Reference Library

AAMC's formal response to the OSTP Request for Information on the NSPM-33 Research Security Programs Standard Requirement, submitted in June 2023.

A Dear Colleague Letter issued by NSF in May 2023 regarding the NSPM-33 Research Security Programs Standard Requirement.

AAU's formal response to the OSTP Request for Information on the NSPM-33 Research Security Programs Standard Requirement, submitted in May 2023.

COGR's formal response to the OSTP Request for Information on the NSPM-33 Research Security Programs Standard Requirement, submitted in May 2023.

A March 2023 report issued by JASON and commissioned by NSF. Provides definitions of Research Integrity as adherence to accepted values and principles -- objectivity, honesty, openness, accountability, fairness, and stewardship -- that guide the conduct of research. Research Security is protecting the means, know-how, and products of research until they are ready to be shared. JASON suggests research security does not vary across disciplines, but the consequences of breaches in research security and the measures taken to prevent breaches will differ. Key points include an emphasis on training researchers on risks in international collaborations, the need to encourage collaboration with international organizations that are also concerned with research security, and avoiding creating a reputation of racial profiling or using the research security programs to disadvantage anyone based on ethnicity or nationality.

A Request for Information published in March 2023 by the White House OSTP seeking public comment on the NSPM-33 Research Security Programs Standard Requirement.

The NASA Proposer's Guide (February 2023) includes similar language to the Wolf Amendment in a footnote of section 2.16, Current and Pending Support. Per the footnote, 'China or Chinese-owned Company' means the People's Republic of China (PRC), any company owned by the PRC, or any company incorporated under the laws of the PRC. Chinese universities and other similar institutions are considered to be incorporated under the laws of the PRC and, therefore, the funding restrictions apply to grants and cooperative agreements that include bilateral participation, collaboration, or coordination with Chinese universities.

Draft standards for research security programs published for comment in February 2023 by OSTP/the NSTC Research Security Subcommittee. The document was superseded by the final standard guidelines published on July 9, 2024. The following are related documents and comments from higher education associations.

February 2023. Outlines advanced monitoring and verification activities of NSF proposals and awards. The guidelines largely serve to provide transparency and identify guardrails NSF has put in place around the use of data analytics to monitor and validate information disclosed (e.g., in biosketches and current and pending support). For example, the activities are not investigative and cannot be incorporated into the merit review process. Sources of information include SCOPUS, Web of Science, and the U.S. Patent and Trademark Office Patent Database.

The NSF Proposal and Award Policies and Procedures Guide (NSF 23-1, January 2023). Post-award Disclosure of Current Support and In-Kind Contribution Information: PAPPG Chapter II.D.2.h(ii).

Research security training developed by institutions and organizations under cooperative agreements funded by NSF in collaboration with the National Institutes of Health (NIH), Department of Energy (DoE), and Department of Defense (DoD), with engagement from the Federal Bureau of Investigation (FBI). The training consists of 4 modules: 1.) What is Research Security?; 2.) Disclosure; 3.) Manage and Mitigate Risk; 4.) International Collaboration.

The National Academies of Sciences, Engineering, and Medicine's National Science, Technology, and Security Roundtable, called for in the Fiscal Year 2020 National Defense Authorization Act, explored issues related to protecting U.S. national and economic security while ensuring the open exchange of ideas and the international talent.

Issued in January 2023 by the National Academies, this report outlines recommended conditions that should be in place for the Department of Defense to consider granting a waiver to allow an institution of higher education (IHE) hosting a Confucius Institute (CI) to continue receiving agency funding, as contemplated under the FY2020 NDAA. A summary is also available at https://nap.nationalacademies.org/read/26747/chapter/2.

A Government of Canada website (October 2022) that provides guidance and resources for researchers engaging in international research.

September 2022. Requires agencies to implement a due diligence program to assess security risks for SBIR and STTR proposals. Disclosure requirements include information on foreign ties, business relationships, investment, and ownership. [Source: AAU, January 2024].

OSTP to issue guidance to Federal research agencies to prohibit participation in 'foreign talent recruitment programs' by agency personnel and provide additional clarification to the research community regarding which activities are considered 'foreign talent recruitment programs.' OSTP is also directed to issue guidance clarifying that researchers working on Federally supported research projects must disclose participation in FTRPs in Federal research award proposals. OSTP is further directed to issue guidance for Federal research agencies to prohibit researchers working on agency-funded projects from participating in 'malign foreign talent recruitment programs,' and certify both at the time of proposal and annually that they are not part of a malign foreign talent recruitment program.

Establishes a Chief of Research Security position within the NSF Office of the Director to manage the Office of Research Security and Policy.

Directs [NSF] to develop an online resource to inform institutions and researchers of security risks and best practices and explain Foundation research security policies.

Requires NIST to offer resources and technical assistance to research intensive universities to help them mitigate cyber risks related to conducting research.

Requires NIST to consider the needs of IHEs when creating cybersecurity guidance.

DOE Office of Science to develop and maintain tools and processes to manage and mitigate research security risks such as an S&T risk matrix, informed by threats identified by the Office of Defense National Intelligence (ODNI).

Signed into law in August 2022, the CHIPS and Science Act includes a number of research security provisions. Key sections address research security at DOE, NIST cybersecurity guidance, NSF Office of Research Security and Policy, research security training requirements, information sharing analysis organizations, Confucius Institute restrictions, foreign financial support reporting, and foreign talent recruitment program requirements.

Authorizes the NSF OCRSSP, in coordination with the Office of Inspector General (OIG), to conduct risk assessments, including through the use of open-source analysis and analytical tools, of R&D award applications and disclosures to NSF.

Expands the requirement for RCR training to include faculty and other senior personnel on [NSF] awards and expands the scope of such training to include mentoring training and training to raise awareness of research security risks as well as Federal export control, disclosure, and reporting requirements.

Directs [NSF] to establish a research security and integrity information sharing analysis organization to enable the research community to share information, identify research security risks, and implement risk assessment and mitigation best practices and procurement of a non-government organization to run this center. The SECURE Program, including the SECURE Center and SECURE Analytics, were implemented to answer this call.