Opportunity Information: Apply for 24 608

The National Science Foundation (NSF) is offering a discretionary grant opportunity called Safety, Security, and Privacy of Open-Source Ecosystems (Safe-OSE), Funding Opportunity Number 24-608. The core idea behind this program is that modern open-source ecosystems can be attacked not only through flaws in the product itself, but also through weaknesses in the way the product is built, tested, integrated, and delivered to users. In other words, an attacker may exploit vulnerabilities in source code, build pipelines, dependencies, release processes, or community practices and then impact anyone who relies on that open-source product, whether that is an individual user, an organization, or another downstream product.

Safe-OSE is aimed at open-source ecosystems (OSEs) that need to tackle real safety, security, and privacy gaps they currently do not have the resources to address on their own. NSF is explicitly looking for proposals that deal with both technical vulnerabilities (for example, code defects, exploitable design issues, and side-channel vulnerabilities) and socio-technical vulnerabilities (for example, supply chain compromise, insider threats, social engineering, and governance or process weaknesses that attackers can manipulate). A key point is that NSF is not limiting this to traditional software projects. While many OSEs are software-based, Safe-OSE applies to any open-source ecosystem, including those centered on scientific methods, models, and processes; manufacturing processes and process specifications; materials formulations; programming languages and formats; hardware instruction sets; system designs or specifications; and data platforms. The intention is to recognize that open source now underpins far more than just code repositories, and security or safety failures can propagate broadly across research, industry, and public infrastructure.

The program is also open to ecosystems that were not originally funded by NSF's earlier Pathways to Enable Open-Source Ecosystems (POSE) program. In practical terms, this means NSF is inviting a wide range of established or emerging open-source efforts to propose targeted work that will materially improve the ecosystem's security posture and resilience. Funding is meant to support concrete improvements that strengthen the open-source product and its supply chain, and also to improve the ecosystem's ability to manage risk over time. That includes developing better capabilities to prevent, detect, and respond to attacks, breaches, and future threats, rather than treating security as a one-time patching effort.

Eligibility to submit proposals is limited to specific categories of U.S.-based organizations. Eligible applicants include U.S.-based for-profit organizations (including small businesses) that demonstrate strong capabilities in scientific or engineering research or education; non-profit, non-academic organizations such as independent museums, observatories, research labs, and professional societies located in the U.S. and directly tied to research or educational activities; state and local governments; federally recognized Tribal Nations (as defined by the Federally Recognized Indian Tribe List Act of 1994); and accredited U.S. Institutions of Higher Education (two-year and four-year institutions, including community colleges) submitting on behalf of their faculty.

The opportunity also sets clear rules for who can serve as Principal Investigator (PI), and those rules differ depending on the type of applicant organization. For Institutions of Higher Education, by the proposal deadline the PI, any co-PI, and other Senior/Key Personnel must hold one of the following at a U.S.-based campus: a tenured or tenure-track position; a primary, full-time, paid appointment in a research or teaching role; or a staff leadership role in an Open-Source Program Office (or an equivalent function). Exceptions may be allowed for family or medical leave if the submitting institution determines that applies. Individuals whose primary appointments are at overseas branch campuses of U.S. institutions are not eligible to serve in these roles under this program. Researchers from foreign academic institutions may participate as collaborators or Senior/Key Personnel when they bring essential expertise, but they may not receive NSF funding through the award.

For all other eligible proposing organizations (such as companies, non-profit non-academic organizations, governments, or Tribal Nations), the PI must be an employee of the proposing organization, normally reside in the United States, and carry out PI responsibilities in their capacity as an employee. The PI is allowed to perform PI duties while temporarily outside the U.S., but individuals whose primary appointments are with non-U.S.-based non-profits or non-U.S.-based for-profit organizations are not eligible.

Administratively, the opportunity is issued by the National Science Foundation under a grant funding instrument, categorized under science and technology and other research and development. The original closing date listed is 2025-04-22. The notice lists multiple CFDA numbers associated with NSF research programs (47.041, 47.049, 47.050, 47.070, 47.074, 47.075, 47.076, 47.079, 47.083, 47.084). Details like the award ceiling and expected number of awards are not specified in the provided data. Overall, Safe-OSE is designed to push measurable, ecosystem-level improvements in how open-source projects prevent and handle security, safety, and privacy threats, with a strong emphasis on addressing both code-level weaknesses and the real-world human and process risks that often enable attacks.

  • The National Science Foundation in the science and technology and other research and development sector is offering a public funding opportunity titled "Safety, Security, and Privacy of Open-Source Ecosystems" and is now available to receive applicants.
  • Interested and eligible applicants and submit their applications by referencing the CFDA number(s): 47.041, 47.049, 47.050, 47.070, 47.074, 47.075, 47.076, 47.079, 47.083, 47.084.
  • This funding opportunity was created on 2024-09-20.
  • Applicants must submit their applications by 2025-04-22. (Agency may still review applications by suitable applicants for the remaining/unused allocated funding in 2026.)
  • Eligible applicants include: Others.
Apply for 24 608

[Watch] Creating a grant proposal using the step-by-step wizard inside the applicant portal:

Safe-OSE (NSF 24-608) FAQs

What is the Safe-OSE funding opportunity?

Safety, Security, and Privacy of Open-Source Ecosystems (Safe-OSE) is a discretionary grant opportunity from the National Science Foundation (NSF), Funding Opportunity Number 24-608. It supports work that materially improves the safety, security, and privacy posture of open-source ecosystems and the ways those ecosystems prevent, detect, and respond to attacks over time.

What problem is Safe-OSE trying to solve?

Safe-OSE is based on the idea that modern open-source ecosystems can be compromised not only through flaws in the product itself, but also through weaknesses in how the product is built, tested, integrated, and delivered. Attackers may exploit vulnerabilities in source code, build pipelines, dependencies, release processes, or community practices, and those failures can affect anyone downstream who relies on the open-source product.

What kinds of vulnerabilities does Safe-OSE want proposals to address?

NSF is explicitly looking for proposals that address both technical vulnerabilities (such as code defects, exploitable design issues, and side-channel vulnerabilities) and socio-technical vulnerabilities (such as supply chain compromise, insider threats, social engineering, and governance or process weaknesses that attackers can manipulate).

Is Safe-OSE limited to traditional software open source projects?

No. While many open-source ecosystems are software-based, Safe-OSE applies to any open-source ecosystem, including ecosystems centered on scientific methods, models, and processes; manufacturing processes and process specifications; materials formulations; programming languages and formats; hardware instruction sets; system designs or specifications; and data platforms.

What does NSF mean by an "open-source ecosystem" (OSE) in this program?

Based on the opportunity description, an open-source ecosystem is broader than a single repository or codebase. It includes the open product itself plus the surrounding dependencies, build and release processes, integration paths, distribution mechanisms, and community or governance practices that influence how the open-source work is produced and adopted.

What types of improvements is Safe-OSE intended to fund?

Funding is intended to support concrete improvements that strengthen the open-source product and its supply chain, and improve the ecosystem's ability to manage risk over time. This includes building better capabilities to prevent, detect, and respond to attacks, breaches, and future threats, rather than treating security as a one-time patching effort.

Who is the program meant to help?

Safe-OSE is aimed at open-source ecosystems that have real safety, security, and privacy gaps and that currently do not have the resources to address those gaps on their own.

Do you need to have been funded by NSF's POSE program to apply?

No. The opportunity is open to ecosystems that were not originally funded under NSF's earlier Pathways to Enable Open-Source Ecosystems (POSE) program. NSF is inviting a broad range of established or emerging open-source efforts to propose targeted work to improve security posture and resilience.

Who is eligible to submit a proposal?

Eligibility is limited to specific categories of U.S.-based organizations. Eligible applicants include:

  • U.S.-based for-profit organizations (including small businesses) with strong capabilities in scientific or engineering research or education
  • U.S.-based non-profit, non-academic organizations (for example, independent museums, observatories, research labs, and professional societies) directly tied to research or educational activities
  • State and local governments
  • Federally recognized Tribal Nations (as defined by the Federally Recognized Indian Tribe List Act of 1994)
  • Accredited U.S. Institutions of Higher Education (two-year and four-year institutions, including community colleges) submitting on behalf of their faculty

Are individuals allowed to apply directly?

The provided information describes eligibility in terms of organizations (companies, non-profits, governments, Tribal Nations, and Institutions of Higher Education). It does not describe individual applicants applying directly outside an eligible proposing organization.

What are the PI eligibility rules for Institutions of Higher Education?

For Institutions of Higher Education, by the proposal deadline the PI, any co-PI, and other Senior/Key Personnel must hold one of the following at a U.S.-based campus:

  • A tenured or tenure-track position
  • A primary, full-time, paid appointment in a research or teaching role
  • A staff leadership role in an Open-Source Program Office (or an equivalent function)

Exceptions may be allowed for family or medical leave if the submitting institution determines that applies.

Can personnel based at overseas branch campuses of U.S. universities serve as PI or co-PI?

No. Individuals whose primary appointments are at overseas branch campuses of U.S. institutions are not eligible to serve as PI, co-PI, or other Senior/Key Personnel roles under this program.

Can foreign academic researchers participate?

