National Library of Energy BETA

Sample records for ami system security

  1. Microsoft Word - AMI System Security Requirements - v1_01-1.doc

    Energy Savers [EERE]

    UCAIUG: AMI-SEC-ASAP AMI System Security Requirements V1.01 ASAP 12/17/2008 AMI System Security Specification v1.0 Page i Executive Summary 1 This document provides the utility industry and vendors with a set of security requirements for 2 Advanced Metering Infrastructure (AMI). These requirements are intended to be used in the 3 procurement process, and represent a superset of requirements gathered from current cross- 4 industry accepted security standards and best practice guidance documents.

  2. AMI System Security Requirements - v1_01-1 | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    PDF icon AMI System Security Requirements - v101-1 More Documents & Publications Cyber Security Procurement Language for Control Systems Version 1.8 Hallmark Cryptographic Serial ...

  3. AMI FW UPGRADEABILITY TEST PROCEDURE AND SECURITY ASSESSMENT

    SciTech Connect (OSTI)

    Snyder, Isabelle B

    2014-01-01

    The National Institute of Standards and Technology (NIST) is producing NISTIR 7823 to define test requirements for Smart Meter upgradability. The term Smart Meter refers specifically to advanced electric meters being deployed to enhance management of electricity distribution for residential and industrial consumers. The underlying functional and security requirements for Smart Meter upgradability are specified in NEMA standard SG-AMI 1-2009. The purpose of NISTIR 7823 is to describe conformance test requirements that may be used voluntarily by testers and/or test laboratories to determine whether Smart Meters and Upgrade Management Systems conform to the requirements of NEMA SG-AMI 1-2009.

  4. XTD-4's Amy Bauer | National Security Science Magazine | Los...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Storage Site from the Las Conchas Wildfire Identifying Foreign Nuclear Explosives XTD-4's Amy Bauer Russian Lab Directors Tour LANL SARA Cadets and Midshipmen Hit the Ground...

  5. Security Analysis of Selected AMI Failure Scenarios Using Agent Based Game Theoretic Simulation

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T

    2014-01-01

    Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our analysis on the Advanced Metering Infrastructure (AMI) functional domain which the National Electric Sector Cyber security Organization Resource (NESCOR) working group has currently documented 29 failure scenarios. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain. From these five selected scenarios, we characterize them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrates how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.

  6. Microsoft Word - NSTB_AMI_SecurityConsiderationsV4.doc

    Energy Savers [EERE]

    SANDIA REPORT SAND2007-7327 Unlimited Release Printed November 2007 Advanced Metering Infrastructure Security Considerations Raymond C. Parks Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 and Livermore, California 94550 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000. Approved for public release; further

  7. Microsoft Word - OE AMI-SEC Requirements Document.doc

    Energy Savers [EERE]

    Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure March 16, 2009 The Advanced Metering Infrastructure Security (AMI-SEC) Task Force announces the release of the AMI System Security Requirements, a first-of-its-kind for the utility industry that will help utilities procure and implement secure components and systems using a common set of security requirements. The utility industry recognizes that AMI changes the face of traditional

  8. Amy Ross

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Amy Ross Amy Ross-Helping kids soar high The Materials Science and Technology Division's Amy Ross is a volunteer pilot and coordinator for the Experimental Aircraft Association's Young Eagles Program. January 9, 2015 Amy Ross Amy Ross owns a bright-yellow 1968 Beechcraft Musketeer Super III called Big Bird. While still on the ground, Ross explains how planes fly to her young visitors and what will happen once they are in the air. As they walk toward the planes, Ross asks, "Can you guess

  9. Amy Ross

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Amy Manheim About Us Amy Manheim - Communication and Outreach Lead, Advanced Manufacturing Office Most Recent Five Questions for an Expert: Paul Scheihing on Industrial Energy Management April 9 5 Questions for an Expert: Bob Gemmer on Combined Heat and Power October 27 The Future of Manufacturing Takes Shape: 3D Printed Car on Display at Manufacturing Summit September 1

    Ross January 9, 2015 Helping kids soar high The Materials Science and Technology Division's Amy Ross is a volunteer pilot

  10. Security system

    DOE Patents [OSTI]

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  11. Faces of Science: Amy Bauer

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Faces of Science: Amy Bauer Amy Bauer switched careers from mathematics and finance to ... by historical accounts related to mathematics and science, today Amy finds herself ...

  12. Amie Sluiter | Bioenergy | NREL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Amie Sluiter Amie Sluiter Scientist Amie.Sluiter@nrel.gov | 303-384-6281 Research Interests Amie Sluiter began research in the biomass-to-ethanol field in 1996. She joined the Biomass Analysis Technologies team at the National Renewable Energy Laboratory (NREL) to provide compositional analysis data on biomass feedstocks and process intermediates for use in pretreatment models and techno-economic analyses. The results of wet chemical analysis provide guidance on feedstock handling, pretreatment

  13. Secure video communications system

    DOE Patents [OSTI]

    Smith, Robert L.

    1991-01-01

    A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  14. Employee Spotlight: Amy Spears

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Amy Spears Amy Spears-Inspired by the "dark place" Amy proved how tough she is on the CMT channel's grueling Broken Skull Challenge. But in everyday life, she's driven to help those around her achieve their fitness goals. spears spears spears spears spears spears 12 3 4 "I'm a mother, but I am also still Amy. I have big goals and dreams and it is so important for me to work towards those while I am raising my kids and, in turn, I think I am a better mom for it." Inspired by

  15. Amy Foster Parish

    Broader source: Energy.gov [DOE]

    Amy Foster Parish is on staff with the Washington State University Extension Energy Program and answers inquiries through the EERE Information Center.

  16. T-592: Cisco Security Advisory: Cisco Secure Access Control System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability T-592: Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password ...

  17. National Security System Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2007-03-08

    The manual provides baseline requirements and controls for the graded protection of the confidentiality, integrity, and availability of classified information and information systems used or operated by the Department of Energy (DOE), contractors, and any other organization on behalf of DOE, including the National Nuclear Security Administration. Cancels DOE M 471.2-2. Canceled by DOE O 205.1B.

  18. Amy B. Demagistris | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Amy B. Demagistris About Us Amy B. Demagistris - Deputy Director, Office of Executive Secretariat

  19. Cyberspace security system

    DOE Patents [OSTI]

    Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

    2014-06-24

    A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

  20. Leveraging AMI data for distribution system model calibration and situational awareness

    SciTech Connect (OSTI)

    Peppanen, Jouni; Reno, Matthew J.; Thakkar, Mohini; Grijalva, Santiago; Harley, Ronald G.

    2015-01-15

    The many new distributed energy resources being installed at the distribution system level require increased visibility into system operations that will be enabled by distribution system state estimation (DSSE) and situational awareness applications. Reliable and accurate DSSE requires both robust methods for managing the big data provided by smart meters and quality distribution system models. This paper presents intelligent methods for detecting and dealing with missing or inaccurate smart meter data, as well as the ways to process the data for different applications. It also presents an efficient and flexible parameter estimation method based on the voltage drop equation and regression analysis to enhance distribution system model accuracy. Finally, it presents a 3-D graphical user interface for advanced visualization of the system state and events. Moreover, we demonstrate this paper for a university distribution network with the state-of-the-art real-time and historical smart meter data infrastructure.

  1. Leveraging AMI data for distribution system model calibration and situational awareness

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Peppanen, Jouni; Reno, Matthew J.; Thakkar, Mohini; Grijalva, Santiago; Harley, Ronald G.

    2015-01-15

    The many new distributed energy resources being installed at the distribution system level require increased visibility into system operations that will be enabled by distribution system state estimation (DSSE) and situational awareness applications. Reliable and accurate DSSE requires both robust methods for managing the big data provided by smart meters and quality distribution system models. This paper presents intelligent methods for detecting and dealing with missing or inaccurate smart meter data, as well as the ways to process the data for different applications. It also presents an efficient and flexible parameter estimation method based on the voltage drop equation andmore » regression analysis to enhance distribution system model accuracy. Finally, it presents a 3-D graphical user interface for advanced visualization of the system state and events. Moreover, we demonstrate this paper for a university distribution network with the state-of-the-art real-time and historical smart meter data infrastructure.« less

  2. Fabrication of AMI Demonstration Blade Begun

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Fabrication of AMI Demonstration Blade Begun - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste

  3. ARM - AMIE Manus - Data Plots

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Manus Related Links amie.png 34h AMIE Home cindy.png 50h CINDY2011 dynamo.png 34h DYNAMO ARM Data Discovery Browse Data Outreach News & Press Blog Backgrounder (PDF, 1.2MB) Education Flyer (PDF, 2.0MB) Images ARM flickr site Official AMIE Logo AMIE Gear Experiment Planning Steering Committee AMIE-MANUS Proposal Abstract AMIE-GAN Proposal Abstract Meetings Cloud Life Cycle Working Group Deployment Operations Science Plan - TWP Manus Site (PDF, 2.1 MB) Science Plan - Gan Island Site (PDF, 2.0

  4. Amy Jiron | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Amy Jiron About Us Amy Jiron - Technology Manager, Building Technologies Office Amy Jiron Amy Jiron manages technology deployment with the Commercial Buildings Integration team at the Department of Energy. Prior to her work with DOE, she served as the executive director of the U.S. Green Building Council Colorado Chapter, advocated for low-impact development with the National Resources Defense Council, and evaluated, commissioned and verified high-performance building design and retrofit

  5. Center for Control System Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Control System Security Critical Infrastructure is at Risk As America's infrastructures have become more complex and interconnected, their operation and control has become more complicated as well. Automated control systems have been widely deployed to operate these infrastructures, and coupled with the networks they use to transfer data are a security vulnerability for the infrastructures they control. The Center for Control System Security at Sandia National Laboratories works with several

  6. Amy Kidd | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Amy Kidd About Us Amy Kidd - Project Officer, State Energy Program Amy Kidd is a Project Officer with the State Energy Program. Most Recent Swept Away by Alternative Energy January 17 Harvesting the Sun at the West Tennessee Solar Farm April 18

  7. Microsoft Word - AMI System Security Requirements - v1_01-1.doc

    Energy Savers [EERE]

    ... 5 minutes, to hourly, to daily, and to monthly. 1641 ... water heaters, and pool pumps) and certain C&I ... in place of operational reserves in generation scheduling. ...

  8. Faces of Science: Amy Clarke

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Amy Clarke March 4, 2015 Minerals to new materials and metallurgy keeps Amy motivated Amy Clarke grew up in the "Copper Country" in Michigan, where she was first exposed to metallurgy and materials science when she attended Michigan Technological University and later graduate school at the Colorado School of Mines. 1:17 Faces of Science: Amy Clarke The cumulative experience and the people at these universities ignited Amy's passion for materials science. - 2 - Today, she performs X-ray

  9. Physical Security Systems | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Announces 2014 Security Professional of the Year Awards Michael Lempke receives NNSA's Gold Medal of Excellence NNSA's Nevada Field Office Transfers Two Armored Vehicles to FBI...

  10. Securing Control Systems Modems

    Energy Savers [EERE]

    Securing America's Clean Energy Future The Office of Energy Efficiency and Renewable Energy (EERE) invests in clean energy technologies that strengthen the economy, reduce dependence on foreign oil, and protect the environment. EERE leverages partnerships with the private sector, state and local governments, DOE national laboratories, and universities to transform the nation's economic engine to one powered by clean energy. EERE Programs 2011 Budget (in $ millions) EERE operates with $1.8

  11. Amy Manheim | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Manheim About Us Amy Manheim - Communication and Outreach Lead, Advanced Manufacturing Office Most Recent Five Questions for an Expert: Paul Scheihing on Industrial Energy ...

  12. Faces of Science: Amy Clarke

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Clarke Amy Clarke and Seth Imhoff of Materials Technology-Metallurgy (MST-6) align a copper density calibration object for a proton radiography experiment. Contact Communications...

  13. ETTP Security Access Control System (ESACS) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) PDF icon ETTP Security Access Control System ...

  14. Cyber Security and Resilient Systems

    SciTech Connect (OSTI)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

  15. Integrated Security System | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    control systems architecture PDF icon Integrated Security System More Documents & Publications Cybersecurity for Energy Delivery Systems 2010 Peer Review Presentations - ...

  16. System and method for secure group transactions

    DOE Patents [OSTI]

    Goldsmith, Steven Y.

    2006-04-25

    A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

  17. AMIE (ARM MJO Investigation Experiment):

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    ... will take place in and around the Indian Ocean from October 2011 to January 2012. AMIE, ... and will allow testing of several of the current hypotheses related to the MJO phenomenon. ...

