Virginia Tech® home

2023: Research in Supply Chain Cybersecurity

Proposals due September 25, 2023, 5 p.m. ET

CCI seeks proposals for seed research grants that advance the state of the art of Supply Chain Cybersecurity by building capacity and increasing competitiveness.

people in front of screens showing roads and highways

Applications from under-represented groups are particularly welcome, as are applications from researchers who have not previously engaged with CCI. Women, underrepresented minorities, and persons with disabilities are strongly encouraged to apply.

Topics include but are not limited to:

  • Zero-trust architectures.
  • Securing softwarized and disaggregated networks.
  • Testing and validation of system security.
  • Cybersecurity risks to the semiconductor supply chain, including hardware Ttrojans.
  • Autonomous vehicle supply chain security.
  • Supply chain security over the product lifetime, e.g., software updates.
  • Supply chain security for systems involving artificial intelligence/machine learning.

Objectives of this call include:

  • To produce seminal contributions to supply chain cybersecurity, targeting the expansion of this research through competitive grants from the federal government, private sector, philanthropic foundations, and other sources.
  • To produce research contributions that benefit Virginia companies.
  • To explore opportunities for innovation (commercialization, entrepreneurship, etc.) in supply chain cybersecurity.

Proposal Guidelines


Who Can Serve as Principal Investigator (PI): Researchers and faculty members at public institutions in CCI who are deemed eligible by their home institution to serve as a PI on an external grant are eligible to apply.

Limit on Number of Proposals per Institution: There are no restrictions or limits.

Limit on Number of Proposals per PI:  An eligible researcher can participate on at most two proposals in this call, and can submit at most one proposal as the Principal Investigator. 

Other Requirements: Proposals:

  • Must include a clear plan for extension of the work through additional research grants from the federal government or industry. Proposers must indicate which additional funding opportunities (e.g., specific calls, agencies or companies that have expressed interest in the work, etc.) they will pursue to build on the research funded by this call.
  • Include letter(s) of support, if possible, from Virginia companies or government agencies that indicate the relevance of the work and/or potential collaborations.


Maximum Award Amount: For proposals involving multiple CCI institutions, $100,000 per proposal. For proposals involving a single CCI institution, $50,000 per proposal.

Award Conditions: Successful applicants are expected to participate fully in the activities of CCI in such areas as:

  • Providing materials needed for reports.
  • Participating in CCI meetings.
  • Responding to data collection requests by CCI. 

All publications and presentations resulting from the grant should acknowledge support from CCI. Commonwealth Cyber Initiative (CCI).

The PI is responsible for submitting periodic reports (every 6 months, and a final report) to CCI. Guidelines for format and content for periodic reports will be provided.

Request for Proposals Released August 21, 2023
Last Day for Q&A September 11, 2023
Proposals Due September 25, 2023, 5 p.m. ET
Award Notification November 22, 2023
Project Dates December 1, 2023, to December 31, 2024


Proposal Format

1. Title page (one page): Title of the proposed project, name, affiliation, and contact information for the Principal Investigator (PI) and co-Principal Investigators (co-PIs), if any. Find an example of the title page format at the bottom of this page.

2. Proposed Research Project (up to four pages): Description of the project.

  • Rationale: Discussion of the technical background and engineering/scientific justification. This should include project objectives and intellectual merit of the proposed work.
  • Relevance to CCI and to this call: A brief paragraph describing how the project will advance the state of the art in cybersecurity, in particularly in supply chain cybersecurity.
  • Research Plan: What exactly will be done? How will the objectives be met? What are the motivations, methods, likely outcomes, milestones, and future directions? If existing CCI assets and equipment will be leveraged to support the research, please describe the equipment/assets and how they wi’ll be used.
  • Deliverables: Describe the expected deliverables for the project (publications, demonstrations, intellectual property, etc.).

 3. Plan for Additional Funding and Impact on the commonwealth (up to one page)

  • Identify one or more specific opportunities for additional funding to expand the research proposed here. and outline a plan to pursue for pursuing this funding.
  • Address potential for commercialization and economic development/impact from this work.
  • Letters of collaboration or support from Virginia companies or agencies can be attached as an appendix (such letters won’t be not included in the page count).

4. References (not included in the page count)

5. Budget

  • A detailed budget and one-page justification must be included. Please confirm the ability to utilize all potentially awarded funds by December 31, 2024.
  • Travel should be included to support PI’s and team members’ attendance at the annual CCI Symposium and other CCI events. The next Symposium will take place in April 2024, in Richmond, Va.
  • Indirect costs are not allowed.

6. Biographical sketches (up to three pages for each investigator, using NSF format)

7.  Current and pending support for each investigator

Proposal Submission

The proposal must be submitted to no later than the close of business day (5 p.m. ET) on September 25, 2023. All proposals must be submitted as a single PDF document with the subject line “CCI Fall 2023 Research Call”.

Proposals and budgets should go through the appropriate approval process at the PI’s institution. For example, many universities require researchers to include a proposal and budget which have been approved in the standard Office of Sponsored Programs (or your institution’s equivalent) pre-award procedure. Please consult the PI’s node director to confirm the process. 

Contact information of CCI node directors:

Evaluation Criteria

A committee will review the proposals and make funding recommendations. Evaluation criteria include:

  • Strong intellectual merit related to cybersecurity.
  • Relevance to the focus of the call on supply chain cybersecurity.
  • Clear plan for obtaining additional funding from government, private sector, philanthropy, etc., and likelihood of being competitive for the programs identified by the PI.
  • Strong broader impacts related to CCI’s mission lines of innovation and workforce development, as well as in diversifying the cyber workforce.

Specific questions concerning this RFP and the requirements set forth herein should be directed in writing to

Title Page Format Example

Project Title:

Project Abstract (up to 250 words):

Total Requested Amount:

Requested Amount per Institution:   

Name, Title, and Mailing Address for Primary Contact at Each Institution Requesting Funding:

Project Investigators:

PI Name Institution Department Email