Yes, researchers from foreign academic institutions may participate as collaborators or Senior/Key Personnel when they bring essential expertise. However, they may not receive NSF funding through the award.

What are the PI eligibility rules for companies, non-profits, governments, or Tribal Nations?

For all other eligible proposing organizations (such as companies, non-profit non-academic organizations, governments, or Tribal Nations), the PI must be an employee of the proposing organization, normally reside in the United States, and carry out PI responsibilities as an employee.

Can the PI be temporarily outside the United States while performing PI duties?

Yes. The PI is allowed to perform PI duties while temporarily outside the U.S., as described in the opportunity.

Who is not eligible to serve as PI for non-university applicants?

Individuals whose primary appointments are with non-U.S.-based non-profits or non-U.S.-based for-profit organizations are not eligible under this program.

What is the funding instrument and agency for Safe-OSE?

The opportunity is issued by the National Science Foundation (NSF) and uses a grant funding instrument. It is categorized under science and technology and other research and development.

What is the Funding Opportunity Number?

The Funding Opportunity Number is 24-608.

What is the application deadline?

The provided information lists an original closing date of 2025-04-22.

Are the award ceiling and expected number of awards provided?

No. In the provided information, details such as the award ceiling and the expected number of awards are not specified.

What CFDA numbers are associated with this opportunity?

The notice lists multiple CFDA numbers associated with NSF research programs: 47.041, 47.049, 47.050, 47.070, 47.074, 47.075, 47.076, 47.079, 47.083, 47.084.

Does Safe-OSE focus only on fixing existing bugs?

No. The description emphasizes improving an ecosystem's ability to manage risk over time, including capabilities to prevent, detect, and respond to attacks and future threats, rather than treating security as a one-time patching effort.

What kinds of attack surfaces does Safe-OSE recognize in open source?

Safe-OSE recognizes that attackers may target source code, build pipelines, dependencies, testing and integration processes, release processes, delivery mechanisms, or community practices and governance that influence how open-source work is developed and distributed.

Why does Safe-OSE emphasize socio-technical risks?

The program description highlights that real-world compromises often exploit human and process weaknesses (for example, social engineering, insider threats, governance gaps, and supply chain compromise), not just code defects. Safe-OSE seeks proposals that address these socio-technical vulnerabilities alongside technical ones.

Browse more opportunities from the same agency: National Science Foundation

Browse more opportunities from the same category: Science and Technology and other Research and Development

Next opportunity: Revegetation with Native Plants

Previous opportunity: DFC Support Program – National Community Anti-Drug Coalition Institute (NCI)

Applicant Portal:

Are you interested in learning about about how to apply for this government funding opportunity? You can create a free applicant account and receive instant access to our applicant portal that many business owners like you have benefited from.

Apply for 24 608

 

Applicants also applied for:

Applicants who have applied for this opportunity (24 608) also looked into and applied for these:

Funding Opportunity
University Student Research Challenge (USRC) Apply for NNH24ZEA001N USRC

Funding Number: NNH24ZEA001N USRC
Agency: NASA Headquarters
Category: Science and Technology and other Research and Development
Funding Amount: Case Dependent
The State Component of the National Cooperative Geologic Mapping Program Apply for G25AS00030

Funding Number: G25AS00030
Agency: Geological Survey
Category: Science and Technology and other Research and Development
Funding Amount: $800,000
USGS Cooperative Landslide Hazard Mapping and Assessment Program Apply for G25AS00032

Funding Number: G25AS00032
Agency: Geological Survey
Category: Science and Technology and other Research and Development
Funding Amount: $250,000
RESTORE Act Centers of Excellence Research Grants Program Apply for GR RCE 25 001

Funding Number: GR RCE 25 001
Agency: U.S. Dept. of Treasury RESTORE Act Program
Category: Science and Technology and other Research and Development
Funding Amount: $14,518,510
The Educational Component of the National Cooperative Geologic Mapping Program Apply for G25AS00031

Funding Number: G25AS00031
Agency: Geological Survey
Category: Science and Technology and other Research and Development
Funding Amount: $150,000
Earth Sciences Postdoctoral Fellowships Apply for 25 500

Funding Number: 25 500
Agency: National Science Foundation
Category: Science and Technology and other Research and Development
Funding Amount: Case Dependent
Building Synthetic Microbial Communities for Biology, Mitigating Climate Change, Sustainability and Biotechnology Apply for 25 501

Funding Number: 25 501
Agency: National Science Foundation
Category: Science and Technology and other Research and Development
Funding Amount: Case Dependent
Field Initiated Projects Program (Development) Apply for HHS 2025 ACL NIDILRR IFDV 0105

