National Library of Energy BETA

Sample records for acquisition administration cyber

  1. cyber | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    cyber | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Countering Nuclear Terrorism About Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Library Bios Congressional Testimony Fact Sheets Newsletters Press Releases Photo Gallery Jobs Apply for Our Jobs Our Jobs Working at NNSA Blog Home /

  2. of Western Area Power Administration's Cyber Security Program

    Broader source: Energy.gov (indexed) [DOE]

    Western Area Power Administration's Cyber Security Program DOE/IG-0873 October 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 October 22, 2012 MEMORANDUM FOR THE UNDER SECRETARY OF ENERGY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Western Area Power Administration's Cyber Security Program" INTRODUCTION AND OBJECTIVE The Department of Energy's

  3. acquisition | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Countering Nuclear Terrorism About Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Library Bios Congressional Testimony Fact Sheets Newsletters Press Releases Photo Gallery Jobs Apply for Our Jobs Our Jobs Working at NNSA Blog Home /

  4. NA APM - Associate Administrator for Acquisition & Project Management...

    National Nuclear Security Administration (NNSA)

    APM - Associate Administrator for Acquisition & Project Management | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the...

  5. Cyber in the Cloud -- Lessons Learned from INL's Cloud E-Mail Acquisition

    SciTech Connect (OSTI)

    Troy Hiltbrand; Daniel Jones

    2012-12-01

    As we look at the cyber security ecosystem, are we planning to fight the battle as we did yesterday, with firewalls and intrusion detection systems (IDS), or are we sensing a change in how security is evolving and planning accordingly? With the technology enablement and possible financial benefits of cloud computing, the traditional tools for establishing and maintaining our cyber security ecosystems are being dramatically altered.

  6. NA APM - Associate Administrator for Acquisition & Project Management |

    National Nuclear Security Administration (NNSA)

    National Nuclear Security Administration APM - Associate Administrator for Acquisition & Project Management | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Countering Nuclear Terrorism About Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Library Bios Congressional Testimony Fact

  7. acquisition management | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    management | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy...

  8. Acquisition Management | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Management | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Countering Nuclear Terrorism About Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Library Bios Congressional Testimony Fact Sheets Newsletters Press Releases Photo Gallery Jobs Apply for Our Jobs Our Jobs Working at NNSA Blog

  9. NEPA strategy for the Bonneville Power Administration energy resource acquisition

    SciTech Connect (OSTI)

    Pierce, K.S.; Alton, C.C.; Linehan, A.O.

    1995-12-01

    The Bonneville Power Administration (BPA) has a statutory obligation to supply cost-effective electric power to its customers. BPA must also be consistent with the Pacific Northwest Electric Power Planning and Conservation Act, which requires consideration of the Northwest Power Planning Council`s Conservation and Electric Power Plan and Fish and Wildlife Program. The challenge is to operate effectively within an increasingly competitive and dynamic electric utility market while continuing its commitment to the National Environmental Policy Act (NEPA). BPA developed a tiered approach to its environmental analyses associated with energy resource planning and acquisition. The Resource Programs Environmental Impact Statement (RPEIS) is a programmatic document designed to support energy resource decisions for several years. The RPEIS includes a description of the environmental impacts and potential mitigation measures for various energy resources-including conservation, efficiency improvements, renewable resources, cogeneration, combustion turbines, nuclear, and coal. Information was also provided on fuel switching, load management, and emerging technologies. After analyzing the environmental trade-offs among resources, the RPEIS focuses on the cumulative effects of adding these resources to the existing power system. The Record of Decision documents that BPA`s resource acquisitions will include all cost-effective conservation and efficiency improvements, supplemented by a mix of renewables and thermal resources. Subsequent site-specific documents have been prepared on individual resource acquisitions. By focusing environmental reviews on the actual issues ripe for decision and by providing timely environmental information to the public and to the decisionmakers, this tiered approach led to better decisionmaking. BPA was able to operate in a more business-like manner while assuring NEPA compliance.

  10. Cyber Securing Control Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Industrial Control Systems Integration into the DoD Networks A Briefing in Response to House Report 113-102, Accompanying the FY14 National Defense Authorization Act Unclassified - Distribution Statement A August, 2015 Cyber Securing Control Systems Acquisition, Technology and Logistics 2 DoD Scope of Platform IT & Control Systems * Acquisitions / Weapon Systems - H,M & E (ships / subs, missiles, UVs, etc.) - Training Simulators, 3D printing, etc. * EI&E - Buildings & linear

  11. The NIAC Convergence of Physical and Cyber Technbologies and...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of physical and cyber technologies for Supervisory Control and Data Acquisition (SCADA) and process control systems and their consolidated network management. The Working...

  12. Cyber Train Videos | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Train Videos Cyber Train Overview Cyber Train Opt-Out Process Cyber Train Complete Training Submitting Course Completion Materials...

  13. Cyber Train Videos | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Train Videos Cyber Train Overview Cyber Train Opt-Out Process Cyber Train Complete Training Submitting Course Completion Materials Click here for information on accessing Cyber Train.

  14. Sandia Energy Ľ Cyber

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    sandia-cyber-engineering-research-laboratory-cerl-formally-opensfeed 0 Sandia Builds Android-Based Network to Study Cyber Disruptions http:energy.sandia.gov...

  15. Cyber Threats to Nuclear Infrastructures

    SciTech Connect (OSTI)

    Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

    2010-07-01

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  16. Cyber Assessment Methods for SCADA Security

    Office of Environmental Management (EM)

    5 by ISA - The Instrumentation, Systems and Automation Society. Presented at 15th Annual Joint ISA POWID/EPRI Controls and Instrumentation Conference http://www.isa.org Cyber Assessment Methods for SCADA Security May Robin Permann Kenneth Rohde Staff Computer Security Researcher Information & Communications Systems Cyber Security Technologies Idaho National Laboratory Idaho National Laboratory Idaho Falls, ID 83415 Idaho Falls, ID 83415 KEYWORDS Supervisory Control and Data Acquisition,

  17. Cyber Incidents Involving Control Systems

    SciTech Connect (OSTI)

    Robert J. Turk

    2005-10-01

    The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).

  18. Sandia Cyber Omni Tracker

    Energy Science and Technology Software Center (OSTI)

    2014-07-02

    SCOT cyber security team enhancement tool that coordinates activities, captures knowledge, and serves as a platform to automate time-consuming tasks that a cyber security team needs to perform in its daily operations.

  19. Cyber sleuths face off

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber sleuths face off Cyber sleuths face off Computer specialists will meet for a grueling week that combines state-of-the-art training with opportunities to team up, solve relevant cyber problems, and attack one another. February 10, 2010 Los Alamos National Laboratory sits on top of a once-remote mesa in northern New Mexico with the Jemez mountains as a backdrop to research and innovation covering multi-disciplines from bioscience, sustainable energy sources, to plasma physics and new

  20. Cyber Security Architecture Guidelines

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-03-08

    This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

  1. NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft

    Broader source: Energy.gov [DOE]

    The National Nuclear Security Administration (NNSA) is currently seeking comments, now through July 29, on an opportunity for Consolidated IT and Cyber Security Support Services.

  2. Chapter_14_Cyber_Security

    Office of Environmental Management (EM)

    4 Cyber Security The DOE Cyber Security Program aims to protect the Department's diverse missions in a cost- effective manner; identify threats, risks, and mitigations; and remain flexible in a changing environment. Key Departmental directives, policies, and procedures governing the implementation of the Cyber Security Program at DOE HQ are: * DOE Order 205.1B, Department of Energy Cyber Security Management * DOE Policy 205.1, Department of Energy Cyber Security Management Policy * Headquarters

  3. Guide to Critical Infrastructure Protection Cyber Vulnerability...

    Energy Savers [EERE]

    Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized...

  4. July 2013 Cyber Incident

    Broader source: Energy.gov [DOE]

    The Department of Energy (DOE) has confirmed a cyber incident that occurred at the end of July and resulted in the unauthorized disclosure of federal employee Personally Identifiable Information ...

  5. January 2013 Cyber Incident

    Broader source: Energy.gov [DOE]

    The Department of Energy (DOE) has confirmed a recent cyber incident that occurred in mid-January 2013 which targeted the Headquarters' network and resulted in the unauthorized disclosure of...

  6. Metaphors for cyber security.

    SciTech Connect (OSTI)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  7. Headquarters Facilities Master Security Plan - Chapter 14, Cyber...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4, Cyber Security Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security 2016 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security HQ cyber ...

  8. DOE Cyber Distinguished Speaker Series

    Broader source: Energy.gov [DOE]

    Join us at the Department of Energy’s Cyber Distinguished Speaker Series on Wednesday, 13 January 2016, for an opportunity to expand your knowledge and awareness of today’s most pressing cyber issues.

  9. Departmental Cyber Security Management Policy

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-05-08

    The Departmental Cyber Security Management (DCSM) Policy was developed to further clarify and support the elements of the Integrated Safeguards and Security Management (ISSM) Policy regarding cyber security. Certified 9-23-10. No cancellation.

  10. DOE Cyber Distinguished Speaker Series | Department of Energy

    Energy Savers [EERE]

    DOE Cyber Distinguished Speaker Series DOE Cyber Distinguished Speaker Series Save the Date: March 24, 2016 - Transforming Digital Technologies Across Government Transforming Digital Technologies Across Government Thursday, March 24, 2016 1:00 pm - 2:00 pm Forrestal Large Auditorium Built in the spirit of America's leading tech startups, 18F is made up of top-notch designers, developers, and product specialists inside the General Services Administration, build world-class software products and

  11. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation.

  12. Obama's Call for Public-Private Cyber Security Collaboration Reflected in

    Energy Savers [EERE]

    DOE's Priorities | Department of Energy Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities May 29, 2009 - 4:08pm Addthis In releasing the results of his Administration's 60-day cyber security review, President Barack Obama today emphasized that partnering with the private sector will be paramount for agencies working to secure the power grid and other critical

  13. Cyber threat metrics.

    SciTech Connect (OSTI)

    Frye, Jason Neal; Veitch, Cynthia K.; Mateski, Mark Elliot; Michalski, John T.; Harris, James Mark; Trevino, Cassandra M.; Maruoka, Scott

    2012-03-01

    Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.

  14. Cyber Friendly Fire

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2011-09-01

    Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public. The network is essentially divided into a production component that hosts the web and network services, and a user component that hosts thirty employee workstations and other end devices. The organization's network is separated from the Internet by a Cisco ASA network security device that both firewalls and detects intrusions. Business sensitive information is stored in various servers. This includes data comprising thousands of internal documents, such as finance and technical designs, email messages for the organization's employees including the CEO, CFO, and CIO, the organization's source code, and Personally Identifiable client data. Release of any of this information to unauthorized parties would have a significant, detrimental impact on the organization's reputation, which would harm earnings. The valuable information stored in these servers pose obvious points of interest for an adversary. We constructed several scenarios around this environment to support studies in cyber SA and cyber FF that may be run in the test range. We describe mitigation strategies to combat cyber FF including both training concepts and suggestions for decision aids and visualization approaches. Finally, we discuss possible future research directions.

  15. DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA

    Broader source: Energy.gov [DOE]

    DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS. Key Cyber Security Role: Certification Agent (CA)

  16. PACIFIC NORTHWEST CYBER SUMMIT

    SciTech Connect (OSTI)

    Lesperance, Ann M.; Matlock, Gordon W.; Becker-Dippmann, Angela S.; Smith, Karen S.

    2013-08-07

    On March 26, 2013, the Snohomish County Public Utility District (PUD) and the U.S. Department of Energyís (DOEís) Pacific Northwest National Laboratory (PNNL) jointly hosted the Pacific Northwest Cyber Summit with the DOEís Office of Electricity Delivery and Energy Reliability, the White House, Washington State congressional delegation, Washington State National Guard, and regional energy companies.

  17. DOE Cyber Strategy | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Strategy DOE Cyber Strategy The Office of the Chief Information Officer is pleased to announce publication of the U.S. Department of Energy (DOE) Cyber Strategy. 151228-doe-cyber-strategy123.png To meet the challenges of today's rapidly evolving cyber landscape, the Department has crafted a comprehensive cyber strategy rooted in enterprise-wide collaboration, accountability, and transparency. The underlying principles and strategic goals that form the Strategy's foundation attest to DOE's

  18. Extension of DOE Directive on Cyber Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-06-04

    DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, is extended until 6/4/04.

  19. Tom Harper receives cyber security award

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Harper receives cyber security award Tom Harper receives cyber security award The Charlene Douglass Memorial Award recognizes an individual's expertise, dedication, and significant...

  20. Information Security: Coordination of Federal Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that ...

  1. The Department's Cyber Security Incident Management Program,...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Department's Cyber Security Incident Management Program, IG-0787 The Department's Cyber Security Incident Management Program, IG-0787 The Department of Energy operates numerous...

  2. Strengthening Cyber Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Strengthening Cyber Security Strengthening Cyber Security Describes the goals and activities of the National SCADA Test Bed program to secure control systems in the energy sector ...

  3. Rocky Mountain Electrical League (RMEL) Physical and Cyber Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Conference - January 26-27, 2016 | Department of Energy Rocky Mountain Electrical League (RMEL) Physical and Cyber Security Conference - January 26-27, 2016 Rocky Mountain Electrical League (RMEL) Physical and Cyber Security Conference - January 26-27, 2016 January 4, 2016 - 11:22am Addthis Power SURGE is joint project between the DOE√ʬĬôs Office of Security Assistance and the Department√ʬĬôs Power Marketing Administrations, led by the Western Area Power Marketing Administration. Power

  4. Cyber-Based Vulnerability Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber-Based Vulnerability Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future ...

  5. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation. Admin Chg 1 dated 9-1-09.

  6. The Cyber Security Crisis

    ScienceCinema (OSTI)

    Spafford, Eugene [Purdue University, West Lafayette, Indiana, United States

    2009-09-01

    Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'

  7. Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    the Administrator of the Bonneville Power Administration Reprinted from the Annual Report of the Secretary of the Interior for the Fiscal * Year ended June 30; 1944 Bonneville...

  8. 21 Steps to Improve Cyber Security of SCADA Networks | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1 Steps to Improve Cyber Security of SCADA Networks 21 Steps to Improve Cyber Security of SCADA Networks Supervisory control and data acquisition (SCADA) networks contain computers and applications that perform key functions in providing essential services and commodities (e.g., electricity, natural gas, gasoline, water, waste treatment, transportation) to all Americans. As such, they are part of the nation's critical infrastructure and require protection from a variety of threats that exist in

  9. ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Assessment at National SCADA Test Bed | Department of Energy and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed Twelve utilities have formed a consortium with ABB, a supervisory control and data acquisition (SCADA) system vendor, to privately fund advanced research and testing through the U.S. Department of Energy's (DOE)

  10. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

  11. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

  12. Security and Cyber Guidance | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security & Cyber Evaluations ¬Ľ Security and Cyber Guidance Security and Cyber Guidance Appraisal Process Guides Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 Performance Testing Guidance & Information Composite Adversary Team Brochure - April 9, 2008 Limited-Notice Performance Test Inspectors Guide

  13. Administrative

    Broader source: Energy.gov [DOE]

    The Office of Management provides many of the administrative services that keep the Department of Energy operational.† These functions are primarily provided by the Office of Administration, MA-40,...

  14. Cyber Security Evaluation Tool

    SciTech Connect (OSTI)

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization√?¬Ę√?¬?√?¬?s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied to enhance cybersecurity controls.

  15. Cyber Security Evaluation Tool

    Energy Science and Technology Software Center (OSTI)

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization√ɬÉ√ā¬Ę√ɬā√ā¬Ä√ɬā√ā¬ôs ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied tomore¬†¬Ľ enhance cybersecurity controls.¬ę¬†less

  16. Strengthening Cyber Security

    Energy Savers [EERE]

    E n E rgyB i z November/December 2008 ¬Ľ TECHNOLOGY FRONTIER (Guest OpiniOn) remOte attaCks On systems that control power production and distribution are no longer hypothetical events. At least four utilities have been subjected to extortion demands by criminals who used the Internet to infect the utilities' computers and caused or threatened power outages. Cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption

  17. Cyber and physical infrastructure interdependencies.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

    2008-09-01

    The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

  18. Headquarters Facilities Master Security Plan- Chapter 14, Cyber Security

    Broader source: Energy.gov [DOE]

    2016 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security Describes the DOE Headquarters Cyber Security Program.

  19. INL@Work Cyber Security

    SciTech Connect (OSTI)

    Chaffin, May

    2010-01-01

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  20. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes minimum implementation standards for cyber security management processes throughout the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B. No cancellations.

  1. INL@Work Cyber Security

    ScienceCinema (OSTI)

    Chaffin, May

    2013-05-28

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  2. National Security and Cyber Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    National Security and Cyber Security National Security and Cyber Security National security depends on science and technology. The United States relies on Los Alamos National Laboratory for the best of both. No place on Earth pursues a broader array of world-class scientific endeavors. Contact thumbnail of Business Development Business Development Richard P. Feynman Center for Innovation (505) 665-9090 Email National security and weapons science at the laboratory spans essentially all the

  3. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  4. Visualizing Cyber Security: Usable Workspaces

    SciTech Connect (OSTI)

    Fink, Glenn A.; North, Christopher L.; Endert, Alexander; Rose, Stuart J.

    2009-10-11

    An environment that supports cyber analytics work should enable multiple, simultaneous investigations, information foraging, and provide a solution space for organizing data. We describe our study of cyber security professionals and visualizations in a large, high-resolution display work environment. We discuss the tasks and needs of analysts that such an environment can support and present several prototypes designed to support these needs. We conclude with a usability evaluation of the prototypes and additional lessons learned.

  5. Office of Cyber Assessments | Department of Energy

    Energy Savers [EERE]

    The Office analyzes cyber security trends and studies complex-wide issues in order to ... Performs on-going analyses to identify trends and emerging issues in the cyber security ...

  6. Extension of DOE Directive on Cyber Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-07-06

    This Notice extends DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, dated 3-18-02, until 7-6-05.

  7. Cyber Fed Model Application in support of DOE Cyber Security Initiatives -

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Ames Participation | The Ames Laboratory Cyber Fed Model Application in support of DOE Cyber Security Initiatives - Ames Participation FWP/Project Description: The Cyber Fed Model (CFM) is a communication and coordination framework focused on the reduction and mitigation of cyber security risk across a large distributed organization like the Department of Energy. The CFM framework can be used to help integrate various cyber security systems and capabilities spanning the DOE enterprise, the

  8. Cyber Security and Resilient Systems

    SciTech Connect (OSTI)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nationís cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested Ė both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

  9. Cyber Security Standards.PDF

    Office of Environmental Management (EM)

    1 I N S P E C T I O N R E P O R T U.S. DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL OFFICE OF INSPECTIONS INSPECTION OF CYBER SECURITY STANDARDS FOR SENSITIVE PERSONAL INFORMATION NOVEMBER 2001 . DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL U.S. DEPARTMENT OF ENERGY Washington, DC 20585 November 13, 2001 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman /s/ Inspector General SUBJECT: INFORMATION: Report on "Inspection of Cyber Security Standards for Sensitive Personal

  10. Microsoft Word - Cyber Effects Analysis Using VCSE 09.doc

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    5954 Unlimited Release Printed September 2008 Cyber Effects Analysis Using VCSE Promoting Control System Reliability Michael J. McDonald, Gregory N. Conrad, Travis C. Service, Regis H. Cassidy Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 and Livermore, California 94550 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract

  11. Sandia Energy - Cyber Research Facility Opens at Sandia's California...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Site Home Energy Assurance Cyber Energy Surety Facilities News News & Events Cybersecurity Technologies Research Laboratory Cyber Research Facility Opens at Sandia's...

  12. NNSA Seeking Comments on Consolidated IT and Cyber Security Support...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013 ...

  13. Lessons Learned from Cyber Security Assessments of SCADA and...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems...

  14. NNSA Seeking Comments on Consolidated IT and Cyber Security Support...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013...

  15. Using Operational Security (OPSEC) to Support a Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in ...

  16. Cyber Security Audit and Attack Detection Toolkit: Bandolier...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This ...

  17. Common Cyber Security Vulnerabilities Observed in Control System...

    Energy Savers [EERE]

    Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

  18. Evaluation Report on The Department's Unclassified Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Report on The Department's Unclassified Cyber Security Program 2002, DOEIG-0567 Evaluation Report on The Department's Unclassified Cyber Security Program 2002, DOEIG-0567 As...

  19. Control Systems Cyber Security: Defense in Depth Strategies ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Security: Defense in Depth Strategies Control Systems Cyber Security: Defense in ... strategies for organizations that use control system networks while maintaining a ...

  20. Cyber and Security Assessments | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber and Security Assessments Cyber and Security Assessments Cyber and Security Assessments within the Office of Independent Enterprise Assessments implements the independent security performance monitoring functions for DOE. The other half of the Independent Oversight Program is implemented by the Office of Safety and Emergency Management Evaluations for safety oversight. The independent oversight function performed by these two offices is delineated in DOE Order 227.1, Independent Oversight

  1. Office of Cyber Assessments | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Assessments Office of Cyber Assessments MISSION The Office of Cyber Assessments is responsible for the independent evaluation of the effectiveness of classified and unclassified computer security policies and programs throughout the Department. The Office has established and maintains a continuous program for assessing the security of DOE classified and unclassified networks through expert program and technical analysis, including detailed network penetration testing to detect

  2. Sandia Energy Ľ Cyber Engineering Research Laboratory (CERL...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    wins-funding-for-programming-in-situ-data-analysisvisualizationfeed 0 Sandia Cyber Engineering Research Laboratory (CERL) Formally Opens http:energy.sandia.gov...

  3. Grid Cyber Vulnerability & Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Vulnerability & Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management

  4. Cyber Security for Electric Infrastructure

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Security for Electric Infrastructure - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management

  5. Cyber-Based Vulnerability Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber-Based Vulnerability Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management

  6. Microgrid cyber security reference architecture.

    SciTech Connect (OSTI)

    Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

    2013-07-01

    This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

  7. Department of Energy Cyber Security Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-21

    The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

  8. Department of Energy Cyber Security Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2006-12-04

    The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

  9. Gamification for Measuring Cyber Security Situational Awareness

    SciTech Connect (OSTI)

    Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

    2013-03-01

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

  10. Live Broadcast on Cyber Distinguished Speaker Series | Department of Energy

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Live Broadcast on Cyber Distinguished Speaker Series Live Broadcast on Cyber Distinguished Speaker Series Live streaming video by Ustream Evan D. Wolff, a partner with Crowell & Moring, will discuss data breaches, risk management, and incident response plans as part of the DOE Cyber Distinguished Series. DETAILS: February 16, 2016 at 1:00pm EST Learn More About Evan Wolff DOE Cyber Strategy

  11. Acquisition Program | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Program Acquisition Program Southeastern's acquisition initiatives are met as a result of requirements from our programs and projects that accomplish our agency's mission. In order to follow the Federal Acquisition Regulations regarding announcement of acquisition opportunities, all acquisitions that exceed $25,000 will be published electronically by Southeastern Power Administration. Contact Information For more information, please contact Ann Craft Phone: 706.213.3823

  12. DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS |

    Office of Environmental Management (EM)

    Department of Energy CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS puzzle-693870_960_720.jpg PDF icon DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS More Documents & Publications DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA Authorizing Official Designated Representative (AODR)

  13. Cyber Dynamic Impact Modeling Engine

    Energy Science and Technology Software Center (OSTI)

    2014-07-01

    As the rate, sophistication, and potential damage of cyber attacks continue to grow, the latency of human-speed analysis and response is becoming increasingly costly. Intelligent response to detected attacks and other malicious activity requires both knowledge of the characteristics of the attack as well as how resources involved in the attack related to the mission of the organization. Cydime fills this need by estimating a key component of intrusion detection and response automation: the relationshipmore¬†¬Ľ type and strength between the target organization and the potential attacker.¬ę¬†less

  14. OPAM Policy Acquisition Guides | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    30 - Cost Accounting Standards Administration Policy Flash 2015-05 - Acquisition Letter 2015-02 Acquisition Letter No. AL 2015-02

  15. Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2002-03-18

    To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

  16. Realizing Scientific Methods for Cyber Security

    SciTech Connect (OSTI)

    Carroll, Thomas E.; Manz, David O.; Edgar, Thomas W.; Greitzer, Frank L.

    2012-07-18

    There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber security science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.

  17. Cyber Security Audit and Attack Detection Toolkit

    SciTech Connect (OSTI)

    Peterson, Dale

    2012-05-31

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  18. Los Alamos director echoes cyber concerns

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Los Alamos director echoes cyber concerns Los Alamos director echoes cyber concerns Director Charlie McMillan told a gathering of energy executives that securing the electrical grid is a major concern now and it's only becoming more serious. May 21, 2013 Los Alamos National Laboratory Director Charlie McMillan (right), with, from left, Anthony Cugini of the National Energy Technology Laboratory, Thom Mason of Oak Ridge National Laboratory, and Tomas Diaz de la Rubia of Deloitte Consulting LLP.

  19. Camp Smith Microgrid Controls and Cyber Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ADVANCING THE POWER OF ENERGY Camp Smith Microgrid Controls and Cyber Security Darrell D. Massie, PhD, PE Aura Lee Keating, CISSP SPIDERS Industry Day - Camp Smith, HI 27 August 2015 Microgrid Resiliency and Cyber Security ÔāĄ Distributed Controls ÔāĄ Communications ÔāĄ Interface with other microgrids ÔāĄ User Interface ÔāĄ Energy Surety ÔāĄ Comprehensive Security Strategy 2 3 Camp Smith - Distributed Controller NOT THIS THIS ÔÉĽ Reflects outdated mainframe mentality ÔÉĽ A central CPU is a

  20. DOE Issues Energy Sector Cyber Organization NOI

    Office of Environmental Management (EM)

    Issues National Energy Sector Cyber Organization Notice of Intent February 11, 2010 The Department of Energy's (DOE) National Energy Technology Laboratory (NETL) announced on Jan. 7 that it intends to issue a Funding Opportunity Announcement (FOA) for a National Energy Sector Cyber Organization, envisioned as a partnership between the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security

  1. Data Intensive Architecture for Scalable Cyber Analytics

    SciTech Connect (OSTI)

    Olsen, Bryan K.; Johnson, John R.; Critchlow, Terence J.

