[Congressional Bills 116th Congress]
[From the U.S. Government Publishing Office]
[H.R. 3611 Introduced in House (IH)]

<DOC>






116th CONGRESS
  1st Session
                                H. R. 3611

   To provide for a pilot project for a nationwide network of secure 
 computing enclaves for federally funded research in universities, and 
                            other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                              July 2, 2019

 Mr. Babin (for himself, Mr. Weber of Texas, Mr. Marshall, Mr. Norman, 
  Mr. Gonzalez of Ohio, and Mr. Baird) introduced the following bill; 
which was referred to the Committee on Science, Space, and Technology, 
and in addition to the Committee on Armed Services, for a period to be 
subsequently determined by the Speaker, in each case for consideration 
  of such provisions as fall within the jurisdiction of the committee 
                               concerned

_______________________________________________________________________

                                 A BILL


 
   To provide for a pilot project for a nationwide network of secure 
 computing enclaves for federally funded research in universities, and 
                            other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Securing American Research From 
Cyber Theft Act''.

SEC. 2. PURPOSE.

    The purposes of this Act are to help institutions of higher 
education protect federally funded research from cyber theft and 
interference by--
            (1) directing the Networking and Information Technology 
        Research and Development Program to provide for support and 
        guidance on improving the security of academic computing and 
        networking systems that process, store, and transmit federally 
        funded research; and
            (2) establishing a pilot program to support regional secure 
        computing enclaves for academia to provide researchers with 
        secure data storage and adequately protect Federal Government 
        data.

SEC. 3. NETWORKING AND INFORMATION TECHNOLOGY RESEARCH AND DEVELOPMENT 
              UPDATE.

    Section 101 of the High-Performance Computing Act of 1991 (15 
U.S.C. 5511) is amended--
            (1) by inserting after subparagraph (I) the following:
                    ``(J) provide for improving the security, 
                reliability, and resiliency of computing and networking 
                systems used by institutions of higher education and 
                other nonprofit research institutions for the 
                processing, storage and transmission of sensitive 
                federally funded research and associated data;''; and
            (2) by redesignating subparagraphs (J) through (O) as 
        subparagraphs (K) through (P), respectively.

SEC. 4. COMPUTING ENCLAVE PILOT PROGRAM.

    (a) In General.--The Secretary of Defense, in coordination with the 
Director of the National Institute of Standards and Technology, the 
Director of the National Science Foundation, and the Secretary of 
Energy, shall establish a pilot program to ensure the security of 
federally supported research data and to assist regional institutions 
of higher education and their researchers in compliance with 
regulations regarding the safeguarding of sensitive information and 
other relevant regulations and Federal guidelines.
    (b) Structure.--In carrying out the pilot program established 
pursuant to subsection (a), the Secretary shall select three 
institutions of higher education from among institutions classified 
under the Indiana University Center for Postsecondary Research Carnegie 
Classification as a doctorate-granting university with a very high 
level of research activity, and with a history of working with secure 
information for the development, installation, maintenance, or 
sustainment of secure computing enclaves.
    (c) Regionalization.--
            (1) In selecting universities pursuant to subsection (b), 
        the Secretary of Defense shall give preference to institutions 
        of higher education with the capability of serving other 
        regional universities.
            (2) The enclaves should be geographically dispersed to 
        better meet the needs of regional interests.
    (d) Program Elements.--The Department of Defense shall work with 
Institutions of Higher Education selected pursuant to subsection (b) 
to--
            (1) develop an approved design blueprint for compliance 
        with Federal data protection protocols;
            (2) develop a comprehensive and confidential list, or a 
        bill of materials, of each binary component of the software, 
        firmware, or product that is required to deploy additional 
        secure computing enclaves;
            (3) develop templates for all policies and procedures 
        required to operate the secure computing enclave in a research 
        setting;
            (4) develop a system security plan template; and
            (5) develop a process for managing a plan of action and 
        milestones for the secure computing enclave.
    (e) Duration.--The pilot program established pursuant to subsection 
(a) shall operate for not less than 3 years.
    (f) Report.--
            (1) In general.--The Secretary shall report to the 
        Committee on Armed Services of the House, the Committee on 
        Armed Services of the Senate, the Committee on Science, Space, 
        and Technology of the House, and the Committee on Commerce, 
        Science, and Transportation of the Senate not later than 6 
        months after the completion of the pilot program under 
        subsection (a).
            (2) Contents.--The report required under subsection (f)(1) 
        shall include--
                    (A) an assessment of the pilot program under 
                subsection (a), including an assessment of the security 
                benefits provided by such secure computing enclaves;
                    (B) recommendations related to the valued of 
                expanding the network of secure computing enclaves; and
                    (C) recommendations on the efficacy of the use of 
                secure computing enclaves by other Federal agencies in 
                a broader effort to expand security of Federal 
                research.
    (g) Authorization of Appropriations.--There is authorized to be 
appropriated to the Secretary, $38,000,000 for fiscal years 2020 
through 2022, to carry out the activities outlined in this section.

SEC. 5. DEFINITIONS.

    In this Act:
            (1) Institution of higher education.--The term 
        ``institution of higher education'' has the meaning given such 
        term in section 101 of the Higher Education Act of 1965 (20 
        U.S.C. 1001).
            (2) Secretary.--The term ``Secretary'' means the Secretary 
        of Defense.
                                 <all>