  18. AMIE (ACRF MJO Investigation Experiment)

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AMIE (ACRF MJO Investigation Experiment) Planning Meeting AMIE Science Steering Committee Chuck Long, Tony DelGenio, Bill Gustafson, Bob Houze, Mike Jensen, Steve Klein, Ruby Leung, Xaihong Liu, Ed Luke, Peter May, Sally McFarlane, Pat Minnis, Courtney Schumacher, Andy Vogelmann, Yi Wang, Xiaoqing Wu, Shaohong Xie Agenda * Proposal due May 1 !!!!!! * Primary purpose of this meeting is discussions and planning in support of completing the proposal * Defining the science and ACRF support needed to

  19. Control Systems Security Standards: Accomplishments And Impacts |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Security Standards: Accomplishments And Impacts Control Systems Security Standards: Accomplishments And Impacts This report describes the accomplishments and impacts of the standards team towards achieving these three goals and describes the follow-on efforts that need to be made toward meeting the priority strategies defined in the DOE/DHS Roadmap to Secure Control Systems in the Energy Sector. PDF icon Control Systems Security Standards: Accomplishments &

  20. ARM - ARM MJO Investigation Experiment (AMIE)

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Related Links amie.png 34h AMIE Home cindy.png 50h CINDY2011 dynamo.png 34h DYNAMO ARM Data Discovery Browse Data Outreach News & Press Blog Backgrounder (PDF, 1.2MB) Education Flyer (PDF, 2.0MB) Images ARM flickr site Official AMIE Logo AMIE Gear Experiment Planning Steering Committee AMIE-MANUS Proposal Abstract AMIE-GAN Proposal Abstract Meetings Cloud Life Cycle Working Group Deployment Operations Science Plan - TWP Manus Site (PDF, 2.1 MB) Science Plan - Gan Island Site (PDF, 2.0 MB)

  1. ARM - AMIE Gan Island - Data Plots

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Gan Related Links amie.png 34h AMIE Home cindy.png 50h CINDY2011 dynamo.png 34h DYNAMO ARM Data Discovery Browse Data Outreach News & Press Blog Backgrounder (PDF, 1.2MB) Education Flyer (PDF, 2.0MB) Images ARM flickr site Official AMIE Logo AMIE Gear Experiment Planning Steering Committee AMIE-MANUS Proposal Abstract AMIE-GAN Proposal Abstract Meetings Cloud Life Cycle Working Group Deployment Operations Science Plan - TWP Manus Site (PDF, 2.1 MB) Science Plan - Gan Island Site (PDF, 2.0

  2. Faces of Science: Amy Bauer

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Bauer March 4, 2015 From finance to forensics: a foundation of inspired problem-solving For Amy Bauer working in science allows her to express her passion for challenges and problem-solving puzzles. The spark that ignited her interest in science was not a single event or person-it was a succession of events leading from a career in finance to forensics. - 2 - 2:46 Faces of Science: Amy Bauer Through her pursuit of intellectually stimulating problems and inspired by historical accounts related to

  3. Failure Impact Analysis of Key Management in AMI Using Cybernomic Situational Assessment (CSA)

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Hauser, Katie R; Lantz, Margaret W; Mili, Ali

    2013-01-01

    In earlier work, we presented a computational framework for quantifying the security of a system in terms of the average loss a stakeholder stands to sustain as a result of threats to the system. We named this system, the Cyberspace Security Econometrics System (CSES). In this paper, we refine the framework and apply it to cryptographic key management within the Advanced Metering Infrastructure (AMI) as an example. The stakeholders, requirements, components, and threats are determined. We then populate the matrices with justified values by addressing the AMI at a higher level, rather than trying to consider every piece of hardware and software involved. We accomplish this task by leveraging the recently established NISTR 7628 guideline for smart grid security. This allowed us to choose the stakeholders, requirements, components, and threats realistically. We reviewed the literature and selected an industry technical working group to select three representative threats from a collection of 29 threats. From this subset, we populate the stakes, dependency, and impact matrices, and the threat vector with realistic numbers. Each Stakeholder s Mean Failure Cost is then computed.

  4. Roadmap to Secure Control Systems in the Energy Sector - January...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy Sector - January 2006 Roadmap to Secure Control Systems in the Energy Sector - January 2006 This document, the Roadmap to Secure...

  5. ARM - AMIE Field Campaign

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Journal Articles Collaborations Atmospheric System Research (ASR) Propose a Campaign Submitting Proposals: Guidelines Featured Campaigns Campaign Data List of Campaigns...

  6. Pantex Occupational Health System (OHS), National Nuclear Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security ...

  7. Pantex Occupational Health System (OHS), National Nuclear Security...

    Energy Savers [EERE]

    Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security...

  8. Cyberspace Security Econometrics System (CSES)

    Energy Science and Technology Software Center (OSTI)

    2012-07-27

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for themore » criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement.« less

  9. Amy LaFountain | Photosynthetic Antenna Research Center

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Amy B. Demagistris About Us Amy B. Demagistris - Deputy Director, Office of Executive Secretariat

    Amy LaFountain Amy LaFountain placeholder image Amy LaFountain Research Affiliate Technical Assocaite E-mail: amy.lafountain@uconn.edu Website: University of Connecticut Research and Technical

  10. Developing Secure Power Systems Professional Competence: Alignment...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    resources that can aid in the accelerating need for Secure Power Systems Professionals, ... and competencies along with assessing the need and qualifications for a certification ...

  11. Secure videoconferencing equipment switching system and method

    DOE Patents [OSTI]

    Hansen, Michael E.

    2009-01-13

    A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

  12. Classified Automated Information System Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1994-07-15

    To establish uniform requirements, policies, responsibilities, and procedures for the development and implementation of a Department of Energy (DOE) Classified Computer Security Program to ensure the security of classified information in automated data processing (ADP) systems. Cancels DOE O 5637.1. Canceled by DOE O 471.2.

  13. Amy Royden-Bloom | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Royden-Bloom About Us Amy Royden-Bloom - State Energy Program Supervisor Most Recent Warding Off Energy Vampires and Phantom Loads October 31

  14. DOE and Industry Showcase New Control Systems Security Technologies...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Delivery Systems Cybersecurity Control Systems Security News Archive DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH DOE and ...

  15. GAO Challenges and Efforts to Secure Control Systems (March 2004...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    GAO Challenges and Efforts to Secure Control Systems (March 2004) GAO Challenges and Efforts to Secure Control Systems (March 2004) Computerized control systems perform vital ...

  16. Recommended Practice for Securing Control System Modems

    SciTech Connect (OSTI)

    James R. Davidson; Jason L. Wright

    2008-01-01

    This paper addresses an often overlooked backdoor into critical infrastructure control systems created by modem connections. A modems connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

  17. Situated Usability Testing for Security Systems

    SciTech Connect (OSTI)

    Greitzer, Frank L.

    2011-03-02

    While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused on matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.

  18. Secure videoconferencing equipment switching system and method

    DOE Patents [OSTI]

    Dirks, David H; Gomes, Diane; Stewart, Corbin J; Fischer, Robert A

    2013-04-30

    Examples of systems described herein include videoconferencing systems having audio/visual components coupled to a codec. The codec may be configured by a control system. Communication networks having different security levels may be alternately coupled to the codec following appropriate configuration by the control system. The control system may also be coupled to the communication networks.

  19. Control Systems Cyber Security Standards Support Activities

    SciTech Connect (OSTI)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  20. Secure and Efficient Routable Control Systems

    SciTech Connect (OSTI)

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  1. Laser-guidance systems, security classification. Instruction

    SciTech Connect (OSTI)

    Flickinger, A.

    1982-12-03

    The Instruction reissues Department of Defense (DoD) Instruction 5210.62, April 25, 1980, and prescribes policies, standards, and criteria governing the security classification of information pertaining to any laser-guidance system that is developed in whole or in part with information or knowledge obtained from or developed for the Department of Defense; and provides guidance to DoD Components responsible for issuing security classification guides for individual systems and equipment under their control.

  2. Roadmap to Secure Control Systems in the Energy: Executive Summary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 This document, the Roadmap to...

  3. National SCADA Test Bed - Enhancing control systems security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    National SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) National SCADA Test Bed - Enhancing control systems security in the energy sector...

  4. DOE and Industry Showcase New Control Systems Security Technologies...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    and Industry Showcase New Control Systems Security Technologies at DistribuTECH DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH March 25, 2010 - ...

  5. Zicom Electronic Security Systems Ltd | Open Energy Information

    Open Energy Info (EERE)

    Security Systems Ltd. Place: Mumbai, Maharashtra, India Zip: 400093 Sector: Solar, Wind energy Product: Mumbai-based electronic security systems integrator. The firm plans to...

  6. Control Systems Cyber Security: Defense in Depth Strategies ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Security: Defense in Depth Strategies Control Systems Cyber Security: Defense in ... strategies for organizations that use control system networks while maintaining a ...

  7. Mitigations for Security Vulnerabilities Found in Control System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Mitigations for Security Vulnerabilities Found in Control System Networks Mitigations for Security Vulnerabilities Found in Control System Networks Industry is aware of the need ...

  8. National SCADA Test Bed - Enhancing control systems security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) National SCADA Test Bed - Enhancing control systems security in the energy sector ...

  9. A Summary of Control System Security Standards Activities in...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) A Summary of Control System Security Standards Activities in the Energy Sector ...

  10. Common Cyber Security Vulnerabilities Observed in Control System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by ...

  11. Recommended Practice for Securing Control System Modems | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Practice for Securing Control System Modems Recommended Practice for Securing Control System Modems This paper addresses an often overlooked "backdoor" into critical infrastructure ...

  12. PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PDF icon PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE More Documents & Publications PIA - INL Education Programs Business Enclave Manchester Software 1099 Reporting PIA, Idaho National Laboratory PIA - INL PeopleSoft - Human Resource System

  13. Design tools for complex dynamic security systems.

    SciTech Connect (OSTI)

    Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III; Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

    2007-01-01

    The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

  14. Selecting RMF Controls for National Security Systems

    SciTech Connect (OSTI)

    Witzke, Edward L.

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  15. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  16. information systems | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    information systems NNSA's G2 Management Information System Wins Association for Enterprise Information's (AFEI) "Excellence in Enterprise Information Award" The G2 team and the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information Award. (WASHINGTON, D.C) - The National Nuclear Security Administration (NNSA) has received the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information

  17. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Does not cancel other directives. Canceled by DOE O 205.1B

  18. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  19. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09. Canceled by DOE O 205.1B.

  20. Pantex Occupational Health System (OHS), National Nuclear Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Administration Pantex Site Office | Department of Energy Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office PDF icon Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office More Documents &

  1. Information System Security Manager (ISSM) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Information Security System Manager (ISSM) is designated by an operating unit's (DOE organization or site) Senior Manager to manage the unit's cyber security program. ...

  2. Electronic DOE Information Security System (eDISS) PIA, Office...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    DOE Information Security System (eDISS) PIA, Office of Health Safety and Security ... Integrated Safety Management Workshop Registration, PIA, Idaho National Laboratory ...

  3. PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION ... 1099 Reporting PIA, Idaho National Laboratory PIA - INL PeopleSoft - Human Resource ...

  4. Secure Control Systems for the Energy Sector

    SciTech Connect (OSTI)

    Smith, Rhett; Campbell, Jack; Hadley, Mark

    2012-03-31

    Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

  5. Classified Information Systems Security Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1999-08-03

    This Manual provides requirements and implementation instructions for the graded protection of the confidentiality, integrity, and availability of information processed on all automated information systems used to collect, create, process, transmit, store, and disseminate classified information by, or on behalf of, the Department of Energy (DOE). DOE N 205.4 cancels Chapter III section 8, Incident Reporting, and DOE N 205.3 cancels Chapter VI, paragraph 4j(2), 4j(6); and Chapter VII, paragraph 12a(2)(a). Cancels: DOE M 5639.6A-1. Canceled by DOE M 205.1-4.

  6. Aerial Monitoring System | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Aerial Monitoring System NNSA to Participate in Aerial Radiation Training Exercise in Philadelphia, Pennsylvania (WASHINGTON, D.C.) - On March 21 through March 24, the Department of Energy's National Nuclear Security Administration (NNSA) will participate in a federal and state/local training exercise in Philadelphia that will also include the Philadelphia Police Department and the Departments of Defense,

  7. Comparison of Routable Control System Security Approaches

    SciTech Connect (OSTI)

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  8. QER- Comment of Amy Borezo

    Broader source: Energy.gov [DOE]

    To Whom it May Concern, I am a citizen of the Commonwealth of Massachusetts and I vehemently oppose the construction of new Natural Gas Pipelines in Massachusetts, and specifically the newly proposed expansion pipeline that may traverse my rural town in North Central Mass. If tariffs are to be imposed on electric customers to provide more electricity to the region, these tariffs should be used to fund expansion of renewable energy sources, not a continued dependence on fossil fuels like natural gas. The process of procuring natural gas is harmful to the environment and the methane leaks that occur during the procurement and transit process have a negative impact on the reduction of greenhouse gas emissions. Natural gas is not a clean energy source. We know what those are and we should be investing heavily in them. Conservation and energy efficiency programs should continue to be heavily expanded. Not only is the expansion of natural gas pipelines a bad environmental choice, it's also a bad economic choice. The signs seem clear that while there may be a drop in natural gas prices at the outset of an expansion, the over-reliance on fossil fuels over the long term will cause increased pressure on markets that will demand more and more of a non-renewable resource. We have seen this play out with oil, and it clearly is already happening with the natural gas market. Let's invest only in sources of energy that are renewable. Renewable sources will clearly produce more stable prices for the long term and are truly "clean". To do anything else is governing irresponsibly, ignoring basic facts and thinking of only short term gain to the detriment of the global environment and the stability of our economy in the future. Sincerely, Amy Borezo

  9. ORO Office Safeguards and Security Clearance Tracking System and Visitor

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Control System PIA, Oak Ridge Operations Office | Department of Energy Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office PDF icon ORO Office Safeguards and Security Clearance Tracking

  10. Security Profile Inspector for UNIX Systems

    Energy Science and Technology Software Center (OSTI)

    1995-04-01

    SPI/U3.2 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Authentication Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configurationmore » Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX system security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

  11. System and method for key generation in security tokens

    DOE Patents [OSTI]

    Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.; Pooser, Raphael C.; Prowell, Stacy J.

    2015-10-27

    Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

  12. System and method for key generation in security tokens

    DOE Patents [OSTI]

    Evans, Philip G; Humble, Travis S; Paul, Nathanael R; Pooser, Raphael C; Prowell, Stacy J

    2015-11-05

    Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

  13. Information System Security Officer (ISSO) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Officer (ISSO) Information System Security Officer (ISSO) digital-388075_960_720.jpg The Information System Security Officer (ISSO) is responsible to the Information System Security Manager (SSM), information owner, and system owner for ensuring a proper security posture is in place. PDF icon ISSO Core Competency Training Worksheet More Documents & Publications Cybersecurity Program Manager (CSPM) Authorizing Official Designated Representative (AODR) Information System Owner (ISO

  14. PIA - Security Clearance Work Tracking and Budget System | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Work Tracking and Budget System PIA - Security Clearance Work Tracking and Budget System PIA - Security Clearance Work Tracking and Budget System PDF icon PIA - Security Clearance Work Tracking and Budget System More Documents & Publications Freedom of Information and Privacy Act Database PIA, Idaho Operations Office PIA - INL Education Programs Business Enclave Integrated Safety Management Workshop Registration, PIA, Idaho National Laboratory

  15. Ultra Safe And Secure Blasting System

    SciTech Connect (OSTI)

    Hart, M M

    2009-07-27

    The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

  16. Roadmap to Secure Control Systems in the Energy Sector 2006 ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation ...

  17. ARM MJO Investigation Experiment on Gan Island (AMIE-Gan) Science Plan

    SciTech Connect (OSTI)

    Long, CL; Del Genio, A; Deng, M; Fu, X; Gustafson, W; Houze, R; Jakob, C; Jensen, M; Johnson, R; Liu, X; Luke, E; May, P; McFarlane, S; Minnis, P; Schumacher, C; Vogelmann, A; Wang, Y; Webster, P; Xie, S; Zhang, C

    2011-04-11

    The overarching campaign, which includes the ARM Mobile Facility 2 (AMF2) deployment in conjunction with the Dynamics of the Madden-Julian Oscillation (DYNAMO) and the Cooperative Indian Ocean experiment on intraseasonal variability in the Year 2011 (CINDY2011) campaigns, is designed to test several current hypotheses regarding the mechanisms responsible for Madden-Julian Oscillation (MJO) initiation and propagation in the Indian Ocean area. The synergy between the proposed AMF2 deployment with DYNAMO/CINDY2011, and the corresponding funded experiment on Manus, combine for an overarching ARM MJO Investigation Experiment (AMIE) with two components: AMF2 on Gan Island in the Indian Ocean (AMIE-Gan), where the MJO initiates and starts its eastward propagation; and the ARM Manus site (AMIE-Manus), which is in the general area where the MJO usually starts to weaken in climate models. AMIE-Gan will provide measurements of particular interest to Atmospheric System Research (ASR) researchers relevant to improving the representation of MJO initiation in climate models. The framework of DYNAMO/CINDY2011 includes two proposed island-based sites and two ship-based locations forming a square pattern with sonde profiles and scanning precipitation and cloud radars at both island and ship sites. These data will be used to produce a Variational Analysis data set coinciding with the one produced for AMIE-Manus. The synergy between AMIE-Manus and AMIE-Gan will allow studies of the initiation, propagation, and evolution of the convective cloud population within the framework of the MJO. As with AMIE-Manus, AMIE-Gan/DYNAMO also includes a significant modeling component geared toward improving the representation of MJO initiation and propagation in climate and forecast models. This campaign involves the deployment of the second, marine-capable, AMF; all of the included measurement systems; and especially the scanning and vertically pointing radars. The campaign will include sonde launches at a rate of eight per day for the duration of the deployment. The increased sonde launches for the entire period matches that of the AMIE-Manus campaign and makes possible a far more robust Variational Analysis forcing data set product for the entire campaign, and thus better capabilities for modeling studies and synergistic research using the data from both AMIE sites.

  18. Control Systems Security Test Center - FY 2004 Program Summary

    SciTech Connect (OSTI)

    Robert E. Polk; Alen M. Snyder

    2005-04-01

    In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nations critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

  19. Security

    Broader source: Energy.gov [DOE]

    Security refers to the security of the stream of principal and interest repayments and what happens in the event that a secured loan defaults.

  20. Roadmap to Secure Control Systems in the Energy Sector 2006 ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop Presentation by Hank Kenchington on the 2006 roadmap to secure control ...

  1. Roadmap to Secure Control Systems in the Energy Sector

    Energy Savers [EERE]

    ... World market study of SCADA, energy management systems and ... SCADA systems security measures: Current adoption and usage ... August 2005. www.infragard.netlibrarycongress05...

  2. STAR: The Secure Tranportable Autonomous Reactor system, Encapsulated...

    Office of Scientific and Technical Information (OSTI)

    STAR: The Secure Tranportable Autonomous Reactor system, Encapsulated Fission Heat Source. ... Nuclear Energy Space and Defense Power Systems Word Cloud More Like This Full Text ...

  3. Cyber Security Procurement Language for Control Systems Version...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Supervisory Control and Data Acquisition (SCADA), Process ...

  4. Security Framework for Control System Data Classification and...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Framework for Control System Data Classification and Protection Security Framework for Control System Data Classification and Protection This document presents a data ...

  5. Prototype system brings advantages of wireless technology to secure

    National Nuclear Security Administration (NNSA)

    environment | National Nuclear Security Administration Prototype system brings advantages of wireless technology to secure environment Thursday, December 19, 2013 - 3:58pm Wireless networks have become commonplace in homes, restaurants and retail environments, but up until now, they have not been suitable for secure environments. That may be about to change. NNSA's Savannah River Tritium Enterprise (SRTE) has begun a year-long test using secure wireless technology in a tritium air monitoring

  6. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect (OSTI)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  7. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect (OSTI)

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  8. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  9. Process Control Systems in the Chemical Industry: Safety vs. Security

    SciTech Connect (OSTI)

    Jeffrey Hahn; Thomas Anderson

    2005-04-01

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nations critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  10. Control Systems Security News Archive | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu Announces Latest Efforts to Address Cybersecurity August 2010: - DOE 2010 Cybersecurity Peer Review Update March 2010 - DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH Feb. 2010 - DOE Issues National Energy Sector Cyber Organization Notice of Intent Nov. 2009 - New TCIPG Research Program Builds on Past Successes with Nearly $18.8 Million DOE

  11. List of Major Information Systems,National Nuclear Security Administration

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ADaPT Networked: | Department of Energy List of Major Information Systems,National Nuclear Security Administration ADaPT Networked: List of Major Information Systems,National Nuclear Security Administration ADaPT Networked: List of Major Information Systems, Defense Line of Business National Nuclear Security Administration ADaPT Networked: Develops and deploys emerging information networking technology to production processes in support of the U.S. nuclear weapons stockpile. National Nuclear

  12. Electronic DOE Information Security System (eDISS) PIA, Office of Health

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Safety and Security | Department of Energy DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security PDF icon Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security More Documents & Publications Integrated Safety Management Workshop

  13. Design of a physical security perimeter fencing system.

    SciTech Connect (OSTI)

    Mack, Thomas Kimball; Ross, Michael P.; Lin, Han Wei

    2010-10-01

    Design of a physical security perimeter fencing system requires that security designers provide effective detection, delay, and response functionalities with minimal nuisance alarms. In addition, the designers must take into considerations the security fence system life cycle cost (equipment and grounds maintenance), complexity of the terrain, safety, and environmental conditions (location of where the security fence will be installed). Often, these factors drive the security designers to design a perimeter intrusion detection and assessment system (PIDAS) that includes: (1) larger than desired footprint, (2) one or more animal control fences to minimize the nuisance alarm rate (NAR), and (3) clear zones and an isolation zone to facilitate intrusion detection and assessment by keeping the fence lines clear of vegetation, trash, and other objects that could impede the security system's performance. This paper presents a two-tier PIDAS design that focuses on effective performance specifically in high probability of detection and low NAR that minimizes cost and the footprint of the system.

  14. Roadmap to Secure Control Systems in the Energy: Executive Summary

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    T his document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a ... The Roadmap provides a strategic framework for guiding industry and government efforts ...

  15. Project Management and Systems Support | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    Project Management and Systems Support | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation ...

  16. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    SciTech Connect (OSTI)

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  17. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    SciTech Connect (OSTI)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  18. Secure control systems with application to cyber-physical systems

    SciTech Connect (OSTI)

    Dong, Jin; Djouadi, Seddik M; Nutaro, James J; Kuruganti, Phani Teja

    2014-01-01

    Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

  19. Information security management system planning for CBRN facilities

    SciTech Connect (OSTI)

    Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

  20. Control Systems Security Standards: Accomplishments & Impacts

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    ... key outcomes? * 5.1.4 What key issues did this uncover? * ... October 2004. AGA Report No. 12 Part 1 Cryptographic ... for information security management, June 2005. ISO 27001 ...

  1. AMIE Gan Island Ancillary Disdrometer Field Campaign Report (Program

    Office of Scientific and Technical Information (OSTI)

    Document) | SciTech Connect SciTech Connect Search Results Program Document: AMIE Gan Island Ancillary Disdrometer Field Campaign Report Citation Details In-Document Search Title: AMIE Gan Island Ancillary Disdrometer Field Campaign Report As part of the U.S. Department of Energy (DOE)'s Atmospheric Radiation Measurement Climate Research Facility (ARM) Madden-Julian Oscillation (MJO) Investigation Experiment (AMIE), in January 2012 a disdrometer observation took place with the second ARM

  2. AmiGO: online access to ontology and annotation data

    SciTech Connect (OSTI)

    Carbon, Seth; Ireland, Amelia; Mungall, Christopher J.; Shu, ShengQiang; Marshall, Brad; Lewis, Suzanna

    2009-01-15

    AmiGO is a web application that allows users to query, browse, and visualize ontologies and related gene product annotation (association) data. AmiGO can be used online at the Gene Ontology (GO) website to access the data provided by the GO Consortium; it can also be downloaded and installed to browse local ontologies and annotations. AmiGO is free open source software developed and maintained by the GO Consortium.

  3. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    SciTech Connect (OSTI)

    Not Available

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  4. NREL: News - New Energy Systems Enhance National Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Energy Systems Enhance National Security Washington D.C., March 14, 2002 Experts from the U.S. Department of Energy's National Renewable Energy Laboratory (NREL) have identified key renewable energy technologies that can be used to strengthen U.S. energy security. "Renewable energy technologies offer the nation powerful tools for enhancing homeland security," NREL Director Richard Truly said today at the National Press Club. More broadly, Truly said, the growing energy contributions

  5. ARM - Field Campaign - AMIE (ACRF MJO Investigation Experiment...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Experiment): Observations of the Madden Julian Oscillation for Modeling Studies Campaign Links AMIE Website ARM Data Discovery Browse Data Comments? We would love to hear...

  6. Evolution in Cloud Population Statistics of the MJO. From AMIE...

    Office of Scientific and Technical Information (OSTI)

    Technical Report: Evolution in Cloud Population Statistics of the MJO. From AMIE Field ... Citation Details In-Document Search Title: Evolution in Cloud Population Statistics of the ...

  7. Evolution in Cloud Population Statistics of the MJO. From AMIE...

    Office of Scientific and Technical Information (OSTI)

    Evolution in Cloud Population Statistics of the MJO. From AMIE Field Observations to ... Citation Details In-Document Search Title: Evolution in Cloud Population Statistics of the ...

  8. security

    National Nuclear Security Administration (NNSA)

    exan-Calvin-Nelson-secures-recognition-for-expertise.aspx">Pantex website.

    Apex Gold discussion fosters international cooperation in run-up to 2016 Nuclear Security Summit...

  9. Common Cyber Security Vulnerabilities Observed in Control System

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Assessments by the INL NSTB Program | Department of Energy Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program This document presents results from 16 control system assessments performed under the NSTB program from 2003 through 2007. Information found in individual stakeholder reports is protected from disclosure. Researchers recognized that

  10. Sandia National Laboratories: National Security Missions: Defense Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and Assessments: Program Areas Defense Systems About Defense Systems & Assessments Program Areas Accomplishments Cybersecurity Programs Program Areas EOD security and defense photo Sandia's engineering, science, and technology expertise helps anticipate and solve the nation's toughest security challenges. Defense Systems & Assessments work is focused in seven main program areas: Information Operations: Information Operations develops technologies that help protect U.S. government,

  11. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  12. Applying New Network Security Technologies to SCADA Systems.

    SciTech Connect (OSTI)

    Hurd, Steven A.; Stamp, Jason E.; Duggan, David P.; Chavez, Adrian R.

    2006-11-01

    Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure %22traditional%22 IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators. 4This page intentionally left blank.

  13. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect (OSTI)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  14. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    DOE Patents [OSTI]

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  15. Security Requirements for Classified Automatic Data Processing Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1985-07-10

    To establish and describe the computer security program for classified automatic data processing (ADP) systems at the Department of Energy (DOE) Headquarters. This directive does not cancel another directive. Canceled by DOE N 251.9.

  16. STAR: The Secure Tranportable Autonomous Reactor system, Encapsulated

    Office of Scientific and Technical Information (OSTI)

    Fission Heat Source. Progress report for period terminating March 31, 2000 (Technical Report) | SciTech Connect STAR: The Secure Tranportable Autonomous Reactor system, Encapsulated Fission Heat Source. Progress report for period terminating March 31, 2000 Citation Details In-Document Search Title: STAR: The Secure Tranportable Autonomous Reactor system, Encapsulated Fission Heat Source. Progress report for period terminating March 31, 2000 Significant progress has been made since the

  17. Marine asset security and tracking (MAST) system

    DOE Patents [OSTI]

    Hanson, Gregory Richard; Smith, Stephen Fulton; Moore, Michael Roy; Dobson, Eric Lesley; Blair, Jeffrey Scott; Duncan, Christopher Allen; Lenarduzzi, Roberto

    2008-07-01

    Methods and apparatus are described for marine asset security and tracking (MAST). A method includes transmitting identification data, location data and environmental state sensor data from a radio frequency tag. An apparatus includes a radio frequency tag that transmits identification data, location data and environmental state sensor data. Another method includes transmitting identification data and location data from a radio frequency tag using hybrid spread-spectrum modulation. Another apparatus includes a radio frequency tag that transmits both identification data and location data using hybrid spread-spectrum modulation.

  18. Pressurized security barrier and alarm system

    DOE Patents [OSTI]

    Carver, D.W.

    1995-04-11

    A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder`s making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed. 7 figures.

  19. Pressurized security barrier and alarm system

    DOE Patents [OSTI]

    Carver, Don W.