    2011-12-19

    Cyber analysts are tasked with the identification and mitigation of network exploits and threats. These compromises are difficult to identify due to the characteristics of cyber communication, the volume of traffic, and the duration of possible attack. In this paper, we describe a prototype implementation designed to provide cyber analysts an environment where they can interactively explore a monthís worth of cyber security data. This prototype utilized On-Line Analytical Processing (OLAP) techniques to present a data cube to the analysts. The cube provides a summary of the data, allowing trends to be easily identified as well as the ability to easily pull up the original records comprising an event of interest. The cube was built using SQL Server Analysis Services (SSAS), with the interface to the cube provided by Tableau. This software infrastructure was supported by a novel hardware architecture comprising a Netezza TwinFinģ for the underlying data warehouse and a cube server with a FusionIO drive hosting the data cube. We evaluated this environment on a monthís worth of artificial, but realistic, data using multiple queries provided by our cyber analysts. As our results indicate, OLAP technology has progressed to the point where it is in a unique position to provide novel insights to cyber analysts, as long as it is supported by an appropriate data intensive architecture.

  2. cyber

    National Nuclear Security Administration (NNSA)

    and the review of information prior to public release or posting to publicly available web sites to assure it does not contain data that would assist an adversary.

  3. Cyber

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management Programs Advanced Nuclear Energy Nuclear

  4. Security Informatics Research Challenges for Mitigating Cyber Friendly Fire

    SciTech Connect (OSTI)

    Carroll, Thomas E.; Greitzer, Frank L.; Roberts, Adam D.

    2014-09-30

    This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly re (FF). We dene cyber FF as intentional o*ensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission e*ectiveness of friendly or neutral forces. We describe examples of cyber FF and discuss how it ts within a general conceptual framework for cyber security failures. Because it involves human failure, cyber FF may be considered to belong to a sub-class of cyber security failures characterized as unintentional insider threats. Cyber FF is closely related to combat friendly re in that maintaining situation awareness (SA) is paramount to avoiding unintended consequences. Cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and o*ensive countermeasures that may be applied to thwart network attacks. We describe a test bed designed to support empirical research on factors a*ecting cyber FF. Finally, we discuss mitigation strategies to combat cyber FF, including both training concepts and suggestions for decision aids and visualization approaches.

  5. Quantifying the Impact of Unavailability in Cyber-Physical Environments

    SciTech Connect (OSTI)

    Aissa, Anis Ben; Abercrombie, Robert K; Sheldon, Federick T.; Mili, Ali

    2014-01-01

    The Supervisory Control and Data Acquisition (SCADA) system discussed in this work manages a distributed control network for the Tunisian Electric & Gas Utility. The network is dispersed over a large geographic area that monitors and controls the flow of electricity/gas from both remote and centralized locations. The availability of the SCADA system in this context is critical to ensuring the uninterrupted delivery of energy, including safety, security, continuity of operations and revenue. Such SCADA systems are the backbone of national critical cyber-physical infrastructures. Herein, we propose adapting the Mean Failure Cost (MFC) metric for quantifying the cost of unavailability. This new metric combines the classic availability formulation with MFC. The resulting metric, so-called Econometric Availability (EA), offers a computational basis to evaluate a system in terms of the gain/loss ($/hour of operation) that affects each stakeholder due to unavailability.

  6. Sandia National Laboratories: The Center for Cyber Defenders...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    at Sandia National Laboratories for high school and college students interested in Computer Science and Cyber Security. A typical Cyber Boot Camp lasts from 9:00am until 3pm...

  7. Cyber Security Audit and Attack Detection Toolkit: National SCADA...

    Office of Environmental Management (EM)

    Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 This project of the cyber ...

  8. Cyber Friendly Fire: Research Challenges for Security Informatics

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2013-06-06

    This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a systemís topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FFó including both training concepts and suggestions for decision aids and visualization approachesóare discussed.

  9. Strategy for Improvements in Cyber Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Strategy for Improvements in Cyber Security Strategy for Improvements in Cyber Security PDF icon Brase-LLNL-SEAB.10.11.pdf More Documents & Publications Lessons Learned by Lawrence...

  10. Information Security: Coordination of Federal Cyber Security Research and

    Energy Savers [EERE]

    Development | Department of Energy Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that the Office of Science and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to repositories. In

  11. Lessons Learned from Cyber Security Assessments of SCADA and Energy

    Energy Savers [EERE]

    Management Systems | Department of Energy Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems were reviewed to identify common problem areas. In each vulnerability category, relative measures were assigned to the severity. PDF icon Lessons Learned from Cyber

  12. Office of Cyber Security Evaluations Appraisal Process Guide...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Office of Cyber Security Evaluations Appraisal Process Guide Table of Contents April 2008 ii Table of Contents Acronyms......

  13. Secretary Moniz visits the Office of Cyber Assessments | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Secretary Moniz visits the Office of Cyber Assessments Secretary Moniz visits the Office of Cyber Assessments May 5, 2014 - 10:59am Addthis Secretary Moniz visits the Office of Cyber Assessments for hands-on experience with the tools and techniques that are used by sophisticated adversaries to attack modern IT systems. Secretary Moniz visits the Office of Cyber Assessments for hands-on experience with the tools and techniques that are used by sophisticated adversaries to attack modern

  14. Lab hosts multi-lab cyber security games

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Lab hosts multi-lab cyber security games Lab hosts multi-lab cyber security games Eventide brought together cyber and IT leaders from 20 sites to develop recommendations on resources they need from the Joint Cyber Coordination Center. April 12, 2012 Los Alamos National Laboratory sits on top of a once-remote mesa in northern New Mexico with the Jemez mountains as a backdrop to research and innovation covering multi-disciplines from bioscience, sustainable energy sources, to plasma physics and

  15. Cyber Security Evaluations Appraisal Process Guide - April 2008 |

    Office of Environmental Management (EM)

    Department of Energy Cyber Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 April 2008 Cyber Security Evaluations Appraisal Process Guide was developed for the purpose of documenting the appraisal approach and techniques specific to evaluations of classified and unclassified cyber security programs throughout DOE. This process guide provides information about the Department of Energy's (DOE) Independent Oversight

  16. Review of Supervisory Control and Data Acquisition (SCADA) Systems

    SciTech Connect (OSTI)

    Reva Nickelson; Briam Johnson; Ken Barnes

    2004-01-01

    A review using open source information was performed to obtain data related to Supervisory Control and Data Acquisition (SCADA) systems used to supervise and control domestic electric power generation, transmission, and distribution. This report provides the technical details for the types of systems used, system disposal, cyber and physical security measures, network connections, and a gap analysis of SCADA security holes.

  17. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment

    Energy Savers [EERE]

    | Department of Energy Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. PDF icon Guide to Critical Infrastructure

  18. CYBER/PHYSICAL SECURITY VULNERABILITY ASSESSMENT INTEGRATION

    SciTech Connect (OSTI)

    MacDonald, Douglas G.; Key, Brad; Clements, Samuel L.; Hutton, William J.; Craig, Philip A.; Patrick, Scott W.; Crawford, Cary E.

    2011-07-17

    This internally funded Laboratory-Directed R&D project by the Pacific Northwest National Laboratory, in conjunction with QinetiQ North America, is intended to identify and properly assess areas of overlap (and interaction) in the vulnerability assessment process between cyber security and physical protection. Existing vulnerability analysis (VA) processes and software tools exist, and these are heavily utilized in the determination of predicted vulnerability within the physical and cyber security domains. These determinations are normally performed independently of one another, and only interact on a superficial level. Both physical and cyber security subject matter experts have come to realize that though the various interactive elements exist, they are not currently quantified in most periodic security assessments. This endeavor aims to evaluate both physical and cyber VA techniques and provide a strategic approach to integrate the interdependent relationships of each into a single VA capability. This effort will also transform the existing suite of software currently utilized in the physical protection world to more accurately quantify the risk associated with a blended attack scenario. Performance databases will be created to support the characterization of the cyber security elements, and roll them into prototype software tools. This new methodology and software capability will enable analysts to better identify and assess the overall risk during a vulnerability analysis.

  19. Embracing the Cloud for Better Cyber Security

    SciTech Connect (OSTI)

    Shue, Craig A; Lagesse, Brent J

    2011-01-01

    The future of cyber security is inextricably tied to the future of computing. Organizational needs and economic factors will drive computing outcomes. Cyber security researchers and practitioners must recognize the path of computing evolution and position themselves to influence the process to incorporate security as an inherent property. The best way to predict future computing trends is to look at recent developments and their motivations. Organizations are moving towards outsourcing their data storage, computation, and even user desktop environments. This trend toward cloud computing has a direct impact on cyber security: rather than securing user machines, preventing malware access, and managing removable media, a cloud-based security scheme must focus on enabling secure communication with remote systems. This change in approach will have profound implications for cyber security research efforts. In this work, we highlight existing and emerging technologies and the limitations of cloud computing systems. We then discuss the cyber security efforts that would support these applications. Finally, we discuss the implications of these computing architecture changes, in particular with respect to malware and social engineering.

  20. Control Systems Cyber Security Standards Support Activities

    SciTech Connect (OSTI)

    Robert Evans

    2009-01-01

    The Department of Homeland Securityís Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSPís current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  1. Introduction to Cyber Technologies exercise environment

    Energy Science and Technology Software Center (OSTI)

    2014-12-17

    Exercise environment for Introduction to Cyber Technologies class. This software is essentially a collection of short scripts, configuration files, and small executables that form the exercise component of the Sandia Cyber Technologies Academy¬ís Introduction to Cyber Technologies class. It builds upon other open-source technologies, such as Debian Linux and minimega, to provide comprehensive Linux and networking exercises that make learning these topics exciting and fun. Sample exercises: a pre-built set of home directories the studentmore¬†¬Ľ must navigate through to learn about privilege escalation, the creation of a virtual network playground designed to teach the student about the resiliency of the Internet, and a two-hour Capture the Flag challenge for the final lesson. There are approximately thirty (30) exercises included for the students to complete as part of the course.¬ę¬†less

  2. Introduction to Cyber Technologies exercise environment

    SciTech Connect (OSTI)

    2014-12-17

    Exercise environment for Introduction to Cyber Technologies class. This software is essentially a collection of short scripts, configuration files, and small executables that form the exercise component of the Sandia Cyber Technologies Academy?s Introduction to Cyber Technologies class. It builds upon other open-source technologies, such as Debian Linux and minimega, to provide comprehensive Linux and networking exercises that make learning these topics exciting and fun. Sample exercises: a pre-built set of home directories the student must navigate through to learn about privilege escalation, the creation of a virtual network playground designed to teach the student about the resiliency of the Internet, and a two-hour Capture the Flag challenge for the final lesson. There are approximately thirty (30) exercises included for the students to complete as part of the course.

  3. The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2012, OAS-L-13-01

    Energy Savers [EERE]

    2 OAS-L-13-01 November 2012 Department of Energy Washington, DC 20585 November 7, 2012 MEMORANDUM FOR THE EXECUTIVE DIRECTOR, FEDERAL ENERGY REGULATORY COMMISSION FROM: Daniel M. Weeber Assistant Inspector General for Audits and Administration Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2012" BACKGROUND The Federal Energy Regulatory Commission (Commission) is an independent

  4. SPIDERS JCTD Smart Cyber-Secure Microgrids

    Broader source: Energy.gov [DOE]

    The Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS) Joint Capability Technology Demonstration (JCTD) is a groundbreaking program to bolster the cyber security and energy efficiency of U.S. military installations and transfer the knowhow to non-military critical infrastructure.

  5. Foreign National Access to DOE Cyber Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1999-11-01

    DOE N 205.16, dated 9-15-05, extends this Notice until 9-30-06, unless sooner rescinded. To ensure foreign national access to DOE cyber systems continues to advance DOE program objectives while enforcing information access restrictions.

  6. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8

  7. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2012-12-06

    Modifications correct changes to the composition of Senior DOE Management organizations, name change from DOE Cyber Incident Response Capability to Joint Cybersecurity Coordination Center and transfer of responsibility for communications security and TEMPEST to the Office of Health, Safety and Security.

  8. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, supersedes Chg 2.

  9. One Acquisition Solution for Integrated Services (OASIS) - Brad...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Solution for Integrated Services (OASIS) - Brad DeMers, General Services Administration (GSA) One Acquisition Solution for Integrated Services (OASIS) - Brad DeMers,...

  10. ACQUISITION PLANNING

    Broader source: Energy.gov (indexed) [DOE]

    Management for the Acquisition of Capital Assets 22. DOE O 436.1 Departmental Sustainability 23. DOE G 413.3-13 Acquisition Strategy Guide for Capital Asset Projects 24. DOE O...

  11. Acquisition Guide

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    _____________________________________________________________ __________________________________________________Chapter 15.4-4 (December 2010) GENERAL GUIDE FOR TECHNICAL ANALYSIS OF COST PROPOSALS FOR ACQUISITION CONTRACTS Acquisition Guide _____________________________________________________________ __________________________________________________Chapter 15.4-4 (November 2010) TABLE OF CONTENT CHAPTER 1 - INTRODUCTION KEY CONCEPTS

  12. Cyber Security Requirements for Wireless Devices and Information Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-11

    The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  13. Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2008 | Department of Energy Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Development of a novel distributed and hierarchical security layer specific to intelligent grid design will help protect intelligent distributed power grids from cyber attacks. Intelligent power grids are interdependent energy management systems-encompassing generation, distribution, IT networks, and

  14. Mathematical and Statistical Opportunities in Cyber Security (Technical

    Office of Scientific and Technical Information (OSTI)

    Report) | SciTech Connect Mathematical and Statistical Opportunities in Cyber Security Citation Details In-Document Search Title: Mathematical and Statistical Opportunities in Cyber Security The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question 'What fundamental problems exist

  15. OCIO Technology Summit: Cyber Innovation | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Innovation OCIO Technology Summit: Cyber Innovation November 26, 2013 - 4:52pm Addthis OCIO Technology Summit: Cyber Innovation Robert G. Green (Acting) Robert G. Green (Acting) Principal Deputy CIO for Enterprise Information Resources Management | Deputy CIO for Architecture Engineering, Technology & Innovation Many people are aware of Energy's mission and how our Laboratories contribute to the Nation's economic prosperity and security through scientific discovery. Our transformative

  16. 7 Key Challenges for Visualization in Cyber Network Defense

    SciTech Connect (OSTI)

    Best, Daniel M.; Endert, Alexander; Kidwell, Dan

    2014-12-02

    In this paper we present seven challenges, informed by two user studies, to be considered when developing a visualization for cyber security purposes. Cyber security visualizations must go beyond isolated solutions and ďpretty pictureĒ visualizations in order to make impact to users. We provide an example prototype that addresses the challenges with a description of how they are met. Our aim is to assist in increasing utility and adoption rates for visualization capabilities in cyber security.

  17. The NIAC Convergence of Physical and Cyber Technbologies and Related

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security Management Challenges Working Group Final Report and Recommendations | Department of Energy The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations The NIAC convened the Physical/Cyber Convergence Working Group (CWG), in October 2005, to investigate

  18. Before the House Subcommittee on Emerging Threats, Cyber Security and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Science and Technology Committee on Homeland Security | Department of Energy Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security By: Patricia Hoffman, Acting Assistant Secretary for Electricity

  19. Safeguards and Security and Cyber Security RM | Department of Energy

    Energy Savers [EERE]

    Safeguards and Security and Cyber Security RM Safeguards and Security and Cyber Security RM The SSCS RM is a tool that assists the DOE federal project review teams in evaluating the technical sufficiency of the project SSCS activities at CD-0 through CD-4. PDF icon Safeguards and Security and Cyber Security RM More Documents & Publications Safeguards and Security Program, acronyms and abbereviations - DOE M 470.4-7 Safeguards and Security Glossary - DOE M 470.4-7 Standard Review Plan -

  20. Office of Cyber and Security Assessments | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Assessments Office of Cyber and Security Assessments MISSION The Office of Cyber and Security Assessments is responsible for the independent evaluation of the effectiveness of safeguards and security and classified and unclassified cyber security policies and programs throughout the Department, including protection of special nuclear material, and classified and sensitive information. The Office has established and maintains a continuous program for assessing the security of DOE facilities

  1. Innovating to Meet the Evolving Cyber Challenge | Department of Energy

    Office of Environmental Management (EM)

    Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge September 19, 2013 - 12:02pm Addthis Innovating to Meet the Evolving Cyber Challenge Patricia A. Hoffman Patricia A. Hoffman Assistant Secretary, Office of Electricity Delivery & Energy Reliability What are the key facts? Protecting critical energy infrastructure -- which makes reliable electricity transmission and robust national security possible -- is a top priority for the Energy Department.

  2. Cyber Security Audit and Attack Detection Toolkit: Bandolier and

    Office of Environmental Management (EM)

    Portaledge, March 2010 | Department of Energy Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This project of the cyber security audit and attack detection toolkit will employ Bandolier Audit Files for optimizing security configurations and the Portaledge event detection capability for energy control systems. By building configuration audit and attack detection

  3. NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |

    Office of Environmental Management (EM)

    Department of Energy Finalizes Initial Set of Smart Grid Cyber Security Guidelines NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines September 2, 2010 - 3:15pm Addthis WASHINGTON, D.C. - The National Institute of Standards and Technology (NIST) issued today its first Guidelines for Smart Grid Cyber Security, which includes high-level security requirements, a framework for assessing risks, an evaluation of privacy issues at personal residences, and additional information for

  4. The NIAC Convergence of Physical and Cyber Technbologies and...

    Broader source: Energy.gov (indexed) [DOE]

    PDF icon The NIAC Convergence of Physical and Cyber Technbologies and Related Security ... Energy Sector-Specific Plan: An Annex to the National Infrastructure Protection Plan

  5. Obama's Call for Public-Private Cyber Security Collaboration...

    Energy Savers [EERE]

    companies, equipment vendors, and government agencies to create a Control Systems Roadmap to secure the sector's computer control systems against cyber attack. As a result of...

  6. Cyber Security Procurement Language for Control Systems Version...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language ... subway systems, dams, telecommunication systems, natural gas pipelines, and many others. ...

  7. Continuous Monitoring And Cyber Security For High Performance...

    Office of Scientific and Technical Information (OSTI)

    Continuous Monitoring And Cyber Security For High Performance Computing Malin, Alex B. Los Alamos National Laboratory; Van Heule, Graham K. Los Alamos National Laboratory...

  8. U.S. Department of Energy Cyber Strategy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    CYBER STRATEGY | 1 U.S. DEPARTMENT OF ENERGY CYBER STRATEGY DOE CYBER STRATEGY | 2 TABLE OF CONTENTS Message from the Deputy Secretary Message from the CIO Introduction Vision Principles Strategic Goals and Objectives The Way Forward Appendix: Applicable Mandates p. 3 p. 4 p. 5 p. 7 p. 8 p. 9 p. 15 p. 16 DOE CYBER STRATEGY | 3 Across the Department of Energy, our diverse missions are enabled by digital technolo- gies. We rely on these technologies to gather, share, store, and use information.

  9. Picture of the Week: Cyber-imaging the cosmos

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    5 Cyber-imaging the cosmos A team of astrophysicists and computer scientists, including Los Alamos National Laboratory researchers, completed the first-ever complete...

  10. Department of Energy's July 2013 Cyber Security Breach

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Department of Energy's July 2013 Cyber Security Breach DOEIG-0900 December 2013 U.S. Department of Energy Office of Inspector General Office of Audits and Inspections ...

  11. Reducing Cyber Risk to Critical Infrastructure: NIST Framework...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    directed the National Institute of Standards and Technology (NIST) to work with stakeholders to develop a voluntary Framework for reducing cyber risks to critical...

  12. Management of Naval Reactors' Cyber Security Program, OIG-0884

    Broader source: Energy.gov (indexed) [DOE]

    FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Naval Reactors' Cyber Security Program" INTRODUCTION AND OBJECTIVE The Naval...

  13. UVI Cyber-security Workshop Workshop Analysis.

    SciTech Connect (OSTI)

    Kuykendall, Tommie G.; Allsop, Jacob Lee; Anderson, Benjamin Robert; Boumedine, Marc; Carter, Cedric; Galvin, Seanmichael Yurko; Gonzalez, Oscar; Lee, Wellington K.; Lin, Han Wei; Morris, Tyler Jake; Nauer, Kevin S.; Potts, Beth A.; Ta, Kim Thanh; Trasti, Jennifer; White, David R.

    2015-07-08

    The cybersecurity consortium, which was established by DOE/NNSAís Minority Serving Institutions Partnerships Program (MSIPP), allows students from any of the partner schools (13 HBCUs, two national laboratories, and a public school district) to have all consortia options available to them, to create career paths and to open doors to DOE sites and facilities to student members of the consortium. As a part of this year consortium activities, Sandia National Laboratories and the University of Virgin Islands conducted a week long cyber workshop that consisted of three courses; Digital Forensics and Malware Analysis, Python Programming, and ThunderBird Cup. These courses are designed to enhance cyber defense skills and promote learning within STEM related fields.

  14. Cyber Security Requirements for Risk Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  15. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012; Chg 2, dated 3-11-13.

  16. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012.

  17. Towards Efficient Collaboration in Cyber Security

    SciTech Connect (OSTI)

    Hui, Peter SY; Bruce, Joseph R.; Fink, Glenn A.; Gregory, Michelle L.; Best, Daniel M.; McGrath, Liam R.; Endert, Alexander

    2010-06-03

    Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independentlyó for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and as such, no such framework exists to support such efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.

  18. Deception used for Cyber Defense of Control Systems

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2009-05-01

    Control system cyber security defense mechanisms may employ deception to make it more difficult for attackers to plan and execute successful attacks. These deceptive defense mechanisms are organized and initially explored according to a specific deception taxonomy and the seven abstract dimensions of security previously proposed as a framework for the cyber security of control systems.

  19. ACQUISITION PLANNING

    Office of Environmental Management (EM)

    --------------------------Chapter 7.1 (February 2015) ACQUISITION PLANNING Guiding Principles ÔĀģ Sound acquisition planning ensures that the contracting process is conducted in a timely manner, in accordance with statutory, regulatory, and policy requirements, and reflects the mission needs of the program. ÔĀģ An integrated team approach that includes appropriate representation from all organizations having an interest in the requirement will benefit the acquisition planning process. ÔĀģ

  20. ACQUISITION PLANNING

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    April 2014) ACQUISITION PLANNING Guiding Principles ÔĀģ Sound acquisition planning ensures that the contracting process is conducted in a timely manner, in accordance with statutory, regulatory, and policy requirements, and reflects the mission needs of the program. ÔĀģ An integrated team approach that includes appropriate representation from all organizations having an interest in the requirement will benefit the acquisition planning process. ÔĀģ Contracting professionals play a key role in

  1. ACQUISITION PLANNING

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    February 2015) ACQUISITION PLANNING Guiding Principles ÔĀģ Sound acquisition planning ensures that the contracting process is conducted in a timely manner, in accordance with statutory, regulatory, and policy requirements, and reflects the mission needs of the program. ÔĀģ An integrated team approach that includes appropriate representation from all organizations having an interest in the requirement will benefit the acquisition planning process. ÔĀģ Contracting professionals play a key role in

  2. Acquisition Regulation

    Energy Savers [EERE]

    8 August 24, 2015 ACQUISITION LETTER This Acquisition Letter is issued under the authority of the Senior Procurement Executives of DOE and NNSA. It is intended for use by procurement professionals of DOE and NNSA, primarily Contracting Officers, and other officials of DOE and NNSA that are involved in the acquisition process. Other parties are welcome to its information, but definitive interpretations of its effect on contracts, and related procedures, if any, may only be made by DOE NNSA

  3. Acquisition Regulation

    Energy Savers [EERE]

    .1 * * ~, No. AL-2015-09 Date August 25, 2015 fJ~ ~* - . *--~o' 1 '.j ! t :i ?';; * ~~* ~'~"l'ES'ffito":J ACQUISITION LETTER This Acquisition Letter is issued under the authority of the Senior Procurement Executives of DOE and NNSA Subject: Conference Related Activities and Spending References: Deputy Secretary Memorandum of 8/ 17I15 When is this Acquisition Letter (AL) effective? This AL is effective immediately upon issuance. When does this AL expire? Updated Guidance on Conference-

  4. Acquisition Regulation

    Energy Savers [EERE]

    6 Rev. 1 Date 09/09/2015 Department of Energy No. FAL 2015-04 Rev. 1 Date 09/09/2015 Financial Assistance Regulations ACQUISITION/FINANCIAL ASSISTANCE LETTER This Acquisition/Financial Assistance Letter is issued under the authority of the Senior Procurement Executive of DOE. It is intended for use by procurement professionals of DOE, primarily Contracting Officers, and other officials of DOE that are involved in the acquisition process. Other parties are welcome to its information, but

  5. Acquisition Regulation

    Broader source: Energy.gov (indexed) [DOE]

    5 Date 05/12/2015 ACQUISITION LETTER This Acquisition Letter is issued under the authority of the DOE and NNSA Senior Procurement Executives. Acquisition Letters (AL) that remain in effect are identified below. All other previously issued ALs have been superseded by a formal rule-making, incorporated into other guidance, and/or canceled. ** ************** ACQUISITION LETTERS REMAINING IN EFFECT NUMBER DATE SUBJECT 93-4 04/07/1993 Displaced Workers Benefits Program 94-19 12/09/1994 Basic Labor

  6. ACQUISITION PLANNING

    Broader source: Energy.gov (indexed) [DOE]

    - Multiple Award Preference 10. FAR 17.5 Interagency Acquisitions 11. FAR Subpart 17.6 Management and Operating Contracts 12. FAR Part 19 Small Business Programs Guiding...

  7. Acquisition Guide

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    A single purchase order value shall not exceed the simplified acquisition threshold (SAT). Contracting Officers shall not "split" requirements into multiple orders to avoid...

  8. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  9. Acquisition Guide

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Guide ------------------------ Chapter 71.1 (Dec 2014) HEADQUARTERS BUSINESS CLEARANCE PROCESS Guiding Principles ÔÉľ Timely acquisition planning is critical ÔÉľ Effective oversight control systems are essential to ensuring the high quality/integrity of procurement transactions ÔÉľ Collaboration and cooperation are required for timely, effective procurement processes Overview This chapter provides guidance regarding the policies and procedures governing the Field Assistance and

  10. ACQUISITION PLANNING | Department of Energy

    Office of Environmental Management (EM)

    PDF icon ACQUISITION

  11. Safeguards and Security and Cyber Security RM

    Office of Environmental Management (EM)

    Safeguards and Security and Cyber Security Review Module March 2010 CD- -0 OFFICE O S CD-1 OF ENVIRO Standard Safeguar and Cy Rev Critical D CD-2 M ONMENTA Review Pla rds and S yber Secu view Modul Decision (CD CD March 2010 AL MANAG an (SRP) Security urity le D) Applicabili D-3 GEMENT ity CD-4 Post Ope eration Standard Review Plan, 2 nd Edition, March 2010 i FOREWORD The Standard Review Plan (SRP) 1 provides a consistent, predictable corporate review framework to ensure that issues and risks

  12. Towards a Research Agenda for Cyber Friendly Fire

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Clements, Samuel L.; Carroll, Thomas E.; Fluckiger, Jerry D.

