approach will solve.

Grant applicants will also need to comment upon, to what extent their proposed solution helps in setting up certification standards for critical software in Singapore. The deliverable from each awarded project will include concrete suggestions or guidelines on how the proposed research has a potential pathway to usage or deployment. This can also be highlighted in the slide deck to be submitted by the applicants.

Grant Eligibility

The grant call is open to all researchers from a publicly-funded Singaporean Institute of Higher Learning (IHL) or Research Institution (RI). Each proposal submission must have a Principal Investigator (PI) who is a full-time researcher (or part-time with at least 75% appointment) at publicly-funded Singapore based IHL/RI. Grant applicants must meet the following requirements to be eligible for the funding under the grant call:

• Evidence of pathway to deployment of proposed research is desirable. One possible way to demonstrate this is to point out receptacles of your research in Singapore and mention them as Co-PI (this is one way, not a requirement).

• Collaborators are not restricted to any category, but are not eligible to receive any funding.

• All project work must be done in Singapore, unless expressly approved by the NSOE-TSS.

• Proposals already funded by other funding agencies are not eligible for funding under this grant call.

Submission

Grant applicants shall submit the full proposals by the specified deadline through the online submission site at https://cmt3.research.microsoft.com/TSSCTG2019. Submissions are online only. Hardcopy or e-mail submissions will not be accepted. The typical project duration is 2- 2.5 years.

All relevant sections in the online submission form should be filled out. These documents are required as attachments:

• Full Proposal in PDF format

• Budget, Objectives, Deliverables, KPIs, Gantt Chart in MS Excel document

• Slide deck of 5 slides explaining significance of work proposed in PDF format

The full proposal and budget should be prepared according to the templates provided. All fields and spreadsheets are required to be filled in. The full proposals should contain all relevant information required for a proper and complete evaluation of their merits without the need to go back to applicants for additional information. The applicants may be contacted during the submission and evaluation period to request clarifications or additional supporting documents.

Please download the following templates for the submission of the grant documents:

• Proposal Template

• Budget, Objectives and Deliverables, Performance Indicators, Gantt Chart Templates

For further enquiries, please write to nsoe-tss@comp.nus.edu.sg

Guide on Project Cost Items and Budget Preparation

The budget of the projects to be submitted should be between 400,000 and 800,000 SGD. A typical project quantum is 600,000 SGD for a period of 2 years or 2.5 years.

This grant call will provide the funding support of approved qualifying direct costs and 10% of indirect costs of a project. The purchase of additional equipment or the hiring of new manpower is not allowed 6 months before the project completion date.

In addition to the standards specifically stated herein, expenses must be reasonable and comply with the internal guidelines of the respective organization (company / institution / agency) that is consistently applied regardless of the source of funds, for a given category of expenditure.

The guide for fundable and non-fundable direct costs are as follows:

1. FUNDABLE DIRECT COSTS

1.1. Manpower Related Expenses

Type of Expenses: Salaries

Allowable Costs: Basic salaries, and 13th month annual wage supplement (AWS) as well as employer’s contribution to CPF on basic salaries and AWS of supportable personnel. Supportable personnel are defined as those who are (i) directly involved in the R&D project, (ii) full-time permanent employees of the companies/IHLs/RI and (iii) tax residents in Singapore. Fractional charging for staff costs based on time commitment to the project must be practiced. Grant should support EOM costs and related benefits (as per employment contract) as long as it is in line with the consistency applied IHLs/RIs’ HR policies.

All other costs related to manpower / remuneration are excluded.

1.2. Equipment and Technical Software Related Expenses

Type of Expenses: Equipment and software purchase

Description: Only costs incurred in the purchase of new equipment approved by the NRF through the NSOE-TSS for the purpose of this grant can qualify.

All other costs will be excluded.

1.3. OOE – related expenses and Overseas Travel Related expenses

Type of Expenses: Travel & COLA

Description: Travel and COLA for overseas conferences directly relevant to the research area outlined in the project and necessary to accomplish project objectives. All travel must align to the existing and consistently applied Company or IHL/RI’s travel policies regardless of the source of funds.

All other costs will be excluded.

2. NON-FUNDABLE DIRECT COSTS

2.1. EOM Related Expenses

Type of Expenses: Principal Investigators/ Co-Investigators/ Programme Managers EOM Cost and Overtime

Description: Not allowable.

