Information Infrastructure Protection: Managing complexity, risk and resilience

This Competition is Now Closed

MARCH 2009 COMPETITION FOR FUNDING
Applications for projects valued at less than £150k
Deadline for receipt of applications is 20th July 2009  

Summary

The Technology Strategy Board, The Centre for the Protection of National Infrastructure (CPNI) and the Engineering and Physical Sciences Research Council (EPSRC) have allocated an indicative £6m to invest in highly innovative collaborative research and development projects in the area of information infrastructure protection. Additional funding may be provided by the Economic and Social Research Council (ESRC) for proposals including high quality work.

The tools, techniques and services developed will contribute to tackling the ever-increasing threat to information systems. This investment targets the increasing complexity and dependency challenges that UK government and businesses face, whilst providing significant market opportunities to a strong UK capability base. The focus will be on the development of technologies and their associated supply chains that will offer significant quantitative improvements in:

• The understanding, monitoring and subsequent improved management of complex interdependent information infrastructures, within and between organisations, leading to enhanced security in all sectors of the UK economy (from SMEs to large enterprises)
• The development of improved business resilience and risk assessment services within the UK to predict and manage risks in next generation information systems, and
• The acceleration of their deployment to market.

Background and Challenge

The global digital economy depends on resilient and interdependent information systems, together with reliable and accurate information. These together form the information infrastructure which enables organisations and businesses to enjoy the provision of timely information, services and control systems. The dependence on these systems that deliver services to UK business and society is greater than it has ever been and is set to increase in the coming years.

As an information system matures it typically converges with other systems to add richer functionality. This is driven by a demand for: increased agility, virtualisation, outsourcing and interconnectedness. But, it also adds additional layers of complexity, interdependency and external uncertainty. The end result is usually an unplanned ‘system of systems' where functionality overrides resilience. Moreover, the challenges of our increasing dependency on, and use of, enormous volumes of information necessitates a review of traditional approaches to information infrastructure and risk management. Innovative technical solutions must be developed to enable systems to be mapped, monitored and managed - and to mitigate risks.

Co-ordination with Other Stakeholders

The Technology Strategy Board is working closely with other stakeholders in the area of information security, such as CPNI, CESG (the UK Government's communications-electronics security group), the Ministry of Defence, Central Sponsor for Information Assurance, and the Research Councils. This is in order to develop a range of projects which, as well as contributing to the UK's national security goals, also represent business opportunities for the UK within the new markets being created in information infrastructure protection, with potential for significant wealth creation in the UK.

EPSRC may contribute to projects which involve academic partners in developing and applying the tools and techniques of complexity science in information infrastructure protection. Additional funding may also be provided by the ESRC for proposals which include high quality academic work.

Projects should make real progress towards meeting the targets set out in the UK Government's National Information Assurance Strategy and mitigating electronic risks cited in the National Risk Register. These take the form of clear and effective risk management; provision of the right ‘tools' for organisations to protect themselves; protection of critical infrastructures from electronic attack; and enhanced public, commercial, and industrial confidence in the UK's ability to manage and protect information.

Scope

This competition will address innovative solutions for information infrastructure protection tools, technologies and methodologies in both the public and private sector markets. This includes the development of real-time or near real-time predictive models for information infrastructure protection with particular emphasis on interdependency analysis, ‘system of systems' and supply chains. In particular, we welcome proposals that will accelerate deployment of the technology and place emphasis on the development of the supply chain, system integration and issues around how people will use it.

The high level challenges to be addressed include:

• Increased understanding and subsequent improved management of complex interdependent information infrastructures
• The formation or expansion of existing business resilience tools
• The provision of risk assessment services supporting the above.

Competition proposals will address these challenges by focusing on one or more of the following:

• Development of models focused on real-world practical applications for SMEs, large enterprises or national infrastructures and the use of ‘systems dynamics' type approaches, to enable business-relevant security planning and management.
• Systems developments or enhancements that include data capture, high security data segregation and where the integration of existing technologies and standards are encouraged. Projects which will demonstrate full systems operating at appropriate scales and in appropriate environments are welcome, For example, healthcare/assisted living, intelligent transport, and high value systems and services.
• Small scoping studies into the development of certification, codes of practice and standards that will accelerate deployment will be considered if included as part of a larger project and on the basis that the results will be made publicly available.
• Real-time or near real-time disaster recovery and business continuity models and simulations with ‘what-if' planning capabilities.
• Knowledge transfer activities that bring atypical ideas and consortia together are encouraged, and should be included in project proposals as a separate work package.

All proposals must explain how the work will help in positioning the UK in the global market and against other global innovation leaders in the area. Projects should be mindful of how they might contribute to the European Commission ICT Objective 1.4 Secure, Dependable and Trusted Infrastructures and Objective 1.7 Critical Infrastructure Protection. Proposals must include quantitative development targets for the project outputs, together with (where appropriate) the relevant performance and cost targets for the ultimate device, application or service.

We recognise the close synergies between the areas of physical and information infrastructure protection and welcome proposals that cover both areas, however emphasis must be given to information infrastructure protection. Project partners who bring large real-world datasets which could be used for modelling complex information infrastructure risk scenarios are also welcomed.Innovative projects are particularly encouraged which build on thetransfer analytical tools and techniques from other domains such as safety critical engineering, probabilistic mathematical and agent-based modelling, network theory, transport infrastructure simulation, sociological interactions, financial risk modelling, drug discovery' consumer complexity and business continuity and resilience.

Funding Allocation and Project Details

An indicative £6m of funding is allocated to collaborative research and development projects that address one or more of the areas indicated above and involve business-to-business or business-to-science interactions. All proposers must indicate how their project will make a significant step change and overall positive contribution in terms of economic and business impact as well as environmental and social sustainability taking into account the full product lifecycle. Projects that can demonstrate benefits across more than one business sector and projects which include a strong supply chain based collaboration are particularly encouraged, so that new ideas can be developed and exploited in a timely fashion.

There are two levels of application:

1. Projects greater than £150k in total project value - these typically take between 12 and 36 months to complete, with the outcome entering the supply chain within two to five years of completion. (N.B.: any consortium considering submitting a proposal requiring more than £1m of grant funding should contact the Technology Strategy Board for further guidance at the earliest opportunity and no later than noon 16th April 2009.)
2. Fast-track projects up to £150k in total project value - these must be led by an industry SME or micro company and typically take up to 12 months to complete.

Projects can range from focused basic research, aimed at establishing technical feasibility, through to applied research, and to experimental development projects. It is anticipated that most of the funding will be allocated to proposals in applied R&D (attracting 50% public funding), but any project could include elements of experimental development (25% public funding) or industry-orientated basic research (75% public funding). A robust case must be made to support the requested level of funding for each work package in these three categories. Definitions of these can be found in the Guidance for Applicants - please see the Competitions section of the Technology Strategy Board website at www.innovateuk.org.

The Technology Strategy Board will require all projects to provide a noncommercially-confidential summary, at the start and the conclusion of the project, for dissemination.

If you have any queries about the technical scope of the competition or the application process, please contact the Technology Programme helpline on 01355 272155 or email competitions@tsb.gov.uk.

Application Process

1. Applications for projects valued at more than £150k

The key dates for this competition are 16th March 2009 when the competition opens and 23rd April 2009 when the compulsory Expression of Interest (EOI) must be submitted.

The process for this competition is in line with Technology Strategy Board policy which gives applicants the opportunity to make an initial optional EOI prior to their compulsory EOI application. Between 16th March and 15th April applicants will be able to submit their optional outlines and receive initial comment on a no commitment basis. Officials will look at the optional EOI and respond to applicants within three working days. Applicants may take advantage of this optional EOI up to one week prior to the compulsory EOI deadline. Applicants should note that the earlier in the process they submit an optional EOI the more time they will have to respond to any comments made.

The Guidance for Applicants explains the process in detail. The submitted compulsory EOI will be reviewed and feedback given on 11th May 2009. There will be an optional briefing day for this competition in London on 1st April 2009. This briefing is optional although potential applicants are strongly advised to attend if possible. Following the independent panel review, the Technology Strategy Board will then invite successful applicants to the full application stage. For these applicants, in the week beginning 11th May 2009, there will be the opportunity to discuss the feedback with Technology Strategy Board officials by telephone. Applicants invited to submit a full proposal will need to send one representative of their consortium to the compulsory briefing on 20th May 2009. They will also need to register their intention to apply by 18th June 2009 and submit their full application by 25th June 2009. Applicants will be informed of the outcome of their applications by 24th July 2009.

      2.   Applications for projects valued at less than £150k

Applications for fast-track projects will be accepted at any time from Thursday 23rd April to Monday 20th July 2009. Applications will be assessed in the last week of each month (i.e. in April, May, June and July) by a review board authorised by the Technology Strategy Board. Proposals for consideration need to arrive by the preceding Monday. Any received after this deadline will be held over until the following month. The Guidance for Applicants explains the process in detail and applicable dates.

Key Dates

Events

Information Day (London) 27th February 2009

Collaboration Workshop (Manchester) 18th March 2009

Collaboration Workshop (London) 20th March 2009

Collaboration Workshop (Glasgow) 6th April 2009

To register for events and find more information about our March 2009 competition please click here

For projects valued at more than £150k in total:

Competition opens 16th March 2009

Optional briefing day 1st April 2009

Expressions of Interest deadline 23rd April 2009

Feedback provided by 11th May 2009

Feedback discussion in week beginning 11th May 2009

Applicants briefing (compulsory) 20th May 2009

Registration of intent to submit (compulsory) 18th June 2009

Deadline for receipt of full applications 25th June 2009

Decision and feedback to applicants 24th July 2009

For projects valued at less than £150k in total:

Competition opens 16th March 2009

Optional briefing day 1st April 2009

Proposals can be submitted from 23rd April 2009

Deadline for receipt of applications 20th July 2009  

To register for events and find more information about our March 2009 competition please click here

More Information For more information about this competition and details of how to register and apply, please see competitions at www.innovateuk.org

Competitions Helpline:
01355 272155

Email:
competitions@tsb.gov.uk

The Technology Strategy Board is a business-led executive non-departmental public body, established by the government. Its role is to promote and support research into, and development and exploitation of, technology and innovation for the benefit of UK business, in order to increase economic growth and improve quality of life.

The Technology Strategy Board A1
North Star House
North Star Avenue
Swindon
SN2 1UE

Telephone: 01793 442700