    2009-11-18

    Historical assessments of combat fratricide reveal principal contributing factors in the effects of stress, degradation of skills due to continuous operations or sleep deprivation, poor situation awareness, and lack of training and discipline in offensive/defense response selection. While these problems are typically addressed in R&D focusing on traditional ground-based combat, there is also an emerging need for improving situation awareness and decision making on defensive/offensive response options in the cyber defense arena, where a mistaken response to an actual or perceived cyber attack could lead to destruction or compromise of friendly cyber assets. The purpose of this report is to examine cognitive factors that may affect cyber situation awareness and describe possible research needs to reduce the likelihood and effects of "friendly cyber fire" on cyber defenses, information infrastructures, and data. The approach is to examine concepts and methods that have been described in research applied to the more traditional problem of mitigating the occurrence of combat identification and fratricide. Application domains of interest include cyber security defense against external or internal (insider) threats.

  13. Cyber security analysis testbed : combining real, emulation, and simulation.

    SciTech Connect (OSTI)

    Villamarin, Charles H.; Eldridge, John M.; Van Leeuwen, Brian P.; Urias, Vincent E.

    2010-07-01

    Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems of computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed novel methods to combine these evaluation platforms into a hybrid testbed that combines real, emulated, and simulated components. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a system of interest, it is critical to realistically represent the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single, unified computing platform. This provides an 'experiment-in-a-box' capability. The result is rapidly-produced, large-scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

  14. Modeling Cyber Conflicts Using an Extended Petri Net Formalism

    SciTech Connect (OSTI)

    Zakrzewska, Anita N; Ferragut, Erik M

    2011-01-01

    When threatened by automated attacks, critical systems that require human-controlled responses have difficulty making optimal responses and adapting protections in real- time and may therefore be overwhelmed. Consequently, experts have called for the development of automatic real-time reaction capabilities. However, a technical gap exists in the modeling and analysis of cyber conflicts to automatically understand the repercussions of responses. There is a need for modeling cyber assets that accounts for concurrent behavior, incomplete information, and payoff functions. Furthermore, we address this need by extending the Petri net formalism to allow real-time cyber conflicts to be modeled in a way that is expressive and concise. This formalism includes transitions controlled by players as well as firing rates attached to transitions. This allows us to model both player actions and factors that are beyond the control of players in real-time. We show that our formalism is able to represent situational aware- ness, concurrent actions, incomplete information and objective functions. These factors make it well-suited to modeling cyber conflicts in a way that allows for useful analysis. MITRE has compiled the Common Attack Pattern Enumera- tion and Classification (CAPEC), an extensive list of cyber attacks at various levels of abstraction. CAPEC includes factors such as attack prerequisites, possible countermeasures, and attack goals. These elements are vital to understanding cyber attacks and to generating the corresponding real-time responses. We demonstrate that the formalism can be used to extract precise models of cyber attacks from CAPEC. Several case studies show that our Petri net formalism is more expressive than other models, such as attack graphs, for modeling cyber conflicts and that it is amenable to exploring cyber strategies.

  15. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  16. Real-Time SCADA Cyber Protection Using Compression Techniques

    SciTech Connect (OSTI)

    Lyle G. Roybal; Gordon H Rueff

    2013-11-01

    The Department of Energyís Office of Electricity Delivery and Energy Reliability (DOE-OE) has a critical mission to secure the energy infrastructure from cyber attack. Through DOE-OEís Cybersecurity for Energy Delivery Systems (CEDS) program, the Idaho National Laboratory (INL) has developed a method to detect malicious traffic on Supervisory, Control, and Data Acquisition (SCADA) network using a data compression technique. SCADA network traffic is often repetitive with only minor differences between packets. Research performed at the INL showed that SCADA network traffic has traits desirable for using compression analysis to identify abnormal network traffic. An open source implementation of a Lempel-Ziv-Welch (LZW) lossless data compression algorithm was used to compress and analyze surrogate SCADA traffic. Infected SCADA traffic was found to have statistically significant differences in compression when compared against normal SCADA traffic at the packet level. The initial analyses and results are clearly able to identify malicious network traffic from normal traffic at the packet level with a very high confidence level across multiple ports and traffic streams. Statistical differentiation between infected and normal traffic level was possible using a modified data compression technique at the 99% probability level for all data analyzed. However, the conditions tested were rather limited in scope and need to be expanded into more realistic simulations of hacking events using techniques and approaches that are better representative of a real-world attack on a SCADA system. Nonetheless, the use of compression techniques to identify malicious traffic on SCADA networks in real time appears to have significant merit for infrastructure protection.

  17. new-software-acquisitions

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Software Acquisitions The National Highway Traffic Safety Administration (NHTSA) plans to expand the use of the TRACC cluster. NHTSA's Human Injury Research Division (HIRD) does a lot of work related to real world crash reconstruction. For reconstruction purposes, HIRD uses two different software modules: MADYMO and modeFrontier. Optimization is performed using modeFrontier. Since optimization studies require a lot of simulations, HIRD will use TRACC's cluster with MADYMO and modeFrontier

  18. Cyber Security Protection for Small Businesses Flyer | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    PDF icon Cyber-Security-Flyer.pdf More Documents & Publications Facility Management Contractors and other Contractors Directory Small Business Program Manager Directory National Electric Transmission Congestion Study 2012 Workshops

  19. Towards A Network-of-Networks Framework for Cyber Security

    SciTech Connect (OSTI)

    Halappanavar, Mahantesh; Choudhury, Sutanay; Hogan, Emilie A.; Hui, Peter SY; Johnson, John R.; Ray, Indrajit; Holder, Lawrence B.

    2013-06-07

    Networks-of-networks (NoN) is a graph-theoretic model of interdependent networks that have distinct dynamics at each network (layer). By adding special edges to represent relationships between nodes in different layers, NoN provides a unified mechanism to study interdependent systems intertwined in a complex relationship. While NoN based models have been proposed for cyber-physical systems, in this paper we build towards a three-layer NoN model for an enterprise cyber system. Each layer captures a different facet of a cyber system. We then discuss the potential benefits of graph-theoretic analysis enabled from such a model. Our goal is to provide a novel and powerful tool for modeling and analyzing problems in cyber security.

  20. Good Things in Small Packages: Micro Worlds and Cyber Security

    SciTech Connect (OSTI)

    David I Gertman

    2013-11-01

    Cyber events, as perpetrated by terrorists and nation states, have become commonplace as evidenced in national and international news media. Cyber attacks affect day-to-day activities of end users through exploitation of social networks, businesses such as banking and stock exchanges, and government entities including Departments of Defense. They are becoming more frequent and sophisticated. Currently, efforts are directed to understanding the methods employed by attackers and towards dissecting the planning and activities of the perpetrator, including review of psychosocial factors.

  1. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  2. Collaborative Utility Task Force Partners with DOE to Develop Cyber

    Energy Savers [EERE]

    Security Requirements for Advanced Metering Infrastructure | Department of Energy Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure The Advanced Metering Infrastructure Security (AMI-SEC) Task Force announces the release of the AMI System Security Requirements, a first-of-its-kind for the

  3. Common Cyber Security Vulnerabilities Observed in Control System

    Energy Savers [EERE]

    Assessments by the INL NSTB Program | Department of Energy Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program This document presents results from 16 control system assessments performed under the NSTB program from 2003 through 2007. Information found in individual stakeholder reports is protected from disclosure. Researchers recognized that

  4. Cyber security best practices for the nuclear industry

    SciTech Connect (OSTI)

    Badr, I.

    2012-07-01

    When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

  5. The Department's Unclassified Cyber Security Program - 2012, IG-0877

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Evaluation Report The Department's Unclassified Cyber Security Program - 2012 DOE/IG-0877 November 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 November 8, 2012 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Department's Unclassified Cyber Security Program - 2012" INTRODUCTION AND OBJECTIVE As the use of information

  6. Elaine Santantonio-Creating an efficient cyber workplace

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Elaine Santantonio Elaine Santantonio-Creating an efficient cyber workplace She improved communication and increased efficiency by helping put mobile devices into the hands of Lab employees. March 11, 2014 Elaine Santantonio A recipient of the Lab's 2014 Women Who Inspire awards, as the Network and Infrastructure Engineering (NIE) Division Leader, Santantonio helps provide technical communication and workplace infrastructure and services for the "desktop to teraflops" cyber workplace.

  7. Materials Informatics for the ICME CyberInfrastructure | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Informatics for the ICME CyberInfrastructure Materials Informatics for the ICME CyberInfrastructure 2011 DOE Hydrogen and Fuel Cells Program, and Vehicle Technologies Program Annual Merit Review and Peer Evaluation PDF icon lm038_paxton_2011_o.pdf More Documents & Publications Integrated Computational Materials Engineering (ICME) for Mg: International Pilot Project (Part 1) Vehicle Technologies Office: 2010 Lightweight Materials R&D Annual Progress Report Integrated

  8. The Department's Unclassified Cyber Security Program 2002, IG-0567

    Energy Savers [EERE]

    DEPARTMENT'S UNCLASSIFIED CYBER SECURITY PROGRAM 2002 SEPTEMBER 2002 Department of Energy Washington, DC 20585 September 9, 2002 MEMORANDUM FOR FROM: Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Department's Unclassified Cyber Security Program 2002" As agencies strive to meet the President's goal of significantly increasing electronic government, the potential for disruption or damage to critical systems by malicious users continues to increase. In response to

  9. Office of Electricity Delivery and Energy Reliability Cyber Security

    Energy Savers [EERE]

    Project Selections | Department of Energy Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections On September 23, 2010, speaking at the inaugural GridWise Global Forum, U.S. Energy Secretary Steven Chu today announced the investment of more than $30 million for ten projects that will address cybersecurity issues facing the nation's electric grid. Together, these projects

  10. Protecting the Nation's Electric Grid from Cyber Threats | Department of

    Energy Savers [EERE]

    Energy Nation's Electric Grid from Cyber Threats Protecting the Nation's Electric Grid from Cyber Threats January 11, 2012 - 11:28am Addthis A smarter, modernized, and more secure grid will be pivotal to the United States√ʬĬô world leadership in a clean energy future. | Photo courtesy of National Renewable Energy Laboratory. A smarter, modernized, and more secure grid will be pivotal to the United States' world leadership in a clean energy future. | Photo courtesy of National Renewable

  11. Evaluation Report on The Department's Unclassified Cyber Security Program

    Office of Environmental Management (EM)

    2002, DOE/IG-0567 | Department of Energy Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 Evaluation Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 As agencies strive to meet the President's goal of significantly increasing electronic government, the potential for disruption or damage to critical systems by malicious users continues to increase. In response to increasing threats to the Government's computer networks and

  12. Reducing Cyber Risk to Critical Infrastructure: NIST Framework | Department

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Energy Reducing Cyber Risk to Critical Infrastructure: NIST Framework Reducing Cyber Risk to Critical Infrastructure: NIST Framework Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, the President under Executive Order (EO) 13636 "Improving Critical Infrastructure Cybersecurity" of February 2013 directed the National Institute of Standards and Technology (NIST) to work with stakeholders to

  13. Cyber-Physical Modeling and Simulation for Situational Awareness (CYMSA)

    Office of Environmental Management (EM)

    Cyber-Physical Modeling and Simulation for Situational Awareness (CYMSA) Cyber-physical security state estimation for power grid intrusion detection and control command validation and assessment Background The power grid is an energy delivery system comprising of individual power components and a geographically dispersed communications system. Power grid communications systems, components, and protocols must be secured from unauthorized access because adversarial manipulation could disrupt

  14. Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

    SciTech Connect (OSTI)

    Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo; Mili, Ali; Trien, Joseph P

    2006-01-01

    The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

  15. ACQUISITION PLANNING

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    PLANNING REFERENCES 1. FAR 4.803(a)(1) Contents of Contract Files 2. FAR 5.405(a) Exchange of Acquisition Information 3. FAR Part 6 Competition Requirements 4. FAR Part 7 Acquisition Planning 5. FAR Part 8 Required Sources of Supply 6. FAR Part 9 Contractor Qualifications 7. FAR Part 10 Market Research 8. FAR Part 11 Describing Agency Needs 9. FAR 15.201(c) Exchanges with Industry Before Receipt of Proposals 10. FAR Subpart 16.1 Selecting Contract Types 11. FAR 16.504(c) Indefinite-Quantity

  16. Quantifying Availability in SCADA Environments Using the Cyber Security Metric MFC

    SciTech Connect (OSTI)

    Aissa, Anis Ben; Rabai, Latifa Ben Arfa; Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2014-01-01

    Supervisory Control and Data Acquisition (SCADA) systems are distributed networks dispersed over large geographic areas that aim to monitor and control industrial processes from remote areas and/or a centralized location. They are used in the management of critical infrastructures such as electric power generation, transmission and distribution, water and sewage, manufacturing/industrial manufacturing as well as oil and gas production. The availability of SCADA systems is tantamount to assuring safety, security and profitability. SCADA systems are the backbone of the national cyber-physical critical infrastructure. Herein, we explore the definition and quantification of an econometric measure of availability, as it applies to SCADA systems; our metric is a specialization of the generic measure of mean failure cost.

  17. Assessment of Acquisition and Financial Assistance Operations | Department

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Energy Acquisition and Financial Assistance Operations Assessment of Acquisition and Financial Assistance Operations The Department of Energy's Office of Energy Efficiency and Renewable Energy's Assessment of Acquisition and Financial Assistance Operations, in coordination with the National Academy of Public Administration. PDF icon Assessment of Acquisition and Financial Assistance Operations More Documents & Publications Reorganization of the Office of Energy Efficiency and

  18. Cyber Power Group Ltd aka Fine Silicon Co Ltd | Open Energy Informatio...

    Open Energy Info (EERE)

    Cyber Power Group Ltd aka Fine Silicon Co Ltd Jump to: navigation, search Name: Cyber Power Group Ltd (aka Fine Silicon Co Ltd) Place: Baoding, Hebei Province, China Product:...

  19. Cyber Security Challenges in Using Cloud Computing in the Electric Utility Industry

    SciTech Connect (OSTI)

    Akyol, Bora A.

    2012-09-01

    This document contains introductory material that discusses cyber security challenges in using cloud computing in the electric utility industry.

  20. Report of the Cyber Security Research Needs for Open Science Workshop |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy the Cyber Security Research Needs for Open Science Workshop Report of the Cyber Security Research Needs for Open Science Workshop Protecting systems and users, while maintaining ease of access, represents the "perfect storm" of challenges in the area of cyber security. PDF icon Report of the Cyber Security Research Needs for Open Science Workshop More Documents & Publications Networking and Information Technology Research and Development Supplement to the

  1. Using Operational Security (OPSEC) to Support a Cyber Security Culture in

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Control Systems Environments | Department of Energy Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments This document reviews several key operational cyber security elements that are important for control systems and industrial networks and how those elements can drive the creation of a cyber security-sensitive culture. PDF icon Using

  2. TCIP: Trustworthy CyberInfrastructure for the Power Grid | Department of

    Energy Savers [EERE]

    Energy TCIP: Trustworthy CyberInfrastructure for the Power Grid TCIP: Trustworthy CyberInfrastructure for the Power Grid The TCIP, or Trustworthy CyberInfrastructure for the Power Grid, project's vision is to provide the fundamental science and technology to create an intelligent, adaptive power grid which survives malicious adversaries, provides continuous delivery of power, and supports dynamically varying trust requirements. This goal may be reached by creating the cyber building blocks,

  3. Cyber-Intrusion Auto-Response Policy and Management System (CAPMS)

    Office of Environmental Management (EM)

    Cyber-Intrusion Auto-Response Policy and Management System (CAPMS) A managed security system that integrates advanced cybersecurity algorithms with energy delivery systems to respond autonomously to cyber intrusions while sustaining critical energy delivery functions Background Cyber attacks are becoming more sophisticated every day. Electric utilities are faced with the challenge of detecting, analyzing, and responding to cyber incidents to protect public safety and preserve the integrity of

  4. Test Acquisition Guide

    Broader source: Energy.gov [DOE]

    Regulatory requirements for the acquisition process are set forth in the Federal Acquisition Regulation (FAR) and are supplemented in the Department of Energy Acquisition Regulation (DEAR). FAR 1...

  5. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect (OSTI)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  6. Nuclear Instrumentation and Control Cyber Testbed Considerations Ė Lessons Learned

    SciTech Connect (OSTI)

    Jonathan Gray; Robert Anderson; Julio G. Rodriguez; Cheol-Kwon Lee

    2014-08-01

    Abstract: Identifying and understanding digital instrumentation and control (I&C) cyber vulnerabilities within nuclear power plants and other nuclear facilities, is critical if nation states desire to operate nuclear facilities safely, reliably, and securely. In order to demonstrate objective evidence that cyber vulnerabilities have been adequately identified and mitigated, a testbed representing a facilityís critical nuclear equipment must be replicated. Idaho National Laboratory (INL) has built and operated similar testbeds for common critical infrastructure I&C for over ten years. This experience developing, operating, and maintaining an I&C testbed in support of research identifying cyber vulnerabilities has led the Korean Atomic Energy Research Institute of the Republic of Korea to solicit the experiences of INL to help mitigate problems early in the design, development, operation, and maintenance of a similar testbed. The following information will discuss I&C testbed lessons learned and the impact of these experiences to KAERI.

  7. Human dimensions in cyber operations research and development priorities.

    SciTech Connect (OSTI)

    Forsythe, James Chris; Silva, Austin Ray; Stevens-Adams, Susan Marie; Bradshaw, Jeffrey

    2012-11-01

    Within cyber security, the human element represents one of the greatest untapped opportunities for increasing the effectiveness of network defenses. However, there has been little research to understand the human dimension in cyber operations. To better understand the needs and priorities for research and development to address these issues, a workshop was conducted August 28-29, 2012 in Washington DC. A synthesis was developed that captured the key issues and associated research questions. Research and development needs were identified that fell into three parallel paths: (1) human factors analysis and scientific studies to establish foundational knowledge concerning factors underlying the performance of cyber defenders; (2) development of models that capture key processes that mediate interactions between defenders, users, adversaries and the public; and (3) development of a multi-purpose test environment for conducting controlled experiments that enables systems and human performance measurement. These research and development investments would transform cyber operations from an art to a science, enabling systems solutions to be engineered to address a range of situations. Organizations would be able to move beyond the current state where key decisions (e.g. personnel assignment) are made on a largely ad hoc basis to a state in which there exist institutionalized processes for assuring the right people are doing the right jobs in the right way. These developments lay the groundwork for emergence of a professional class of cyber defenders with defined roles and career progressions, with higher levels of personnel commitment and retention. Finally, the operational impact would be evident in improved performance, accompanied by a shift to a more proactive response in which defenders have the capacity to exert greater control over the cyber battlespace.

  8. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  9. Autonomic Intelligent Cyber Sensor (AICS) Version 1.0.1

    Energy Science and Technology Software Center (OSTI)

    2015-03-01

    The Autonomic Intelligent Cyber Sensor (AICS) provides cyber security and industrial network state awareness for Ethernet based control network implementations. The AICS utilizes collaborative mechanisms based on Autonomic Research and a Service Oriented Architecture (SOA) to: 1) identify anomalous network traffic; 2) discover network entity information; 3) deploy deceptive virtual hosts; and 4) implement self-configuring modules. AICS achieves these goals by dynamically reacting to the industrial human-digital ecosystem in which it resides. Information is transportedmore¬†¬Ľ internally and externally on a standards based, flexible two-level communication structure.¬ę¬†less

  10. Cyber Security Evaluation of II&C Technologies

    SciTech Connect (OSTI)

    Ken Thomas

    2014-11-01

    The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industryís template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.

  11. Acquisition Guide Chapter 42.5

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Chapter 42.5 (February 2012) 1 CONTRACT MANAGEMENT PLANNING Applicability: This section is applicable to the contracting activities of the Department of Energy (DOE). References: Ôāß FAR 46.4, "Government Contract Quality Assurance" Ôāß FAR 42, Contract Administration and Auditing Services Ôāß FAR 43, Contract Modifications Ôāß DEAR 970.1100-1, "Performance-based Contracting" Ôāß DOE Acquisition Guide, Chapter 7.1, "Acquisition Planning" Ôāß DOE Acquisition Guide,

  12. Energy Information Administration/Petroleum Marketing Annual

    U.S. Energy Information Administration (EIA) Indexed Site

    Sources: Energy Information Administration, Form EIA-182, "Domestic Crude Oil First Purchase Report"; Form EIA-856, "Monthly Foreign Crude Oil Acquisition Report"; and Form...

  13. Recommended Practice: Creating Cyber Forensics Plans for Control Systems

    SciTech Connect (OSTI)

    Eric Cornelius; Mark Fabro

    2008-08-01

    Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are not comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.

  14. Acquisition Forecast

    Broader source: Energy.gov [DOE]

    It is the policy of the Department of Energy (DOE) and the National Nuclear Security Administration (NNSA) to provide timely information to the public regarding DOE/NNSA’s forecast of future prime contracting opportunities and subcontracting opportunities which are available via the Department’s major site and facilities management contractors.

  15. Acquisition Letter No. AL 2008-02 | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    Part 7 Acquisition Planning FAR Part 15 Contracting by Negotiation FAR Part 30 Cost Accounting Standards Administration FAR Part 31 Contract Cost Principles and Procedures FAR...

  16. Acquisition Letter No. AL 2009-01 | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    For National Nuclear Security Administration (NNSA) contracts, contact Mr. Stephen Law, Office of Acquisition and Supply Management, NA-63, at (202) 586-4321 or at...

  17. 37pt.2PerformanceBasedServiceAcquisition.pdf | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7pt.2PerformanceBasedServiceAcquisition.pdf 37pt.2PerformanceBasedServiceAcquisition.pdf PDF icon 37pt.2PerformanceBasedServiceAcquisition.pdf More Documents & Publications Acquisitions___Communications.pdf Policy Flash 2013-09 One Acquisition Solution for Integrated Services (OASIS) - Brad DeMers, General Services Administration (GSA)

  18. Fact Sheet: Protecting Intelligent Distributed Power Grids Against Cyber Attacks

    Office of Environmental Management (EM)

    Protecting Intelligent Distributed Power Grids Against Cyber Attacks Development of a novel distributed and hierarchical security layer specific to intelligent grid design Intelligent power grids are interdependent energy management systems- encompassing generation, distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, effciency, and reliability. But increased interconnection and automation over a large

  19. Taxonomies of Cyber Adversaries and Attacks: A Survey of Incidents and Approaches

    SciTech Connect (OSTI)

    Meyers, C A; Powers, S S; Faissol, D M

    2009-10-08

    In this paper we construct taxonomies of cyber adversaries and methods of attack, drawing from a survey of the literature in the area of cyber crime. We begin by addressing the scope of cyber crime, noting its prevalence and effects on the US economy. We then survey the literature on cyber adversaries, presenting a taxonomy of the different types of adversaries and their corresponding methods, motivations, maliciousness, and skill levels. Subsequently we survey the literature on cyber attacks, giving a taxonomy of the different classes of attacks, subtypes, and threat descriptions. The goal of this paper is to inform future studies of cyber security on the shape and characteristics of the risk space and its associated adversaries.

  20. A cognitive and economic decision theory for examining cyber defense strategies.

    SciTech Connect (OSTI)

    Bier, Asmeret Brooke

    2014-01-01

    Cyber attacks pose a major threat to modern organizations. Little is known about the social aspects of decision making among organizations that face cyber threats, nor do we have empirically-grounded models of the dynamics of cooperative behavior among vulnerable organizations. The effectiveness of cyber defense can likely be enhanced if information and resources are shared among organizations that face similar threats. Three models were created to begin to understand the cognitive and social aspects of cyber cooperation. The first simulated a cooperative cyber security program between two organizations. The second focused on a cyber security training program in which participants interact (and potentially cooperate) to solve problems. The third built upon the first two models and simulates cooperation between organizations in an information-sharing program.

  1. ACQUISITION PLANNING | Department of Energy

    Energy Savers [EERE]

    ACQUISITION PLANNING ACQUISITION PLANNING ACQUISITION PLANNING More Documents & Publications ACQUISITION PLANNING Attachment FY2011-13 Attachment FY2011-40(3)...

  2. ACQUISITION PLANNING | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ACQUISITION PLANNING ACQUISITION PLANNING PDF icon ACQUISITION PLANNING More Documents & Publications ACQUISITION PLANNING Policy Flash 2013-09 Policy Flash 2015-13

  3. Breaking into a computer : attack techniques and tools used by cyber-criminals

    ScienceCinema (OSTI)

    None

    2011-10-06

    Oral presentation in English, slides in English. We will show you how and why cyber-criminals attack your computers: their motives, methods and tools.

  4. Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008

    Broader source: Energy.gov [DOE]

    This project of the cyber security audit and attack detection toolkit is adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers

  5. Situational Awareness as a Measure of Performance in Cyber Security Collaborative Work

    SciTech Connect (OSTI)

    Malviya, Ashish; Fink, Glenn A.; Sego, Landon H.; Endicott-Popovsky, Barbara E.

    2011-04-11

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge in turn could lead to better preparation of cyber defenders in both military and civilian settings. We conducted proof of concept experimentation to collect data during the Pacific-rim Regional Collegiate Cyber Defense Competition (PRCCDC) and analyzed it to study the behavior of cyber defenders. We propose that situational awareness predicts performance of cyber security professionals, and in this paper we focus on our collection and analysis of competition data to determine whether it supports our hypothesis. In addition to normal cyber data, we collected situational awareness and workload data and compared it against the performance of cyber defenders as indicated by their competition score. We conclude that there is a weak correlation between our measure of situational awareness and performance that we hope to exploit in further studies.

  6. Defense on the Move: Ant-Based Cyber Defense

    SciTech Connect (OSTI)

    Fink, Glenn A.; Haack, Jereme N.; McKinnon, Archibald D.; Fulp, Errin W.

    2014-04-15

    Many common cyber defenses (like firewalls and IDS) are as static as trench warfare allowing the attacker freedom to probe them at will. The concept of Moving Target Defense (MTD) adds dynamism to the defender side, but puts the systems to be defended themselves in motion, potentially at great cost to the defender. An alternative approach is a mobile resilient defense that removes attackersí ability to rely on prior experience without requiring motion in the protected infrastructure itself. The defensive technology absorbs most of the cost of motion, is resilient to attack, and is unpredictable to attackers. The Ant-Based Cyber Defense (ABCD) is a mobile resilient defense providing a set of roaming, bio-inspired, digital-ant agents working with stationary agents in a hierarchy headed by a human supervisor. The ABCD approach provides a resilient, extensible, and flexible defense that can scale to large, multi-enterprise infrastructures like the smart electric grid.

  7. Automatic Labeling for Entity Extraction in Cyber Security

    SciTech Connect (OSTI)

    Bridges, Robert A; Jones, Corinne L; Iannacone, Michael D; Testa, Kelly M; Goodall, John R

    2014-01-01

    Timely analysis of cyber-security information necessitates automated information extraction from unstructured text. While state-of-the-art extraction methods produce extremely accurate results, they require ample training data, which is generally unavailable for specialized applications, such as detecting security related entities; moreover, manual annotation of corpora is very costly and often not a viable solution. In response, we develop a very precise method to automatically label text from several data sources by leveraging related, domain-specific, structured data and provide public access to a corpus annotated with cyber-security entities. Next, we implement a Maximum Entropy Model trained with the average perceptron on a portion of our corpus (~750,000 words) and achieve near perfect precision, recall, and accuracy, with training times under 17 seconds.

  8. NNSA Procurement Projects Perspective - Bob Raines, Associate Administrator

    Office of Environmental Management (EM)

    for Acquisition and Project Management, NNSA | Department of Energy Projects Perspective - Bob Raines, Associate Administrator for Acquisition and Project Management, NNSA NNSA Procurement Projects Perspective - Bob Raines, Associate Administrator for Acquisition and Project Management, NNSA PDF icon Workshop 2015 - Raines_NNSA Projects Perspective.pdf More Documents & Publications One Procurement Director's Perspective - Patricia Schuneman, Chicago Procurement Director NNSA Procurement

  9. Sandia Cyber Engineering Research Laboratory (CERL) Formally Opens

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Engineering Research Laboratory (CERL) Formally Opens - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense

  10. A Comparison of Cross-Sector Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2005-09-01

    This report presents a review and comparison (commonality and differences) of three cross-sector cyber security standards and an internationally recognized information technology standard. The comparison identifies the security areas covered by each standard and reveals where the standards differ in emphasis. By identifying differences in the standards, the user can evaluate which standard best meets their needs. For this report, only cross-sector standards were reviewed.

  11. Cyber Assessment Methods for SCADA Security | Department of Energy

    Energy Savers [EERE]

    Assessment Methods for SCADA Security Cyber Assessment Methods for SCADA Security This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure. The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure

  12. Secretary Moniz visits the Office of Cyber Assessments

    Broader source: Energy.gov [DOE]

    Cyber Security is becoming increasingly important in today’s technologically anchored society. Advances in information technology have made our lives easier in countless ways, but these same advances have brought us a key-stroke away from our enemies. This remains true for the Department of Energy (DOE), whose mission is to ensure America’s security and prosperity by addressing its energy, environmental and nuclear challenges.

  13. Fact Sheet: Cyber Security Audit and Attack Detection Toolkit

    Office of Environmental Management (EM)

    Cyber Security Audit and Attack Detection Toolkit Adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers While many energy utilities employ vulnerability scanners and security event managers (SEM) on their enterprise systems, these tools often lack the intelligence necessary to be effective in control systems. This two-year project aims to integrate control system intelligence into widely deployed vulnerability scanners and SEM, and to

  14. Microsoft Word - OE Cyber Release 10 18 07.doc

    Office of Environmental Management (EM)

    FOR IMMEDIATE RELEASE Megan Barnett, (202) 586-4940 Thursday, October 18, 2007 DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks WASHINGTON, DC - U.S. Department of Energy (DOE) Assistant Secretary for Electricity Delivery and Energy Reliability Kevin M. Kolevar today announced five projects that have been selected for negotiation of awards of up to $7.9 million in DOE funding to develop and integrate technologically- advanced controls and

  15. GridStat Ė Cyber Security and Regional Deployment Project Report

    SciTech Connect (OSTI)

    Clements, Samuel L.

    2009-02-18

    GridStat is a developing communication technology to provide real-time data delivery services to the electric power grid. It is being developed in a collaborative effort between the Electrical Power Engineering and Distributed Computing Science Departments at Washington State University. Improving the cyber security of GridStat was the principle focus of this project. A regional network was established to test GridStatís cyber security mechanisms in a realistic environment. The network consists of nodes at Pacific Northwest National Laboratory, Idaho National Laboratory, and Washington State University. Idaho National Laboratory (INL) was tasked with performing the security assessment, the results of which detailed a number or easily resolvable and previously unknown issues, as well as a number of difficult and previously known issues. Going forward we recommend additional development prior to commercialization of GridStat. The development plan is structured into three domains: Core Development, Cyber Security and Pilot Projects. Each domain contains a number of phased subtasks that build upon each other to increase the robustness and maturity of GridStat.

  16. Bio-Inspired Cyber Security for Smart Grid Deployments

    SciTech Connect (OSTI)

    McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.; Fink, Glenn A.; Fulp, Errin W.

    2013-05-01

    mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants framework is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.

  17. Cyber Security Research Frameworks For Coevolutionary Network Defense

    SciTech Connect (OSTI)

    Rush, George D.; Tauritz, Daniel Remy

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  18. Cyber Assessment Methods for SCADA Security

    SciTech Connect (OSTI)

    Not Available

    2005-06-01

    The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national infrastructure, such as electric power, oil, and gas production and distribution. Since their incapacitation or destruction would have a debilitating impact on the defense or economic security of the United States, one of the main objectives of this program is to identify vulnerabilities and encourage the public and private sectors to work together to design secure control systems that resolve these weaknesses. This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure.

  19. Cyber Assessment Methods For SCADA Security

    SciTech Connect (OSTI)

    May Robin Permann; Kenneth Rohde

    2005-06-01

    The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national infrastructure, such as electric power, oil, and gas production and distribution. Since their incapacitation or destruction would have a debilitating impact on the defense or economic security of the United States, one of the main objectives of this program is to identify vulnerabilities and encourage the public and private sectors to work together to design secure control systems that resolve these weaknesses. This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure.

  20. Policy Flash 2013-42 Acquisition Guide Chapter 19.1- Summary of Small

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Business Administration and Department of Energy Partnership | Department of Energy 2 Acquisition Guide Chapter 19.1- Summary of Small Business Administration and Department of Energy Partnership Policy Flash 2013-42 Acquisition Guide Chapter 19.1- Summary of Small Business Administration and Department of Energy Partnership Attached is Policy Flash 2013-42 Acquisition Guide Chapter 19.1 - Summary of Small Business Administration and Department of Energy Partnership Agreement Questions

  1. Tensions in collaborative cyber security and how they affect incident detection and response

    SciTech Connect (OSTI)

    Fink, Glenn A.; McKinnon, Archibald D.; Clements, Samuel L.; Frincke, Deborah A.

    2009-12-01

    Security often requires collaboration, but when multiple stakeholders are involved, it is typical for their priorities to differ or even conflict with one another. In todayís increasingly networked world, cyber security collaborations may span organizations and countries. In this chapter, we address collaboration tensions, their effects on incident detection and response, and how these tensions may potentially be resolved. We present three case studies of collaborative cyber security within the U.S. government and discuss technical, social, and regulatory challenges to collaborative cyber security. We suggest possible solutions, and present lessons learned from conflicts. Finally, we compare collaborative solutions from other domains and apply them to cyber security collaboration. Although we concentrate our analysis on collaborations whose purpose is to achieve cyber security, we believe that this work applies readily to security tensions found in collaborations of a general nature as well.

  2. Cyber Science and Security - An R&D Partnership at LLNL

    SciTech Connect (OSTI)

    Brase, J; Henson, V

    2011-03-11

    Lawrence Livermore National Laboratory has established a mechanism for partnership that integrates the high-performance computing capabilities of the National Labs, the network and cyber technology expertise of leading information technology companies, and the long-term research vision of leading academic cyber programs. The Cyber Science and Security Center is designed to be a working partnership among Laboratory, Industrial, and Academic institutions, and provides all three with a shared R&D environment, technical information sharing, sophisticated high-performance computing facilities, and data resources for the partner institutions and sponsors. The CSSC model is an institution where partner organizations can work singly or in groups on the most pressing problems of cyber security, where shared vision and mutual leveraging of expertise and facilities can produce results and tools at the cutting edge of cyber science.

  3. Network Intrusion Detection and Visualization using Aggregations in a Cyber Security Data Warehouse

    SciTech Connect (OSTI)

    Czejdo, Bogdan; Ferragut, Erik M; Goodall, John R; Laska, Jason A

    2012-01-01

    The challenge of achieving situational understanding is a limiting factor in effective, timely, and adaptive cyber-security analysis. Anomaly detection fills a critical role in network assessment and trend analysis, both of which underlie the establishment of comprehensive situational understanding. To that end, we propose a cyber security data warehouse implemented as a hierarchical graph of aggregations that captures anomalies at multiple scales. Each node of our pro-posed graph is a summarization table of cyber event aggregations, and the edges are aggregation operators. The cyber security data warehouse enables domain experts to quickly traverse a multi-scale aggregation space systematically. We describe the architecture of a test bed system and a summary of results on the IEEE VAST 2012 Cyber Forensics data.

  4. Acquisition Guide Chapter 1.1 - Acquisition Regulations System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Documents & Publications Acquisition Guide Chapter 1.0 - Acquisition Regulations System Acquisition Guide Chapter 1.2 - Balanced Scorecard Performance Assessment Program - (March...

  5. Acquisition Letter Archive Listing

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Letter Archive Listing 1 Acquisition Letter Title 1984-1R Rev. 1292 Acquisition Letters 1987-3R Rev. 1287 Prescreening Policies and Procedures 1987-5 090487 Patents and ...

  6. OPAM Policy Acquisition Guides | Department of Energy

    Energy Savers [EERE]

    3 - Simplified Acquisition Procedures OPAM Policy Acquisition Guides Chapter 18 - Emergency Acquisitions

  7. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect (OSTI)

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  8. Probabilistic Characterization of Adversary Behavior in Cyber Security

    SciTech Connect (OSTI)

    Meyers, C A; Powers, S S; Faissol, D M

    2009-10-08

    The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

  9. Acquisition Career Development Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-04-19

    This Order establishes training and certification requirements and career development programs under the Acquisition Career Development (ACD) Program for DOE and NNSA acquisition workforce. The acquisition workforce includes contracting, purchasing, personal property management, program management, Contracting Officers and Contracting Officer Representatives. The ACD Program implements the Office of Federal Procurement Policy (OFPP) requirements, Federal Acquisition Regulation (FAR) requirements, Federal Acquisition Reform Act (FARA) requirements, and the objectives of Executive Order (E.O.) 129231, Federal Procurement Reform, dated 10-13-1994. This order cancels DOE O 361.1, Acquisition Career Development Program, dated 11-10-99, AND Acquisition Letter 2003-05, Personal Property Management Career Development, Training, and Certification Program, dated 9-10-03. Cancels DOE O 361.1 Chg 2. Canceled by DOE O 361.1B.

  10. Secure control systems with application to cyber-physical systems

    SciTech Connect (OSTI)

    Dong, Jin; Djouadi, Seddik M; Nutaro, James J; Kuruganti, Phani Teja

    2014-01-01

    Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

  11. What is the current state of the science of Cyber defense?

    SciTech Connect (OSTI)

    Hurd, Alan J.

    2015-10-09

    My overall sense of the cyber defense field is one of an adolescent discipline currently bogged down in a cloud of issues, the most iconic of which is the great diversity of approaches that are being aggregated to form a coherent field. Because my own expertise is complex systems and materials physics research, I have limited direct experience in cyber security sciences except as a user of secure networks and computing resources. However, in producing this report, I have found with certainty that there exists no calculus for cyber risk assessment, mitigation, and response, although some hopeful precepts toward this end are emerging.

  12. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    SciTech Connect (OSTI)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.

  13. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, anmore¬†¬Ľ established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.¬ę¬†less

  14. Project Management for the Acquisition of Capital Assets

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-28

    The purpose of this Manual is to provide requirements and guidance to Department of Energy (DOE) employees, including National Nuclear Security Administration (NNSA) employees on the planning and acquisition of capital assets. Does not cancel other directives.

  15. Acquisition Career Development Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1999-11-10

    The Order implements the Department's Acquisition Career Development program, mandatory for professionals in the GS-1102 and 1105 occupational procurement series, as well as others with significant procurement responsibilities. The Order also ensures that members of the acquisition workforce are aware of and adhere to the mandatory training and certification requirements. Cancels Acquisition Letter 98-06. Canceled by DOE O 361.1 Chg 1.

  16. Acquisition Career Development Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-12-20

    To set forth requirements and responsibilities for the Department of Energy (DOE) Acquisition Career Development (ACD) Program, which implements Office of Federal Procurement Policy (OFPP) requirements, Federal Acquisition Regulation (FAR) requirements, Federal Acquisition Reform Act (FARA) requirements, and the career development objectives of Executive Order (E.O.) 12931. Change 1 approved 12-20-2001. Cancels DOE O 361.1. Canceled by DOE O 361.1 Chg 2.

  17. Acquisition Career Development Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-06-13

    To set forth requirements and responsibilities for the Department of Energy (DOE) Acquisition Career Development (ACD) Program, which implements Office of Federal Procurement Policy (OFPP) requirements, Federal Acquisition Regulation (FAR) requirements, Federal Acquisition Reform Act (FARA) requirements, and the career development objectives of Executive Order (E.O.) 12931. Change 1 approved 12-20-2001. Change 2 approved 06-13-03. Cancels DOE O 361.1 Chg 1. Canceled by DOE O 361.1A.

  18. Acquisition Career Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2015-05-14

    The order sets forth requirements and responsibilities for the Department of Energy (DOE) Acquisition Career Management Program. Supersedes DOE O 361.1B.

  19. Acquisition Career Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-01-24

    The order defines requirements and responsibilities for training, certification, and career development programs for the DOE acquisition workforce. Cancels DOE O 361.1A.

  20. Towards an Experimental Testbed Facility for Cyber-Physical Security Research

    SciTech Connect (OSTI)

    Edgar, Thomas W.; Manz, David O.; Carroll, Thomas E.

    2012-01-07

    Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

  1. Categorical Exclusion Determinations: Bonneville Power Administration |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Bonneville Power Administration Categorical Exclusion Determinations: Bonneville Power Administration Categorical Exclusion Determinations issued by Bonneville Power Administration. DOCUMENTS AVAILABLE FOR DOWNLOAD October 27, 2014 CX-012790: Categorical Exclusion Determination Haystack Butte Radio Site Land Acquisition CX(s) Applied: B1.24 Date: 41939 Location(s): Washington Offices(s): Bonneville Power Administration October 23, 2014 CX-012791: Categorical Exclusion

  2. Aspects of Holly Corporation's Acquisition of Sunoco Inc.'s Tulsa, Oklahoma Refinery

    Reports and Publications (EIA)

    2009-01-01

    The Energy Information Administration has produced a review of aspects of the Holly's acquisition of Sunoco's 85,000-barrels-per-day Tulsa refinery.

  3. The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011, OAS-M-12-01

    Energy Savers [EERE]

    Evaluation Report The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011 OAS-M-12-01 November 2011 Department of Energy Washington, DC 20585 November 15, 2011 MEMORANDUM FOR THE CHAIRMAN, FEDERAL ENERGY REGULATORY COMMISSION FROM: Rickey R. Hass Deputy Inspector General for Audits and Inspections Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011"

  4. The Federal Energy Regulatory Commission's Unclassified Cyber Security Program ¬Ö 2013

    Energy Savers [EERE]

    Evaluation Report The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2013 OAS-M-14-01 October 2013 Department of Energy Washington, DC 20585 October 23, 2013 MEMORANDUM FOR THE EXECUTIVE DIRECTOR, FEDERAL ENERGY REGULATORY COMMISSION FROM: Rickey R. Hass Deputy Inspector General for Audits and Inspections Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program -

  5. Follow-up Audit of the Department's Cyber Security Incident Management Program, IG-0878

    Office of Environmental Management (EM)

    Department's Cyber Security Incident Management Program DOE/IG-0878 December 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 December 11, 2012 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Follow-up Audit of the Department's Cyber Security Incident Management Program" INTRODUCTION AND OBJECTIVE The Department of Energy operates

  6. GAO-06-811 Information Security: Coordination of Federal Cyber Security Research and Development

    Office of Environmental Management (EM)

    the Chairman, Committee on Government Reform, House of Representatives INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development September 2006 GAO-06-811 What GAO Found United States Government Accountability Office Why GAO Did This Study Highlights Accountability Integrity Reliability September 2006 INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development Highlights of GAO-06-811, a report to Chairman, Committee on Government Reform, House

  7. Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems

    Office of Environmental Management (EM)

    U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB September 2006 LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS Raymond K. Fink David F. Spencer Rita A. Wells NSTB INL/CON-06-11665 iii ABSTRACT Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems, or components of those systems, were reviewed to identify

  8. Collaborative Defense of Transmission and Distribution Protection and Control Devices against Cyber Attacks (CODEF)

    Office of Environmental Management (EM)

    Collaborative Defense of Transmission and Distribution Protection and Control Devices against Cyber Attacks (CODEF) Real-time cybersecurity with power grid devices working together to validate commands and operations Background A cyber attack against a utility's sensor network could pose a risk of energy delivery disruption. For example, an attacker could attempt to maliciously control the operation of switching devices to weaken the state of a power system. Access to the utility network may

  9. Acquisition Letters | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Procurement and Acquisition ¬Ľ Acquisition Letters Acquisition Letters September 23, 2015 Acquisition Letter No. AL 2015-09 Updated Guidance on Conference-Related Activities and Spending. August 26, 2015 Acquisition Letters No. AL 2015-08 Implementation of the Management & Operating Subcontract Reporting Capability (MOSRC) and Special H Clause July 16, 2015 Acquisition Letter No. AL 2015-07 Performance of Inherently Governmental and Critical Functions June 11, 2015 Acquisition Letter No. Al

  10. Cyber-Security Considerations for the Smart Grid

    SciTech Connect (OSTI)

    Clements, Samuel L.; Kirkham, Harold

    2010-07-26

    The electrical power grid is evolving into the ďsmart gridĒ. The goal of the smart grid is to improve efficiency and availability of power by adding more monitoring and control capabilities. These new technologies and mechanisms are certain to introduce vulnerabilities into the power grid. In this paper we provide an overview of the cyber security state of the electrical power grid. We highlight some of the vulnerabilities that already exist in the power grid including limited capacity systems, implicit trust and the lack of authentication. We also address challenges of complexity, scale, added capabilities and the move to multipurpose hardware and software as the power grid is upgraded. These changes create vulnerabilities that did not exist before and bring increased risks. We conclude the paper by showing that there are a number mitigation strategies that can help keep the risk at an acceptable level.

  11. BROOKHAVEN NATIONAL LABORATORYS CAPABILITIES FOR ADVANCED ANALYSES OF CYBER THREATS

    SciTech Connect (OSTI)

    DePhillips M. P.

    2014-06-06

    BNL has several ongoing, mature, and successful programs and areas of core scientific expertise that readily could be modified to address problems facing national security and efforts by the IC related to securing our nation’s computer networks. In supporting these programs, BNL houses an expansive, scalable infrastructure built exclusively for transporting, storing, and analyzing large disparate data-sets. Our ongoing research projects on various infrastructural issues in computer science undoubtedly would be relevant to national security. Furthermore, BNL frequently partners with researchers in academia and industry worldwide to foster unique and innovative ideas for expanding research opportunities and extending our insights. Because the basic science conducted at BNL is unique, such projects have led to advanced techniques, unlike any others, to support our mission of discovery. Many of them are modular techniques, thus making them ideal for abstraction and retrofitting to other uses including those facing national security, specifically the safety of the nation’s cyber space.

  12. Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Jim Alves-Foss; Milos Manic

    2011-08-01

    Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL provides a basis for robust anomaly detection and cyber security state awareness. In addition, the proposed algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental cyber-security test-bed.

  13. Final report : impacts analysis for cyber attack on electric power systems (National SCADA Test Bed FY08).

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Richardson, Bryan T.; Stamp, Jason Edwin; LaViolette, Randall A.

    2009-02-01

    To analyze the risks due to cyber attack against control systems used in the United States electrical infrastructure, new algorithms are needed to determine the possible impacts. This research is studying the Reliability Impact of Cyber ttack (RICA) in a two-pronged approach. First, malevolent cyber actions are analyzed in terms of reduced grid reliability. Second, power system impacts are investigated using an abstraction of the grid's dynamic model. This second year of esearch extends the work done during the first year.

  14. Program Administration

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1997-08-21

    This volume describes program administration that establishes and maintains effective organizational management and control of the emergency management program. Canceled by DOE G 151.1-3.

  15. Policy Flash 2013-30 Acquisition Letter on Acquisition Planning

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Considerations for Management and Operating Contracts | Department of Energy 0 Acquisition Letter on Acquisition Planning Considerations for Management and Operating Contracts Policy Flash 2013-30 Acquisition Letter on Acquisition Planning Considerations for Management and Operating Contracts Attached is Policy Flash 2013-30 Acquisition Letter on Acquisition Planning Considerations for Management and Operating Contracts Questions concerning this policy flash should be directed to Jason

  16. OPAM Policy Acquisition Guides

    Energy Savers [EERE]

    Chapter 17.3 (February 2004) Acquisition, Use, and Disposal of Real Estate [Reference: DEAR 917.74, 970.5244-1] Overview This section provides internal Departmental information and a DOE point of contact for issues dealing with real estate acquisition, use, and disposal. Background DEAR 917.74 provides the policy and procedures to be followed in the acquisition, use, and disposal of real estate. In accordance with DEAR clause 970.5244-1, Management and Operating contractors also follow the DEAR

  17. Customer Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Soft Costs Customer Acquisition Customer Acquisition Photo of a woman, man, and child looking at a silver box on the outside of a home. Customer acquisition costs in the solar ...

  18. Acquisition Workforce Information | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Certifications and Professional Development Acquisition Workforce Information Acquisition Workforce Information All Acquisition Workforce information has been moved to...

  19. Acquisition & Financial Assistance Rules Status | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition & Financial Assistance Rules Status Acquisition & Financial Assistance Rules Status Subscribe to Acquisition & Financial Assistance Rules Status Updates PDF icon ...

  20. IT Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition IT Acquisition computer-957001_960_720.jpg Acquisition The Chief Information Officer (CIO) guides and manages the Department's effective use of information technology (IT) and IT resources. When acquiring IT solutions, the CIO seeks to integrate project, financial, and acquisition management, and quality oversight methods into a cohesive process to achieve program goals. The Acquisition Management Division uses a variety of IT acquisition solutions, managed in an integrated fashion

  1. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  2. Data acquisition system

    DOE Patents [OSTI]

    Shapiro, Stephen L. (14228 Amherst Ct., Los Altos Hills, CA 94022); Mani, Sudhindra (1618 17th St., Sacramento, CA 95814); Atlas, Eugene L. (440 De Anza Ct., Oceanside, CA 92057); Cords, Dieter H. W. (526 Cuesta Real, La Honda, CA 94020); Holbrook, Britt (4540 Varsity Ct., Sacramento, CA 95841)

    1997-01-01

    A data acquisition circuit for a particle detection system that allows for time tagging of particles detected by the system. The particle detection system screens out background noise and discriminate between hits from scattered and unscattered particles. The detection system can also be adapted to detect a wide variety of particle types. The detection system utilizes a particle detection pixel array, each pixel containing a back-biased PIN diode, and a data acquisition pixel array. Each pixel in the particle detection pixel array is in electrical contact with a pixel in the data acquisition pixel array. In response to a particle hit, the affected PIN diodes generate a current, which is detected by the corresponding data acquisition pixels. This current is integrated to produce a voltage across a capacitor, the voltage being related to the amount of energy deposited in the pixel by the particle. The current is also used to trigger a read of the pixel hit by the particle.

  3. Acquisition and Project Management

    National Nuclear Security Administration (NNSA)

    4%2A en Acquisition and Project Management Office volunteers get up-close look at Office of Secure Transportation exercise http:nnsa.energy.govblogacquisition-and-project-mana...

  4. Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Acquisition Workers install a process vessel ventilation system in a facility that houses two tanks for processing decontaminated salt solution at the Saltstone Production Facility at EM√ʬĬôs Savannah River Site. Workers install a process vessel ventilation system in a facility that houses two tanks for processing decontaminated salt solution at the Saltstone Production Facility at EM's Savannah River Site. The Office of Environmental Management (EM) is responsible for

  5. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Crime Witness Program Security Integrated Systems Approach Southwestern uses an integrated systems approach, which is the process of achieving effective security management by incorporating several security processes and systems under an organization and management framework. The integrated systems approach includes: Cyber security Emergency planning and response Information protection Personnel security Program management and support Unclassified visits and assignments by foreign nationals

  6. Assessment of current cybersecurity practices in the public domain : cyber indications and warnings domain.

    SciTech Connect (OSTI)

    Hamlet, Jason R.; Keliiaa, Curtis M.

    2010-09-01

    This report assesses current public domain cyber security practices with respect to cyber indications and warnings. It describes cybersecurity industry and government activities, including cybersecurity tools, methods, practices, and international and government-wide initiatives known to be impacting current practice. Of particular note are the U.S. Government's Trusted Internet Connection (TIC) and 'Einstein' programs, which are serving to consolidate the Government's internet access points and to provide some capability to monitor and mitigate cyber attacks. Next, this report catalogs activities undertaken by various industry and government entities. In addition, it assesses the benchmarks of HPC capability and other HPC attributes that may lend themselves to assist in the solution of this problem. This report draws few conclusions, as it is intended to assess current practice in preparation for future work, however, no explicit references to HPC usage for the purpose of analyzing cyber infrastructure in near-real-time were found in the current practice. This report and a related SAND2010-4766 National Cyber Defense High Performance Computing and Analysis: Concepts, Planning and Roadmap report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

  7. Acquisition Guide Chapter 1.1 - Acquisition Regulations System - (March

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2004) | Department of Energy Guide Chapter 1.1 - Acquisition Regulations System - (March 2004) Acquisition Guide Chapter 1.1 - Acquisition Regulations System - (March 2004) Guiding Principles * Authority is delegated to the maximum practical extent. * Reviews and approvals are minimized and the layering of review is avoided. * Participants in the acquisition process work together as a team and are empowered to make decisions in the areas of responsibility. PDF icon OPAM Policy Acquisition

  8. Protecting Intelligent Distributed Power Grids against Cyber Attacks

    SciTech Connect (OSTI)

    Dong Wei; Yan Lu; Mohsen Jafari; Paul Skare; Kenneth Rohde

    2010-12-31

    Like other industrial sectors, the electrical power industry is facing challenges involved with the increasing demand for interconnected operations and control. The electrical industry has largely been restructured due to deregulation of the electrical market and the trend of the Smart Grid. This moves new automation systems from being proprietary and closed to the current state of Information Technology (IT) being highly interconnected and open. However, while gaining all of the scale and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications for the power grid were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: (1) integration with existing, legacy systems in a non-intrusive fashion; (2) desirable performance in terms of modularity, scalability, extendibility, and manageability; (3) alignment to the 'Roadmap to Secure Control Systems in the Energy Sector' and the future smart grid. The on-site system test of the developed prototype security system is briefly presented as well.

  9. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  10. Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigation

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Frincke, Deborah A.

    2010-09-01

    The purpose of this chapter is to motivate the combination of traditional cyber security audit data with psychosocial data, so as to move from an insider threat detection stance to one that enables prediction of potential insider presence. Two distinctive aspects of the approach are the objective of predicting or anticipating potential risks and the use of organizational data in addition to cyber data to support the analysis. The chapter describes the challenges of this endeavor and progress in defining a usable set of predictive indicators, developing a framework for integrating the analysis of organizational and cyber security data to yield predictions about possible insider exploits, and developing the knowledge base and reasoning capability of the system. We also outline the types of errors that one expects in a predictive system versus a detection system and discuss how those errors can affect the usefulness of the results.

  11. Cyber Security Indications and Warning System (SV): CRADA 1573.94 Project Accomplishments Summary

    SciTech Connect (OSTI)

    Hu, Tan Chang; Robinson, David G.

    2011-09-08

    As the national focus on cyber security increases, there is an evolving need for a capability to provide for high-speed sensing of events, correlation of events, and decision-making based on the adverse events seen across multiple independent large-scale network environments. The purpose of this Shared Vision project, Cyber Security Indications and Warning System, was to combine both Sandia's and LMC's expertise to discover new solutions to the challenge of protecting our nation's infrastructure assets. The objectives and scope of the proposal was limited to algorithm and High Performance Computing (HPC) model assessment in the unclassified environment within funding and schedule constraints. The interest is the identification, scalability assessment, and applicability of current utilized cyber security algorithms as applied in an HPC environment.

  12. Cyber-Informed Engineering: The Need for a New Risk Informed and Design Methodology

    SciTech Connect (OSTI)

    Price, Joseph Daniel; Anderson, Robert Stephen

    2015-06-01

    Current engineering and risk management methodologies do not contain the foundational assumptions required to address the intelligent adversaryís capabilities in malevolent cyber attacks. Current methodologies focus on equipment failures or human error as initiating events for a hazard, while cyber attacks use the functionality of a trusted system to perform operations outside of the intended design and without the operatorís knowledge. These threats can by-pass or manipulate traditionally engineered safety barriers and present false information, invalidating the fundamental basis of a safety analysis. Cyber threats must be fundamentally analyzed from a completely new perspective where neither equipment nor human operation can be fully trusted. A new risk analysis and design methodology needs to be developed to address this rapidly evolving threatscape.

  13. OPAM Policy Acquisition Guides | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3 - Protests, Disputes and Appeals ACQUISITION LETTER DEAR Part 933 Microsoft Word - ACQUISITION LETTER

  14. A Probabilistic Framework for Quantifying Mixed Uncertainties in Cyber Attacker Payoffs

    SciTech Connect (OSTI)

    Chatterjee, Samrat; Tipireddy, Ramakrishna; Oster, Matthew R.; Halappanavar, Mahantesh

    2015-12-28

    Quantification and propagation of uncertainties in cyber attacker payoffs is a key aspect within multiplayer, stochastic security games. These payoffs may represent penalties or rewards associated with player actions and are subject to various sources of uncertainty, including: (1) cyber-system state, (2) attacker type, (3) choice of player actions, and (4) cyber-system state transitions over time. Past research has primarily focused on representing defender beliefs about attacker payoffs as point utility estimates. More recently, within the physical security domain, attacker payoff uncertainties have been represented as Uniform and Gaussian probability distributions, and mathematical intervals. For cyber-systems, probability distributions may help address statistical (aleatory) uncertainties where the defender may assume inherent variability or randomness in the factors contributing to the attacker payoffs. However, systematic (epistemic) uncertainties may exist, where the defender may not have sufficient knowledge or there is insufficient information about the attackerís payoff generation mechanism. Such epistemic uncertainties are more suitably represented as generalizations of probability boxes. This paper explores the mathematical treatment of such mixed payoff uncertainties. A conditional probabilistic reasoning approach is adopted to organize the dependencies between a cyber-systemís state, attacker type, player actions, and state transitions. This also enables the application of probabilistic theories to propagate various uncertainties in the attacker payoffs. An example implementation of this probabilistic framework and resulting attacker payoff distributions are discussed. A goal of this paper is also to highlight this uncertainty quantification problem space to the cyber security research community and encourage further advancements in this area.

  15. Acquisitions___Communications.pdf | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisitions___Communications.pdf Acquisitions___Communications.pdf PDF icon Acquisitions___Communications.pdf More Documents & Publications 7pt1AcquisitionPlanning.pdf 37pt.2PerformanceBasedServiceAcquisition.pdf DOE Vendor Communications Plan

  16. FAR Acquisition Strategy Team | Department of Energy

    Office of Environmental Management (EM)

    FAR Acquisition Strategy Team FAR Acquisition Strategy Team PDF icon FAR Acquisition Strategy Team More Documents & Publications FAR Acquisition Strategy Team Microsoft Word - Section 311 AL FAL Feb 17 2010 Acquisition Letters No. AL 2013-05

  17. Emulytics for Cyber-Enabled Physical Attack Scenarios: Interim LDRD Report of Year One Results.

    SciTech Connect (OSTI)

    Clem, John; Urias, Vincent; Atkins, William Dee; Symonds, Christopher J.

    2015-12-08

    Sandia National Laboratories has funded the research and development of a new capability to interactively explore the effects of cyber exploits on the performance of physical protection systems. This informal, interim report of progress summarizes the project’s basis and year one (of two) accomplishments. It includes descriptions of confirmed cyber exploits against a representative testbed protection system and details the development of an emulytics capability to support live, virtual, and constructive experiments. This work will support stakeholders to better engineer, operate, and maintain reliable protection systems.

  18. Top 9 tips on how to prevent cyber "break-ins" | Argonne National

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Laboratory This article was published in the spring 2016 issue of Argonne Now, the laboratory science magazine. Click for the rest of the issue. Top 9 tips on how to prevent cyber "break-ins" By Diana Anderson * March 7, 2016 Tweet EmailPrint This article was originally published in the spring 2016 issue of Argonne Now, the laboratory's science magazine. Mike Skwarek, Argonne's Cyber Security Officer, is an expert on how to protect yourself today in the information age. He's shared

  19. Methodology for prioritizing cyber-vulnerable critical infrastructure equipment and mitigation strategies.

    SciTech Connect (OSTI)

    Dawson, Lon Andrew; Stinebaugh, Jennifer A.

    2010-04-01

    The Department of Homeland Security (DHS), National Cyber Security Division (NSCD), Control Systems Security Program (CSSP), contracted Sandia National Laboratories to develop a generic methodology for prioritizing cyber-vulnerable, critical infrastructure assets and the development of mitigation strategies for their loss or compromise. The initial project has been divided into three discrete deliverables: (1) A generic methodology report suitable to all Critical Infrastructure and Key Resource (CIKR) Sectors (this report); (2) a sector-specific report for Electrical Power Distribution; and (3) a sector-specific report for the water sector, including generation, water treatment, and wastewater systems. Specific reports for the water and electric sectors are available from Sandia National Laboratories.

  20. PSERC Webinar Series: Issues in Designing the Future Grid - Cyber-Physical

    Energy Savers [EERE]

    Systems Security for the Smart Grid - February 7, 2012 | Department of Energy Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 PSERC Webinar Series: Issues in Designing the Future Grid - Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 PSERC is offering a free, public webinar series from January to May 2012 entitled "Issues in Designing the Future Grid," focusing on the information hierarchy for the future grid and grid enablers of

  1. Aspects of Exxon Mobil Corporation's Acquisition of XTO Energy Inc

    Reports and Publications (EIA)

    2009-01-01

    A summary presentation to inform discussion of the recently announced acquisition of XTO Energy Inc. by Exxon Mobil Corporation, a transaction which is reportedly $41 billion in value. "Aspects of Exxon Mobil Corporation's Acquisition of XTO Energy Inc" presents non-proprietary company-level oil and gas production and reserve data and the relevant U.S. aggregate data published by the Energy Information Administration.

  2. Acquisition Guide Chapter 50.1- Extraordinary Contractual Actions (January

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2009) | Department of Energy Acquisition Guide Chapter 50.1- Extraordinary Contractual Actions (January 2009) Acquisition Guide Chapter 50.1- Extraordinary Contractual Actions (January 2009) The purpose of this Chapter is to describe the process for the Department of Energy's (DOE) preparation, coordination and approval in determining whether to provide a DOE or National Nuclear Security Administration (NNSA) contractor indemnification for unusually hazardous or nuclear risks as a form of

  3. One Acquisition Solution for Integrated Services (OASIS) - Brad DeMers,

    Energy Savers [EERE]

    General Services Administration (GSA) | Department of Energy Acquisition Solution for Integrated Services (OASIS) - Brad DeMers, General Services Administration (GSA) One Acquisition Solution for Integrated Services (OASIS) - Brad DeMers, General Services Administration (GSA) Overview What is OASIS? What are Pools? What is the scope of OASIS? How do I access OASIS? What are some advantages of using OASIS? What tools and resources are available? Other questions? PDF icon Workshop 2015 -

  4. Rocky Mountain Electrical League (RMEL) Physical and Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    January 4, 2016 - 11:22am Addthis Power SURGE is joint project between the DOEs Office of Security Assistance and the Departments Power Marketing Administrations, led ...

  5. Memorandum for Chief Acquisition Officers, Senior Procurement Executives

    Office of Environmental Management (EM)

    A N A G E M E N T A N D B U D G E T W A S H I N G T O N , D . C . 2 0 5 0 3 O F F I C E O F F E D E R A L P R O C U R E M E N T P O L I C Y June 6, 2008 MEMORANDUM FOR CHIEF ACQUISITION OFFICERS SENIOR PROCUREMENT EXECUTIVES FROM: Paul A. Denett Administrator SUBJECT: Improving the Management and Use of Interagency Acquisitions Interagency acquisitions offer important benefits to federal agencies, including economies and efficiencies and the ability to leverage resources. The attached guidance

  6. POLICY FLASH 2014-23 Acquisition Guide 13.3 Simplified Acquisition...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    23 Acquisition Guide 13.3 Simplified Acquisition Procedures POLICY FLASH 2014-23 Acquisition Guide 13.3 Simplified Acquisition Procedures Questions concerning this policy flash...

  7. Maritime Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Administration - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management Programs Advanced Nuclear

  8. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Milos Manic

    2012-08-01

    The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

  9. Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems

    SciTech Connect (OSTI)

    Ferragut, Erik M; Laska, Jason A; Melin, Alexander M; Czejdo, Bogdan

    2013-01-01

    The consolidation of cyber communications networks and physical control systems within the energy smart grid introduces a number of new risks. Unfortunately, these risks are largely unknown and poorly understood, yet include very high impact losses from attack and component failures. One important aspect of risk management is the detection of anomalies and changes. However, anomaly detection within cyber security remains a difficult, open problem, with special challenges in dealing with false alert rates and heterogeneous data. Furthermore, the integration of cyber and physical dynamics is often intractable. And, because of their broad scope, energy grid cyber-physical systems must be analyzed at multiple scales, from individual components, up to network level dynamics. We describe an improved approach to anomaly detection that combines three important aspects. First, system dynamics are modeled using a reduced order model for greater computational tractability. Second, a probabilistic and principled approach to anomaly detection is adopted that allows for regulation of false alerts and comparison of anomalies across heterogeneous data sources. Third, a hierarchy of aggregations are constructed to support interactive and automated analyses of anomalies at multiple scales.

  10. Approaches for scalable modeling and emulation of cyber systems : LDRD final report.

    SciTech Connect (OSTI)

    Mayo, Jackson R.; Minnich, Ronald G.; Armstrong, Robert C.; Rudish, Don W.

    2009-09-01

    The goal of this research was to combine theoretical and computational approaches to better understand the potential emergent behaviors of large-scale cyber systems, such as networks of {approx} 10{sup 6} computers. The scale and sophistication of modern computer software, hardware, and deployed networked systems have significantly exceeded the computational research community's ability to understand, model, and predict current and future behaviors. This predictive understanding, however, is critical to the development of new approaches for proactively designing new systems or enhancing existing systems with robustness to current and future cyber threats, including distributed malware such as botnets. We have developed preliminary theoretical and modeling capabilities that can ultimately answer questions such as: How would we reboot the Internet if it were taken down? Can we change network protocols to make them more secure without disrupting existing Internet connectivity and traffic flow? We have begun to address these issues by developing new capabilities for understanding and modeling Internet systems at scale. Specifically, we have addressed the need for scalable network simulation by carrying out emulations of a network with {approx} 10{sup 6} virtualized operating system instances on a high-performance computing cluster - a 'virtual Internet'. We have also explored mappings between previously studied emergent behaviors of complex systems and their potential cyber counterparts. Our results provide foundational capabilities for further research toward understanding the effects of complexity in cyber systems, to allow anticipating and thwarting hackers.

  11. Acquisition Letters | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    August 11, 2006 Acquisition Letter No. AL 2006-10 Class Deviation for Certain DEAR Intellectual Property Clauses October 24, 1993 Acquisition Letter No. AL 1994-19 Basic...

  12. ACQUISITION LETTER DEAR Part 933

    Broader source: Energy.gov [DOE]

    This Acquisition Letter (AL) is issued by the Procurement Executive pursuant to a delegation from the Secretary and under the authority of the Department of Energy Acquisition Regulation (DEAR) subsection 901.301-70.

  13. Data acquisition instruments: Psychopharmacology

    SciTech Connect (OSTI)

    Hartley, D.S. III

    1998-01-01

    This report contains the results of a Direct Assistance Project performed by Lockheed Martin Energy Systems, Inc., for Dr. K. O. Jobson. The purpose of the project was to perform preliminary analysis of the data acquisition instruments used in the field of psychiatry, with the goal of identifying commonalities of data and strategies for handling and using the data in the most advantageous fashion. Data acquisition instruments from 12 sources were provided by Dr. Jobson. Several commonalities were identified and a potentially useful data strategy is reported here. Analysis of the information collected for utility in performing diagnoses is recommended. In addition, further work is recommended to refine the commonalities into a directly useful computer systems structure.

  14. OPAM Policy Acquisition Guides

    Energy Savers [EERE]

    --Chapter 23.0 (June 2007) 1 Executive Order 13423 - Strengthening Federal Environmental, Energy, and Transportation Management in Acquisition Reference: FAR 23, 52.223, OFPP Policy Letter 07-01, DEAR 923, 952.223, 970.23, and 970.5223 Overview Executive Order 13423, Strengthening Federal Environmental, Energy, and Transportation Management, replaces the Greening the Government series of 4 Executive Orders intended to improve the Federal impact on environment, energy and transportation

  15. ESPC ENABLE ACQUISITION PLAN TEMPLATE

    Broader source: Energy.gov [DOE]

    Template serves as a tool to help agencies develop an acquisition plan. The acquisition plan is the first formal step in the Energy Savings Performance Contract (ESPC) ENABLE procurement process. The completed acquisition plan will serve as a guide throughout the rest of the process.

  16. 7.0 - Integrated Acquisition Planning Process

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    development and integration of associated acquisition planning documents and their influence on the establishment of the acquisition plan in order to improve the acquisition...

  17. Walnut Capital Acquisitions | Open Energy Information

    Open Energy Info (EERE)

    Walnut Capital Acquisitions Jump to: navigation, search Name: Walnut Capital Acquisitions Place: Pittsburgh, Pennsylvania Zip: 15232 Product: Walnut Capital Acquisitions is the...

  18. Acquisition and Project Management | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    Acquisition and Project Management Acquisition and Project Management Acquisition and Project Management Office volunteers get up-close look at Office of Secure Transportation...

  19. Towards A Theory of Autonomous Reconstitution of Compromised Cyber-Systems

    SciTech Connect (OSTI)

    Ramuhalli, Pradeep; Halappanavar, Mahantesh; Coble, Jamie B.; Dixit, Mukul

    2013-11-12

    The ability to maintain mission-critical operations in cyber-systems in the face of disruptions is critical. Faults in cyber systems can come from accidental sources (e.g., natural failure of a component) or deliberate sources (e.g., an intelligent adversary). Natural and intentional manipulation of data, computing, or coordination are the most impactful ways that an attacker can prevent an infrastructure from realizing its mission goals. Under these conditions, the ability to reconstitute critical infrastructure becomes important. Specifically, the question is: Given an intelligent adversary, how can cyber systems respond to keep critical infrastructure operational? In cyber systems, the distributed nature of the system poses serious difficulties in maintaining operations, in part due to the fact that a centralized command and control apparatus is unlikely to provide a robust framework for resilience. Resilience in cyber-systems, in general, has several components, and requires the ability to anticipate and withstand attacks or faults, as well as recover from faults and evolve the system to improve future resilience. The recovery effort (and any subsequent evolution) may require significant reconfiguration of the system (at all levels Ė hardware, software, services, permissions, etc.) if the system is to be made resilient to further attack or faults. This is especially important in the case of ongoing attacks, where reconfiguration decisions must be taken with care to avoid further compromising the system while maintaining continuity of operations. Collectively, we will label this recovery and evolution process as ďreconstitutionĒ. Currently, reconstitution is performed manually, generally after-the-fact, and usually consists of either standing up redundant systems, check-points (rolling back the configuration to a ďcleanĒ state), or re-creating the system using ďgold-standardĒ copies. For enterprise systems, such reconstitution may be performed either directly on hardware, or using virtual machines. A significant challenge within this context is the ability to verify that the reconstitution is performed in a manner that renders the cyber-system resilient to ongoing and future attacks or faults. Fundamentally, the need is to determine optimal configuration of the cyber system when a fault is determined to be present. While existing theories for fault tolerance (for example, Byzantine fault tolerance) can guarantee resilience under certain conditions, in practice, these theories can break down in the face of an intelligent adversary. Further, it is difficult, in a dynamically evolving environment, to determine whether the necessary conditions for resilience have been met, resulting in difficulties in achieving resilient operation. In addition, existing theories do not sufficiently take into account the cost for attack and defense (the adversary is generally assumed to have infinite resources and time), hierarchy of importance (all network resources are assumed to be equally important), and the dynamic nature of some attacks (i.e., as the attack evolves, can resilience be maintained?). Alternative approaches to resilience based on a centralized command and control structure suffer from a single-point-failure. This paper presents preliminary research towards concepts for effective autonomous reconstitution of compromised cyber systems. We describe a mathematical framework as a first step towards a theoretical basis for autonomous reconstitution in dynamic cyber-system environments. We then propose formulating autonomous reconstitution as an optimization problem and describe some of the challenges associated with this formulation. This is followed by a brief discussion on potential solutions to these challenges.

  20. Chapter 18 - Emergency Acquisitions | Department of Energy

    Energy Savers [EERE]

    8 - Emergency Acquisitions Chapter 18 - Emergency Acquisitions PDF icon 18.0_Emergency_Acquisitions_0.pdf More Documents & Publications Acqguide18pt0 March 2011 final OPAM Policy Acquisition Guides Microsoft Word - acqguide18pt0 Nov 2010

  1. ADMINISTRATIVE RECORDS: PROCUREMENT, SUPPLY, AND GRANT RECORDS | Department

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Energy ADMINISTRATIVE RECORDS: PROCUREMENT, SUPPLY, AND GRANT RECORDS ADMINISTRATIVE RECORDS: PROCUREMENT, SUPPLY, AND GRANT RECORDS Procurement and supply records document the acquisition of goods and non-personal services, controlling the volume of stock on hand, reporting procurement needs, and related supply matters which are part of daily procurement operations. PDF icon ADMINISTRATIVE RECORDS: PROCUREMENT, SUPPLY, AND GRANT RECORDS More Documents & Publications ADMINISTRATIVE

  2. Federal Acquisition Regulation

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3 & 2005-74 Summary of Rules FAC 2005-73 Item Subject FAR Case I Positive Law Codification of Title 41 2011-018 II Technical Amendments Item I--Positive Law Codification of Title 41 (FAR Case 2011-018) Title 41 of the United States Code, "Public Contracts" was enacted into positive law on January 4, 2011 (Pub.L 111-350). This codification reorganized and renumbered the statutes, but did not change their meaning or legal effect. This final rule amended the Federal Acquisition

  3. Status of Acquisition Letters

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Letters As of 04/01/2014 No. Date Title Owner Status 1 2014-03 01/06/2014 Allowability of Contractor Litigation Defense and Settlement Costs Michael Righi Active 2 2014-02 10/29/2013 Provisional Payment of Fee Michael Righi Active 3 2014-01 10/16/2013 Management and Operating Contractors' Audit Coverage of Cost-Reimbursement Subcontracts Michael Righi Active 4 2013-11 08/05/2013 Non M&O Contractor Business Systems Clauses for Section H Barbara Binney Active 5 2013-10 06/19/2013

  4. OPAM Policy Acquisition Guides | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition, Use, and Disposal of Real Estate Acquisition, Use, and Disposal of Real Estate Chapter 17 - Special Contracting Methods

  5. Acquisition and Project Management Continuous Improvement Presentation...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    and Project Management Continuous Improvement Presentation Acquisition and Project Management Continuous Improvement Presentation Presentation on Acquisition and Project Management...

  6. Acquisition Guide Chapter 1.0 - Acquisition Regulations System | Department

    Energy Savers [EERE]

    of Energy 0 - Acquisition Regulations System Acquisition Guide Chapter 1.0 - Acquisition Regulations System PDF icon 1.1_Acquisition_Regulation_System_0.pdf PDF icon 1.2_Head_of_Contracting_Activity_(HCA)_Authority,_Functions,_and_Responsibilities_0.pdf PDF icon 1.2_Attachment_Tables_I-IV_0.pdf PDF icon 1.3_Balanced_Scorecard_Assessment_Program_0.pdf PDF icon 1.4_Establishing_the_Position_of_Source_Evaluation_Board_(SEB)_Secretariat_and_Knowledge_Manager More Documents & Publications

  7. Aspects of Apache's Acquisition of Mariner Energy and Selected Devon Energy Assets

    Reports and Publications (EIA)

    2010-01-01

    The Energy Information Administration reviews mergers, acquisitions, and alliances by companies that are respondents to Form EIA-28 (Financial Reporting System (FRS)), or that result in a company that meets the FRS reporting criteria.

  8. Sustainable Acquisition | Department of Energy

    Energy Savers [EERE]

    Sustainable Acquisition Sustainable Acquisition Federal agencies are required to give preference to products that are energy efficient, water efficient, made from biobased or recycled content, are non-toxic or less-toxic than conventional alternatives, and registered with the Electronic Product Environmental Assessment Tool (EPEAT). The U.S. Department of Energy's (DOE) Sustainable Acquisition Program serves to ensure the purchase of more sustainable products by working with DOE sites to help

  9. Sustaninable Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sustaninable Acquisition Sustaninable Acquisition Federal agencies are required to give preference to products that are energy efficient, water efficient, made from biobased or recycled content, are non-toxic or less-toxic than conventional alternatives, and registered with the Electronic Product Environmental Assessment Tool (EPEAT). The U.S. Department of Energy's (DOE) Sustainable Acquisition Program serves to ensure the purchase of more sustainable products by working with DOE sites to help

  10. Acquisition Resources | Department of Energy

    Energy Savers [EERE]

    Acquisition ¬Ľ Acquisition Resources Acquisition Resources Doing Business with DOE/EM Doing Business with DOE/EM EM Procurement Offices Doing Business with EM Consolidated Business Center Guide for Submission of Unsolicated Proposals Federal Business Opportunities Small Business Opportunities Business Opportunity Forum Attendees EM Major Procurements EM Utility Contracts EM Partnering Initiative: Journey to Excellence Metric No. 3.5 Project Management Resources DOE Office of Environmental

  11. ADMINISTRATIVE CHANGE TO NAP-25, Management and Operating Contractor Business Meals and Light Refreshment

    National Nuclear Security Administration (NNSA)

    NAP-25 Admin Chg 1 1 10-10-13 ADMINISTRATIVE CHANGE TO NAP-25, Management and Operating Contractor Business Meals and Light Refreshment Locations of Changes: Page Paragraph Changed To Every Header BOP-03.08 NAP-25 Cover Office of Acquisition &Supply Management Office of Acquisition & Project Management Cover Footer Office of Acquisition &Supply Management Office of Acquisition Management 1 1 Removed: FAR 31.205-14 and 1 1 Acquisition Letter 2005-12 Acquisition Letter 2012-05 1 3 Add:

  12. Machine Learning for Power System Disturbance and Cyber-attack Discrimination

    SciTech Connect (OSTI)

    Borges, Raymond Charles; Beaver, Justin M; Buckner, Mark A; Morris, Thomas; Adhikari, Uttam; Pan, Shengyi

    2014-01-01

    Power system disturbances are inherently complex and can be attributed to a wide range of sources, including both natural and man-made events. Currently, the power system operators are heavily relied on to make decisions regarding the causes of experienced disturbances and the appropriate course of action as a response. In the case of cyber-attacks against a power system, human judgment is less certain since there is an overt attempt to disguise the attack and deceive the operators as to the true state of the system. To enable the human decision maker, we explore the viability of machine learning as a means for discriminating types of power system disturbances, and focus specifically on detecting cyber-attacks where deception is a core tenet of the event. We evaluate various machine learning methods as disturbance discriminators and discuss the practical implications for deploying machine learning systems as an enhancement to existing power system architectures.

  13. Acquisition News | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    all options). October 2, 2015 DOE Announces Acquisition Strategy for Post Fiscal Year 2016 Legacy Cleanup at Los Alamos Cincinnati - The U.S. Department of Energy (DOE)...

  14. Acquisition Savings Reporting Process Template

    Broader source: Energy.gov (indexed) [DOE]

    steps, then it is an Other Acquisition Savings process. 2 STEP 2 - Select Savings Methodology (In Order of Preference) Regardless if it is Strategic Sourcing or an Other...

  15. Modeling and simulation for cyber-physical system security research, development and applications.

    SciTech Connect (OSTI)

    Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

    2010-02-01

    This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

  16. Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS)Cyber Experimentation Overview Brief

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Experimentation Overview Brief Mr. Ross Roley PACOM Energy Innovation Office Lead SPIDERS Operational Manager August 2015 UNCLASSIFIED/Distribution A SPIDERS Summary The ability of today's warfighter to command, control, deploy, and sustain forces is adversely impacted by a fragile, aging, and fossil fuel dependent electricity grid, posing a significant threat to national security. The SPIDERS JCTD addresses four critical requirements: - Protect task critical assets from loss of power due

  17. COLLOQUIUM: Risks of Nuclear Weapons Use in an Era of Proliferation, Cyber

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Warfare and Terrorism | Princeton Plasma Physics Lab 5, 2014, 4:00pm to 5:30pm Colloquia MGB Auditorium COLLOQUIUM: Risks of Nuclear Weapons Use in an Era of Proliferation, Cyber Warfare and Terrorism Dr. Bruce G. Blair Princeton University The United States and eight other countries that possess nuclear weapons run myriad risks every day -- risks of accidental detonations, of unauthorized launches caused by false warning, of provoking escalation between nuclear forces, and of nuclear

  18. Chapter 3: Enabling Modernization of the Electric Power System Technology Assessment | Cyber and Physical Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber and Physical Security Chapter 3: Technology Assessments Introduction As understanding of the threats facing the operation, components, and subsystems of the electric power system is gained, a need has emerged for improvements in grid security and resilience. The focus on resiliency implies that threats will not go away and that some attacks, in addition to natural events, will be carried out successfully. The objective is for the system and associated subsystems to be designed and operated

  19. Deepwater seismic acquisition technology

    SciTech Connect (OSTI)

    Caldwell, J.

    1996-09-01

    Although truly new technology is not required for successful acquisition of seismic data in deep Gulf of Mexico waters, it is helpful to review some basic aspects of these seismic surveys. Additionally, such surveys are likely to see early use of some emerging new technology which can improve data quality. Because such items as depth imaging, borehole seismic, 4-D and marine 3-component recording were mentioned in the May 1996 issue of World Oil, they are not discussed again here. However, these technologies will also play some role in the deepwater seismic activities. What is covered in this paper are some new considerations for: (1) longer data records needed in deeper water, (2) some pros and cons of very long steamer use, and (3) two new commercial systems for quantifying data quality.

  20. "Data Acquisition Systems"

    SciTech Connect (OSTI)

    Unterweger, Michael; Costrell, Louis deceased

    2009-07-07

    This project involved support for Lou Costrell and myself in the development of IEEE and IEC standards for nuclear counting and data acquisition systems. Over the years, as a result of this support, Lou and I were able to attend standards meetings of IEEE and IEC, which led directly to the publication of many standards for NIM systems, FastBus and CAMAC. We also chaired several writing committees as well as ANSI N42 (Nuclear instrumentation), IEEE NIM (NIM standard), IEEE NID (NPSS nuclear instruments and detector) and IEC TC45 WG9 (Nuclear instrumentation). Through this support we were able to assure that the interests of the US and DOE were expressed and implemented in the various standards.

  1. National cyber defense high performance computing and analysis : concepts, planning and roadmap.

    SciTech Connect (OSTI)

    Hamlet, Jason R.; Keliiaa, Curtis M.

    2010-09-01

    There is a national cyber dilemma that threatens the very fabric of government, commercial and private use operations worldwide. Much is written about 'what' the problem is, and though the basis for this paper is an assessment of the problem space, we target the 'how' solution space of the wide-area national information infrastructure through the advancement of science, technology, evaluation and analysis with actionable results intended to produce a more secure national information infrastructure and a comprehensive national cyber defense capability. This cybersecurity High Performance Computing (HPC) analysis concepts, planning and roadmap activity was conducted as an assessment of cybersecurity analysis as a fertile area of research and investment for high value cybersecurity wide-area solutions. This report and a related SAND2010-4765 Assessment of Current Cybersecurity Practices in the Public Domain: Cyber Indications and Warnings Domain report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

  2. A Mathematical Framework for the Analysis of Cyber-Resilient Control Systems

    SciTech Connect (OSTI)

    Melin, Alexander M; Ferragut, Erik M; Laska, Jason A; Fugate, David L; Kisner, Roger

    2013-01-01

    The increasingly recognized vulnerability of industrial control systems to cyber-attacks has inspired a considerable amount of research into techniques for cyber-resilient control systems. The majority of this effort involves the application of well known information security (IT) techniques to control system networks. While these efforts are important to protect the control systems that operate critical infrastructure, they are never perfectly effective. Little research has focused on the design of closed-loop dynamics that are resilient to cyber-attack. The majority of control system protection measures are concerned with how to prevent unauthorized access and protect data integrity. We believe that the ability to analyze how an attacker can effect the closed loop dynamics of a control system configuration once they have access is just as important to the overall security of a control system. To begin to analyze this problem, consistent mathematical definitions of concepts within resilient control need to be established so that a mathematical analysis of the vulnerabilities and resiliencies of a particular control system design methodology and configuration can be made. In this paper, we propose rigorous definitions for state awareness, operational normalcy, and resiliency as they relate to control systems. We will also discuss some mathematical consequences that arise from the proposed definitions. The goal is to begin to develop a mathematical framework and testable conditions for resiliency that can be used to build a sound theoretical foundation for resilient control research.

  3. SuperIdentity: Fusion of Identity across Real and Cyber Domains

    SciTech Connect (OSTI)

    Black, Sue; Creese, Sadie; Guest, Richard; Pike, William A.; Saxby, Steven; Stanton Fraser, Danae; Stevenage, Sarah; Whitty, Monica

    2012-04-23

    Under both benign and malign circumstances, people now manage a spectrum of identities across both real-world and cyber domains. Our belief, however, is that all these instances ultimately track back for an individual to reflect a single 'SuperIdentity'. This paper outlines the assumptions underpinning the SuperIdentity Project, describing the innovative use of data fusion to incorporate novel real-world and cyber cues into a rich framework appropriate for modern identity. The proposed combinatorial model will support a robust identification or authentication decision, with confidence indexed both by the level of trust in data provenance, and the diagnosticity of the identity factors being used. Additionally, the exploration of correlations between factors may underpin the more intelligent use of identity information so that known information may be used to predict previously hidden information. With modern living supporting the 'distribution of identity' across real and cyber domains, and with criminal elements operating in increasingly sophisticated ways in the hinterland between the two, this approach is suggested as a way forwards, and is discussed in terms of its impact on privacy, security, and the detection of threat.

  4. Cyber-Physical Correlations for Infrastructure Resilience: A Game-Theoretic Approach

    SciTech Connect (OSTI)

    Rao, Nageswara S; He, Fei; Ma, Chris Y. T.; Yao, David K. Y.; Zhuang, Jun

    2014-01-01

    In several critical infrastructures, the cyber and physical parts are correlated so that disruptions to one affect the other and hence the whole system. These correlations may be exploited to strategically launch components attacks, and hence must be accounted for ensuring the infrastructure resilience, specified by its survival probability. We characterize the cyber-physical interactions at two levels: (i) the failure correlation function specifies the conditional survival probability of cyber sub-infrastructure given the physical sub-infrastructure as a function of their marginal probabilities, and (ii) the individual survival probabilities of both sub-infrastructures are characterized by first-order differential conditions. We formulate a resilience problem for infrastructures composed of discrete components as a game between the provider and attacker, wherein their utility functions consist of an infrastructure survival probability term and a cost term expressed in terms of the number of components attacked and reinforced. We derive Nash Equilibrium conditions and sensitivity functions that highlight the dependence of infrastructure resilience on the cost term, correlation function and sub-infrastructure survival probabilities. These results generalize earlier ones based on linear failure correlation functions and independent component failures. We apply the results to models of cloud computing infrastructures and energy grids.

  5. Acquisition Conflict Resolution

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Conflict Resolution At the option of the Supplier, a concern may be brought to the Ombuds Office or may be taken to the Internal Conflict Resolution Process Supplier Concern Internal Resolution Primary Discussion Escalation Steps Senior Review Process Special Assistant Senior Review Group Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-

  6. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  7. Investigating the effectiveness of many-core network processors for high performance cyber protection systems. Part I, FY2011.

    SciTech Connect (OSTI)

    Wheeler, Kyle Bruce; Naegle, John Hunt; Wright, Brian J.; Benner, Robert E., Jr.; Shelburg, Jeffrey Scott; Pearson, David Benjamin; Johnson, Joshua Alan; Onunkwo, Uzoma A.; Zage, David John; Patel, Jay S.

    2011-09-01

    This report documents our first year efforts to address the use of many-core processors for high performance cyber protection. As the demands grow for higher bandwidth (beyond 1 Gbits/sec) on network connections, the need to provide faster and more efficient solution to cyber security grows. Fortunately, in recent years, the development of many-core network processors have seen increased interest. Prior working experiences with many-core processors have led us to investigate its effectiveness for cyber protection tools, with particular emphasis on high performance firewalls. Although advanced algorithms for smarter cyber protection of high-speed network traffic are being developed, these advanced analysis techniques require significantly more computational capabilities than static techniques. Moreover, many locations where cyber protections are deployed have limited power, space and cooling resources. This makes the use of traditionally large computing systems impractical for the front-end systems that process large network streams; hence, the drive for this study which could potentially yield a highly reconfigurable and rapidly scalable solution.

  8. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Business USA FedBizOpps FedConnect Federal Acquisition Regulation (FAR) System for Award Management (SAM) Becoming a Vendor Southwestern is dedicated to supporting small business, providing fair and open access to acquisition contracts, and promoting the purchase of energy efficient, recycled and recyclable, and environmentally sound products and services. There are three categories of acquisition from qualified vendors: Under $3,000, micro-purchases typically processed using Government Purchase

  9. Policy Flash 2013-30 Acquisition Letter on Acquisition Planning...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Jason Taylor of the Contract and Financial Assistance Policy Division, Office of Policy, Office of Acquisition and Project Management at (202) 287-1560 or at jason.taylor@hq.doe....

  10. National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    aspects relating to the Materials Security and Consolidation Project includine Energy Systems Acquisition Advisory Board equivalents, Critical Decisions, and Quarterly Project...

  11. OPAM Policy Acquisition Guides | Department of Energy

    Energy Savers [EERE]

    Chapter 33 - Protests, Disputes and Appeals Acquisition Guide Chapter 1.2 - Attachment - Non-Delegable HCA Functions and Responsibilities Acquisition Guide Chapter 1.0 - Acquisition Regulations System

  12. Perspective & Acquisition Fellows Program - David Klaus, Deputy...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Perspective & Acquisition Fellows Program - David Klaus, Deputy Under Secretary for Management and Performance Perspective & Acquisition Fellows Program - David Klaus, Deputy Under...

  13. 2015 DOE Acquisition and Project Management Workshop

    Broader source: Energy.gov (indexed) [DOE]

    Break Acquisition and Project Management Awards Presentations Welcome & Workshop Logistics Welcome & Workshop Logistics No Host Reception at Hotel 2015 DOE Acquisition and...

  14. Port Asset Acquisition LLC | Open Energy Information

    Open Energy Info (EERE)

    Acquisition LLC Jump to: navigation, search Name: Port Asset Acquisition LLC Place: Louisiana Product: PAA was formed to acquire a fuel terminal, tanks and land in Alexandria,...

  15. Trans India Acquisition Corporation | Open Energy Information

    Open Energy Info (EERE)

    India Acquisition Corporation Jump to: navigation, search Name: Trans-India Acquisition Corporation Place: Delaware Sector: Solar Product: Blank check company to be merged with...

  16. Acquisition Letters | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    2005 June 22, 2012 Acquisition Letter No. AL 2012-09 Guidance for Fast-Track Cooperative Research And Development Agreement (CRADA) Programs at DOE Facilities. previous 1 2 next...

  17. Sustainable Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Sustainable Acquisition Mission The team establishes a national approach to expand purchases of sustainable goods and services, including biobased products, as deemed appropriate for LM operations and approved by LM, as defined in: Executive Order (EO) 13693, Planning for Federal Sustainability in the Next Decade, and DOE Order 436.1, Departmental Sustainability The team advocates implementation of a sustainable procurement process. Scope The team has established a process to

  18. Acquisition News | Department of Energy

    Energy Savers [EERE]

    Acquisition News Acquisition News RSS March 16, 2016 DOE Selects Carnegie Mellon to Run Traineeship in Robotics Washington D.C.-The Department of Energy (DOE) Office of Environmental Management (EM) has selected Carnegie Mellon University (CMU) in Pittsburgh, PA for award consideration of a cooperative agreement to run a university traineeship in Robotics. March 16, 2016 EM headquarters and field office leaders gathered for a one-day workshop to examine the various contractor oversight programs

  19. NNSA Policies | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    About Us / Our Operations / Management and Budget / NNSA Policy System / NNSA Policies NNSA Policies NNSA Policies (NAPs) impart policy and requirements unique to the Administration or provide short-term notices until more formal direction can be provided. NAP-4B Corporate Performance Process for M&O Contractors June 30, 2008 NAP-6A Federal Employee Occupational Safety and Health Program May 13, 2014 NAP-7 NNSA's Acquisition and Assistance Policy Guidance December 9, 2002 NAP-14.1D Baseline

  20. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    SciTech Connect (OSTI)

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01

    AbstractóThis paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  1. LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS

    SciTech Connect (OSTI)

    Ray Fink

    2006-10-01

    The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

  2. Shopping For Danger: E-commerce techniques applied to collaboration in cyber security

    SciTech Connect (OSTI)

    Bruce, Joseph R.; Fink, Glenn A.

    2012-05-24

    Collaboration among cyber security analysts is essential to a successful protection strategy on the Internet today, but it is uncommonly practiced or encouraged in operating environments. Barriers to productive collaboration often include data sensitivity, time and effort to communicate, institutional policy, and protection of domain knowledge. We propose an ambient collaboration framework, Vulcan, designed to remove the barriers of time and effort and mitigate the others. Vulcan automated data collection, collaborative filtering, and asynchronous dissemination, eliminating the effort implied by explicit collaboration among peers. We instrumented two analytic applications and performed a mock analysis session to build a dataset and test the output of the system.

  3. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    September 27, 2012 Turner Named Southwestern Administrator Chris Turner Chris Turner Christopher Turner has been named as the new Administrator of the Southwestern Power ...

  4. National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    15 National Nuclear Security Administration FY 2013 PER Babcock & Wilcox Technical ... The National Nuclear Security Administration (NNSA) Production Office (NPO) took into ...

  5. BONNEVILLE POWER ADMINISTRATION

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    October 2013 (Revised 060914) United States Department of Energy Bonneville Power Administration 905 N.E. 11th Avenue Portland, OR 97232 Bonneville Power Administration's 2014...

  6. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    April 2, 2014 Smith Named as New Deputy Assistant Administrator Smith Named as New Deputy Assistant Administrator Barbara Smith Barbara Smith, a former Liaison Specialist for ...

  7. Program and Project Management for the Acquisition of Capital Assets

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-18

    To provide the Department of Energy (DOE), including the National Nuclear Security Administration, with project management direction for the acquisition of capital assets with the goal of delivering projects on schedule, within budget, and fully capable of meeting mission performance, safeguards and security, and environmental, safety, and health standards. Cancels DOE O 413.3. Canceled by DOE O 413.3A Chg 1.

  8. Comprehensive, Multi-Source Cyber-Security Data Set

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Kent, Alexander D. [Los Alamos National Laboratory

    2015-05-21

    This data set represents 58 consecutive days of de-identified event data collected from five sources within Los Alamos National Laboratoryís corporate, internal computer network. The data sources include Windows-based authentication events from both individual computers and centralized Active Directory domain controller servers; process start and stop events from individual Windows computers; Domain Name Service (DNS) lookups as collected on internal DNS servers; network flow data as collected on at several key router locations; and a set of well-defined red teaming events that present bad behavior within the 58 days. In total, the data set is approximately 12 gigabytes compressed across the five data elements and presents 1,648,275,307 events in total for 12,425 users, 17,684 computers, and 62,974 processes. Specific users that are well known system related (SYSTEM, Local Service) were not de-identified though any well-known administrators account were still de-identified. In the network flow data, well-known ports (e.g. 80, 443, etc) were not de-identified. All other users, computers, process, ports, times, and other details were de-identified as a unified set across all the data elements (e.g. U1 is the same U1 in all of the data). The specific timeframe used is not disclosed for security purposes. In addition, no data that allows association outside of LANLís network is included. All data starts with a time epoch of 1 using a time resolution of 1 second. In the authentication data, failed authentication events are only included for users that had a successful authentication event somewhere within the data set.

  9. Comprehensive, Multi-Source Cyber-Security Data Set

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Kent, Alexander D. [Los Alamos National Laboratory

    This data set represents 58 consecutive days of de-identified event data collected from five sources within Los Alamos National Laboratoryís corporate, internal computer network. The data sources include Windows-based authentication events from both individual computers and centralized Active Directory domain controller servers; process start and stop events from individual Windows computers; Domain Name Service (DNS) lookups as collected on internal DNS servers; network flow data as collected on at several key router locations; and a set of well-defined red teaming events that present bad behavior within the 58 days. In total, the data set is approximately 12 gigabytes compressed across the five data elements and presents 1,648,275,307 events in total for 12,425 users, 17,684 computers, and 62,974 processes. Specific users that are well known system related (SYSTEM, Local Service) were not de-identified though any well-known administrators account were still de-identified. In the network flow data, well-known ports (e.g. 80, 443, etc) were not de-identified. All other users, computers, process, ports, times, and other details were de-identified as a unified set across all the data elements (e.g. U1 is the same U1 in all of the data). The specific timeframe used is not disclosed for security purposes. In addition, no data that allows association outside of LANLís network is included. All data starts with a time epoch of 1 using a time resolution of 1 second. In the authentication data, failed authentication events are only included for users that had a successful authentication event somewhere within the data set.

  10. MEMORANDUM FOR CHIEF ACQUISITION OFFICERS

    Office of Environmental Management (EM)

    Daniel I. Gordon Administrator for Federal Procurement Policy SUBJECT: "Myth-Busting": Addressing Misconceptions to Improve Communication

  11. MEMORANDUM FOR CHIEF ACQUISITION OFFICERS

    Office of Environmental Management (EM)

    Daniel I. Gordon Administrator for Federal Procurement Policy SUBJECT: "Myth-Busting": Addressing Misconceptions to Improve Communication

  12. Acquisition and Project Management Continuous Improvement Presentation |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy and Project Management Continuous Improvement Presentation Acquisition and Project Management Continuous Improvement Presentation Presentation on Acquisition and Project Management Continuous Improvement. PDF icon Acquisition and Project Management Continuous Improvement presentation More Documents & Publications Occupational Safety Performance Voluntary Protection Program Onsite Review, Safeguards and Security - August 2012 Report on Acquisition and Project

  13. OPAM Policy Acquisition Guides | Department of Energy

    Energy Savers [EERE]

    32 - Contract Financing OPAM Policy Acquisition Guides Microsoft Word - AcqGuide71pt1.doc

  14. Small Business Issues for Environmental Restoration Acquisitions |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Issues for Environmental Restoration Acquisitions Small Business Issues for Environmental Restoration Acquisitions Small Business Issues for Environmental Restoration Acquisitions The Department of Energy's best practices to reduce and eliminate barriers to small businesses entering into prime contracts for major environmental remediation acquisitions are as follows: Withholding of Payments Billing Cycles Allowability of Insurance Bonding Requirements PDF icon Small

  15. Acquisition Workforce Information | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Certifications and Professional Development ¬Ľ Acquisition Workforce Information Acquisition Workforce Information All Acquisition Workforce information has been moved to Powerpedia - Acquisition Workforce. Aviation Management Green Leases Executive Secretariat Energy Reduction at HQ Real Estate Approvals Documents and Publications Facilities and Infrastructure Federal Advisory Committee Management Freedom of Information Act Financial Assistance Information Systems Property Procurement and

  16. ADMINISTRATIVE RECORDS SCHEDULE 23: ADMINISTRATIVE RECORDS SCHEDULE...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    This schedule provides for the disposal of certain records common to most offices. It covers administrative subject files; facilitative records such as suspense files, tracking and ...

  17. Administrative Forms/Policies

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Administrative Forms Microfab Project Proposal Form Exit Form After Hours Request Form

  18. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    News Items Skip Navigation Links December 9, 2015 Southwestern Leadership Announcements November 20, 2015 Scott Carpenter Named Southwestern Administrator Archived News Items Publications Skip Navigation Links Annual Performance Plan Annual Report Newsletters Strategic Plan SWPA - Overview Video System Map November 20, 2015 Scott Carpenter Named Southwestern Administrator Scott Carpenter Scott Carpenter Administrator TULSA, OK - Scott Carpenter was named the new Administrator of the Southwestern

  19. DOE to Provide Nearly $8 Million to Safeguard the Nationís Energy Infrastructure from Cyber Attacks

    Broader source: Energy.gov [DOE]

    U.S. Department of Energy (DOE) Assistant Secretary for Electricity Delivery and Energy Reliability Kevin M. Kolevar today announced five projects that have been selected for negotiation of awards of up to $7.9 million in DOE funding to develop and integrate technologically-advanced controls and cyber-security devices into our electric grid and energy infrastructure.

  20. Microsoft Word - ACQUISITION LETTER.doc | Department of Energy

    Office of Environmental Management (EM)

    ACQUISITION LETTER.doc Microsoft Word - ACQUISITION LETTER.doc PDF icon Microsoft Word - ACQUISITION LETTER.doc More Documents & Publications ACQUISITION LETTER DEAR Part 933 OPAM Policy Acquisition Guides Chapter 33 - Protests, Disputes and Appeals

  1. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Business USA FedBizOpps FedConnect Federal Acquisition Regulation (FAR) System for Award Management (SAM) Forum & Expo Flyer (PDF) Small Business Southwestern's policy is to provide the most opportunities possible in its acquisition process to small businesses, historically underutilized business (HUB) zone small business concerns, small disadvantaged business concerns, women owned small business concerns, service disabled veteran owned small businesses, and veteran owned small businesses.

  2. Management and Administration | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Administration | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Countering Nuclear Terrorism About Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Library Bios Congressional Testimony Fact Sheets Newsletters Press Releases Photo Gallery Jobs Apply for Our Jobs Our Jobs Working at NNSA

  3. small business administration | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    administration | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Countering Nuclear Terrorism About Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Library Bios Congressional Testimony Fact Sheets Newsletters Press Releases Photo Gallery Jobs Apply for Our Jobs Our Jobs Working at NNSA

  4. U.S. Department of Energy Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Short Mountain Transmission Line Access Road Easement Acquisition Program or Field Office: Southwestern Power Administration Location(s) (City/County/State): Short Mountain, Leflore County, Oklahoma Proposed Action Description: Southwestern Power Administration proposes to obtain an easement to access a portion of transmission line located on Short Mountain in Leflore County, Oklahoma. Categorical Exclusion(s) Applied: l 0 CFR 102 l, Appendix B to Subpart D, Part B 1.24- Transfer, lease,

  5. OFPP Current Issues - Anne Rung, OFPP Administrator | Department of Energy

    Energy Savers [EERE]

    OFPP Current Issues - Anne Rung, OFPP Administrator OFPP Current Issues - Anne Rung, OFPP Administrator We're Moving Forward in Three Areas Launching Category Management Driving Innovation Building Stronger Vendor Relationships PDF icon Workshop 2015 - Rung_Office of Federal Procurement Policy.pdf More Documents & Publications 2015 DOE Acquisition and Project Management (APM) Workshop Presentations POLICY FLASH 2016-03 POLICY FLASH 2016-01

  6. Adam Sieminski Administrator Biography

    Gasoline and Diesel Fuel Update (EIA)

    Adam Sieminski Administrator Biography Adam Sieminski was sworn in on June 4, 2012, as the eighth administrator of the U.S. Energy Information Administration (EIA). From March 2012 to May 2012, while awaiting confirmation as EIA administrator, Mr. Siemin- ski served as senior director for energy and environment on the staff of the National Security Council. From 2005 until March 2012, he was the chief energy economist for Deutsche Bank, working with the Bank's global research and trading units.

  7. Quantitative Cyber Risk Reduction Estimation Methodology for a Small Scada Control System

    SciTech Connect (OSTI)

    Miles A. McQueen; Wayne F. Boyer; Mark A. Flynn; George A. Beitel

    2006-01-01

    We propose a new methodology for obtaining a quick quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.

  8. ShadowNet: An Active Defense Infrastructure for Insider Cyber Attack Prevention

    SciTech Connect (OSTI)

    Cui, Xiaohui; Beaver, Justin M; Treadwell, Jim N

    2012-01-01

    The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

  9. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    SciTech Connect (OSTI)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  10. Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks

    SciTech Connect (OSTI)

    Hartman, Steven M

    2012-01-01

    Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both of these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.

  11. PACE: Pattern Accurate Computationally Efficient Bootstrapping for Timely Discovery of Cyber-Security Concepts

    SciTech Connect (OSTI)

    McNeil, Nikki C; Bridges, Robert A; Iannacone, Michael D; Czejdo, Bogdan; Perez, Nicolas E; Goodall, John R

    2013-01-01

    Public disclosure of important security information, such as knowledge of vulnerabilities or exploits, often occurs in blogs, tweets, mailing lists, and other online sources significantly before proper classification into structured databases. In order to facilitate timely discovery of such knowledge, we propose a novel semi-supervised learning algorithm, PACE, for identifying and classifying relevant entities in text sources. The main contribution of this paper is an enhancement of the traditional bootstrapping method for entity extraction by employing a time-memory trade-off that simultaneously circumvents a costly corpus search while strengthening pattern nomination, which should increase accuracy. An implementation in the cyber-security domain is discussed as well as challenges to Natural Language Processing imposed by the security domain.