Funding Number: HHS 2025 ACL NIDILRR IFDV 0105
Agency: Administration for Community Living
Category: Science and Technology and other Research and Development
Funding Amount: $250,000
Field Initiated Projects Program (Research) Apply for HHS 2025 ACL NIDILRR IFRE 0104

Funding Number: HHS 2025 ACL NIDILRR IFRE 0104
Agency: Administration for Community Living
Category: Science and Technology and other Research and Development
Funding Amount: $250,000
Small Business Innovation Research (SBIR) program, Phase I Apply for HHS 2025 ACL NIDILRR BISA 0108

Funding Number: HHS 2025 ACL NIDILRR BISA 0108
Agency: Administration for Community Living
Category: Science and Technology and other Research and Development
Funding Amount: $100,000
Cultural Anthropology Program Senior Research Awards Apply for 25 502

Funding Number: 25 502
Agency: National Science Foundation
Category: Science and Technology and other Research and Development
Funding Amount: Case Dependent
Addressing Systems Challenges through Engineering Teams Apply for 25 503

Funding Number: 25 503
Agency: National Science Foundation
Category: Science and Technology and other Research and Development
Funding Amount: $1,500,000
MEP Center State Competition Apply for 2025 NIST MEP 01

Funding Number: 2025 NIST MEP 01
Agency: National Institute of Standards and Technology
Category: Science and Technology and other Research and Development
Funding Amount: Case Dependent
FY25 Minerva Research Initiative University Research Program Apply for HQ003425NFOEASD01

Funding Number: HQ003425NFOEASD01
Agency: Washington Headquarters Services
Category: Science and Technology and other Research and Development
Funding Amount: $30,000,000
NSWC Dahlgren BAA N00178-25-0002 Apply for N00178 25 0002

Funding Number: N00178 25 0002
Agency: NSWC Dahlgren
Category: Science and Technology and other Research and Development
Funding Amount: $3,500,000
FY 2025 Phase II Release 1 Apply for DE FOA 0003462

Funding Number: DE FOA 0003462
Agency: Office of Science
Category: Science and Technology and other Research and Development
Funding Amount: $1,600,000
National Advanced Packaging Manufacturing Program (NAPMP) Advanced Packaging Research and Development (R&D) Apply for 2025 NIST CHIPS NAPMP 01

Funding Number: 2025 NIST CHIPS NAPMP 01
Agency: National Institute of Standards and Technology
Category: Science and Technology and other Research and Development
Funding Amount: Case Dependent
NASA Established Program to Stimulate Competitive Research (EPSCoR) Basic Research Apply for NNH24ZHA003C EPSCOR

Funding Number: NNH24ZHA003C EPSCOR
Agency: National Aeronautics and Space Administration
Category: Science and Technology and other Research and Development
Funding Amount: $750,000
Merit Switzer Research Fellowships for Doctoral Dissertation Research Apply for HHS 2025 ACL NIDILRR SFGE 0111

Funding Number: HHS 2025 ACL NIDILRR SFGE 0111
Agency: Administration for Community Living
Category: Science and Technology and other Research and Development
Funding Amount: $45,000
Organismal Response to Climate Change Apply for 25 504

Funding Number: 25 504
Agency: National Science Foundation
Category: Science and Technology and other Research and Development
Funding Amount: Case Dependent

 

Grant application guides and resources

It is always free to apply for government grants. However the process may be very complex depending on the funding opportunity you are applying for. Let us help you!

Apply for Grants

 

Inside Our Applicants Portal

  • Grants Repository - Access current and historic funding opportunities with ease. Thousands of funding opportunities are published every week. We can help you sort through the database and find the eligible ones to apply for.
  • Applicant Video Guides - The grant application process can be challenging to follow. We can help you with intuitive video guides to speed up the process and eliminate errors in submissions.
  • Grant Proposal Wizard - We have developed a network of private funding organizations and investors across the United States. We can reach out and submit your proposal to these contacts to maximize your chances of getting the funding you need.
Access Applicants Portal

 

Premium leads for funding administrators, grant writers, and loan issuers

Thousands of people visit our website for their funding needs every day. When a user creates a grant proposal and files for submission, we pass the information on to funding administrators, grant writers, and government loan issuers.

If you manage government grant programs, provide grant writing services, or issue personal or government loans, we can help you reach your audience.

Learn More

 

 

Request more information:

Would you like to learn more about this funding opportunity, similar opportunities to "24 608", eligibility, application service, and/or application tips? Submit an inquiry below:

Don't forget to subscribe to our grant alerts mailing list to receive weekly alerts on new and updated grant funding opportunities like this one in your email.

 

Ask a Question: