Abstract collage of science-related imagery

Safety, Security, and Privacy of Open-Source Ecosystems (Safe-OSE)

View guidelines

NSF 24-608

Important information about NSF’s implementation of the revised 2 CFR

NSF Financial Assistance awards (grants and cooperative agreements) made on or after October 1, 2024, will be subject to the applicable set of award conditions, dated October 1, 2024, available on the NSF website. These terms and conditions are consistent with the revised guidance specified in the OMB Guidance for Federal Financial Assistance published in the Federal Register on April 22, 2024.

Important information for proposers

All proposals must be submitted in accordance with the requirements specified in this funding opportunity and in the NSF Proposal & Award Policies & Procedures Guide (PAPPG) that is in effect for the relevant due date to which the proposal is being submitted. It is the responsibility of the proposer to ensure that the proposal meets these requirements. Submitting a proposal prior to a specified deadline does not negate this requirement.

Supports efforts to address safety, security and privacy vulnerabilities in open-source ecosystems to enhance their resilience and ability to manage current and future risks.

Supports efforts to address safety, security and privacy vulnerabilities in open-source ecosystems to enhance their resilience and ability to manage current and future risks.

Synopsis

Vulnerabilities in an open-source product and/or its continuous development, integration and deployment infrastructure can potentially be exploited to attack any user (human, organization, and/or another product/entity) of the product. To respond to the growing threats to the safety, security, and privacy of open-source ecosystems (OSEs), NSF is launching the Safety, Security, and Privacy for Open-Source Ecosystems (Safe-OSE) program. This program solicits proposals from OSEs, including those not originally funded by NSF’s Pathways to Enable Open-Source Ecosystems (POSE) program, to address significant safety, security, and/or privacy vulnerabilities, both technical (e.g., vulnerabilities in code and side-channels) and socio-technical (e.g., supply chain, insider threats, and social engineering). 

Although most open-source products are software-based, it is important to note that Safe-OSE applies to any type of OSE, including those based on scientific methodologies, models, and processes; manufacturing processes and process specifications; materials formulations; programming languages and formats; hardware instruction sets; system designs or specifications; and data platforms. The goal of the Safe-OSE program is to catalyze meaningful improvements in the safety, security, and privacy of the targeted OSE that the OSE does not currently have the resources to undertake. Funds from this program should be directed toward efforts to enhance the safety, security, and privacy characteristics of the open-source product and its supply chain as well as to bolster the ecosystem’s capabilities for managing current and future risks, attacks, breaches, and responses.

Program contacts

Nina Amla
Senior Science Advisor, CISE/OAD
pose@nsf.gov (703) 292-7991 CISE/OAD
Peter S. Atherton
Program Director, TIP/TI
pose@nsf.gov (703) 292-8772 TIP/TI
Daniela A. Oliveira
Program Director, CISE/CNS
pose@nsf.gov (703) 292-4352
Olga Pierrakos
Program Director, EDU/DUE
pose@nsf.gov (703) 292-7253 EDU/DUE
Jeffrey M. Stanton
Program Director, TIP/TI
pose@nsf.gov (703) 292-7794 TIP/TI
Selcuk Uluagac
Program Director, CISE/CNS
pose@nsf.gov (703) 292-4540 CISE/CNS

Awards made through this program

Browse projects funded by this program
Map of recent awards made through this program