Innovation Challenges

Expert Icon

Next Generation Technologies Fund – SDN Data Plane Security and extensions to Software Defined Clouds (Medium priority) (closed)

Defence Science and Technology (DST) Group
This challenge has closed.
Partners: Data61, Defence Science and Technology (DST) Group
Fields of Research: Computer Software, Numerical and Computational Mathematics, Artificial Intelligence and Image Processing, Information Systems, Other Information and Computing Sciences, Distributed Computing, Data Format, Cognitive Sciences
Tags: Cyber, Cyber Security, Cyber Resilience
Audience: Researchers
Anticipated Funding: Assessment based
Applications Close (4:30pm AEDT): August 15, 2018
Applications Open: July 6, 2018
Call For Applications: July 6, 2018
Last Updated: August 20, 2018 5:10 AM
Challenge image

The Challenge

Software-Defined Network (SDN) radically changes the network architecture by decoupling the network logic from the underlying forwarding devices. From a security perspective, SDN separates security concerns into control and data plane, where the data plane is composed of networking equipment such as switches and routers specialized in packet forwarding interacting with SDN controllers using the Southbound APIs. This architectural re-composition brings up exciting opportunities and challenges. The overall perception is that SDN capabilities will ultimately result in improved security. However, in its raw form, SDN could potentially make networks more vulnerable to attacks and harder to protect.This research will focus on identifying challenges faced in securing the data plane of SDN – one of the least explored but most critical components of this technology by formalising potential attack scenarios. For instance recently, it has been shown that attackers could use performance metrics (Input buffer and/or packet processing time) as side channels to infer forwarding policies. Similarly, vulnerabilities include potential exploits of software vulnerabilities (e.g. TCAM memory attacks) to compromise switches or to infer network topologies, or protocol attacks that consist of exploiting network protocol vulnerabilities to craft “fake” flow rules that override the existing rules.In addition, with the increased adoption of Software defined systems paradigm abstracting the actual hardware at different layers with software components, emerging technologies including Software Defined Cloud (SDCloud) for cloud management are equally vulnerable to compromised forwarding devices threats. This project aims then at establishing the set of requirements to protect the data plane of Software defined systems in a holistic and generic approach.

The Partners

Data61Defence Science and Technology (DST) Group

Eligibility Criteria

This opportunity is open to all registered Australian Universities and Australian Publicly Funded Research Agencies. 


  • Successful applicants must be able to meet the milestones and timelines outlined in their submission. 
  • Successful applicants must enter into a Data61 University Collaboration Agreement. 
  • Successful applicants will enter into the appropriate contracting arrangement within 3 weeks of announcement.


Terms and Conditions

Proposals submitted will be assessed equally on the following criteria: 


  • Alignment to Defence strategy and the project priorities articulated in this document 
  • Future science criticality 
  • Collaboration depth (e.g. Collaboration with DST staff, Data61 staff, other universities, an industry partner, etc.) 
  • Delivery of outcomes (e.g. the ability of the proposal to deliver the agreed outcomes and milestones). 
  • Game changing potential to Defence


Please limit submissions to no more than 2000 words. Ensure that all contact details, current and potential DST, Data61 collaborators and/or research partner details are on a separate page/covering sheet. The proposals will be de-identified during the selection process to eliminate any potential conflicts of interest. 

Defence and Data61 reserves the right to fund all, some or none of the proposals received under this Call for Applications. 


Contracts and Intellectual Property


Successful applicants will be required to enter into a Data61 University Collaboration Agreement and a subsidiary Collaborative Research Project Agreement with Data61 in order to access project funding. Data61 will enter into contracts with the lead party in each proposal. 

Any IP generated as part of the projects will vest in Data61 unless otherwise agreed, and Defence will receive a license for Commonwealth purposes only. 

Any Commonwealth funding contributed to the projects will be paid in accordance with successful completion of milestones and as negotiated by the parties. Where circumstances necessitate it is possible for a small payment to be made upon execution of the agreement and in accordance with Defence procurement rules. 


How to Apply

Please submit via the DST portal.


Proposals are to be submitted by 4.30pm Australian Eastern Daylight Time (AEDT), 15 August 2018. Only projects submitted via email to by the above deadline will be considered in this round. 

For further information or assistance, please contact:


Want to know more or not sure where to start?
Click on the page most relevant to you or learn more about how you can get involved:


The Department of Industry, Innovation and Science
The Conversation Media Group
IP Australia
Clarivate Analytics
The Australian Research Council
ACT Government
Australian Access Federation
Australian National University
CBR Innovation Network
University of Canberra
University of Technology Sydney
Western Sydney University