Government offers £6m to fund complex network security infrastructure

A new government-sponsored competition seeks solutions to potentially catastrophic system failures.

The U.K. government is putting up £6 million for a competition to stimulate development of new tools that handle the threats posed by ever more complex and connected information systems.

The money is earmarked for projects that will investigate how to reduce the impact of security vulnerabilities on large and complex systems. Individuals and organisations are being invited to form consortia and bid for a slice of the £6m prize to help with the new research investment.

The money is being offered by the Technology Strategy Board (TSB), which is sponsored by the Department for Innovation, Universities and Skills, and whose role is to promote technology and innovation for the benefit of U.K. business. The competition has the support of the Centre for the Protection of National Infrastructure and the Engineering and Physical Sciences Research Council.

"If you look at infrastructure protection, there are not many people working on this," said Andrew Tyrer, network security specialist at the TSB. "One or two companies have research programmes, but no one is taking the lead. The U.K. has the ability to take the lead in solving what is a global problem."

Tyrer said that as systems become bigger and more complicated, it is harder to spot vulnerabilities and predict the potential impact of failure in one part of the system. "We are getting systems made up of multiple systems, so that a vulnerability in one system will be very hard to identify and mitigate, and may cause a cascade failure if it ever comes to light," he said.

He cited a couple of recent events to illustrate the point. One was the electrical blackout of the eastern seaboard of the United States in August 2003, which lasted for more than 48 hours and affected more than 50 million people. This was traced back to a breakdown in the control system computer, which failed to detect a small electrical problem and rectify it.

The other event was the Buncefield, Hertfordshire oil storage depot fire in 2005. The fire resulted in the destruction of nearby buildings, which put websites out of action and even hit the IT system at Addenbrooke's Hospital in Cambridge.

Tyrer said he expects funding applications from consortia consisting of companies, individuals and academic bodies. Small companies are also being encouraged to apply through a "fast-track" process with projects under a value of £150,000.

Winners will be allotted up to half of the cost of their project. "This is unique," Tyrer said. "It is the only publicly funded research into this global problem at the moment. This is a tough issue. If it wasn't, everyone would be doing it. The aim of this competition is to give people a bit of a push in this direction. At the moment, there are no tools to help you identify and mitigate these vulnerabilities, in what might be a low-probability, but high-impact scenario."

The competition starts on March 16, and all expressions of interest must be submitted by April 23. The deadline for full submissions is June 25.

See full details at

Read more on Application security and coding requirements