Key Issues in the Digital Research Infrastructure Landscape Jim Ghadbane | December 7, 2018 | RDM Summit for Canadian Colleges and Polytechnics

Let’s connect! @jghadbane canarie.ca | @canarie_inc Agenda

1. Digital Research Infrastructure (DRI) Overview: CANARIE Perspective 2. Evolution of Canada’s DRI Ecosystem • Budget 2018 and ISED Consultation • DRI Components 3. Cybersecurity

canarie.ca | @canarie_inc 2 Canada’s DRI Ecosystem

canarie.ca | @canarie_inc 3 Core Purpose Advancement of Canada’s knowledge and innovation infrastructure

canarie.ca | @canarie_inc 4 What is Digital Research Infrastructure (DRI)?

DRI is the enabling foundation for modern, data-intensive, global research and education.

DRI maximizes the return on the investments made by governments and institutions in higher education.

canarie.ca | @canarie_inc 5 The 4 pillars of Digital Research Infrastructure (DRI)

Network Computing Storage Software

Highly Qualified Personnel (HQP) CANARIE’s vision for an integrated DRI ecosystem

Research Collaboration Innovation

Anytime. Actors in the DRI ecosystem

Network Compute Data / Storage Software CANARIE Compute CANARIE CANARIE Canada via CFI Canadian Tri-Agencies Canadian Association of (indirectly) Foundation for Research Libraries Innovation (CFI) CFI/Compute National Canada Organizations CFI/Compute Canada

Research Data Canada via CANARIE

Regional Advanced Regional Consortia Campus repositories Off-the-shelf Networks (RANs) software Provincial and Campus computing Institutional Institutional Organizations networks Southern Ontario Smart Computing Innovation Platform (SOSCIP) How does DRI support the research workflow?

Data Management / Storage Tools

Research Software Tools Data Data Acquisition/ Data Curation, Management Plan Sensor Management Storage Computing Data Visualization Storage, Re-use

Network Computing

Research Workflow Evolution of Canada’s DRI Ecosystem

canarie.ca | @canarie_inc 10 A researcher-centric ecosystem

System Requirements

What researchers want: Development and deployment of > Solution-based tools integrated suite of tools > Awareness of tools > Support (HQP) & clear escalation Clear and accessible contact points at > Influence tool evolution/creation institutional, regional and national levels > Improved access

> Reduced need to develop or Agility to deploy funds to purchase own tools elements of ecosystem as and when needed

canarie.ca | @canarie_inc 11 A researcher-centric ecosystem

System Requirements

Governance models that What institutions want: respects multiple funders and > Clarity and predictability jurisdictional roles around function and funding of elements of ecosystem Clear and accessible contact points at > Input around holistic evolution institutional, regional of DRI ecosystem and national levels

Funding models that map to jurisdictional roles in the ecosystem

canarie.ca | @canarie_inc 12 DRI funding announced in Budget 2018

canarie.ca | @canarie_inc 13 Budget 2018 - “Harnessing Big Data”

> $572.5M over 5 years • Leverage “improved technologies such as cloud computing and faster networking”* ─ Objective: deliver more open and equitable access to advanced computing and big data resources to researchers across Canada • Requires development of a Digital Research Infrastructure Strategy that includes working with provinces, territories and universities, “including how to incorporate the roles currently played the CFI, Compute Canada, and CANARIE to provide for more streamlined access for Canadian researchers” • Yields improved access to essential tools and services to strengthen Canada’s reputation as a global leader in science, research, and innovation > $52M/year ongoing afterwards > ISED discussion paper released July 2018 > Decision on delivery mechanisms likely spring 2019 * Federal 2018 Budget, p.92 canarie.ca | @canarie_inc 14 Canada’s National Research and Education Network (NREN)

The foundation for digital innovation… via successful federal- provincial collaboration.

canarie.ca | @canarie_inc 15 How does Canada’s NREN work?

