CyLab is one of the largest university-based cybersecurity education and research centers in the U.S. Our goal is to build mutually-beneficial public-private partnerships to develop new technologies for measurable, available, secure, trustworthy, and sustainable computing and communications systems and to educate individuals at all levels.
CyLab provides technology resources and expertise in four areas:
Joint Projects with Government Agencies:
Fluid Software Assurance Tool is an experimentally-applied software assurance tool for large-scale (200KLOC+) deployed production Java software. Working with the Jet Propulsion Laboratory, the project identified several dozen race conditions errors, and repaired them without introducing any new faults or errors.
A collaboration with the Idaho National Laboratory, a new attack surface measurement method for critical software systems was developed to project INL's critical systems.
MERIT (Management and Education on the Risk of Insider Threats) delivers methods and tools that help managers to understand the potential near-term and long-term insider threat risk to their organization, quantitatively analyze tradeoffs associated with alternative approaches to mitigate this risk, and communicate risks and mitigations with others in their organization. The tools were developed in collaboration with the DoD Personnel Security Research Center and DoD CounterIntelligence Field Agency (CIFA)
PASIS (Perpetually Available and Secure Information Systems) is a general survivable storage system that enables experimentation with different mechanisms for data encoding and distribution. Working with AFRL Jont Battlespace Infosphere (JBI) researchers, PASIS was evaluated and chosen to replace existing JBI software.
Joint Projects with Private Sector Companies
Selective Obfuscation of Enterprise Data- technical report (pdf)
VANETS (Vehicular Ad Hoc Networks) - technical report (pdf)
YinzCam's mobile sports apps are in the hands of thousands of sports fans in the country, allowing them to stay in touch with the favorite teams 24x7x365, by providing fans with real-time stats, multimedia, streaming radio, social-media and much more. The company's mobile-video technology is also being deployed within sports venues throughout the country to allow fans to watch instant replays, live cameras (including the NFL RedZone channel) on their smartphones, tablets or touchscreen computers.
Over 200 million CAPTCHAs are solved every day by people around the world. reCAPTCHA channels this human effort into helping to digitize books and newspapers. When you solve a reCAPTCHA, you help preserve literature by deciphering a word that was not readable by computers.
The company supplies tools for software engineers developing complex and critical applications; provides advanced bug-finding, analysis and verification; empowers development teams to deliver reliable and powerful applications.
The company provides licensed Grey smartphone technology which allows users to securely exercise and/or delegate authority for accessing physical and virtual spaces. BiometriCore Inc. The company produces commercial face and iris recognition technology and provides face and iris software development kits. The technology is used by U.S. government for surveillance in airports and critical infrastructure locations.
Our goal is to build a national supply of experts in Information Assurance. We offer both PhD and MS programs with over 150 PhD students to date.
Through a grant from the National Science Foundation, Carnegie Mellon created the Information Assurance Capacity Building Program (IACBP), under which it partnered with minority-serving institutions (MSIs) across the country to help develop or increase their capacity to conduct research and education in information assurance. Each selected institution sent several faculty members to Carnegie Mellon for an intensive summer program where they worked to develop new courses, certification programs, laboratory plans and publications. Approximately 40 MSIs participated in the IACBP from 2002 to 2011. Relationships between CyLab faculty and the IACBP participants continue beyond their attendance of the summer program and develop into ongoing collaborations between faculty and their institutions.
CyLab administers scholarships for information security students in federal programs, notably, the Federal Cyber Corps Scholarship for Service Program (SFS). The SFS provides a full-tuition scholarship and stipend to a few highly qualified applicants each year pursuing graduate degrees in information security at the Information Networking Institute and the Heinz College. Since the program's inception, Carnegie Mellon has graduated 148 SFS scholars who have gone on to full-time positions in the nation's cybersecurity workforce. Another graduate participated in the Department of Defense's Information Assurance Scholarship Program (IASP), and several other students are currently pursuing the IASP, which also offers full-tuition funding in exchange for a commitment to federal employment after graduation.
Carnegie Mellon conducts education, outreach and training with the goal to raise cyberawareness among Internet users of all ages.
The INI and CyLab developed the MySecureCyberspace initiative in 2005, through a grant from the National Science Foundation, and developed three educational tools to teach users safe, responsible, sound and reliable practices for the computer and Internet at home: an educational website for the general public (www.mysecurecyberspace.com), an interactive game for upper elementary school children (Carnegie Cadets: The MySecureCyberspace Game), and a companion website for the game (www.carnegiecyberacademy.com).
The MySecureCyberspace initiative reached over one million visitors, and Carnegie Cadets served hundreds of registered users in homes and schools around the globe. Recognition for these projects included finalist status for the 2009 Japan Prize, the Silver Award of Distinction in the 2009 Communicator Awards in two interactive categories, and the 2006-2007 Award of Merit for online communication award from the Society for Technical Communication, Pittsburgh Chapter.
In 2010, the INI and CyLab received a grant from the Verizon Foundation to conduct local community workshops based on the MySecureCyberspace web resources. Through this grant, the project team delivered workshops in the Pittsburgh community to local schools, where students, parents, teachers, and school administrators were provided with the knowledge and tools they needed to practice safe, secure and responsible computing.