Keeping global research vibrant and safe
Global understanding and collaboration are central to our ambition to improve life.
At University of Guelph our researchers are working with international colleagues to help solve worldwide challenges through ingenuity, innovation and partnerships.
Our research reputation is founded on open and collaborative partnerships with national and international partners in academic, government, industry and non-profit sectors. These play a key role in research advances and addressing social, technological and economic issues, and they require the research community to take steps to ensure their research is protected.
The Government of Canada has been collaborating with research institutions across the country to help raise the awareness of potential risks to their research and ensure that the research community is well-equipped to mitigate such risks, including the theft or misuse of knowledge and results.
COVID-19 intensified the focus on these threats due to the nature of the research and the transition to remote working. The following guidance is intended to equip all researchers with information and tools to make sure Canadian research and development benefits both those who perform it and Canadians more generally. Please check back as new resources are added and updated frequently.
Research Security at U of G
Dedicated Research Security resources have been established at U of G to develop and promote research security processes and practices focusing on the following areas:
- Education and awareness - advise the University community on potential current and emerging security risks associated with research in sensitive areas and/or related to research partnerships.
- Due diligence and risk assessments - provide support to the research community in the development of project-specific risk assessments and mitigation plans.
- Compliance – assist researchers with government and funding requirements.
Contact us: research.security@uoguelph.ca
Why is protecting your research important?
Canada's impressive global research reputation is such that it can be a target for others to appropriate this research for their own advantage or gains. This includes research that could be applied to strategic, military or intelligence capabilities of other countries.
Government of Canada: Why safeguard your research?
Who are you at risk from?
In building a secure research environment, it is important to assess the motivations of outside partners, to consider whether members of your own team or institution could be self-motivated or pressured by others to access or steal your research and to acknowledge that foreign countries may target certain types of research to advance their own objectives.
Government of Canada: Who are you at risk from?
What are the risks?
If third parties obtain your research, risks include:
- the theft or misuse of research data
- the loss of intellectual property, patenting and potential revenue
- legal or administrative reprisal
- loss of potential future partnerships
- a tarnished reputation.
Good research security and cyber hygiene practices can minimize the risk of theft and ensure your research remains in your control (see Computing and Communications Services (CCS), University of Guelph: Information Security).
It is also important to be aware of the potential commercial applications of your research (see Research Innovation Office) and to be aware of legal requirements such as export controls and working with controlled goods.
Government of Canada: What are the risks?
Government of Canada: Case Studies: Scenarios
What areas of research are most vulnerable?
Research with significant commercial potential, national security impacts or sensitive data with ethical or privacy concerns may be particularly vulnerable. This includes, but is not limited to, the following areas that are considered sensitive or dual-use technologies:
- Sensitive Technology Research Areas – consists of advanced and emerging technologies that are important to Canadian research and development, but may also be of interest to foreign state, state-sponsored, and non-state actors, seeking to misappropriate Canada’s technological advantages to our detriment.
- Research areas covered by export controls – for example, nuclear, chemical, biological, radiological or space applications.
- Research areas related to critical minerals, including critical mineral supply chains, on the Government of Canada’s Critical Minerals List.
- Research areas classified within one of the critical infrastructure sectors of the National Strategy for Critical Infrastructure. Critical infrastructure refers to processes, systems, facilities, technologies, networks, assets and services essential to the health, safety, security or economic well-being of Canadians and the effective functioning of government.
- Research areas that use large datasets that can be analyzed to reveal patterns, trends, and associations, especially related to human behaviour and interactions that may have ethical, commercial, or legal impact on the individual, domestic, or international level. The sensitivity of a large dataset depends on the nature, type, and state of the information it contains, as well as how it may be used in the aggregate.
- Research areas that use personal data that could be leveraged by hostile state actors to harm Canada’s national and economic security through its exploitation.
Government of Canada: Annex A of the National Security Guidelines for Research Partnerships.
Federal and Provincial Research Security Requirements
Below is a summary of the key Research Security Requirements:
Research Security Forms
| Funding Source | Research Security Form | When Is It Required? | Who Needs To Complete It? | Where to Start? |
|---|---|---|---|---|
| FEDERAL | Sensitive Technology Research and Affiliations of Concern (STRAC) Attestation | Required if your research project is aiming to advance a Sensitive Technology Research Area. | All named researchers need to complete it and then merge it into one PDF. * | U of G Guide to STRAC Policy |
| FEDERAL | National Security Guidelines for Research Partnerships (NSGRP) Risk Assessment Form (RAF) | Required if your research project involves a private-sector partner**. | The PI in consultation with co-PI(s) needs to complete it. | U of G Guide for Completing the NSGRP RAF |
| PROVINCIAL | Application Attestation | Always required. | All named researchers need to complete it and collate them in a zip folder. * | U of G Guide to MCU’s Research Security Requirements |
| PROVINCIAL | Mitigating Economic and Geopolitical Risk (MEGR) Checklist | Always required. | The PI in consultation with co-PI(s) needs to complete it. | U of G Guide to MCU’s Research Security Requirements |
*For Federal and Provincial funding, a named researcher is anyone who is mentioned in the proposal as having an active
role in the project, including Applicant, Co-applicant and collaborators. If STRAC applies to a particular project, no one
involved in the research may have an affiliation with a Named Research Organization for the duration of the project even if an attestation is not required.
**For CFI, this includes any vendor contributing more that $500,000 to the infrastructure through a cash or in-kind contribution to any single item.
Applicable Funding Programs
| Funding Program |
STRAC Attestation |
NSGRP RAF |
Application Attestation |
MEGR |
|---|---|---|---|---|
| NSERC (all) | X | |||
| NSERC Alliance | X | X | ||
| SSHRC (all) | X | |||
| SSHRC CBRF | X | X | ||
| CIHR (all) | X | |||
| CIHR Project Grant | X | X | ||
| TIPS | X | |||
| CFI Exceptional Opportunities Fund | X | X | ||
| CFI Northern Fund | X | X | ||
| CFI IF (with match funding from ORF-RI-LIF) | X | X | X | X |
| CFI JELF (unaffiliated) (with match funding from ORF-RI-SIF) | X | X | X | X |
| CFI JELF (affiliated) (with match funding from ORF-RI-SIF) | X | X | ||
| MCU ORF | X | X | ||
| MCU ERA | X | X |
Other funding programs also have research security requirements that applicants should be aware of including but not limited to:
- Mitacs (see U of G Guide to Mitacs Research Security Requirements)
- NRC
- EU Horizons
- US Funding
Consult the relevant funding call for more information or contact research.security@uoguelph.ca
Federal – Sensitive Technology Research and Affiliations of Concern (STRAC) Policy
Applies to NSERC, SSHRC, CIHR, CFI and TIPS
On January 16, 2024 the Ministers of Innovation, Science and Industry; Health; and Public Safety, Democratic Institutions and Governmental Affairs announced the Sensitive Technology Research and Affiliations of Concern (STRAC) policy. The policy applies to federal funding that opened May 1, 2024 and onwards. It is not currently being applied to Tri-agency scholarships, or fellowships.
This policy is based on two lists available at the links below. The lists will be regularly updated.
- A list of sensitive research areas.
- A list of named research organizations (NROs) with which affiliation will not be permitted for research in sensitive research areas. Subsidiaries to NROs are to be included.
If a research proposal involves a sensitive research area, all researchers named in that proposal are required to provide an attestation stating they have no affiliation with a named research organization. Attestations are to be completed by individual researchers using the Attestation for Research Aiming to Advance Sensitive Technology Research Areas form.
Affiliation with a named research organization will render researchers ineligible for funding in sensitive research areas. This will be an eligibility requirement and one tool to assess national security concerns; however, projects may still be denied funding if there is deemed to be a national security risk (e.g. partners not on the list but deemed to be high risk).
Access the Tri-agency guidance on STRAC and the CFI Research Security page for more information.
Access the U of G Guide to the STRAC Policy for additional resources.
Federal – National Security Guidelines for Research Partnerships (NSGRP)
Applies to NSERC Alliance, CIHR Project Grant Program, SSHRC CBRF, CFI and OMAFRA
The National Security Guidelines for Research Partnerships (NSGRP), established by the Government of Canada, integrates national security considerations into the development, evaluation, and funding of research partnerships. The Guidelines are aimed to better position researchers, research organizations and Government funders to undertake consistent, risk-targeted due diligence of potential risks to research security.