    1995-01-01

    A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder's making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed.

  20. Manual of Security Requirements for the Classified Automated Information System Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1994-07-15

    This Manual provides specific instructions and delineates the requirements to ensure the graded security of classified information entrusted to the Department of Energy (DOE) that is processed, stored, transferred, or accessed on Automated Information Systems (AISs) and AIS networks. Canceled by DOE M 471.2-2.

  1. Access Rate Control System | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Access Rate Control System Access Rate Control System The mp4 video format is not supported by this browser. Download video Captions: On Time: 4:03 min Developed to support safeguards and security, the Access Rate Control System (ARCS) controls the speed of entry through full-height turnstiles

  2. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  3. Collaboration Topics - System Software | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration System Software This collaboration focuses on research and development of parallel file system interfaces and tools, system resource management capabilities, operating system evaluation, and software for high-performance interconnects. Current activities include the test and evaluation of technologies and tools associated with the Lustre parallel file system, the development and analysis of middleware to encapsulate application I/O requirements and abstract the capabilities of

  4. emergency management systems | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    systems NNSA sites prepared for disasters using real-time response management system Pantex Emergency Services now uses the Emergency Management Information System, or EMInS. From left: Maribel Martinez, Brenda Graham and Greg Roddahl. One of NNSA's missions is emergency response, so it only makes sense that our sites and labs excel at emergency management on the local level. When... Building International Emergency Management Systems NNSA helps nations develop the core elements of an emergency

  5. Using Multiple Unmanned Systems for a Site Security Task

    SciTech Connect (OSTI)

    Matthew O. Anderson; Curtis W. Nielsen; Mark D. McKay; Derek C. Wadsworth; Ryan C. Hruska; John A. Koudelka

    2009-04-01

    Unmanned systems are often used to augment the ability of humans to perform challenging tasks. While the value of individual unmanned vehicles have been proven for a variety of tasks, it is less understood how multiple unmanned systems should be used together to accomplish larger missions such as site security. The purpose of this paper is to discuss efforts by researchers at the Idaho National Laboratory (INL) to explore the utility and practicality of operating multiple unmanned systems for a site security mission. This paper reviews the technology developed for a multi-agent mission and summarizes the lessons-learned from a technology demonstration.

  6. ARM - Field Campaign - AMIE-Gan Ancillary Disdrometer

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    would love to hear from you Send us a note below or call us at 1-888-ARM-DATA. Send Campaign : AMIE-Gan Ancillary Disdrometer 2012.01.01 - 2012.02.10 Lead Scientist : Mariko Oue...

  7. Aerial Measuring System | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Management Aerial Measuring System AMS Logo NNSA's Aerial Measuring System (AMS) provides specialized airborne radiation detection systems to provide real-time measurements of low levels of air and ground contamination. The AMS team consists of scientists, technicians, pilots, and ground support personnel. These trained experts are in charge of maintaining a state of readiness to respond to a radiological emergency at any time. The team is based out of Nellis Air Force Base in Las Vegas, Nevada,

  8. NNSA Policy System | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    SDs are utilized, in conjunction with the Department's Directives System to indicate how NNSA will implement a Departmental directive in a cost efficient manner. Enterprise ...

  9. Secure Data Transfer Guidance for Industrial Control and SCADA Systems

    SciTech Connect (OSTI)

    Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

    2011-09-01

    This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

  10. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  11. International Monitoring System | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Home International Monitoring System NNSA Contributes to International Efforts to Further Strengthen Detection of Nuclear Explosions Every day, thousands of patients worldwide undergo medical tests, diagnostics, and treatments that use radioactive materials. These vital materials, such as molybdeum-99 (Mo-99), must be produced continuously to keep up with demand. One consequence of some Mo-...

  12. Container Security - part of the CORE system

    Energy Science and Technology Software Center (OSTI)

    2009-10-02

    A data integration system to support the US Customs and Border Protection Officers to supervise and make decisions for container inspections. CORE is designed to act as a framework to bridge the gaps between disparate data integration and delivery of disparate information visualization.

  13. Certification and Accreditation Process for Information Systems Including National Security Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice ensures the effectiveness of security controls on DOE Federal information systems including national security systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. No cancellations. DOE N 205.15, dated 3-18-05, extends this directive until 3-18-06.

  14. Secure Control Systems for the Energy Sector

    SciTech Connect (OSTI)

    Smith, Rhett; Stewart, John; Chavez, Adrian

    2014-09-30

    The Padlock Project is an alliance between Tennessee Valley Authority (TVA), Sandia National Laboratories (SNL), and Schweitzer Engineering Laboratories Inc. (SEL). SEL is the prime contractor on the Padlock project. Rhett Smith (SEL) is the project director and Adrian Chaves (SNL) and John Stewart (TVA) are principle investigators. SEL is the world’s leader in microprocessor-based electronic equipment for protecting electric power systems. The Tennessee Valley Authority, a corporation owned by the U.S. government, provides electricity for 9 million people in parts of seven southeastern states at prices below the national average. TVA, which receives no taxpayer money and makes no profits, also provides flood control, navigation and land management for the Tennessee River system and assists utilities, and state and local governments with economic development.

  15. Critical issues in process control system security : DHS spares project.

    SciTech Connect (OSTI)

    Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

    2010-10-01

    The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

  16. Secure Video Surveillance System Acquisition Software

    Energy Science and Technology Software Center (OSTI)

    2009-12-04

    The SVSS Acquisition Software collects and displays video images from two cameras through a VPN, and store the images onto a collection controller. The software is configured to allow a user to enter a time window to display up to 2 1/2, hours of video review. The software collects images from the cameras at a rate of 1 image per second and automatically deletes images older than 3 hours. The software code operates in amore » linux environment and can be run in a virtual machine on Windows XP. The Sandia software integrates the different COTS software together to build the video review system.« less

  17. T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security

    SciTech Connect (OSTI)

    Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

    2009-07-20

    Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

  18. To: Laura Barhydt, U.S. Department of Energy From: Amy Shepherd, General Counsel, AHRI

    Energy Savers [EERE]

    December 21, 2015 To: Laura Barhydt, U.S. Department of Energy From: Amy Shepherd, General Counsel, AHRI Re: Ex Parte Communication on Department of Energy Guidance for Dry Charged R- 22 Air Conditioning Units and Proposed Test Procedure Language on Units With No Match On December 1, 2015, AHRI staff and representatives of stakeholders who manufacture central air conditioning and heat pump systems met with representatives from the Department of Energy (DOE) to seek clarification and guidance on

  19. What Makes AMIE, the 3D printed home and vehicle, unique?

    Broader source: Energy.gov [DOE]

    AMIE, or the Additive Manufacturing Integrated Energy project, is one of the world’s first 3D printed houses. But it’s not just a house. It’s also a vehicle. It’s also solar panels, and energy storage, and intelligent controls. It’s an entire integrated energy system, and it’s changing how we think about generating, storing, and using energy.

  20. CLASSIFICATION OF THE MGR SAFEGUARDS AND SECURITY SYSTEM

    SciTech Connect (OSTI)

    J.A. Ziegler

    1999-08-31

    The purpose of this analysis is to document the Quality Assurance (QA) classification of the Monitored Geologic Repository (MGR) safeguards and security system structures, systems and components (SSCs) performed by the MGR Safety Assurance Department. This analysis also provides the basis for revision of YMP/90-55Q, Q-List (YMP 1998). The Q-List identifies those MGR SSCs subject to the requirements of DOE/RW-0333P, ''Quality Assurance Requirements and Description'' (QARD) (DOE 1998).

  1. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  2. Sandia National Laboratories: National Security Missions: Defense Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and Assessments: Cybersecurity Programs Cybersecurity Delivering experience & expertise Training the next generation of cyber defenders Cybersecurity computing Defending national security Applying science and engineering to protect cyber systems from malicious attacks Cyber worker inspecting supercomputer Protecting cyberspace An expert team, passionate about defending the nation's critical infrastructure Computer Annex "The cyber threat to our nation is one of the most serious

  3. Control Systems Security Publications Library | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Publications Library Control Systems Security Publications Library Publications Library Repository of documents, listed by topic. (Some of the documents in this section require Adobe Acrobat Reader. You can download a free copy of the Reader by visiting Adobe.) VULNERABILITY REPORTS PERIODICAL ARTICLES ENERGY SECTOR ROADMAP AND ROADMAP IMPLEMENTATION DOE NSTB PROGRAM PLANNING AND RESOURCE DOCUMENTS PROJECT FACT SHEETS TRAINING MATERIALS AND RECOMMENDED PRACTICES ASSESSMENT AND TECHNICAL

  4. A Summary of Control System Security Standards Activities in the Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sector (October 2005) | Department of Energy A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) This document is a compilation of the activities and initiatives concerning control system security that are influencing the standards process in the development of secure communication protocols and systems. Also contained in this report is a comparison of

  5. Capacity Utilization Study for Aviation Security Cargo Inspection Queuing System

    SciTech Connect (OSTI)

    Allgood, Glenn O; Olama, Mohammed M; Lake, Joe E; Brumback, Daryl L

    2010-01-01

    In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The queuing model employed in our study is based on discrete-event simulation and processes various types of cargo simultaneously. Onsite measurements are collected in an airport facility to validate the queuing model. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, throughput, capacity utilization, subscribed capacity utilization, resources capacity utilization, subscribed resources capacity utilization, and number of cargo pieces (or pallets) in the different queues. These metrics are performance indicators of the system s ability to service current needs and response capacity to additional requests. We studied and analyzed different scenarios by changing various model parameters such as number of pieces per pallet, number of TSA inspectors and ATS personnel, number of forklifts, number of explosives trace detection (ETD) and explosives detection system (EDS) inspection machines, inspection modality distribution, alarm rate, and cargo closeout time. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures should reduce the overall cost and shipping delays associated with new inspection requirements.

  6. Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs for Phase 2 of the Secure Power Systems Professional project

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Assante, Michael; Tobey, D. H.; Conway, T. J.; Vanderhorst, Jr, T. J.; Januszewski, III, J.; leo, R.; Perman, K.

    2013-08-26

    This is the final report of Phase 2 of the Secure Power Systems Professional project, a 3 phase project. DOE will post to their website upon release.

  7. Initial CTBT international monitoring system security findings and recommendations

    SciTech Connect (OSTI)

    Craft, R.L.; Draelos, T.J.

    1996-08-01

    An initial security evaluation of the proposed International Monitoring System (IMS) suggests safeguards at various points in the IMS to provide reliable information to the user community. Modeling the IMS as a network of information processing nodes provides a suitable architecture for assessing data surety needs of the system. The recommendations in this paper include the use of public-key authentication for data from monitoring stations and for commands issued to monitoring stations. Other monitoring station safeguards include tamper protection of sensor subsystems, preservation of data (i.e. short-term archival), and limiting the station`s network services. The recommendations for NDCs focus on the need to provide a backup to the IDC for data archival and data routing. Safeguards suggested for the IDC center on issues of reliability. The production of event bulletins should employ {open_quotes}two-man{close_quotes} procedures. As long as the data maintains its integrity, event bulletins can be produced by NDCs as well. The effective use of data authentication requires a sound key management system. Key management systems must be developed for the authentication of data, commands, and event bulletins if necessary. It is recommended that the trust placed in key management be distributed among multiple parties. The recommendations found in this paper offer safeguards for identified vulnerabilities in the IMS with regard to data surety. However, several outstanding security issues still exist. These issues include the need to formalize and obtain a consensus on a threat model and a trust model for the IMS. The final outstanding security issue that requires in-depth analysis concerns the IDC as a potential single point of failure in the current IMS design.

  8. National SCADA Test Bed - Enhancing control systems security in the energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    sector (September 2009) | Department of Energy SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) National SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) Improving the security of energy control systems has become a national priority. Since the mid-1990's, security experts have become increasingly concerned about the threat of malicious cyber attacks on the vital supervisory control and data acquisition (SCADA)

  9. Roadmap to Secure Control Systems in the Energy Sector - January 2006 |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy - January 2006 Roadmap to Secure Control Systems in the Energy Sector - January 2006 This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap

  10. Amy Bauer-Problem-solving fuels passion

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    at the molecular and smaller scales. Understanding the behavior of these systems requires mathematical modeling at those levels. Innovative strategies for a smaller stockpile So in...

  11. Roadmap to Secure Control Systems in the Energy Sector- January 2006

    Broader source: Energy.gov [DOE]

    This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

  12. Roadmap to Secure Control Systems in the Energy: Executive Summary- 2006

    Broader source: Energy.gov [DOE]

    This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

  13. Cost/benefit analysis for video security systems

    SciTech Connect (OSTI)

    1997-01-01

    Dr. Don Hush and Scott Chapman, in conjunction with the Electrical and Computer Engineering Department of the University of New Mexico (UNM), have been contracted by Los Alamos National Laboratories to perform research in the area of high security video analysis. The first phase of this research, presented in this report, is a cost/benefit analysis of various approaches to the problem in question. This discussion begins with a description of three architectures that have been used as solutions to the problem of high security surveillance. An overview of the relative merits and weaknesses of each of the proposed systems is included. These descriptions are followed directly by a discussion of the criteria chosen in evaluating the systems and the techniques used to perform the comparisons. The results are then given in graphical and tabular form, and their implications discussed. The project to this point has involved assessing hardware and software issues in image acquisition, processing and change detection. Future work is to leave these questions behind to consider the issues of change analysis - particularly the detection of human motion - and alarm decision criteria. The criteria for analysis in this report include: cost; speed; tradeoff issues in moving primative operations from software to hardware; real time operation considerations; change image resolution; and computational requirements.

