Similarly, the rise of big data and rich data analytics, made possible by the proliferation of these inexpensive networked devices and by massive cloud data centers, are challenging traditional notions of computing. The balance of value is shifting from isolated devices and software to capabilities embodied by an integrated system of devices, data, and services. A data-rich, consumer-driven world where data is ubiquitous and often accessible has profound implications for U.S. DOD notions of information superiority, privacy, and security.
The increasing diversity and independence of global supply chains for new generations of COTS devices will challenge existing approaches to system security. Demand for software verification of diverse components with multiparty provenance will increasingly be the norm, but thus far verification of even existing systems remains a challenging research problem. When coupled with device heterogeneity and specialization for performance, verifying functionality and the absence of implicit or explicit security backdoors will require new organizational and software security approaches.
The emergence of foreign markets that are larger, are potentially more lucrative, and have better long-term growth potential than in the United States and other developed countries also has significant implications for the ability of the United States to shape technological directions. A shift in the global commercial center of gravity (either as the result of a new development or of decreased public or private research investments) may lead to a shift in the global research and development (R&D) center of gravity. For example, this could occur if international firms are required to locate in these markets to remain competitive, to meet the requirements of government regulations in the target markets, and to better understand those markets. The availability of trained and talented researchers and developers, particularly in parallel computing, will also affect these placements, as today’s devices are dependent on parallel applications and system software to meet performance and functional targets.
In the committee’s view, the United States became the leader in advanced computing because of its significant and sustained investment in long-term basic research, especially its combination of risky, big bets, some of which had significant financial returns, and curiosity-driven, smaller-scale research.13 A diverse portfolio of research was supported by multiple agencies in the Networking and Information Technology Research and Development (NITRD) Program over many years. This era of diverse funding has undergone changes in recent years. There is now an increasing monoculture of research funding for computing research, centered on the funding model of the National Science Foundation (NSF). Because NSF emphasizes single-investigator and small-group research, it has not historically supported long-term, large-scale infrastructure for either chip and system fabrication or compiler and tool infrastructure.
In contrast, China, for example, has been increasing its R&D investment in advanced computing over the past decade and appears willing to invest in research aimed at both incremental and higher-end computer innovation. At the same time, China is investing heavily in the training of advanced scientists and engineers at the undergraduate and postgraduate level both at home and abroad. If these trends continue, the still-wide gulf in the educational and R&D capabilities between China and the United States will narrow.
The growing R&D competitiveness of other countries has potentially far-reaching ramifications for the United States in cybersecurity. The DOD and the U.S. government cybersecurity strategy depends upon the U.S. commercial information technology sector remaining as the world leader.14 Software development is an increasingly central driver of computing innovation, whether it is parallel tools and applications for new devices or advanced software services and data analytics running atop massive, highly parallel cloud data centers.
The interconnected nature of globally designed and manufactured consumer devices contributes to increased risk of data and software security breaches and makes clean separation of functions—a traditional tenet of good security—ever more difficult. The globalization of this software development, as well as state-sponsored cyberespionage, raises important software and cybersecurity questions.15 Cybersecurity may well become a pivotal long-term area of competition between the United States
14Office of the Deputy Assistant Secretary of Defense for Industrial Policy, 2010, DoD Cyberstrategy: Leveraging the Industrial Base, December.