CANARIE CommitteeGC) (NREN NRENGovernance National coordination; international and interprovincial connectivity

Regional Advanced Networks (RANs) Provincial coordination; interprovincial connectivity

Local delivery; onsite support Research Community Researchers

canarie.ca | @canarie_inc 16 Advanced Research Computing (ARC) in Canada

canarie.ca | @canarie_inc 17 CANARIE’s Research Software Program

> Reusable, plug-and-play software services

Data Acquisition/ Computation/ Storage Visualization Sensor Management Processing

canarie.ca | @canarie_inc 18 Research Software: Community Development

> Improving the quality of research software and minimizing duplication maximizes the efficiency of research funding and speeds time to discovery

Annual Research Software Survey

Local Support Research Software Development Software Pilot Best Practices Conference Project

Generic Platform

canarie.ca | @canarie_inc 19 Long-term research data storage and preservation

Why?

Considerations vs. vs.

How long?

canarie.ca | @canarie_inc 20 Long term research data storage and preservation: A model for a federated system

Federated systems

Local, secured storage Institutional collaboration National data storage for sensitive data for regional data storage

canarie.ca | @canarie_inc 21 National/global data discovery requirements

Data Governance

Retains Locates global Manages Respects provenance; datasets accessibility privacy attribution

canarie.ca | @canarie_inc 22 Cybersecurity

canarie.ca | @canarie_inc 23 R&E cybersecurity challenges

Valuable student & research data Diverse and mobile Common populations threats, but lack of Bring your coordination own device policies Difficulty finding & retaining HQP

canarie.ca | @canarie_inc 24 R&E threats are both external and internal.

canarie.ca | @canarie_inc 25 CANARIE’s strategy: Creating a R&E cybersecurity ecosystem

Process:

Encourage data & threat sharing

Technology: People:

Shared tools reduce Develop HQP within costs; encourage the R&E community sharing & automation NREN Security Information and Event Management (SIEM) Deployment

To improve the posture of the NREN as a whole, the provincial and territorial partners in Canada’s NREN will deploy common security tools, and collaborate through the development of a distributed team of security experts.

canarie.ca | @canarie_inc 27 SIEM Deployment Project: Phase 1 Monitoring the R&E Network

NREN Internet

Operational SIEM SIEM RAN(s) Alarms Infrastructure SIEM Console SIEM Admin SIEM Log Monitored IT Security Collectors Logs Skills & Training RAN(s) Network

IT Security Incident Response

RAN End-User Member(s) Institutions canarie.ca | @canarie_inc 28 SIEM Deployment Project: Phase 2 Monitoring Endpoints

NREN Internet

Operational SIEM SIEM RAN(s) Alarms Infrastructure SIEM Console SIEM Admin SIEM Log Monitored IT Security Collectors Logs Skills & Training RAN(s) Network

IT Security Incident Response

Monitored RAN End-User Logs Member(s) Institutions canarie.ca | @canarie_inc 29 Joint Security Project (JSP) The most important part of the JSP is learning how to collaborate on security.

The JSP aims to begin an alignment for improving and coordinating national cybersecurity.

canarie.ca | @canarie_inc 30 CANARIE’s role in the JSP

• Project definition and • In-person training launch workshop • Working group meetings

Leadership Coordination

Funding Administration

• Installation of local network monitoring • Project agreement equipment [BRO] • Procurement • Self-serve data aggregation • Information sharing & analysis platform agreement

canarie.ca | @canarie_inc 31 JSP: A successful pilot

> Oversubscribed participation > Building operational trust > Active security analysis > Active security information sharing > Proposal with Government of Canada to expand Joint Security Project into Phase 2

canarie.ca | @canarie_inc 32 CANARIE is participating in the university-led Proof of Concept Canadian Shared SOC (CanSSOC)

canarie.ca | @canarie_inc 33 Complementarity of security initiatives

SSOC – Shared Security Operations Centre

CANARIE SIEM – Security Incident and Event Management

Shared SSOC SOC Pilot Provincial/Territorial Institutions NREN SIEM Phase 2 Networks [RANs]

canarie.ca | @canarie_inc 34 Resulting in…

Support for the Greater security development of for the NREN and cybersecurity connected expertise institutions

People

Process Data for Support for researchers to commercialization of develop new new defense/prevention techniques techniques

canarie.ca | @canarie_inc 35 canarie.ca | @canarie_inc 36 canarie.ca | @canarie_inc