  14. AMIE Gan Island Ancillary Disdrometer Field Campaign Report

    Office of Scientific and Technical Information (OSTI)

    4 AMIE Gan Island Ancillary Disdrometer Field Campaign Report M Oue April 2016 CLIMATE RESEARCH FACILITY DISCLAIMER This report was prepared as an account of work sponsored by the U.S. Government. Neither the United States nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use

  15. AMIE Gan Island Ancillary Disdrometer Field Campaign Report

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    4 AMIE Gan Island Ancillary Disdrometer Field Campaign Report April 2016 M Oue DISCLAIMER This report was prepared as an account of work sponsored by the U.S. Government. Neither the United States nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe

  16. T-592: Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability

    Broader source: Energy.gov [DOE]

    Cisco Secure ACS operates as a centralized RADIUS and TACACS+ server, combining user authentication, user and administrator device access control, and policy control into a centralized identity networking solution.

  17. Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems

    Energy Savers [EERE]

    U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB September 2006 LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS Raymond K. Fink David F. Spencer Rita A. Wells NSTB INL/CON-06-11665 iii ABSTRACT Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems, or components of those systems, were reviewed to identify

  18. Modeling and simulation for cyber-physical system security research, development and applications.

    SciTech Connect (OSTI)

    Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

    2010-02-01

    This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

  19. List of Major Information Systems,National Nuclear Security Administra...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security Administration ADaPT Networked: Develops and deploys emerging information networking technology to production processes in support of the U.S. nuclear weapons stockpile. ...

  20. Securing Wide Area Measurement Systems | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Collectively, these issues affect the overall security of currently functional WAMS infrastructure and its projected future evolution. This effort is motivated by the growing ...

  1. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect (OSTI)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was selected from the list of standards identified in the identification effort. The requirements in these seven standards were then compared against the requirements given in the Framework. This comparison identified gaps (requirements not covered) in both the individual industry standards and in the Framework. In addition to the sector-specific standards reviewed, the team compared the requirements in the cross-sector Instrumentation, Systems, and Automation Society (ISA) Technical Reports (TR) 99 -1 and -2 to the Framework requirements. The Framework defines a set of security classes separated into families as functional requirements for control system security. Each standard reviewed was compared to this template of requirements to determine if the standard requirements closely or partially matched these Framework requirements. An analysis of each class of requirements pertaining to each standard reviewed can be found in the comparison results section of this report. Refer to Appendix A, ''Synopsis of Comparison Results'', for a complete graphical representation of the study's findings at a glance. Some of the requirements listed in the Framework are covered by many of the standards, while other requirements are addressed by only a few of the standards. In some cases, the scope of the requirements listed in the standard for a particular industry greatly exceeds the requirements given in the Framework. These additional families of requirements, identified by the various standards bodies, could potentially be added to the Framework. These findings are, in part, due to the maturity both of the security standards themselves and of the different industries current focus on security. In addition, there are differences in how communication and control is used in different industries and the consequences of disruptions via security breaches to each particular industry that could affect how security requirements are prioritized. The differences in the requirements listed in the Framework and in the various industry standards are due, in part, to differences in the level and purpose of the standards. While the requirements in the Framework are fairly specific, many of the industry standard requirements are more general in nature. Additionally, the Framework requirements, derived from the ''Common Criteria for Information Technology Security Evaluation'', are component-based, while most of the industry standards are system-based. The findings of this study will allow the CSSC Framework Team and the standards organizations responsible for the reviewed standards to quickly grasp the relationship between their requirements and the Framework, as well as the relationship between their standard and other industry sectors. This will help identify areas for future work in developing improved security standards.

  2. Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    to the 2008 ieRoadmap Workshop | Department of Energy 2006 - Presentation to the 2008 ieRoadmap Workshop Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop Presentation by Hank Kenchington on the 2006 roadmap to secure control systems in the energy sector at the ieRoadmap Workshop in Chicago, May 28-29, 2008. PDF icon Roadmap to Secure Control Systems in the Energy Sector More Documents & Publications Security is Not an Option

  3. AMI Communication Requirements to Implement Demand-Response: Applicability of Hybrid Spread Spectrum Wireless

    SciTech Connect (OSTI)

    Hadley, Mark D.; Clements, Samuel L.; Carroll, Thomas E.

    2011-09-30

    While holistically defining the smart grid is a challenge, one area of interest is demand-response. In 2009, the Department of Energy announced over $4 billion in grant and project funding for the Smart Grid. A significant amount of this funding was allotted to utilities for cost sharing projects to deploy Smart Grid technologies, many of whom have deployed and are deploying advanced metering infrastructure (AMI). AMI is an enabler to increase the efficiency of utilities and the bulk power grid. The bulk electrical system is unique in that it produces electricity as it is consumed. Most other industries have a delay between generation and consumption. This aspect of the power grid means that there must be enough generation capacity to meet the highest demand whereas other industries could over produce during off-peak times. This requires significant investment in generation capacity to cover the few days a year of peak consumption. Since bulk electrical storage doesn't yet exist at scale another way to curb the need for new peak period generation is through demand-response; that is to incentivize consumers (demand) to curtail (respond) electrical usage during peak periods. Of the various methods proposed for enabling demand-response, this paper will focus on the communication requirements for creating an energy market using transactional controls. More specifically, the paper will focus on the communication requirements needed to send the peak period notices and receive the response back from the consumers.

  4. Foreign Affairs Information System (FAIS) Early Operational Capability (EOC) network security criteria

    SciTech Connect (OSTI)

    Not Available

    1988-09-12

    The Joint Center for Information Security Technology (JCIST) at Oak Ridge, Tennessee, under an interagency agreement between the Department of State (DOS) and the Department of Energy (DOE), has been tasked with the security certification testing of the Foreign Affairs Information system (FAIS) Early Operational Capability (EOC) software. The basis for this certification is the FAIS (EOC) Security Requirements Allocation (SRA) document. This document defines the security requirements for the FAIS EOC software. Security certification of the FAIS system is the responsibility of the Office of Information Systems Security, Bureau of Diplomatic Security (DS/ST/ISS). The overall FAIS EOC certification will be completed in two general steps. First, a test of a stand-alone FAIS EOC system against the SRA requirements which is currently in progress. Second is a test of all FAIS network system interfaces against the SRA requirements as expanded to adequately address the network security issues. This accumulation of requirements is referred to as the FAIS EOC Network Security Criteria. 5 refs.

  5. SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals. Individual and Team Performance Guidelines

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Conway, T. J.; Tobey, D. H.; Greitzer, Frank L.; Dalton, Angela C.; Pusey, Portia K.

    2015-03-01

    The Secure Power Systems Professional Phase III final report was released last year which an appendix of Individual and Team Performance Guidelines. This new report is that appendix broken out as a standalone document to assist utilities in recruiting and developing Secure Power Systems Professionals at their site.

  6. SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals. Job Profiles

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Conway, T. J.; Tobey, D. H.; Greitzer, Frank L.; Dalton, Angela C.; Pusey, Portia K.

    2015-03-01

    The Secure Power Systems Professional Phase III final report was released last year which an appendix of Job Profiles. This new report is that appendix broken out as a standalone document to assist utilities in recruiting and developing Secure Power Systems Professionals at their site.

  7. Cyber Security Requirements for Wireless Devices and Information Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-11

    The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  8. Risk assessment of climate systems for national security.

    SciTech Connect (OSTI)

    Backus, George A.; Boslough, Mark Bruce Elrick; Brown, Theresa Jean; Cai, Ximing; Conrad, Stephen Hamilton; Constantine, Paul; Dalbey, Keith R.; Debusschere, Bert J.; Fields, Richard; Hart, David Blaine; Kalinina, Elena Arkadievna; Kerstein, Alan R.; Levy, Michael; Lowry, Thomas Stephen; Malczynski, Leonard A.; Najm, Habib N.; Overfelt, James Robert; Parks, Mancel Jordan; Peplinski, William J.; Safta, Cosmin; Sargsyan, Khachik; Stubblefield, William Anthony; Taylor, Mark A.; Tidwell, Vincent Carroll; Trucano, Timothy Guy; Villa, Daniel L.

    2012-10-01

    Climate change, through drought, flooding, storms, heat waves, and melting Arctic ice, affects the production and flow of resource within and among geographical regions. The interactions among governments, populations, and sectors of the economy require integrated assessment based on risk, through uncertainty quantification (UQ). This project evaluated the capabilities with Sandia National Laboratories to perform such integrated analyses, as they relate to (inter)national security. The combining of the UQ results from climate models with hydrological and economic/infrastructure impact modeling appears to offer the best capability for national security risk assessments.

  9. NREL Fills Key Leadership Role for Energy Systems Security and Resilience -

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    News Releases | NREL Fills Key Leadership Role for Energy Systems Security and Resilience April 6, 2015 Dr. Erfan Ibrahim has joined the Energy Department's National Renewable Energy Laboratory as director of Cyber Physical Systems Security and Resilience for NREL's Energy Systems Integration directorate. This critical area of research and development addresses the challenges of integrating clean energy sources into the national energy infrastructure. "Erfan's experience, creativity and

  10. A learning-pattern recognition system for static-line-loading security assessment of power system

    SciTech Connect (OSTI)

    Prasad, N.R.

    1989-01-01

    The methodologies explored in this dissertation address the topic static-line-loading security using a learning pattern recognition approach. A basic issue in the pattern recognition approach is to determine if, indeed, the patterns of power system behavior are separable in terms of secure and insecure classes. Class separability is studied from the viewpoint of both intraset clustering and interset dispersion using feature extraction methodologies. While interset dispersion is examined only to the extent of whether or not it exists, no specific attempts are made to optimize the dispersion through feature selection methodologies. The properties of pattern vectors to exhibit intraset clustering and interset dispersion are explored using two different techniques. These techniques are the Karhunen-Loeve Expansion Method which does not assume any specific statistical distribution for the patterns, and the Minimum Entropy Method which assumes patterns that exhibit Gaussian distributions. Although both methods are fundamentally based on the concept of entropy minimization, the transformational properties that yield clustering are distinctly different. The differences are due to assumptions made regarding the statistical distributions of patterns representing system behavior. The application of patterns based on engineering heuristics and a priori knowledge of the system behavior is shown to provide enhanced classification power in the pattern recognition system. Results for several test systems are documented. The feasibility of utilizing mathematical pattern recognition techniques as a primary information processing system for security assessment and a means to subsequently induce learning is demonstrated. As such, a framework for the development of decision making tools with subsequent inputs to rule-based expert systems is speculated in a learning environment.

  11. Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs—Summary Report

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Assante, Michael; Tobey, D. H.; Conway, T. J.; Vanderhorst, Jr, T. J.; Januszewski, III, J.; Leo, R.; Perman, K.

    2013-07-01

    This document is a summarization of the report, Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs, the final report for phase 2 of the SPSP (DOE workforce study) project.

  12. Cyber Security Procurement Language for Control Systems Version...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    power generators, subway systems, dams, telecommunication systems, natural gas pipelines, and many others. Simply stated, a control system gathers information and then...

  13. An expert system for automating security incident assessment using OPS5 in an Ada environment

    SciTech Connect (OSTI)

    Canales, T.W.; Smart, J.C.

    1988-01-29

    An expert system that automatically assesses security incidents is being developed at Lawrence Livermore National Laboratory. The expert system associates, classifies, and prioritizes monitored sensor events. The outcome of these processes is a dynamic representation of the state of Laboratory security in the form of security ''incidents''. A graphical representation of the incidents is integrated into a map-oriented console monitor that provides the operator with a comprehensive view of incidents and their locations. A prototype expert system has been developed using the OPS5 rule-based language. A large Ada-based program provides control of the map display system and interfaces to the various monitoring and access-control devices. In addition to the expert system operation, the issues and methods involved in integrating the OPS5-based incident-assessment system to the large Ada-based control program are discussed. 7 refs., 7 figs.

  14. LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS

    SciTech Connect (OSTI)

    Ray Fink

    2006-10-01

    The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

  15. DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH

    Broader source: Energy.gov [DOE]

    Join the Department of Energy and its industry partners as they showcase six new products and technologies designed to secure the nation’s energy infrastructure from cyber attack on Tuesday through Thursday, March 23–25. Visit Booth #231 at the DistribuTECH 2010 Conference & Exhibition in Tampa, FL, to see first-hand demonstrations of several newly commercialized control systems security products—each developed through a unique partnership between DOE and industry leaders in the private sector.

  16. Design of a decision fusion rule for power system security assessment

    SciTech Connect (OSTI)

    Chow, J.C.; Zhu, Q.; Fischl, R.; Kam, M. )

    1993-08-01

    An Integrated Decision Support system is designed via sensor fusion techniques, for assessing the security of power systems. The Integrated Decision Support system fuses information from various Approximated System Performance (ASP) models in order to minimize the risk of making the wrong decision under changing operating conditions. It uses the classification decisions provided by different ASP models together with information about their statistical performance (e.g. probabilities of misclassifications) to synthesize the globally optimal decision in the Bayesian risk sense. This global decision is often superior (and in no case inferior) to the one obtained using any single ASP model. The design of the integrated decision support system is illustrated for detecting static voltage collapse by fusing the security information from a set of existing security indices.

  17. Evolution in Cloud Population Statistics of the MJO. From AMIE Field

    Office of Scientific and Technical Information (OSTI)

    Observations to Global-Cloud Permitting Models final report Version 1 (Technical Report) | SciTech Connect Evolution in Cloud Population Statistics of the MJO. From AMIE Field Observations to Global-Cloud Permitting Models final report Version 1 Citation Details In-Document Search Title: Evolution in Cloud Population Statistics of the MJO. From AMIE Field Observations to Global-Cloud Permitting Models final report Version 1 Methods of convective/stratiform precipitation classification and

  18. Using Operational Security (OPSEC) to Support a Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments This document ...

  19. Application of artificial neural networks in power system security and vulnerability assessment

    SciTech Connect (OSTI)

    Qin Zhou; Davidson, J.; Fouad, A.A.

