Accession Number:



A Roadmap for Cybersecurity Research

Descriptive Note:

Corporate Author:


Personal Author(s):

Report Date:


Pagination or Media Count:



The United States is at a significant decision point. We must continue to defend our current systems and networks and at the same time attempt to get out in front of our adversaries and ensure that future generations of technology will position us to better protect our critical infrastructures and respond to attacks from our adversaries. The term system is used broadly to encompass systems of systems and networks. This cybersecurity research roadmap is an attempt to begin to define a national RD agenda that is required to enable us to get ahead of our adversaries and produce the technologies that will protect our information systems and networks into the future. The research, development, test, evaluation, and other life cycle considerations required are far reachingfrom technologies that secure individuals and their information to technologies that will ensure that our critical infrastructures are much more resilient. The RD investments recommended in this roadmap must tackle the vulnerabilities of today and envision those of the future. The intent of this document is to provide detailed research and development agendas for the future relating to 11 hard problem areas in cybersecurity, for use by agencies of the U.S. Government and other potential RD funding sources. The 11 hard problems are 1. Scalable trustworthy systems including system architectures and requisite development methodology 2. Enterprise-level metrics including measures of overall system trustworthiness 3. System evaluation life cycle including approaches for sufficient assurance 4. Combating insider threats 5. Combating malware and botnets 6. Global-scale identity management 7. Survivability of time-critical systems 8. Situational understanding and attack attribution 9. Provenance relating to information, systems and hardware 10. Privacy-aware security 11. Usable security.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement: