{"id":54363,"date":"2025-10-01T06:10:08","date_gmt":"2025-10-01T06:10:08","guid":{"rendered":"https:\/\/www.newsbeep.com\/ie\/54363\/"},"modified":"2025-10-01T06:10:08","modified_gmt":"2025-10-01T06:10:08","slug":"nsf-invests-in-safeguarding-open-source-ecosystems","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/ie\/54363\/","title":{"rendered":"NSF Invests in Safeguarding Open-Source Ecosystems"},"content":{"rendered":"

Sept. 30, 2025 \u2014 The U.S. National Science Foundation announced the first-ever Safety, Security, and Privacy of Open-Source Ecosystems (NSF Safe-OSE)<\/a>\u00a0investment in an inaugural cohort of 8 teams. This investment focuses on vulnerabilities in open-source products and\/or their continuous integration and deployment infrastructure. The portfolio addresses a broad range of challenges, from code vulnerabilities and side-channel attacks to supply-chain and insider threats.<\/p>\n

\"\"<\/a>Each project received up to $1.5 million for up to two years to catalyze meaningful improvements and efforts that these ecosystems often lack the resources to undertake. Researchers will improve and bolster the resiliency of ecosystems in areas like artificial intelligence for cloud computing, medical records, national security, critical privacy infrastructure and many other important applications.<\/p>\n

The NSF Safe-OSE program aims to strengthen the ecosystem\u2019s capacity to manage current and future risks, attacks, breaches and responses.<\/p>\n

\u201cVulnerabilities in an open-source product can be exploited to attack users of the product,\u201d said Erwin Gianchandani, NSF assistant director for\u00a0Technology, Innovation and Partnerships (NSF TIP)<\/a>. \u201cNSF is pleased to be investing in this portfolio to address critical risks before they can happen.\u201d<\/p>\n

NSF requested that applicants submit a preliminary proposal. A full proposal was invited if the preliminary proposal was determined to be a good fit. The Safe-OSE program grows out of the NSF TIP Directorate\u00a0Pathways to Enable Open-Source Ecosystems<\/a>\u00a0program, a relatively new and ongoing initiative to invest in new managing organizations catalyzing the distributed, community-driven development and growth of open-source ecosystems.<\/p>\n

Safe-OSE Awardees<\/p>\n

The HDF Group: Strengthening HDF5 to better serve science, industry and national security applications.
\nIndiana University: Implementing AI-enabled vulnerability management practices to enhance the safety and security of open-source cloud computing ecosystems.
\nIndiana University: Cultivating a security-focused community infrastructure for the Open Medical Records System (OpenMRS).
\nThe Tor Project: Advancing critical privacy infrastructure to ensure secure and anonymous communication.
\nUniversity of Colorado Boulder: Enhancing safety, security and privacy across the Community Earth System Model (CESM) ecosystem.
\nUniversity of Colorado at Colorado Springs: Improving the security posture of the TianoCore ecosystem.
\nUniversity of Virginia: Safeguarding trusted computing systems by improving the security of the Tock secure embedded operating system.
\nUniversity of Wisconsin-Madison: Developing scalable methods to detect inconsistencies between Git commit messages and source code in open-source projects.<\/p>\n

About NSF TIP<\/p>\n

The NSF Directorate for Technology, Innovation and Partnerships (NSF TIP) seeks to engage all Americans in accelerating critical and emerging technologies to advance U.S. competitiveness. The directorate partners across sectors to advance three primary focus areas \u2014 accelerating technology translation and development, fostering regional innovation and economic growth, and preparing the American workforce for better-quality, higher-wage jobs. For more information about NSF TIP, visit\u202fnsf.gov\/tip\/latest.<\/p>\n

Source: NSF<\/p>\n","protected":false},"excerpt":{"rendered":"Sept. 30, 2025 \u2014 The U.S. National Science Foundation announced the first-ever Safety, Security, and Privacy of Open-Source…\n","protected":false},"author":2,"featured_media":54364,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[241,61,60,80],"class_list":{"0":"post-54363","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-computing","8":"tag-computing","9":"tag-ie","10":"tag-ireland","11":"tag-technology"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts\/54363","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/comments?post=54363"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts\/54363\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/media\/54364"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/media?parent=54363"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/categories?post=54363"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/tags?post=54363"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}