  12. Cyber Wars Have SQUIDs, Will Travel A Trip to Nuclear North Korea

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    lo s a l a m o s s c i e n c e a n d t e c h n o lo g y m ag a z i n e JUly 20 09 Wired for the Future Cyber Wars Have SQUIDs, Will Travel A Trip to Nuclear North Korea 1 663 lo s a l a m o s s c i e n c e a n d t e c h n o lo g y m ag a z i n e J U ly 2 0 0 9 During the Manhattan Project, Enrico Fermi, Nobel Laureate and leader of F-Division, meets with San Ildefonso Pueblo's Maria Martinez, famous worldwide for her extraordinary black pottery. features from terry wallace PrINcIPaL aSSocIatE

  13. Agent-based Cyber Control Strategy Design for Resilient Control Systems: Concepts, Architecture and Methodologies

    SciTech Connect (OSTI)

    Craig Rieger; Milos Manic; Miles McQueen

    2012-08-01

    The implementation of automated regulatory control has been around since the middle of the last century through analog means. It has allowed engineers to operate the plant more consistently by focusing on overall operations and settings instead of individual monitoring of local instruments (inside and outside of a control room). A similar approach is proposed for cyber security, where current border-protection designs have been inherited from information technology developments that lack consideration of the high-reliability, high consequence nature of industrial control systems. Instead of an independent development, however, an integrated approach is taken to develop a holistic understanding of performance. This performance takes shape inside a multiagent design, which provides a notional context to model highly decentralized and complex industrial process control systems, the nervous system of critical infrastructure. The resulting strategy will provide a framework for researching solutions to security and unrecognized interdependency concerns with industrial control systems.

  14. Southeastern Power Administration 2008 Annual Report

    SciTech Connect (OSTI)

    2008-12-29

    Dear Secretary Chu: I am pleased to submit Southeastern Power Administration’s (Southeastern’s) fiscal year (FY) 2008 Annual Report for your review. The information included in this document reflects our agency’s programs, accomplishments, operational and financial activities for the 12-month period beginning October 1, 2007 and ending September 30, 2008. Southeastern marketed more than 4.5 billion kilowatt-hours of energy to 491 wholesale customers in ten southeastern states this past year. Revenues from the sale of this power totaled approximately $263 million. Drought conditions persisted in the southeastern region of the United States during FY 2008 placing strains on our natural and financial resources. Power purchases for FY 2008 totaled $91 million. Approximately $44 million of this amount was for replacement power which is paid only during adverse water conditions in order to meet our customers’ contract requirements. With the continued financial assistance and support of our Federal power customers, funding for capitalized equipment purchases and replacements at U.S. Army Corps of Engineers’ (Corps) hydroelectric projects provided much needed repairs and maintenance for these aging facilities. Southeastern’s cyber and physical security programs continued to be reviewed and updated to meet Department of Energy (DOE), Homeland Security, and North American Electric Reliability Corporation (NERC) standards and requirements. In the coming year, Southeastern will continue open communication and cooperation with DOE, the Federal power customers, and the Corps to maximize the benefits of our region’s water resources. Although competing uses of water and the prolonged drought conditions will present another challenging year for our agency, Southeastern’s employees will meet these challenges and continue to provide reliable hydroelectric power to the people in the southeast. Sincerely, Kenneth E.Legg Administrator

  15. Southeastern Power Administration 2007 Annual Report

    SciTech Connect (OSTI)

    2007-12-28

    Dear Secretary Chu: I am proud to submit Southeastern Power Administration’s (Southeastern’s) fiscal year (FY) 2007 Annual Report for your review. The information included in this report reflects Southeastern’s programs, accomplishments, and financial activities for the 12-month period beginning October 1, 2006 and ending September 30, 2007. Southeastern marketed more than 5 billion kilowatt-hours of energy to 492 wholesale Federal power customers in an 11-state marketing area in FY 2007. Revenues from the sale of this power totaled approximately $219 million. Drought conditions continued to plague the southeast region of the United States during 2007 placing strains on our natural and financial resources. Southeastern purchased more than $40 million in replacement power to meet customer contract requirements to ensure the continued reliability of our nation’s power grid. With the financial assistance and support of our Federal power customers, continued funding for capitalized equipment replacements at various Corps of Engineers’ (Corps) hydroelectric projects provided much needed repairs and maintenance for aging facilities. Southeastern’s cyber and physical security program continued to be reviewed and updated to meet Department of Energy (DOE), Homeland Security, and North American Electric Reliability Corporation standards and requirements. Plans for the upcoming year include communication and cooperation with DOE, Federal power customers, and the Corps to maximize the benefits of our nation’s water resources. Competition for the use of water and the prolonged drought conditions will present another challenging year for our agency. The employees at Southeastern will be proactive in meeting these challenges and providing reliable hydroelectric power to the people in the southeast. Sincerely, Kenneth E. Legg Administrator

  16. Chapter 13 - Simplified Acquisition Procedures | Department of...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3 - Simplified Acquisition Procedures Chapter 13 - Simplified Acquisition Procedures 13.1 - Purchase Card Policy and Operating Procedures PDF icon 13.2PurchaseOrders0.pdf PDF...

  17. Chapter 39 - Acquisition of Information Technology | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    9 - Acquisition of Information Technology Chapter 39 - Acquisition of Information Technology PDF icon 39.1AcquisitionofInformationResources0.pdf PDF icon 39.2GuidanceonElec...

  18. OPAM Policy Acquisition Guides | Department of Energy

    Energy Savers [EERE]

    Guide Chapter 1.0 - Acquisition Regulations System Acquisition Guide Chapter 1.2 - Attachment - Non-Delegable HCA Functions and Responsibilities Microsoft Word - AcqGuide71pt1.doc

  19. Acquisition Letter Archive listing | Department of Energy

    Energy Savers [EERE]

    Archive listing Acquisition Letter Archive listing PDF icon Acquisition Letter Archive listing More Documents & Publications Microsoft Word - LibraryofPriorRulemakings.doc Policy Flash Search Listing (2001-2014) AL2007-02.doc�

  20. Report: EM Acquisition and Project Management

    Office of Environmental Management (EM)

    ACQUISITION AND PROJECT MANAGEMENT September 25, 2008 Submitted by the EMAB Acquisition and Project Management Subcommittee Background: In Fiscal Year (FY) 2008, EMAB was tasked to continue a review of the Office of Environmental Management's (EM) acquisition and project management practices in terms of its members' own industry standards, and to continue to work with Office of Acquisition and Project Management (EM-50) on its initiatives, providing advice and consultation as appropriate. The

  1. OPAM Policy Acquisition Guides | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Letter: AL2005-08 Microsoft Word - al2004-03.doc Chapter 19 - Small Business Programs

  2. OPAM Policy Acquisition Guides | Department of Energy

    Energy Savers [EERE]

    15 - Contracting by Negotiation OPAM Policy Acquisition Guides DOE Princeton Plasma Physics Laboratory Purchase Power Agreement Request for Proposal

  3. Acquisition Career Management Program Handbook, Partial Revision...

    Broader source: Energy.gov (indexed) [DOE]

    Procurement and Assistance Management SUBJECT: Acquisition Career Management Program Handbook, Partial Revision of Chapter 11, Contracting Officer's Representative SUMMARY: The...

  4. OPAM Policy Acquisition Guides | Department of Energy

    Energy Savers [EERE]

    18 - Emergency Acquisitions Acqguide18pt0 March 2011 final Microsoft Word - acqguide18pt0 Nov 2010

  5. Intellectual Property (IP) Service Providers for Acquisition...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Intellectual Property (IP) Service Providers for Acquisition and Assistance Transactions WA05056IBMWATSONRESEARCHCENTERWaiverofDomesticand.pdf Need to Consider ...

  6. Acquisition and the Environment | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition ¬Ľ Guidance ¬Ľ Acquisition and the Environment Acquisition and the Environment The information provide on these pages are meant to be resource and tool for the DOE acquisition community. Please share suggestions for its further development and improvement. Provide your comments to Richard Langston at (202) 287-1339, or e-mail them to richard.langston@hq.doe.gov GREEN PURCHASING OVERVIEW The White House Task Force on Recycling along with the US Army Center for Health Promotion and

  7. Procurement and Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Procurement and Acquisition Doing Business With the U.S. Department of Energy Welcome to the Department of Energy's Acquisition homepage. The Office of Acquisition Management (OAM) is responsible for all contracting, financial assistance and related activities to fulfill the Department's multitude of missions through its business relationships. As the business organization of the Department, OAM develops and supports the policies, procedures and procurement operational elements. OAM

  8. Enabling Sustainable Acquisition by Improving Procurement Systems |

    Office of Environmental Management (EM)

    Department of Energy Enabling Sustainable Acquisition by Improving Procurement Systems Enabling Sustainable Acquisition by Improving Procurement Systems Enabling Sustainable Acquisition by Improving Procurement Systems Fact sheet describes a case study of the Department of Energy Waste Pilot Plant (WIPP) enabling a sustainable acquisition by improving the procurement systems. The periodic review of the Environmental Management System (EMS) sub-systems is necessary to ensure that desired

  9. Aerial robotic data acquisition system

    SciTech Connect (OSTI)

    Hofstetter, K.J.; Hayes, D.W.; Pendergast, M.M.; Corban, J.E.

    1993-12-31

    A small, unmanned aerial vehicle (UAV), equipped with sensors for physical and chemical measurements of remote environments, is described. A miniature helicopter airframe is used as a platform for sensor testing and development. The sensor output is integrated with the flight control system for real-time, interactive, data acquisition and analysis. Pre-programmed flight missions will be flown with several sensors to demonstrate the cost-effective surveillance capabilities of this new technology.

  10. acquisition

    National Nuclear Security Administration (NNSA)

    0%2A en Small Business http:nnsa.energy.govaboutusouroperationsapmsmallbusiness

    Page...

  11. Jefferson Lab's Distributed Data Acquisition

    SciTech Connect (OSTI)

    Trent Allison; Thomas Powers

    2006-05-01

    Jefferson Lab's Continuous Electron Beam Accelerator Facility (CEBAF) occasionally experiences fast intermittent beam instabilities that are difficult to isolate and result in downtime. The Distributed Data Acquisition (Dist DAQ) system is being developed to detect and quickly locate such instabilities. It will consist of multiple Ethernet based data acquisition chassis distributed throughout the seven-eights of a mile CEBAF site. Each chassis will monitor various control system signals that are only available locally and/or monitored by systems with small bandwidths that cannot identify fast transients. The chassis will collect data at rates up to 40 Msps in circular buffers that can be frozen and unrolled after an event trigger. These triggers will be derived from signals such as periodic timers or accelerator faults and be distributed via a custom fiber optic event trigger network. This triggering scheme will allow all the data acquisition chassis to be triggered simultaneously and provide a snapshot of relevant CEBAF control signals. The data will then be automatically analyzed for frequency content and transients to determine if and where instabilities exist.

  12. National Geothermal Data Systems Data Acquisition and Access...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Systems Data Acquisition and Access National Geothermal Data Systems Data Acquisition and Access Project objective: To support the acquisition of new and legacy data from...

  13. Office of Acquisition and Financial Assessment PIA, Golden Field...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Acquisition and Financial Assessment PIA, Golden Field Office Office of Acquisition and Financial Assessment PIA, Golden Field Office Office of Acquisition and Financial Assessment ...

  14. Program and Project Management for the Acquisition of Capital Assets

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2010-11-29

    The purpose of this Order is to a) provide the Department of Energy (DOE) Elements, including the National Nuclear Security Administration (NNSA), with program and project management direction for the acquisition of capital assets with the goal of delivering projects within the original performance baseline (PB), cost and schedule, and fully capable of meeting mission performance, safeguards and security, and environmental, safety, and health requirements unless impacted by a directed change; and b) implement Office of Management and Budget (OMB) Circulars to include: A-11, Part 7, Capital Programming Guide, which prescribes new requirements and leading practices for project and acquisition management; A-123, Management's Responsibility for Internal Control, which defines management's responsibility for internal control in Federal agencies; and A-131, Value Engineering, which requires that all Federal agencies use Value Engineering (VE) as a management tool.

  15. Acquisition News | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Lincoln, Nebraska. IEI-PEC, JV is a Small Business Administration (SBA) Certified 8(a) Joint Venture under the SBA's 8(a) Program. April 9, 2015 DOE Awards Support Service...

  16. ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION...

    Broader source: Energy.gov (indexed) [DOE]

    Documents & Publications ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS ADMINISTRATIVE RECORDS SCHEDULE 6: ACCOUNTABLE OFFICERS' ACCOUNTS RECORDS ADM 6...

  17. National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    FOR IMMEDIATE RELEASE March 14, 2001 NNSA Organizational Redress Strengthens Path Forward John A. Gordon, Administrator for the National Nuclear Security Administration (NNSA) announced today his plan for organizing the NNSA within the U.S. Department of Energy. The planned actions will improve performance of the core mission to strengthen national security and reduce the global threat from weapons of mass destruction through applications of science and technology. The Administration celebrated

  18. Eder Acquisition 2007 Habitat Evaluation Procedures Report.

    SciTech Connect (OSTI)

    Ashley, Paul R.

    2008-01-01

    A habitat evaluation procedures (HEP) analysis was conducted on the Eder acquisition in July 2007 to determine how many protection habitat units to credit Bonneville Power Administration (BPA) for providing funds to acquire the project site as partial mitigation for habitat losses associated with construction of Grand Coulee and Chief Joseph Dams. Baseline HEP surveys generated 3,857.64 habitat units or 1.16 HUs per acre. HEP surveys also served to document general habitat conditions. Survey results indicated that the herbaceous plant community lacked forbs species, which may be due to both livestock grazing and the late timing of the surveys. Moreover, the herbaceous plant community lacked structure based on lower than expected visual obstruction readings (VOR); likely a direct result of livestock impacts. In addition, introduced herbaceous vegetation including cultivated pasture grasses, e.g. crested wheatgrass and/or invader species such as cheatgrass and mustard, were present on most areas surveyed. The shrub element within the shrubsteppe cover type was generally a mosaic of moderate to dense shrubby areas interspersed with open grassland communities while the 'steppe' component was almost entirely devoid of shrubs. Riparian shrub and forest areas were somewhat stressed by livestock. Moreover, shrub and tree communities along the lower reaches of Nine Mile Creek suffered from lack of water due to the previous landowners 'piping' water out of the stream channel.

  19. Final report : impacts analysis for cyber attack on electric power systems (national SCADA test bed FY09).

    SciTech Connect (OSTI)

    Stamp, Jason Edwin; LaViolette, Randall A.; Gardiner, Judith D.

    2009-09-01

    The development continues for Finite State Abstraction (FSA) methods to enable Impacts Analysis (IA) for cyber attack against power grid control systems. Building upon previous work, we successfully demonstrated the addition of Bounded Model Checking (BMC) to the FSA method, which constrains grid conditions to reasonable behavior. The new FSA feature was successfully implemented and tested. FSA is an important part of IA for the power grid, complementing steady-state approaches. It enables the simultaneous evaluation of myriad dynamic trajectories for the system, which in turn facilitates IA for whole ranges of system conditions simultaneously. Given the potentially wide range and subtle nature of potential control system attacks, this is a promising research approach. In this report, we will explain the addition of BMC to the previous FSA work and some testing/simulation upon the implemented code using a two-bus test system. The current FSA approach and code allow the calculation of the acceptability of power grid conditions post-cyber attack (over a given time horizon and for a specific grid topology). Future work will enable analysis spanning various topologies (to account for switching events), as well as an understanding of the cyber attack stimuli that can lead to undesirable grid conditions.

  20. the Bonneville Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Bonneville Power Administration deposited 12, 535,000 to the reclamation fund in the United States Treasury for the ac- count of Columbia Basin Project, Yakima Project...

  1. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    FOIAPrivacy Act Submit a FOIA Request DOE FOIA Requester Service Center Electronic Reading Room FOIA Links Power Marketing Administrations' FOIA Links Bonneville Power ...

  2. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Student Employment Opportunities There are currently no student employment vacancies at Southwestern Power Administration. Please check here regularly for career opportunities ...

  3. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    "Stockton Dam is an important resource in Southwestern's portfolio of 24 hydroelectric projects - all owned by the U.S. Army Corps of Engineers," says Southwestern Administrator ...

  4. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    May 22, 2014 Lake Texoma Hydropower Generation to Remain Low for Near Future TULSA, OK - Southwestern Power Administration (Southwestern) announced today that in response to ...

  5. BONNEVILLE POWER ADMINISTRATION

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and SCS Administrative Charge, specified in GRSP II.U.2. 5.4 Grandfathered Generation Management Service (GMS) Load Following Customers dedicating the entire output of an...

  6. National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Nuclear Security Administration DOENV--325-Rev. lOa February 2015 Nevada National Security Site Waste Acceptance Criteria Prepared by U.S. Department of Energy National Nuclear ...

  7. Bonneville Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    agreement (Agreement) between the BC Hydro and Power uthority (BCH) and the Bonneville Power Administration (BP A), jointly the Parties, which BA for accounting purposes is...

  8. BONNEVILLE POWER ADMINISTRATION

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Training: Fundamentals of Building Measurement & Verification (CMVP prep) When: 2222016 8:00am - 2242016 5:00pm Where: Tacoma Public Utilities Administration Building 3628 S....

  9. ARM - Website Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Administration About Become a User Recovery Act Mission FAQ Outreach Displays History Organization Participants Facility Statistics Forms Contacts Facility Documents ARM Management...

  10. Administrative - Hanford Site

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Administrative Freedom of Information and Privacy Act DOE Headquarters FOIA Web Page A Citizen's Guide to the FOIA and Privacy Act Making a Privacy Act Request Freedom of...

  11. Fish and Wildlife Administrator

    Broader source: Energy.gov [DOE]

    This position is located in the Planning and Policy organization (EWP) in the Division of Environment, Fish & Wildlife, Bonneville Power Administration (BPA) and reports to the EWP manager....

  12. Portsmouth Administrative Consent Order

    Broader source: Energy.gov [DOE]

    Portsmouth Administrative Consent Order ensures compliance by DOE at the Portsmouth Site with the Resource Recovery and Compensation Act, the Comprehensive Environmental Response, Compensation, and...

  13. ADR Provisions in Federal Acquisition Regulation (FAR) | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy ADR Provisions in Federal Acquisition Regulation (FAR) ¬Ľ ADR Provisions in Federal Acquisition Regulation (FAR) ADR Provisions in Federal Acquisition Regulation (FAR) ADR Provisions in Federal Acquisition Regulation (FAR) PDF icon ADR Provisions in Federal Acquisition Regulation (FAR) More Documents & Publications Microsoft Word - ADR-Provisions-FederalAcquisitionReg.doc ACQUISITION LETTER DEAR Part 933 Microsoft Word - ACQUISITION LETTER.doc

  14. ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy : PAYROLL AND PAY ADMINISTRATION RECORDS ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS Payrolling and pay administration records pertain to the disbursements employees receive in return for their personal services. This schedule covers commonly used pay records PDF icon ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS More Documents & Publications ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION

  15. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Business USA FedBizOpps FedConnect Federal Acquisition Regulation (FAR) System for Award Management (SAM) Items Southwestern Buys Southwestern buys the following types of office equipment, field equipment, and services to support its mission of marketing and delivering Federal hydroelectric power: 15/69/138/161-kV field equipment such as circuit breakers, coupling capacitor potential devices, current transformers, disconnect switches, microprocessor relays, power transformers, surge arresters,

  16. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Business USA FedBizOpps FedConnect Federal Acquisition Regulation (FAR) System for Award Management (SAM) Payment to Vendors In order to promote electronic government (e-gov) as outlined in the President's Management Agenda, Southwestern makes payment to vendors using: 1. Tax Exempt Government Visa Purchase Card; or 2. Automated Clearing House (ACH)/Direct Deposit. All vendors that conduct business with Southwestern must be registered (including their banking information) in the System for Award

  17. Department of Energy (DOE) Acquisition Guide

    Broader source: Energy.gov [DOE]

    Regulatory requirements for the acquisition process are set forth in the Federal Acquisition Regulation (FAR) and are supplemented in the Department of Energy Acquisition Regulation (DEAR). FAR 1.301 provides for the issuance of additional internal agency guidance, including designations and delegations of authority, assignments of responsibilities, work-flow procedures, and internal reporting requirements. The DOE Acquisition Guide serves this purpose by identifying relevant internal standard operating procedures to be followed by both procurement and program personnel who are involved in various aspects of the acquisition process. The Guide also is intended to be a repository of best practices found throughout the agency that reflect specific illustrations of techniques which ' might be helpful to all readers. Additionally, the Guide includes subject matter that was issued previously through other media, such as Acquisition Letters.

  18. Report: Small Business, Acquisition, and Project Management

    Office of Environmental Management (EM)

    SMALL BUSINESS, ACQUISITION, AND PROJECT MANAGEMENT Background In FY 2007 EMAB was tasked to dialogue with the Office of Acquisition and Project Management (EM-50) on the topic of Small Business and provide advice and recommendations drawn from EMAB members' experience in commercial industry. Additionally, EMAB continued to review and discuss the topics of Acquisition and Project Management during its public meetings and in exchanges with EM senior personnel. Discussion In FY 2006, EM's small

  19. AVLIS Laser Data Acquisition and Control System

    SciTech Connect (OSTI)

    Gill, T.E.

    1986-01-01

    The AVLIS Laser Data Acquisition and Control System provides an integrated hardware and software package which controls up to five diagnostic lasers and automatic and manual data acquisition and reduction subsystems being used to analyze uranium vapor density in the Atomic Vapor Laser Isotope Separation (AVLIS) separation vessel in Oak Ridge, Tennessee. This paper discusses acquisition of critical real-time and post-run vapor density data.

  20. Planning, Budget, and Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Planning, Budget, and Acquisition Planning, Budget, and Acquisition The Office of Legacy Management's (LM) Planning, Budget, and Acquisition (PBA) Team performs the following management functions: Plans, develops, and implements improvements in efficiencies of business processes and identifies opportunities for reengineering or restructuring. Plans, develops, and implements strategic planning efforts, which include analyzing the organization's annual and long-term goals and the best approach for

  1. Searchable Electronic Department of Energy Acquisition Regulation |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Searchable Electronic Department of Energy Acquisition Regulation Searchable Electronic Department of Energy Acquisition Regulation Updated July 2, 2013. The EDEAR is current through the Final Rule published May 3, 2013 at 78 FR 25817 If you have any questions concerning this page, please contact Barbara Binney in the Contract and Financial Assistance Policy Division, Office of Acquisition and Project Management. PDF icon EDEAR July 2 2013 final.pdf More Documents &

  2. Intellectual Property (IP) Service Providers for Acquisition...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Assistance More Documents & Publications Intellectual Property (IP) Service Providers for Acquisition and Assistance Transactions Microsoft Word - FAL2004-03.doc Microsoft Word -...

  3. Searchable Electronic Department of Energy Acquisition Regulation...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Barbara Binney in the Contract and Financial Assistance Policy Division, Office of Acquisition and Project Management. PDF icon EDEAR July 2 2013 final.pdf More Documents &...

  4. BCDA - Beamline Controls and Data Acquisition Group

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    * Data Acquisition * ebrick * Hardware * Software * Group Info * Sector Contacts * Knowledge Base * Meetings * Mailing list * APS PV Information * EPICS Naming Convention Print...

  5. Chapter 7 - Acquisition Planning | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sourcing Requirements - Update May 2014 PDF icon 7.3 - Acuqisition Planning in the M&O Environment More Documents & Publications Policy Flash 2015-13 ACQUISITION PLANNING ...

  6. Acquisition, Use, and Disposal of Real Estate

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition of Capital Assets, or current version DOE Order 430.1B, Real Property Asset Management, or current version Overview This section provides internal Departmental ...

  7. Data Acquisition-Manipulation | Open Energy Information

    Open Energy Info (EERE)

    signals and numeric values that can be stored and manipulated in a useful manner by a computer program. Other definitions:Wikipedia Reegle Introduction Data acquisition and...

  8. Alternative Financing - New Acquisition Guide Subchapter | Department...

    Broader source: Energy.gov (indexed) [DOE]

    policy flash Alternative Financing - New Acquisition Guide Subchapter More Documents & Publications Policy Flash 2010-83 Policy Flash 2012-30 Flash2011-77 OPAM...

  9. OPAM Policy Acquisition Guides | Department of Energy

    Energy Savers [EERE]

    31 - Contract Cost Principles and Procedures Table 10 Costs of Foreign Travel, IG-0397 Acquisition Letter No. AL 2012-05ÔĀĒÔĀĒ

  10. Active Acquisition Letters | Department of Energy

    Energy Savers [EERE]

    Procurement and Acquisition ¬Ľ Active Acquisition Letters Active Acquisition Letters Please remember that you can use your browser's EDIT/FIND function to perform a key-word or key-phase search for each browser page. Once you have entered the search value, click the NEXT button. When you advance to the next page, simply click the NEXT button again without re-entering the search value. March 18, 2016 Acquisiton Letter No. AL 2016-04 Acquisition letter 2016-04 lists ALs currently in effect and

  11. ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    (SUPERSEDED) | Department of Energy 2: PAYROLL AND PAY ADMINISTRATION RECORDS (SUPERSEDED) ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS (SUPERSEDED) Payrolling and pay administration records pertain to the disbursements employees receivein return for their personal services. This schedule covers commonly used pay records. PDF icon Administrative Records Schedule 2-Payroll and Pay Administration Records.pdf More Documents & Publications ADMINISTRATIVE RECORDS

  12. Bonneville Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    1,NT OF Bonneville Power Administration P.O Box 3621 Portland, Oregon 97208-3621 PUBLIC AFFAIRS March 10, 2010 In reply refer to: DK-7 Tom Jacobs Ex RE: BPA-2010-01030-F Dear Mr....

