Federal Policies
Government of Canada
Federal funding for research that advances a sensitive technology research area will not be provided if any of the researchers involved are affiliated with or in receipt of funding/in-kind support from an organization that can pose a risk to Canada’s national security, as identified by the Named Research Organizations list.
Named Research Organizations (NRO)
The (PDF file) Named Research Organizations list (external link) will be updated as required by the federal government to address evolving threats to Canada’s national security, which can originate from anywhere in the world.
Researchers should keep in mind that institutions that are not included on the list may still pose a risk. As a best practice, researchers are encouraged to apply due diligence practices to mitigate risks that may be associated with any collaboration or partnership in a sensitive technology research area. Researchers and grant applicants should also consult the list regularly both at the application and post-award stages during the funding lifecycle.
Sensitive Technology Research Areas (STRA)
Below is the list of sensitive areas found on the Government of Canada website, which now applies to both the Sensitive Technology Research and Affiliations of Concern (STRAC) (external link) policy and the National Security Guidelines for Research Partnerships (NSGRP) (external link) . The list includes the following 11 categories and their related subcategories. This STRA list may be updated periodically in accordance with the evolution of technologies, the military and intelligence applications of technology and national security imperatives.
- Advanced Digital Infrastructure Technology (external link)
- Advanced Energy Technology (external link)
- Advanced Materials and Manufacturing (external link)
- Advanced Sensing and Surveillance (external link)
- Advanced Weapons (external link)
- Aerospace, Space and Satellite Technology (external link)
- Artificial Intelligence and Big Data Technology (external link)
- Human-Machine Integration (external link)
- Life Science Technology (external link)
- Quantum Science and Technology (external link)
- Robotics and Autonomous Systems (external link)
Goods and Services
The federal government identifies the supply of goods and services as a vector for threat actors to steal, interfere with or gain unauthorized access to knowledge and data.
Researchers are encouraged to conduct vendor risk assessments when purchasing goods and services for their research or laboratories using the questions provided in Supply Chain Security – Assessing Your Risk Profile (external link) .
Researchers should also review the following resources:
The federal government has published a series of resources to help Canadian researchers, faculties, and the general academic community familiarize themselves with research security.
- National Security Guidelines for Research Partnerships (external link)
- Tri-agency guidance on the National Security Guidelines for Research Partnerships (external link)
- Policy Statements (external link)
- Protect your research – Ontario regional factsheet (external link)
- Safeguarding Your Research (external link)
- List of the Tri-agency's recommended research security resources (external link)
- Canadian Foundation for Innovation (CFI) research security guidance (external link)
NEW October 28, 2024
Five Eyes intelligence alliance members – Canada, US, UK, Australia and New Zealand – launched Secure Innovation (external link) , a shared security advice initiative to help protect emerging technology companies, researchers and investors from a range of threats, particularly those from state actors. A guidance document from the Secure Innovation initiative on (PDF file) Security Advice for Emerging Technology Companies and Researchers (external link) provides helpful advice to safeguard the research ecosystem.
Researchers, particularly those interested in applying for federal and/or provincial funding, are strongly encouraged to take the free online risk mitigation courses provided by the Government of Canada (external link) , which are each approximately 30–40 minutes long. Completing these courses is viewed as a good first mitigation measure to address research security-related risks. There are currently three free online courses offered:
- Introduction to Research Security
- Cyber Security for Researchers
- Safeguarding Research Partnerships with Open-Source Due Diligence
- Guidance on conducting open source due diligence (external link)
- CSIS – Safeguarding your research checklist (external link)
- Mitigating economic and/or geopolitical risks in sensitive research projects (external link)
- Government of Canada's overview of cyber security guidelines (external link)
- Canada Foundation for Innovation’s implementation of research security measures (external link)
- "A Shared Commitment by Universities to Protect Ontario's Research" by Ontario's Universities (external link) "
- (PDF file) "G7 Best Practices for Secure and Open Research" (external link)
- (PDF file) "Safeguarding Research in Canada: A Guide for University Policies and Practices" by U15 (external link)