    1994-02-01

    In a companion paper the concept of system vulnerability is introduced as a new framework for power system dynamic security assessment. Using the TEF method of transient stability analysis, the energy margin [Delta]V is used as an indicator of the level of security, and its sensitivity to a changing system parameter p ([partial derivative][Delta]V/[partial derivative]p) as indicator of its trend with changing system conditions. These two indicators are combined to determine the degree of system vulnerability to contingent disturbances in a stability-limited power system. Thresholds for acceptable levels of the security indicator and its trend are related to the stability limits of a critical system parameter (plant generation limits). Operating practices and policies are used to determine these thresholds. In this paper the artificial neural networks (ANNs) technique is applied to the concept of system vulnerability within the recently developed framework, for fast pattern recognition and classification of system dynamic security status. A suitable topology for the neural network is developed, and the appropriate training method and input and output signals are selected. The procedure developed is successfully applied to the IEEE 50-generator test system. Data previously obtained by heuristic techniques are used for training the ANN.

  20. Tools and Methods for Hardening Communication Security of Energy Delivery Systems

    SciTech Connect (OSTI)

    Gadgil, Shrirang; Lin, Yow-Jian; Ghosh, Abhrajit; Samtani, Sunil; Kang, Jaewon; Siegell, Bruce; Kaul, Vikram; Unger, John; De Bruet, Andre; Martinez, Catherine; Vermeulen, Gerald; Rasche, Galen; Sternfeld, Scott; Berthier, Robin; Bobba, Rakesh; Campbell, Roy; Sanders, Williams; Lin, Yow-Jian

    2014-06-30

    This document summarizes the research and development work the TT Government Solutions (TTGS), d.b.a. Applied Communication Sciences (ACS), team performed for the Department of Energy Cybersecurity for Energy Delivery Systems (CEDS) program. It addresses the challenges in protecting critical grid control and data communication, including the identification of vulnerabilities and deficiencies of communication protocols commonly used in energy delivery systems (e.g., ICCP, DNP3, C37.118, C12.22), as well as the development of effective means to detect and prevent the exploitation of such vulnerabilities and deficiencies. The team consists of • TT Government Solutions (TTGS), a leading provider of communications solutions that has extensive experience in commercializing communications solutions. TTGS also has deep cyber security research and development expertise supporting a variety of customers. • University of Illinois at Urbana-Champaign (UIUC), a leader in the cyber security research for the power grid. UIUC brings unique experience in designing secure communication protocols to this project. • Electric Power Research Institute (EPRI), an independent nonprofit that conducts research and development relating to the generation, delivery and use of electricity for the benefit of the public. EPRI brings to this effort its extensive technical expertise and its utility connections, with members representing more than 90 percent of the electricity generated and delivered in the United States. • DTE Energy, the 10th largest electric utility in the US, which helps ensure that this project focuses on the needs of utilities and is rightly positioned to address the needs of the market place. We designed, developed, and demonstrated a modular and extensible ADEC-G (Agent-based, Distributed, Extensible Cybersecurity for the Grid) system for monitoring/detecting abnormal energy delivery systems (EDS) protocol usage and ensuring security coverage. Our approach consists of i. An online system with stateful model based checkers (SMBCs) that helps utilities monitor EDS protocol communication contexts and flag abnormal session behaviors; ii. An offline framework that security tool developers, operators, and auditors can use to verify security properties (leverages formal methods). The modular design of the ADEC-G online system enables its easy extension to cover added protocol features, to introduce new monitoring capabilities, and to apply to additional communication protocols. Its monitoring capabilities and user interface features also facilitate visibilities into ongoing communication patterns and quick grasps of suspicious communication activities. The offline framework provides a platform not only for rigorous validation of security coverage, but also for systematic refinement of checker design leveraging the counter traces generated by the model checking tool. The ADEC-G online monitoring/detection system and the offline validation framework are both operational and have been demonstrated in various settings. The ADEC-G online system has also been integrated into TTGS SecureSmart Managed Security Services offering and been employed to perform security assessment in a section of a utility’s operational network as well as in other Smart Grid security pilot project offerings. TTGS is also in discussions with several system integrators for incorporating the integrated SecureSmart Managed Security Services offering as the cyber security solution for the nce of Operations Technology (OT) and Information Technology (IT).

  1. Electronic DOE Information Security System (eDISS) PIA, Office...

    Energy Savers [EERE]

    Safety Management Workshop Registration, PIA, Idaho National Laboratory Occupational Medicine - Assistant PIA, Idaho National Laboratory Occupational Injury & Illness System...

  2. physical security

    National Nuclear Security Administration (NNSA)

    5%2A en Physical Security Systems http:nnsa.energy.govaboutusourprogramsnuclearsecurityphysicalsecuritysystems

  3. ORO Office Safeguards and Security Clearance Tracking System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Occupational Medicine - Assistant PIA, Idaho National Laboratory ORO Verification of Employment Tracking System(VETS) PIA, Oak ridge Operations Office Integrated Safety Management ...

  4. Energy Sector Security Appliances in a System for Intelligent...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Essence project is focusing on systems that are reactive, detecting potential threats by learning normal operational patterns (using machine intelligence) and monitoring for ...

  5. ORO Office Safeguards and Security Clearance Tracking System...

    Energy Savers [EERE]

    System PIA, Oak Ridge Operations Office More Documents & Publications Occupational Medicine - Assistant PIA, Idaho National Laboratory ORO Verification of Employment Tracking...

  6. Security Metricsfor Process Control Systems | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    This document describes the foundations of metrics, discusses application of these metrics to control system environments, introduces a metrics taxonomy, and suggests usage of ...

  7. Sandia National Laboratories: National Security Missions: Defense Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and Assessments Programs Defense Systems & Assessments Accelerating Innovation for the Warfighter Accelerating Innovation into the Hands of the Warfighter Supporting Ballistic Missile Defense Supporting Ballistic Missile Defense Launching GPS Satellites Launch of GPS satellite About Defense Systems & Assessments Our engineering, science, and technology expertise supports soldiers on the battlefield. About Us Program Areas Our multi-faceted research detects and defends against threats

  8. Computational Systems & Software Environment | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration Computational Systems & Software Environment The mission of this national sub-program is to build integrated, balanced, and scalable computational capabilities to meet the predictive simulation requirements of NNSA. This sub-program strives to provide users of ASC computing resources a stable and seamless computing environment for all ASC-deployed platforms. Along with these powerful systems that ASC will maintain and field the supporting software infrastructure that the

  9. Fast transient security evaluation of power systems by using pattern recognition techniques

    SciTech Connect (OSTI)

    Mokhtari, S.

    1983-01-01

    A power system is a dynamic system. The reaction of a power network to the same set of disturbances is different for various initial equilibrium states. For a given set of contingencies, some of the initial equilibrium states are stable and some of them are unstable. The purpose of this dissertation is to identify if a given operating conditions of the system is stable (secure) or unstable (insecure) for certain disturbances by using real time data. The time required for on-line security analysis can be reduced if pattern recognition techniques are employed. The use of a pattern recognition technique in on-line transient security analysis of power systems is examined. Load magnitudes are treated as random variables with an assumed statistical distribution having a standard deviation of 10%. The simulation technique is applied, off-line, to check system security for the defined set of contingencies. For each initial system condition, the potentially good variables are identified. The number of variables is reduced and variables with the highest discriminatory power are identified. Two decision rules are then developed by using Generalized Square Distance and K-Nearest Neighbor classification techniques. Next, the performance of each classifier is evaluated by using two risk estimating techniques, Jackknife Risk Estimation and Independent Test Risk estimation. The best classifier is identified. Finally, using this classifier, a computer program is developed. This program is capable of predicting, on-line, the security and insecurity of the given power system for any initial system condition within the range defined for the training set. The important features of this program are its accuracy, speed, adaptability and up-dating scheme.

  10. Rapid Deployment Shelter System | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Rapid Deployment Shelter ... Rapid Deployment Shelter System The mp4 video format is not supported by this browser. Download video Captions: On Time: 5:03 min. Originally designed as a mobile surgical suite, the RDSS can also be converted and used for a command, control, logisitics, or operations center

  11. Rapid Deployment Shelter System, Application | Y-12 National Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Complex Rapid Deployment Shelter ... Rapid Deployment Shelter System, Application The mp4 video format is not supported by this browser. Download video Captions: On Time: 3:30 min. The RDSS provides humanitarian and disaster relief first responders with a versatile portable shelter that is rapidly deployed under adverse conditions

  12. NERSC Computer Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security NERSC Computer Security NERSC computer security efforts are aimed at protecting NERSC systems and its users' intellectual property from unauthorized access or modification. Among NERSC's security goal are: 1. To protect NERSC systems from unauthorized access. 2. To prevent the interruption of services to its users. 3. To prevent misuse or abuse of NERSC resources. Security Incidents If you think there has been a computer security incident you should contact NERSC Security as soon as

  13. MODELING AND PERFORMANCE EVALUATION FOR AVIATION SECURITY CARGO INSPECTION QUEUING SYSTEM

    SciTech Connect (OSTI)

    Allgood, Glenn O; Olama, Mohammed M; Rose, Terri A; Brumback, Daryl L

    2009-01-01

    Beginning in 2010, the U.S. will require that all cargo loaded in passenger aircraft be inspected. This will require more efficient processing of cargo and will have a significant impact on the inspection protocols and business practices of government agencies and the airlines. In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, and throughput. These metrics are performance indicators of the system s ability to service current needs and response capacity to additional requests. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures will reduce the overall cost and shipping delays associated with the new inspection requirements.

  14. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    SciTech Connect (OSTI)

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01

    AbstractThis paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  15. Cyber Security Indications and Warning System (SV): CRADA 1573.94 Project Accomplishments Summary

    SciTech Connect (OSTI)

    Hu, Tan Chang; Robinson, David G.

    2011-09-08

    As the national focus on cyber security increases, there is an evolving need for a capability to provide for high-speed sensing of events, correlation of events, and decision-making based on the adverse events seen across multiple independent large-scale network environments. The purpose of this Shared Vision project, Cyber Security Indications and Warning System, was to combine both Sandia's and LMC's expertise to discover new solutions to the challenge of protecting our nation's infrastructure assets. The objectives and scope of the proposal was limited to algorithm and High Performance Computing (HPC) model assessment in the unclassified environment within funding and schedule constraints. The interest is the identification, scalability assessment, and applicability of current utilized cyber security algorithms as applied in an HPC environment.

  16. The use of information technology security assessment criteria to protect specialized computer systems

    SciTech Connect (OSTI)

    Lykov, V.A.; Shein, A.V.; Piskarev, A.S.; Devaney, D.M.; Melton, R.B.; Hunteman, W.J.; Prommel, J.M.; Rothfuss, J.S.

    1997-10-01

    The purpose of this paper is to discuss the information security assessment criteria used in Russia and compare it with that used in the United States. The computer system security assessment criteria utilized by the State Technical Commission of Russia and similar criteria utilized by the US Department of Defense (TCSEC) are intended for the development and implementation of proven methods for achieving a required level of information security. These criteria are utilized, first and foremost, when conducting certification assessments of general purpose systems. The Russian Federation is creating specialized systems for nuclear material control and accountancy (MC and A) within the framework of the international laboratory-to-laboratory collaboration. Depending on the conditions in which the MC and A system is intended to operate, some of the criteria and the attendant certification requirements may exceed those established or may overlap the requirements established for attestation of such systems. In this regard it is possible to modify the certification and attestation requirements depending on the conditions in which a system will operate in order to achieve the ultimate goal--implementation of the systems in the industry.

  17. The theory of diversity and redundancy in information system security : LDRD final report.

    SciTech Connect (OSTI)

    Mayo, Jackson R.; Torgerson, Mark Dolan; Walker, Andrea Mae; Armstrong, Robert C.; Allan, Benjamin A.; Pierson, Lyndon George

    2010-10-01

    The goal of this research was to explore first principles associated with mixing of diverse implementations in a redundant fashion to increase the security and/or reliability of information systems. Inspired by basic results in computer science on the undecidable behavior of programs and by previous work on fault tolerance in hardware and software, we have investigated the problem and solution space for addressing potentially unknown and unknowable vulnerabilities via ensembles of implementations. We have obtained theoretical results on the degree of security and reliability benefits from particular diverse system designs, and mapped promising approaches for generating and measuring diversity. We have also empirically studied some vulnerabilities in common implementations of the Linux operating system and demonstrated the potential for diversity to mitigate these vulnerabilities. Our results provide foundational insights for further research on diversity and redundancy approaches for information systems.

  18. Security Notice | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Notice Security Notice Security Information This website is part of a federal computer system used to accomplish federal functions. Y-12 uses software programs to monitor this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended

  19. SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Behavioral Interview Guidelines by Job Roles

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Conway, T. J.; Tobey, D. H.; Greitzer, Frank L.; Dalton, Angela C.; Pusey, Portia K.

    2015-03-01

    The Secure Power Systems Professional Phase III final report was released last year which an appendix of Behavioral Interview Guidelines by Job Roles. This new report is that appendix broken out as a standalone document to assist utilities in recruiting and developing Secure Power Systems Professionals at their site.

  20. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Milos Manic

    2012-08-01

    The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

  1. News Media Contact: For Immediate Release Amy C. Scales, DOE-SR Wednesday, June 11, 2014

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Contact: For Immediate Release Amy C. Scales, DOE-SR Wednesday, June 11, 2014 (803) 952-7213 amy.caver@srs.gov U.S. Department of Energy Names New Deputy Manager AIKEN, S.C. (June 11, 2014) - The U.S. Department of Energy, Savannah River Operations Office (DOE-SR), announced today the selection of Mr. Terrel "Terry" J. Spears as the Deputy Manager of the Savannah River Site. "We are pleased to have Terry as our Deputy Manager," David Moody, DOE-SR Manager, said. "He has

  2. An efficient wireless power transfer system with security considerations for electric vehicle applications

    SciTech Connect (OSTI)

    Zhang, Zhen; Chau, K. T. Liu, Chunhua; Qiu, Chun; Lin, Fei

    2014-05-07

    This paper presents a secure inductive wireless power transfer (WPT) system for electric vehicle (EV) applications, such as charging the electric devices inside EVs and performing energy exchange between EVs. The key is to employ chaos theory to encrypt the wirelessly transferred energy which can then be decrypted by specific receptors in the multi-objective system. In this paper, the principle of encrypted WPT is first revealed. Then, computer simulation is conducted to validate the feasibility of the proposed system. Moreover, by comparing the WPT systems with and without encryption, the proposed energy encryption scheme does not involve noticeable power consumption.