Type of Expenses: Staff Insurance

Description: Not allowable unless they are incurred under an established and consistently applied policy of the Company or IHL/RI. Company or IHL/RI may be requested to certify that such payments are in accordance with its established policy or on the same terms as the other staff.

Type of Expenses: Unconsumed leave

Description: Provision for unconsumed leave is not allowable.

Type of Expenses: Student Assistants / Interns

Description: Not allowable for students who are recipients of existing awards (or stipends) or students who are not residents of Singapore. For IHL/RI, only full-time students enrolled in local institutes of higher learning qualify to be supported as a student assistant/ intern.

2.2. Equipment Related Expenses

Type of Expenses: General Policy

Description: No purchase of equipment is allowed unless specifically provided for in the grant and approved by NRF through the NSOE-TSS. The procurement of such equipment must be made according to the formal established and consistently applied policies of the Company or IHL/RI. The invoices for all claims must be dated before the end of the Term.

Type of Expenses: Cost of capital works and general infrastructure, general purpose IT and communication equipment, office equipment, and furniture and fittings

Description: Not allowable under direct costs, unless specifically provided for in the grant and approved by NRF through the NSOE-TSS. Examples of such costs are computers, office productivity software, PDAs, mobile phones, photocopier machines, workstations, printers etc.

2.3. OOE Related Expenses

Type of Expenses: General Policy

Description: Not allowable for expenses that are not directly related to the Research. All procurement of such items must be made according to the formal established and consistently applied policies of the Company or IHL/RI.

Type of Expenses: Visiting Professors/Experts

Description: Not allowable unless specifically provided for in the grant and approved by NRF through the NSOE-TSS. The visiting professor must be identified and his/her contribution to the project must be clearly defined and described in the proposal.

Type of Expenses: Audit Fees

Description: Not allowable. This includes both internal and external audit fees.

Type of Expenses: Entertainment & refreshment, Fines and Penalties, Legal Fees and Staff retreat

Description: Not allowable.

Type of Expenses: Overhead Expenses

Description: Not allowable unless specifically provided for in the grant and approved by NRF through the NSOE-TSS based on the nature of the research. This includes rental, utilities, facilities management, telephone charges, internet charges, etc.

Type of Expenses: Patent Application

Description: Not allowable. This includes patent application filing, maintenance and other related cost.

Type of Expenses: Professional Membership Fees

Description: Not allowable. This applies to PI and Co-Investigators as well as all research staff funded from the grant.

Type of Expenses: Software

Description: Not allowable under director cost unless specifically provided for in the grant and approved by NRF through the NSOE-TSS.

Type of Expenses: Professional Fees (including fees to consultants)

Description: Not allowable unless specifically provided for in the grant and approved by NRF through the NSOE-TSS.

2.4 Overseas Travel Related Expenses

Type of Expenses: General policy

Description: Not allowable unless specifically provided for in the grant and approved by NRF through the NSOE-TSS. All travel must be by Economy Class airfare and for all other travel-related claims be aligned with existing and consistently applied institutions’ travel policies regardless of the source of funds. Support for the total travel expenses is capped at S$18,000 per year.

Type of Expenses: Meeting Overseas Collaborator

Description: Not allowable for students.

Type of Expenses: Local and Overseas Conferences

Description: Not allowable, unless directly required for the research and specifically provided for in the grant and approved by NRF through the NSOE-TSS. Conference participation should be directly relevant to the research area outlined in the project and necessary to accomplish project objectives. Not allowable for students, unless they are PhD students who are presenting papers for the project. Not allowable for collaborators. Overseas travel is capped at S$6,000 per PI per trip, capped at S$18,000 per year (for the entire project).

For any cost items that are not listed above, research institutions should consult NCR Directorate, as prior approval will be required.

2.5 Research Scholarship

Type of Expenses: General policy

Description: Not allowable unless specifically provided for in the grant and approved by NRF through the NSOE-TSS. Postgraduate stipend must align with the prevailing rates set by the Ministry of Education. Postgraduate stipend and tuition support will not attract indirect costs.

Type of Expenses: Undergraduate Stipend and Tuition Support

Description:Not allowable.