  13. SOUTHWESTERN POWER ADMINISTRATION

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    9/01 SOUTHWESTERN POWER ADMINISTRATION CATEGORICAL EXCLUSION (CX) DETERMINATION BRIEF DESCRIPTION OF PROPOSED ACTION: Hydroelectric Power Rate Increase for the Integrated System of Hydropower Projects. PROPOSED BY: Southwestern Power Administration. NUMBER AND TITLE OF THE CATEGORICAL EXCLUSION BEING APPLIED: ( 10 CFR 1021, Appendix B to Subpart D, 1-1-03 Edition, Part B4.3 - Electric power marketing rate changes. REGULATORY REQUIREMENTS IN 10 CFR 1021.410(B): (1) The proposed action fits within

  14. Operations & Administration - JCAP

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Our-Peopple-Hero_v2.jpg Operations & Administration Who We Are JCAP Mission JCAP At A Glance Fact Sheets Organizational Chart Recent Science Technology Transfer Awards & Honors Senior Management Scientific Leadership Researchers Governance & Advisory Boards Operations & Administration Who we are Overview JCAP Mission JCAP At A Glance Fact Sheets Organizational Chart Our Achievements Recent Science Technology Transfer Awards & Honors Our People Senior Management Scientific

  15. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Occupational Safety & Health Administration Safety The safety and well-being of all Southwestern Power Administration employees are the firm and continuing responsibilities of every member of management. Each employee, in turn, shares with management the responsibility for his or her own safety by performing his or her duties in a safe and conscientious manner, complying with all safety rules and regulations, and observing the provisions of Executive Order 12196, "Occupational Safety

  16. Bonneville Power Administration

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Hooper Springs Transmission Project 1 Record of Decision March 2015 Bonneville Power Administration's Hooper Springs Transmission Project Record of Decision March 2015 Decision Bonneville Power Administration (BPA) has decided to construct and operate the Hooper Springs Transmission Project in Caribou County, Idaho. As described in the Hooper Springs Transmission Project Final Environmental Impact Statement (DOE/EIS-0451, January 2015), this project consists of: (1) a new 138/115-kilovolt (kV)

  17. Southwestern Power Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    November 2015 Skip Navigation Links December 9, 2015 Southwestern Leadership Announcements November 20, 2015 Scott Carpenter Named Southwestern Administrator 2014 Annual Report Archived News Items Skip Navigation Links Annual Performance Plan Annual Report Mission Organization Strategic Plan SWPA - Overview Video System Map About the Agency Southwestern Employment Opportunities Southwestern Power Administration was established in 1943 by the Secretary of the Interior as a Federal Agency that

  18. Dear Secretary/ Administrator:

    Office of Environmental Management (EM)

    Office of Management and Budget Dear Secretary/ Administrator: Executive Office of the President Council on Environmental Quality Consistent with the President's focus on sound stewardship of our natural resources, we are committed to improving environmental governance through constructive and timely approaches to addressing challenges that arise over the use, conservation, and restoration of the environment, natural resources, and public lands. To achieve better governance, the Administration

  19. Forrest Ranch Acquisition, Annual Report 2001-2002.

    SciTech Connect (OSTI)

    Smith, Brent

    2003-08-01

    Through their John Day Basin Office, the Confederated Tribes of Warm Springs Reservation of Oregon (Tribes) acquired the Forrest Ranch during July of 2002. The property consists of two parcels located in the John Day subbasin within the Columbia basin. The mainstem parcel consists of 3,503 acres and is located 1/2 mile to the east of Prairie City, Oregon on the mainstem of the John Day River. The middle fork parcel consists of 820 acres and is located one mile to the west of the town of Austin, OR on the middle fork John Day River. The Forrest Ranch Project is under a memorandum of agreement with the Bonneville Power Administration (BPA) to provide an annual written report generally describing the real property interests of the project and management activities undertaken or in progress. The Forrest Ranch acquisition was funded by BPA as part of their program to protect, mitigate, and enhance fish and wildlife habitat affected by the operation of their hydroelectric facilities on the Columbia River and its tributaries. Following lengthy negotiations with the BPA and property owner, the Tribes were able to conclude the acquisition of the Forrest Ranch in July of 2002. The intent of the acquisition project was to partially mitigate fish and wildlife impacts for the John Day Dam on the Columbia River as outlined in the Northwest Power Planning Council's Wildlife Program (NPPC 1994, section 11.1, section 7.6). While the Tribes hold fee-title to the property, the BPA has assured a level of program funding through a memorandum of agreement and annual statement of work. As early as 1997, the Tribes identified this property as a priority for restoration in the John Day basin. In 2000, the Tribes arranged an agreement with the landowner to seek funds for the acquisition of both the Middle Fork and upper Mainstem John Day River holdings of Mr. John Forrest. This property had been a priority of not only the Tribes, but of many other basin natural resource agencies. The contract period was the first year of the program with December 2001 through July 2nd 2002 being previous to acquisition of the property. The majority of the activities conducted under the contract period were spent on O&M and pre acquisition activities.

  20. Career Map: Land Acquisition Specialist | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Land Acquisition Specialist Career Map: Land Acquisition Specialist a male land acquisition specialist takes notes while surveying a piece of land. Land Acquisition Specialist Position Title Land Acquisition Specialist Alternate Title(s) Land Agent, Land Acquisition Associate Education & Training Level Bachelor degree required, prefer graduate degree Education & Training Level Description Land acquisition specialists are expected to have a bachelor's degree or higher in business, real

  1. Southeastern Power Administration | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Southeastern Power Administration Southeastern Power Administration Southeastern Power Administration View All Maps Addthis

  2. OPAM Policy Acquisition Guides | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Chapter 34 - Major Systems Acquisition Policy Flash 2014-37 Update to the Department of Energy Acquisition Guide Chapter 16.2, Performance Evaluation and Measurement Plans for Cost-Reimbursement, Non-Management and Operating Contracts Chapter 16 - Types of Contracts

  3. Establishing a process of irradiating small animal brain using a CyberKnife and a microCT scanner

    SciTech Connect (OSTI)

    Kim, Haksoo; Welford, Scott; Fabien, Jeffrey; Zheng, Yiran; Yuan, Jake; Brindle, James; Yao, Min; Lo, Simon; Wessels, Barry; Machtay, Mitchell; Sohn, Jason W.; Sloan, Andrew

    2014-02-15

    Purpose: Establish and validate a process of accurately irradiating small animals using the CyberKnife G4 System (version 8.5) with treatment plans designed to irradiate a hemisphere of a mouse brain based on microCT scanner images. Methods: These experiments consisted of four parts: (1) building a mouse phantom for intensity modulated radiotherapy (IMRT) quality assurance (QA), (2) proving usability of a microCT for treatment planning, (3) fabricating a small animal positioning system for use with the CyberKnife's image guided radiotherapy (IGRT) system, and (4)in vivo verification of targeting accuracy. A set of solid water mouse phantoms was designed and fabricated, with radiochromic films (RCF) positioned in selected planes to measure delivered doses. After down-sampling for treatment planning compatibility, a CT image set of a phantom was imported into the CyberKnife treatment planning systemóMultiPlan (ver. 3.5.2). A 0.5 cm diameter sphere was contoured within the phantom to represent a hemispherical section of a mouse brain. A nude mouse was scanned in an alpha cradle using a microCT scanner (cone-beam, 157 ◊ 149 pixels slices, 0.2 mm longitudinal slice thickness). Based on the results of our positional accuracy study, a planning treatment volume (PTV) was created. A stereotactic body mold of the mouse was ďprintedĒ using a 3D printer laying UV curable acrylic plastic. Printer instructions were based on exported contours of the mouse's skin. Positional reproducibility in the mold was checked by measuring ten CT scans. To verify accurate dose delivery in vivo, six mice were irradiated in the mold with a 4 mm target contour and a 2 mm PTV margin to 3 Gy and sacrificed within 20 min to avoid DNA repair. The brain was sliced and stained for analysis. Results: For the IMRT QA using a set of phantoms, the planned dose (6 Gy to the calculation point) was compared to the delivered dose measured via film and analyzed using Gamma analysis (3% and 3 mm). A passing rate of 99% was measured in areas of above 40% of the prescription dose. The final inverse treatment plan was comprised of 43 beams ranging from 5 to 12.5 mm in diameter (2.5 mm size increments are available up to 15 mm in diameter collimation). Using the Xsight Spine Tracking module, the CyberKnife system could not reliably identify and track the tiny mouse spine; however, the CyberKnife system could identify and track the fiducial markers on the 3D mold.In vivo positional accuracy analysis using the 3D mold generated a mean error of 1.41 mm Ī 0.73 mm when fiducial markers were used for position tracking. Analysis of the dissected brain confirmed the ability to target the correct brain volume. Conclusions: With the use of a stereotactic body mold with fiducial markers, microCT imaging, and resolution down-sampling, the CyberKnife system can successfully perform small-animal radiotherapy studies.

  4. Establishing a process of irradiating small animal brain using a CyberKnife and a microCT scanner

    SciTech Connect (OSTI)

    Kim, Haksoo; Welford, Scott; Fabien, Jeffrey; Zheng, Yiran; Yuan, Jake; Brindle, James; Yao, Min; Lo, Simon; Wessels, Barry; Machtay, Mitchell; Sohn, Jason W.; Sloan, Andrew

    2014-02-15

    Purpose: Establish and validate a process of accurately irradiating small animals using the CyberKnife G4 System (version 8.5) with treatment plans designed to irradiate a hemisphere of a mouse brain based on microCT scanner images. Methods: These experiments consisted of four parts: (1) building a mouse phantom for intensity modulated radiotherapy (IMRT) quality assurance (QA), (2) proving usability of a microCT for treatment planning, (3) fabricating a small animal positioning system for use with the CyberKnife's image guided radiotherapy (IGRT) system, and (4)in vivo verification of targeting accuracy. A set of solid water mouse phantoms was designed and fabricated, with radiochromic films (RCF) positioned in selected planes to measure delivered doses. After down-sampling for treatment planning compatibility, a CT image set of a phantom was imported into the CyberKnife treatment planning system‚ÄĒMultiPlan (ver. 3.5.2). A 0.5 cm diameter sphere was contoured within the phantom to represent a hemispherical section of a mouse brain. A nude mouse was scanned in an alpha cradle using a microCT scanner (cone-beam, 157 √ó 149 pixels slices, 0.2 mm longitudinal slice thickness). Based on the results of our positional accuracy study, a planning treatment volume (PTV) was created. A stereotactic body mold of the mouse was ‚Äúprinted‚ÄĚ using a 3D printer laying UV curable acrylic plastic. Printer instructions were based on exported contours of the mouse's skin. Positional reproducibility in the mold was checked by measuring ten CT scans. To verify accurate dose delivery in vivo, six mice were irradiated in the mold with a 4 mm target contour and a 2 mm PTV margin to 3 Gy and sacrificed within 20 min to avoid DNA repair. The brain was sliced and stained for analysis. Results: For the IMRT QA using a set of phantoms, the planned dose (6 Gy to the calculation point) was compared to the delivered dose measured via film and analyzed using Gamma analysis (3% and 3 mm). A passing rate of 99% was measured in areas of above 40% of the prescription dose. The final inverse treatment plan was comprised of 43 beams ranging from 5 to 12.5 mm in diameter (2.5 mm size increments are available up to 15 mm in diameter collimation). Using the Xsight Spine Tracking module, the CyberKnife system could not reliably identify and track the tiny mouse spine; however, the CyberKnife system could identify and track the fiducial markers on the 3D mold.In vivo positional accuracy analysis using the 3D mold generated a mean error of 1.41 mm ¬Ī 0.73 mm when fiducial markers were used for position tracking. Analysis of the dissected brain confirmed the ability to target the correct brain volume. Conclusions: With the use of a stereotactic body mold with fiducial markers, microCT imaging, and resolution down-sampling, the CyberKnife system can successfully perform small-animal radiotherapy studies.

  5. Policy Flash 2013-78 Acquisition Guide Chapter 7.3 Acquisition Planning in

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    the M&O Environment | Department of Energy 8 Acquisition Guide Chapter 7.3 Acquisition Planning in the M&O Environment Policy Flash 2013-78 Acquisition Guide Chapter 7.3 Acquisition Planning in the M&O Environment Questions concerning this policy flash should be directed to Jason Taylor of the Contract and Financial Assistance Policy Division, Office of Policy, Office of Acquisition and Project Management at (202) 287-1560 or at jason.taylor@hq.doe.gov. PDF icon Policy Flash_AG7

  6. ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION

    Broader source: Energy.gov (indexed) [DOE]

    RECORDS-Revision 2 | Department of Energy Payrolling and pay administration records pertain to the disbursements employees receivein return for their personal services. This schedule covers commonly used pay records. PDF icon ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS-Revision 2 More Documents & Publications ADMINISTRATIVE RECORDS SCHEDULE 2: PAYROLL AND PAY ADMINISTRATION RECORDS ADMINISTRATIVE RECORDS SCHEDULE 6: ACCOUNTABLE OFFICERS' ACCOUNTS RECORDS ADM

  7. Acquisition, Use, and Disposal of Real Estate | Department of Energy

    Energy Savers [EERE]

    Acquisition, Use, and Disposal of Real Estate Acquisition, Use, and Disposal of Real Estate PDF icon Acquisition, Use, and Disposal of Real Estate More Documents & Publications Acquisition, Use, and Disposal of Real Estate OPAM Policy Acquisition Guides Chapter 17 - Special Contracting Methods

  8. Acquisition, Use, and Disposal of Real Estate | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition, Use, and Disposal of Real Estate Acquisition, Use, and Disposal of Real Estate PDF icon Acquisition, Use, and Disposal of Real Estate More Documents & Publications Acquisition, Use, and Disposal of Real Estate OPAM Policy Acquisition Guides Chapter 17 - Special Contracting Methods

  9. 7pt1AcquisitionPlanning.pdf | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    7pt1AcquisitionPlanning.pdf 7pt1AcquisitionPlanning.pdf PDF icon 7pt1AcquisitionPlanning.pdf More Documents & Publications Acquisitions___Communications.pdf Source Selection 37pt.2PerformanceBasedServiceAcquisition.pdf

  10. Multiple channel data acquisition system

    DOE Patents [OSTI]

    Crawley, H. Bert (Ames, IA); Rosenberg, Eli I. (Ames, IA); Meyer, W. Thomas (Ames, IA); Gorbics, Mark S. (Ames, IA); Thomas, William D. (Boone, IA); McKay, Roy L. (Ames, IA); Homer, Jr., John F. (Ames, IA)

    1990-05-22

    A multiple channel data acquisition system for the transfer of large amounts of data from a multiplicity of data channels has a plurality of modules which operate in parallel to convert analog signals to digital data and transfer that data to a communications host via a FASTBUS. Each module has a plurality of submodules which include a front end buffer (FEB) connected to input circuitry having an analog to digital converter with cache memory for each of a plurality of channels. The submodules are interfaced with the FASTBUS via a FASTBUS coupler which controls a module bus and a module memory. The system is triggered to effect rapid parallel data samplings which are stored to the cache memories. The cache memories are uploaded to the FEBs during which zero suppression occurs. The data in the FEBs is reformatted and compressed by a local processor during transfer to the module memory. The FASTBUS coupler is used by the communications host to upload the compressed and formatted data from the module memory. The local processor executes programs which are downloaded to the module memory through the FASTBUS coupler.

  11. Multiple channel data acquisition system

    DOE Patents [OSTI]

    Crawley, H.B.; Rosenberg, E.I.; Meyer, W.T.; Gorbics, M.S.; Thomas, W.D.; McKay, R.L.; Homer, J.F. Jr.

    1990-05-22

    A multiple channel data acquisition system for the transfer of large amounts of data from a multiplicity of data channels has a plurality of modules which operate in parallel to convert analog signals to digital data and transfer that data to a communications host via a FASTBUS. Each module has a plurality of submodules which include a front end buffer (FEB) connected to input circuitry having an analog to digital converter with cache memory for each of a plurality of channels. The submodules are interfaced with the FASTBUS via a FASTBUS coupler which controls a module bus and a module memory. The system is triggered to effect rapid parallel data samplings which are stored to the cache memories. The cache memories are uploaded to the FEBs during which zero suppression occurs. The data in the FEBs is reformatted and compressed by a local processor during transfer to the module memory. The FASTBUS coupler is used by the communications host to upload the compressed and formatted data from the module memory. The local processor executes programs which are downloaded to the module memory through the FASTBUS coupler. 25 figs.

  12. ¬ćMyth-Busting2¬é: Addressing Misconceptions and Further Improving Communication During the Acquisition Process

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    MA N A G E ME N T A N D B U D G E T W A S H I N G T O N , D . C . 2 0 5 0 3 O F F I C E O F F E D E R A L May 7, 2012 P R O C U R E M E N T P O L I C Y MEMORANDUM FOR CHIEF ACQUISITION OFFICERS SENIOR PROCUREMENT EXECUTIVES CHIEF INFORMATION OFFICERS FROM: Lesley A. Field Acting Administrator for Federal Procurement Policy SUBJECT: "Myth-Busting 2": Addressing Misconceptions and Further Improving Communication During the Acquisition Process Early, frequent, and constructive engagement

  13. Computer hardware fault administration

    DOE Patents [OSTI]

    Archer, Charles J. (Rochester, MN); Megerian, Mark G. (Rochester, MN); Ratterman, Joseph D. (Rochester, MN); Smith, Brian E. (Rochester, MN)

    2010-09-14

    Computer hardware fault administration carried out in a parallel computer, where the parallel computer includes a plurality of compute nodes. The compute nodes are coupled for data communications by at least two independent data communications networks, where each data communications network includes data communications links connected to the compute nodes. Typical embodiments carry out hardware fault administration by identifying a location of a defective link in the first data communications network of the parallel computer and routing communications data around the defective link through the second data communications network of the parallel computer.

  14. MCS Systems Administration Toolkit

    Energy Science and Technology Software Center (OSTI)

    2001-09-30

    This package contains a number of systems administration utilities to assist a team of system administrators in managing a computer environment by automating routine tasks and centralizing information. Included are utilities to help install software on a network of computers and programs to make an image of a disk drive, to manage and distribute configuration files for a number of systems, and to run self-testss on systems, as well as an example of using amore¬†¬Ľ database to manage host information and various utilities.¬ę¬†less

  15. Policy Flash 2013-50 Leveraging the General Services Administration's

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SmartPay2 Program and its Single Use Account Feature | Department of Energy 0 Leveraging the General Services Administration's SmartPay2 Program and its Single Use Account Feature Policy Flash 2013-50 Leveraging the General Services Administration's SmartPay2 Program and its Single Use Account Feature Questions concerning this Policy Flash should be directed to Denise T. Clarke of the Office of Acquisition and Project Management, Strategic Programs Division at (202) 287-1748 or at

  16. Redis database administration tool

    Energy Science and Technology Software Center (OSTI)

    2013-02-13

    MyRedis is a product of the Lorenz subproject under the ASC Scirntific Data Management effort. MyRedis is a web based utility designed to allow easy administration of instances of Redis databases. It can be usedd to view and manipulate data as well as run commands directly against a variety of different Redis hosts.

  17. A data acquisition architecture for the SSC

    SciTech Connect (OSTI)

    Partridge, R.

    1990-01-01

    An SSC data acquisition architecture applicable to high-p{sub T} detectors is described. The architecture is based upon a small set of design principles that were chosen to simplify communication between data acquisition elements while providing the required level of flexibility and performance. The architecture features an integrated system for data collection, event building, and communication with a large processing farm. The interface to the front end electronics system is also discussed. A set of design parameters is given for a data acquisition system that should meet the needs of high-p{sub T} detectors at the SSC.

  18. Acquisition Letter No. AL 2013-07 | Department of Energy

    Energy Savers [EERE]

    7 Acquisition Letter No. AL 2013-07 PDF icon AL 2013-07.pdf More Documents & Publications Policy Flash 2015-05 - Acquisition Letter 2015-02 Acquisition Letter No. AL 2015-02

  19. DOJ Title Standards for Acquisition | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    DOJ Title Standards for Acquisition DOJ Title Standards for Acquisition PDF icon Title Standards 2001 More Documents & Publications Acquisition Guide for Federal Agencies REAL ESTATE PROPERTY GUIDE 2014 REAL ESTATE PROPERTY GUIDE 2013

  20. NEPA audits at the Bonneville Power Administration`s office of energy resources

    SciTech Connect (OSTI)

    Beachler, M.C.; Patton, J.E.; Alton, C.C.

    1993-05-01

    Since 1984, the Bonneville Power Administration (Bonneville) has evaluated the environmental performance of its energy resource acquisition programs. To date, these programs have mostly comprised conservation activities in residential and commercial buildings. In the environmental documentation for these programs under the National Environmental Policy Act of 1969 (NEPA), the agency has established a set of mitigation measures that ensure against adverse environmental impacts. The agency uses environmental audits to evaluate the programs` performance in meeting the NEPA promises, and how well NEPA documents meet the programs needs and how effectively environmental and program staff interact. Since 1984 the Pacific Northwest Laboratory (PNL) has conducted 22 of the audits for Bonneville. The audits are inexpensive and unobstrusive; thus they can be repeated as needed and can be used as a tool to facilitate communication rather than simply to meet administrative rules. As Bonneville moves into an aggressive energy resource acquisition mode, these audits will serve as a model for the ongoing evaluation of environmental performance and may be adopted agency-wide to address regulations beyond NEPA.

  1. Acquisition Letter No. AL 2013-03 | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Letter No. AL 2013-03 Acquisition Letter No. AL 2013-03 DATE: February 21, 2013 TO: Procurement Directors/Contracting Officers FROM: Director Contract and Financial Assistance Policy Division Office of Policy Office of Acquisition and Project Management SUBJECT: Acquisition Letter on Acquisition Planning Considerations for Management and Operating Contracts SUMMARY: The attached Acquisition Letter is issued to provide updated guidance on the unique acquisition planning procedures associated with

  2. Department of Energy (DOE) Acquisition Guide | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    (DOE) Acquisition Guide Department of Energy (DOE) Acquisition Guide Regulatory requirements for the acquisition process are set forth in the Federal Acquisition Regulation (FAR) and are supplemented in the Department of Energy Acquisition Regulation (DEAR). FAR 1.301 provides for the issuance of additional internal agency guidance, including designations and delegations of authority, assignments of responsibilities, work-flow procedures, and internal reporting requirements. The DOE Acquisition

  3. Performance Based Service Acquisition Toolkit | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Procurement and Acquisition ¬Ľ Guidance ¬Ľ Contracting for Support Services ¬Ľ Performance Based Service Acquisition Toolkit Performance Based Service Acquisition Toolkit Performance-based Service Acquisition (PBA) means an acquisition structured around the results to be achieved as opposed to the manner by which the work is to be performed. Performance-based Work Statement (PWS) means that a statement of work for performance-based acquisitions that describes the required results in clear,

  4. ACQUISITION LETTER DEAR Part 933 | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ACQUISITION LETTER DEAR Part 933 ¬Ľ ACQUISITION LETTER DEAR Part 933 ACQUISITION LETTER DEAR Part 933 This AL establishes policy and provides guidance for the use of alternative dispute resolution techniques in connection with disputes that arise under the Contract Disputes Act (CDA) of 1978, 41 U.S.C. sections 601-613. PDF icon ACQUISITION LETTER More Documents & Publications Microsoft Word - ACQUISITION LETTER.doc OPAM Policy Acquisition Guides Chapter 33 - Protests, Disput

  5. Acquisition Guide Chapter 1.3 - Balanced Scorecard Assessment...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    3 - Balanced Scorecard Assessment Program - (March 2004) Acquisition Guide Chapter 1.3 - Balanced Scorecard Assessment Program - (March 2004) Acquisition Guide...

  6. Acquisition Guide Chapter 50.1- Extraordinary Contractual Actions...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Guide Chapter 50.1- Extraordinary Contractual Actions (January 2009) Acquisition Guide Chapter 50.1- Extraordinary Contractual Actions (January 2009) The purpose of...

  7. Carbon Compliance Acquisition 16 Limited | Open Energy Information

    Open Energy Info (EERE)

    Compliance Acquisition 16 Limited Jump to: navigation, search Name: Carbon Compliance Acquisition 16 Limited Place: United Kingdom Zip: LS12DS Product: Security broking and fund...

  8. POLICY GUIDANCE MEMORANDUM #09A Direct Hire Authority for Acquisition...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    09A Direct Hire Authority for Acquisition Positions (Expired) POLICY GUIDANCE MEMORANDUM 09A Direct Hire Authority for Acquisition Positions (Expired) THIS GUIDANCE HAS EXPIRED...

  9. Microsoft PowerPoint - Surash.AcquisitionProjectMgmt.042909

    Office of Environmental Management (EM)

    Management Advisory Board J. E. Surash, P. E. Deputy Assistant Secretary Acquisition and Project Management April 29, 2009 2 Agenda Update on FY09 Plan for Acquisition &...

  10. Green Lease Policies and Procedures for Lease Acquisition | Department...

    Energy Savers [EERE]

    Green Lease Policies and Procedures for Lease Acquisition Green Lease Policies and Procedures for Lease Acquisition PDF icon RSL-2007-12 More Documents & Publications Attachment 1:...

  11. Acquisition Letter No. 2012-06 | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    Financial Assistance Policy Division Office of Policy Office of Acquisition and Project Management SUBJECT: Acquisition Letter on the Implications of Time-Limited Funds SUMMARY:...

  12. Acquisition Letter No. AL 2014-07 | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Acquisition Letter 07 - Benchmark Compensation Amount for Individual Executive Salary Actions SUMMARY: The purpose of Acquisition Letter (AL) 2014-07 is to establish the...

  13. Attached is Policy Flash 2013-44 Acquisition Guide- Allowability...

    Energy Savers [EERE]

    Attached is Policy Flash 2013-44 Acquisition Guide- Allowability of Incurred Costs Attached is Policy Flash 2013-44 Acquisition Guide- Allowability of Incurred Costs Attached is...

  14. DOE Announces Acquisition Strategy for Post Fiscal Year 2016...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Announces Acquisition Strategy for Post Fiscal Year 2016 Legacy Cleanup at Los Alamos DOE Announces Acquisition Strategy for Post Fiscal Year 2016 Legacy Cleanup at Los Alamos...

  15. Program & Project Management For The Acquisition Of Capital Assets...

    Broader source: Energy.gov (indexed) [DOE]

    More Documents & Publications Program & Project Management For The Acquisition Of Capital Assets Program & Project Management For The Acquisition Of Capital Assets PARS II...

  16. Program and Project Management for the Acquisition of Capital...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    3.3B, Program and Project Management for the Acquisition of Capital Assets by Jay Glascock Functional areas: Acquisition, Defense Nuclear Facility Safety and Health Requirement,...

  17. Contracts Awarded for Acquisition of Crude Oil for the Strategic...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Contracts Awarded for Acquisition of Crude Oil for the Strategic Petroleum Reserve Contracts Awarded for Acquisition of Crude Oil for the Strategic Petroleum Reserve January 16, ...

  18. DOE to Resume Filling Strategic Petroleum Reserve: Oil Acquisition...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Resume Filling Strategic Petroleum Reserve: Oil Acquisition Slated for 2009 DOE to Resume Filling Strategic Petroleum Reserve: Oil Acquisition Slated for 2009 January 2, 2009 - ...

  19. Carbon Compliance Acquisition 5 Limited | Open Energy Information

    Open Energy Info (EERE)

    Compliance Acquisition 5 Limited Jump to: navigation, search Name: Carbon Compliance Acquisition 5 Limited Place: Greater London, United Kingdom Zip: EC2M 2TD Sector: Carbon...

  20. "Supervisory Control and Data Acquisition (SCADA) Systems." The...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    "Supervisory Control and Data Acquisition (SCADA) Systems." The CIP Report. Vol 7 No 8 "Supervisory Control and Data Acquisition (SCADA) Systems." The CIP Report. Vol 7 No 8 ...