  3. Cyberspace Security Econometrics System (CSES) - U.S. Copyright TXu 1-901-039

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T; Lantz, Margaret W; Hauser, Katie R

    2014-01-01

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. The Cyberspace Security Econometrics System (CSES) provides a measure (i.e., a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement. The basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings contained in this copyright.

  4. AMIE (ARM MJO Investigation Experiment): Observations of the Madden-Julian Oscillation for Modeling Studies Science Plan

    SciTech Connect (OSTI)

    Long, C; Del Genio, A; Gustafson, W; Houze, R; Jakob, C; Jensen, M; Klein, S; Leung, L Ruby; Liu, X; Luke, E; May, P; McFarlane, S; Minnis, P; Schumacher, C; Vogelmann, A; Wang, Y; Wu, X; Xie, S

    2010-03-22

    Deep convection in the tropics plays an important role in driving global circulations and the transport of energy from the tropics to the mid-latitudes. Understanding the mechanisms that control tropical convection is a key to improving climate modeling simulations of the global energy balance. One of the dominant sources of tropical convective variability is the Madden-Julian Oscillation (MJO), which has a period of approximately 3060 days. There is no agreed-upon explanation for the underlying physics that maintain the MJO. Many climate models do not show well-defined MJO signals, and those that do have problems accurately simulating the amplitude, propagation speed, and/or seasonality of the MJO signal. Therefore, the MJO is a very important modeling target for the ARM modeling community geared specifically toward improving climate models. The ARM MJO Investigation Experiment (AMIE) period coincides with a large international MJO initiation field campaign called CINDY2011 (Cooperative Indian Ocean experiment on intraseasonal variability in the Year 2011) that will take place in and around the Indian Ocean from October 2011 to January 2012. AMIE, in conjunction with CINDY2011 efforts, will provide an unprecedented data set that will allow investigation of the evolution of convection within the framework of the MJO. AMIE observations will also complement the long-term MJO statistics produced using ARM Manus data and will allow testing of several of the current hypotheses related to the MJO phenomenon. Taking advantage of the expected deployment of a C-POL scanning precipitation radar and an ECOR surface flux tower at the ARM Manus site, we propose to increase the number of sonde launches to eight per day starting in about mid-October of the field experiment year, which is climatologically a period of generally suppressed conditions at Manus and just prior to the climatologically strongest MJO period. The field experiment will last until the end of the MJO season (typically March), affording the documentation of conditions before, during, and after the peak MJO season. The increased frequency of sonde launches throughout the experimental period will provide better diurnal understanding of the thermodynamic profiles, and thus a better representation within the variational analysis data set. Finally, a small surface radiation and ceilometer system will be deployed at the PNG Lombrum Naval Base about 6 km away from the ARM Manus site in order to provide some documentation of scale variability with respect to the representativeness of the ARM measurements.

  5. Secure Cryptographic Key Management System (CKMS) Considerations for Smart Grid Devices

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Aldridge, Hal; Duren, Mike; Ricci, Tracy; Bertino, Elisa; Kulatunga, Athula; Navaratne, Uditha Sudheera

    2011-01-01

    In this paper, we examine some unique challenges associated with key management in the Smart Grid and concomitant research initiatives: 1) effectively model security requirements and their implementations, and 2) manage keys and key distribution for very large scale deployments such as Smart Meters over a long period of performance. This will set the stage to: 3) develop innovative, low cost methods to protect keying material, and 4) provide high assurance authentication services. We will present our perspective on key management and will discuss some key issues within the life cycle of a cryptographic key designed to achieve the following: 1) control systems designed, installed, operated, and maintained to survive an intentional cyber assault with no loss of critical function, and 2) widespread implementation of methods for secure communication between remote access devices and control centers that are scalable and cost-effective to deploy.

  6. International Nuclear Security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    International Nuclear Security The International Nuclear Security program collaborates with partners world-wide to improve the security of proliferation-sensitive materials, particularly weapons-usable nuclear material in both civilian and non-civilian use in key countries. As part of these efforts, INS works with partner countries to: Upgrade and sustain physical security and material control and accounting systems; Develop national-level nuclear security infrastructure in areas such as

  7. Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice establishes DOE policy requirements and responsibilities for remote connections to DOE and contractor information technology systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, to protect DOE information and information technology systems commensurate with the risk and magnitude of harm that could result from their unauthorized access, use, disclosure, modification or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06. No cancellations.

  8. Security guide for subcontractors

    SciTech Connect (OSTI)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  9. AMI (Smart Grid Project) (Poland) | Open Energy Information

    Open Energy Info (EERE)

    Remote management of meter systems and obtaining meter data; Activation of clients in energy effectiveness and dispersed generation; Completion of regulatory requirements in...

  10. Security Conditions

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-07-08

    This Notice ensures that DOE uniformly meets the requirements of the Homeland Security Advisory System outlined in Homeland Security Presidential Directive-3, Threat Conditions and Associated Protective Measures, dated 3-11-02, and provides responses specified in Presidential Decision Directive 39, U.S. Policy on Counterterrorism (U), dated 6-21-95. It cancels DOE N 473.8, Security Conditions, dated 8-7-02. Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels DOE N 473.8

  11. GAO-07-1036, CRITICAL INFRASTRUCTURE PROTECTION: Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain

    Energy Savers [EERE]

    Congressional Requesters CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain September 2007 GAO-07-1036 What GAO Found United States Government Accountability Office Why GAO Did This Study Highlights Accountability Integrity Reliability September 2007 CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain Highlights of GAO-07-1036, a report to congressional requesters

  12. Renovated Korean nuclear safety and security system: A review and suggestions to successful settlement

    SciTech Connect (OSTI)

    Chung, W. S.; Yun, S. W.; Lee, D. S.; Go, D. Y.

    2012-07-01

    Questions of whether past nuclear regulatory body of Korea is not a proper system to monitor and check the country's nuclear energy policy and utilization have been raised. Moreover, a feeling of insecurity regarding nuclear safety after the nuclear accident in Japan has spread across the public. This has stimulated a renovation of the nuclear safety regime in Korea. The Nuclear Safety and Security Commission (NSSC) was launched on October 26, 2011 as a regulatory body directly under the President in charge of strengthening independence and nuclear safety. This was a meaningful event as the NSSC it is a much more independent regulatory system for Korea. However, the NSSC itself does not guarantee an enhanced public acceptance of the nuclear policy and stable use nuclear energy. This study introduces the new NSSC system and its details in terms of organization structure, appropriateness of specialty, budget stability, and management system. (authors)

  13. GAO-04-354, CRITICAL INFRASTRUCTURE PROTECTION: Challenges and Efforts to Secure Control Systems

    Energy Savers [EERE]

    Report to Congressional Requesters United States General Accounting Office GAO March 2004 CRITICAL INFRASTRUCTURE PROTECTION Challenges and Efforts to Secure Control Systems GAO-04-354 www.gao.gov/cgi-bin/getrpt?GAO-04-354. To view the full product, including the scope and methodology, click on the link above. For more information, contact Robert F. Dacey at (202) 512-3317 or daceyr@gao.gov. Highlights of GAO-04-354, a report to congressional requesters March 2004 CRITICAL INFRASTRUCTURE

  14. To: Ashley Armstrong, U.S. Department of Energy From: Amy Shepherd, General Counsel, AHRI

    Energy Savers [EERE]

    9, 2015 To: Ashley Armstrong, U.S. Department of Energy From: Amy Shepherd, General Counsel, AHRI Re: Ex Parte Communication on Central Air-Conditioner Test Procedure - ICM Issues On October 8, 2015, AHRI staff and Independent Coil Manufacturer (ICM) Representatives met with a representative from the Department of Energy (DOE) to discuss proposed amended test procedures for central air conditioners and how they would impact ICM manufacturers. The meeting was held at AHRI offices in Arlington,

  15. To: John Cymbalsky, United States Department of Energy From: Amy Shepherd, General Counsel, AHRI

    Energy Savers [EERE]

    25, 2015 To: John Cymbalsky, United States Department of Energy From: Amy Shepherd, General Counsel, AHRI Re: Ex Parte Communication on Commercial Unitary Equipment Rulemaking On February 5, 2015, AHRI staff, Industry Representatives and Energy Efficiency Advocates met to discuss Department of Energy (DOE) rulemakings for commercial furnaces and unitary large equipment. The meeting was held at AHRI offices in Arlington, Virginia. A list of attendees is provided below. At the meeting, the group

  16. To: Laura Barhydt, U.S. Department of Energy From: Amy Shepherd, General Counsel, AHRI

    Energy Savers [EERE]

    17, 2015 To: Laura Barhydt, U.S. Department of Energy From: Amy Shepherd, General Counsel, AHRI Re: Ex Parte Communication on Department of Energy Enforcement Policy Statement for Consumer Water Heaters and Certain Commercial Water Heating Equipment dated October 2, 2015, and Proposed Rulemaking Establishing a Mathematical Conversion Factor for Consumer Water Heaters and Certain Commercial Water Heaters On December 1, 2015, AHRI staff and water heater manufacturer representatives met with

  17. Challenges in Securing the Interface Between the Cloud and Pervasive Systems

    SciTech Connect (OSTI)

    Lagesse, Brent J

    2011-01-01

    Cloud computing presents an opportunity for pervasive systems to leverage computational and storage resources to accomplish tasks that would not normally be possible on such resource-constrained devices. Cloud computing can enable hardware designers to build lighter systems that last longer and are more mobile. Despite the advantages cloud computing offers to the designers of pervasive systems, there are some limitations of leveraging cloud computing that must be addressed. We take the position that cloud-based pervasive system must be secured holistically and discuss ways this might be accomplished. In this paper, we discuss a pervasive system utilizing cloud computing resources and issues that must be addressed in such a system. In this system, the user's mobile device cannot always have network access to leverage resources from the cloud, so it must make intelligent decisions about what data should be stored locally and what processes should be run locally. As a result of these decisions, the user becomes vulnerable to attacks while interfacing with the pervasive system.

  18. Security Council Approval of Kofi

    Energy Savers [EERE]

    Security Control Assessor Security Control Assessor Cyber-security-300x199.jpg The Security Control Assessor (SOA) is responsible for assessing the management, operational, assurance, and technical security controls implemented on an information system via security testing and evaluation (ST&E) methods. The SOA must be independent of system development, operation, and deficiency mitigation. PDF icon Security Control Assessor Core Competency Training Worksheet More Documents &

  19. Communications and control for electric power systems: Power flow classification for static security assessment

    SciTech Connect (OSTI)

    Niebur, D.; Germond, A.

    1993-02-01

    This report investigates the classification of power system states using an artificial neural network model, Kohonen's self-organizing feature map. The ultimate goal of this classification is to assess power system static security in real-time. Kohonen's self-organizing feature map is an unsupervised neural network which maps N-dimensional input vectors to an array of M neurons. After learning, the synaptic weight vectors exhibit a topological organization which represents the relationship between the vectors of the training set. This learning is unsupervised, which means that the number and size of the classes are not specified beforehand. In the application developed in the paper, the input vectors used as the training set are generated by off-line load-flow simulations. The learning algorithm and the results of the organization are discussed.

  20. Communications and control for electric power systems: Power flow classification for static security assessment

    SciTech Connect (OSTI)

    Niebur, D.; Germond, A.

    1993-02-01

    This report investigates the classification of power system states using an artificial neural network model, Kohonen`s self-organizing feature map. The ultimate goal of this classification is to assess power system static security in real-time. Kohonen`s self-organizing feature map is an unsupervised neural network which maps N-dimensional input vectors to an array of M neurons. After learning, the synaptic weight vectors exhibit a topological organization which represents the relationship between the vectors of the training set. This learning is unsupervised, which means that the number and size of the classes are not specified beforehand. In the application developed in the paper, the input vectors used as the training set are generated by off-line load-flow simulations. The learning algorithm and the results of the organization are discussed.

  1. safety and security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    safety and security

  2. T-582: RSA systems has resulted in certain information being extracted from RSA systems that relates to RSA SecurID

    Broader source: Energy.gov [DOE]

    RSA investigation has revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is related to RSA's SecurID two-factor authentication products.

  3. Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

    2005-12-01

    Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

  4. Lemnos Interoperable Security Program

    Energy Savers [EERE]

    Lemnos Interoperable Security Program Creating common language and metrics for describing functions of network security tools and testing for interoperability As energy control systems employ more Internet-based features and routable communication methods, the need grows for enhanced security functions, such as frewalls, virtual private networks (VPNs), and intrusion detection systems. When purchasing network security products, today's control systems users cannot adequately compare products

  5. Security Policy

    Broader source: Energy.gov [DOE]

    The Office of Security Policy analyzes, develops and interprets safeguards and security policy governing national security functions and the protection of related critical assets entrusted to the...

  6. Apparatus and method supporting wireless access to multiple security layers in an industrial control and automation system or other system

    DOE Patents [OSTI]

    Chen, Yu-Gene T.

    2013-04-16

    A method includes receiving a message at a first wireless node. The first wireless node is associated with a first wired network, and the first wired network is associated with a first security layer. The method also includes transmitting the message over the first wired network when at least one destination of the message is located in the first security layer. The method further includes wirelessly transmitting the message for delivery to a second wireless node when at least one destination of the message is located in a second security layer. The second wireless node is associated with a second wired network, and the second wired network is associated with the second security layer. The first and second security layers may be associated with different security paradigms and/or different security domains. Also, the message could be associated with destinations in the first and second security layers.