Researchers must complete a National Security Guidelines for Research Partnerships’ Risk Assessment Form (NSGRP RAF). This completed form is a component of the application package.
Access the Tri-agency guidance on the NSGRP RAF and the CFI Research Security page for more information.
Access the U of G Guide for Completing the NSGRP RAF for additional resources.
Provincial – Mitigating Economic and/or Geopolitical Risk (MEGR)
Applies to all Ontario Research Fund (ORF) Programs and the Early Research Awards (ERA)
The Government of Ontario is taking steps to ensure that the benefit of research undertaken through its funding programs is safeguarded to protect Ontario’s long-term economic security against risks that could result in the loss or misuse of publicly funded knowledge. The MCU, in partnership with the Ministry of the Solicitor General, will undertake a review of submitted proposals to assess associated potential economic and geopolitical risks and reserves the right to seek additional information to support the applicant’s responses.
The PI is required to identify potential economic and geopolitical risks, and address these risks through completing the Mitigating Economic and Geopolitical Risk Checklist. Additionally, all Named Researchers in an application, including the PI, are required to complete an Application Attestation Form. Note that all Named Researchers will be reviewed by Ministry of the Solicitor General (SOLGEN) and may result in a project being identified as high risk.
Access the Research Security Guidelines for Ontario Research Funding Programs.
Access the U of G Guide for Completing MCU’s MEGR.
Additional Guides and Resources
Safeguarding Science Workshops
Public Safety Canada’s Research Security Centre offers webinars on a rolling basis covering topics such as Safeguarding Science, Dual-Use Technologies, International Student Immigration Process, Canada’s Export and Brokering Controls and Sanctions 101. The webinars are intended for, but not limited to, researchers, research staff including technicians, postdoctoral fellow and students, research security professionals, research administrators, information technology and information management staff, security personnel, biosafety and radiological safety officers, human resources personnel, supply chain personnel and senior management.
See Safeguarding Science Initiative (publicsafety.gc.ca) to view and sign up for upcoming webinars.
Understanding Research Security: An Overview
Government of Canada (GoC) Resources
- GoC: Safeguarding Your Research website
- Public Safety Canada: Building Security Awareness in the Academic Community
- CSIS: Primer on foreign interference and how it relates to academia and research
- CSIS: Protect Your Research – Regional Factsheets
- CSIS: Safeguarding Your Research
- CSIS: Research security, protecting Canadian data, science and technology
Videos and Training Available Online
- Video: Chief Science Advisor of Canada: Why Research Security Matters
- Video: CSIS – Safeguarding Your Research
-
Training: Research Security Training courses
- Introduction to Research Security
- Cyber Security for Researchers
- Safeguarding Research Partnerships with Open Source Due Diligence
Protecting Your Research: Due Diligence and Risk Assessments
Risk Assessments
- U of G: Guide to Developing a Risk Mitigation Plan
- U15: Mitigating Economic and/or Geopolitical Risks in Sensitive Research
Partnerships
- GoC: National Security Guidelines for Research Partnerships
- GoC: National Security Guidelines for Research Partnerships’ Risk Assessment Form
IT & Cyber Security
- U of G: IT Resources for Secure Remote Working
- U of G: Information Security Resources
Data Management
- U of G: Research Data Management
Travel Security
- U of G: Safe Travel Information
- U15: Travel Security Guide for Researchers and Staff
- CSIS: Far From Home – A Travel Security Guide
Export Controls
Applying for Funding with a Research Security Component
Internal Guidelines and Resources
- U of G: Guide to Completing the National Security Guidelines for Research Partnerships’ Risk Assessment Form
- U of G: Guide to the Sensitive Technology Research and Affiliations of Concern (STRAC) Policy
- U of G: Guide to Developing a Risk Mitigation Plan
- U of G: Guide to Ministry of Colleges and Universities Research Security Requirements
- U of G: Guide to Mitacs Research Security Requirements
External Guidelines and Resources