  7. Safeguards & Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    cyber system operations and security, and business and budget operations including property management. Supports EM headquarters with safeguards and security assistance. ...

  8. Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs- Phase 2 (July/August 2013)

    Broader source: Energy.gov [DOE]

    DOE has recognized that the electricity industry needs workforce development resources that can aid in the accelerating need for Secure Power Systems Professionals, while at the same time identifying capabilities and competencies to protect and enable the modernized grid currently being built. In the spring of 2011 a project was initiated to identify those capabilities and competencies along with assessing the need and qualifications for a certification program for Secure Power Systems Professionals. The summary and final report for phase two of the project are now available.

  9. Attachment J-16 Portfolio Management Task Order 13-002 Title: DOE-HQ Security System Review and Assessment

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Section J Contract No. DE-AC06-09RL14728 Modification 280 Attachment J-16 Portfolio Management Task Order 13-002 Title: DOE-HQ Security System Review and Assessment Revision Number: 0 Date: 04/11/2013 Start: 05/01/2013 Finish: 07/30/2013 1.0 DESCRIPTION The DOE Office of Environmental Management (EM) Headquarters Security System (HQSS) is installed at the EM Consolidated Business Center (CBC) in Cincinnati, OH and administered from DOE Headquarters in Washington, DC. HQSS has been running as a

  10. Ami M. DuBois, John David Lee, and Abdulgadar F. Almagri

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    high time resolution x-ray diagnostic on the Madison Symmetric Torus Ami M. DuBois, John David Lee, and Abdulgadar F. Almagri Citation: Review of Scientific Instruments 86, 073512 (2015); doi: 10.1063/1.4927454 View online: http://dx.doi.org/10.1063/1.4927454 View Table of Contents: http://scitation.aip.org/content/aip/journal/rsi/86/7?ver=pdfcov Published by the AIP Publishing Articles you may be interested in Upgrades of imaging x-ray crystal spectrometers for high-resolution and

  11. U.S. Patent Pending, Cyberspace Security System for Complex Systems, U.S. Patent Application No.: 14/134,949

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2013-01-01

    A computer implemented method monetizes the security of a cyber-system in terms of losses each stakeholder may expect to lose if a security break down occurs. A non-transitory media stores instructions for generating a stake structure that includes costs that each stakeholder of a system would lose if the system failed to meet security requirements and generating a requirement structure that includes probabilities of failing requirements when computer components fails. The system generates a vulnerability model that includes probabilities of a component failing given threats materializing and generates a perpetrator model that includes probabilities of threats materializing. The system generates a dot product of the stakes structure, the requirement structure, the vulnerability model and the perpetrator model. The system can further be used to compare, contrast and evaluate alternative courses of actions best suited for the stakeholders and their requirements.

  12. Testing standards for physical security systems at Category 1 fuel cycle facilities

    SciTech Connect (OSTI)

    Dwyer, P.A.

    1991-10-01

    This NUREG is a compilation of physical security testing standards for use at fuel cycle facilities using or possessing formula quantities of strategic special nuclear material.

  13. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    SciTech Connect (OSTI)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.

  14. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, anmore » established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.« less

  15. Security Specialist

    Broader source: Energy.gov [DOE]

    This position is located in the Office of Security Policy, Office of Security, Office of the Associate Under Secretary for Environment, Health, Safety, and Security (AU). The Office of Security...

  16. Secure Interoperable Open Smart Grid Demonstration Project

    SciTech Connect (OSTI)

    Magee, Thoman

    2014-12-31

    The Consolidated Edison, Inc., of New York (Con Edison) Secure Interoperable Open Smart Grid Demonstration Project (SGDP), sponsored by the United States (US) Department of Energy (DOE), demonstrated that the reliability, efficiency, and flexibility of the grid can be improved through a combination of enhanced monitoring and control capabilities using systems and resources that interoperate within a secure services framework. The project demonstrated the capability to shift, balance, and reduce load where and when needed in response to system contingencies or emergencies by leveraging controllable field assets. The range of field assets includes curtailable customer loads, distributed generation (DG), battery storage, electric vehicle (EV) charging stations, building management systems (BMS), home area networks (HANs), high-voltage monitoring, and advanced metering infrastructure (AMI). The SGDP enables the seamless integration and control of these field assets through a common, cyber-secure, interoperable control platform, which integrates a number of existing legacy control and data systems, as well as new smart grid (SG) systems and applications. By integrating advanced technologies for monitoring and control, the SGDP helps target and reduce peak load growth, improves the reliability and efficiency of Con Edison’s grid, and increases the ability to accommodate the growing use of distributed resources. Con Edison is dedicated to lowering costs, improving reliability and customer service, and reducing its impact on the environment for its customers. These objectives also align with the policy objectives of New York State as a whole. To help meet these objectives, Con Edison’s long-term vision for the distribution grid relies on the successful integration and control of a growing penetration of distributed resources, including demand response (DR) resources, battery storage units, and DG. For example, Con Edison is expecting significant long-term growth of DG. The SGDP enables the efficient, flexible integration of these disparate resources and lays the architectural foundations for future scalability. Con Edison assembled an SGDP team of more than 16 different project partners, including technology vendors, and participating organizations, and the Con Edison team provided overall guidance and project management. Project team members are listed in Table 1-1.

  17. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    to enhance the nation's security and prosperity through sustainable, transformative approaches to our most challenging energy, climate, and infrastructure problems. vision applications to Systems assessment over the last three decades, Snl has developed and applied a Systems Engineering (SE) approach that includes performance assessment (pa) expertise to inform key decisions concerning radioactive waste management both in the US and internationally. the result of these efforts is a pa-based SE

  18. Enterprise Assessments Targeted Review of the Safety System Management of the Secondary Confinement System and Power Distribution Safety System at the Y-12 National Security Complex Highly Enriched Uranium Materials Facility – December 2015

    Broader source: Energy.gov [DOE]

    Targeted Review of the Safety System Management of the Secondary Confinement System and Power Distribution Safety System at the Y-12 National Security Complex Highly Enriched Uranium Materials Facility

  19. Closure Report for Corrective Action Unit 562: Waste Systems, Nevada National Security Site, Nevada

    SciTech Connect (OSTI)

    NSTec Environmental Restoration

    2012-08-15

    This Closure Report (CR) presents information supporting closure of Corrective Action Unit (CAU) 562, Waste Systems, and provides documentation supporting the completed corrective actions and confirmation that closure objectives for CAU 562 were met. This CR complies with the requirements of the Federal Facility Agreement and Consent Order (FFACO) that was agreed to by the State of Nevada; the U.S. Department of Energy (DOE), Environmental Management; the U.S. Department of Defense; and DOE, Legacy Management (FFACO, 1996 as amended). CAU 562 consists of the following 13 Corrective Action Sites (CASs), located in Areas 2, 23, and 25 of the Nevada National Security Site: CAS 02-26-11, Lead Shot CAS 02-44-02, Paint Spills and French Drain CAS 02-59-01, Septic System CAS 02-60-01, Concrete Drain CAS 02-60-02, French Drain CAS 02-60-03, Steam Cleaning Drain CAS 02-60-04, French Drain CAS 02-60-05, French Drain CAS 02-60-06, French Drain CAS 02-60-07, French Drain CAS 23-60-01, Mud Trap Drain and Outfall CAS 23-99-06, Grease Trap CAS 25-60-04, Building 3123 Outfalls Closure activities began in October 2011 and were completed in April 2012. Activities were conducted according to the Corrective Action Plan for CAU 562 (U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office [NNSA/NSO], 2011). The corrective actions included No Further Action and Clean Closure. Closure activities generated sanitary waste and hazardous waste. Some wastes exceeded land disposal limits and required offsite treatment prior to disposal. Other wastes met land disposal restrictions and were disposed in appropriate onsite or offsite landfills. NNSA/NSO requests the following: A Notice of Completion from the Nevada Division of Environmental Protection to NNSA/NSO for closure of CAU 562 The transfer of CAU 562 from Appendix III to Appendix IV, Closed Corrective Action Units, of the FFACO

  20. port security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    port security NNSA Transfers Responsibility for Radiation Detection System to China Customs SHANGHAI, CHINA - Today, the Nuclear Security Administration's (NNSA) Principal Assistant Deputy Administrator for Defense Nuclear Nonproliferation (DNN), David Huizenga, participated in a ceremony commemorating the transition of a radiation detection system at the Port of Yangshan to the General

  1. PNNL: Security & Privacy

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security & Privacy Thank you for visiting the Pacific Northwest National Laboratory (PNNL) website (pnnl.gov) and reviewing our security and privacy policies. The following policies apply to all pages and sites in the pnnl.gov domain, unless otherwise noted. Security Notice This website is part of a Federal computer system used to accomplish Federal functions. The Department of Energy monitors this website for security purposes to ensure it remains available to all users and to protect

  2. Security Forms | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Security Forms U.S. Department of Energy / U.S. Nuclear Regulatory Commission Nuclear Materials Management & Safeguards System Security Forms Federal Information Processing Standards Publications (FIPS PUBS) FIPS-Associated Documents FIPS 140-2 Security Requirements for Cryptograhic Modules FIPS 185 Escrowed Encryption Standard (EES) FIPS 186-2 Digital Signature Standard (DSS) From Microsoft From VeriSign Managing Contacts' Digital Certificates with Netscape Communicator Managing Contacts'

  3. Contingency selection theory for steady-state security assessment of power systems

    SciTech Connect (OSTI)

    Halpin, T.F.

    1982-01-01

    This thesis presents the theory and method for systematically finding the performance index (PI) which is used in Automatic Contingency Selection (ACS) algorithms. The purpose of the ACS algorithm is to determine whether a contingency has an impact on the security of the power system (such as out-of-limit conditions in the post-contigency operation) or not, in a computationally efficient manner. Since this is a binary decision problem, then the choice of the PI is equivalent ot the selection of a decision function which measures the impact of each contingency on the system performance in terms of giving out-of-limit conditions. This thesis shows how to select the PI together with a threshold value J/sub th/ so as to minimize the probability of misclassifying the contingency. The main contribution of this thesis is that it gives the theoretical foundation for designing more effective ACS algorithms. It shows that the selection of the PI is based on a statistical decision criteria such as the Bayes Risk Criterion, since one needs to examine the risk involved in misclassifying the contingency. This approach is used to find the PI for monitoring both the line flow, bus voltage and generator VAR limits. It is shown that when formulating the problem in the space of voltage magnitudes and phase angles then the problem of finding the PI which satisfies a specific contingency selection criteria can be stated as a set imbedding and volume maximization problem. These theoretical results are applied to the problem of tuning the weighting coefficients in the currently used PI's for analyzing either the real power flow or node voltage magnitude problems in order ot guarantee proper classification of the contingencies in terms of minimizing the probabilities of missing critial contingencies and false alarms.

  4. National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    aspects relating to the Materials Security and Consolidation Project includine Energy Systems Acquisition Advisory Board equivalents, Critical Decisions, and Quarterly Project...

  5. Investigations of Possible Low-Level Temperature and Moisture Anomalies During the AMIE Field Campaign on Manus Island

    SciTech Connect (OSTI)

    Long, CN; Holdridge, DJ

    2012-11-19

    This document discusses results stemming from the investigation of near-surface temperature and moisture “oddities” that were brought to light as part of the Atmospheric Radiation Measurement (ARM) Madden-Julian Oscillation (MJO) Investigation Experiment (AMIE), Dynamics of the Madden-Julian Oscillation (DYNAMO), and Cooperative Indian Ocean experiment on intraseasonal variability in the Year 2011 (CINDY2011) campaigns.

  6. Security Officer

    Broader source: Energy.gov [DOE]

    This position is located in the Security and Continuity of Operations (NN) organization of the Chief Administrative Office (N), Bonneville Power Administration. The Security and Continuity of...

  7. Well Logging Security Initiatives | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Well Logging Security ... Well Logging Security Initiatives The mp4 video format is not supported by this browser. Download video Captions: On Watch as GTRI demonstrates the threat to the security of (oil) well logging systems and outlines the initiatives that are enhancing the security of these sources worldwide

  8. CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but ...

  9. Corrective Action Plan for Corrective Action Unit 562: Waste Systems, Nevada National Security Site, Nevada

    SciTech Connect (OSTI)

    NSTec Environmental Restoration

    2011-04-30

    This Corrective Action Plan has been prepared for Corrective Action Unit (CAU) 562, Waste Systems, in accordance with the Federal Facility Agreement and Consent Order (1996; as amended March 2010). CAU 562 consists of 13 Corrective Action Sites (CASs) located in Areas 2, 23, and 25 of the Nevada National Security Site. Site characterization activities were performed in 2009 and 2010, and the results are presented in Appendix A of the Corrective Action Decision Document for CAU 562. The scope of work required to implement the recommended closure alternatives is summarized. (1) CAS 02-26-11, Lead Shot, will be clean closed by removing shot. (2) CAS 02-44-02, Paint Spills and French Drain, will be clean closed by removing paint and contaminated soil. As a best management practice (BMP), asbestos tile will be removed. (3) CAS 02-59-01, Septic System, will be clean closed by removing septic tank contents. As a BMP, the septic tank will be removed. (4) CAS 02-60-01, Concrete Drain, contains no contaminants of concern (COCs) above action levels. No further action is required; however, as a BMP, the concrete drain will be removed. (5) CAS 02-60-02, French Drain, was clean closed. Corrective actions were completed during corrective action investigation activities. As a BMP, the drain grates and drain pipe will be removed. (6) CAS 02-60-03, Steam Cleaning Drain, will be clean closed by removing contaminated soil. As a BMP, the steam cleaning sump grate and outfall pipe will be removed. (7) CAS 02-60-04, French Drain, was clean closed. Corrective actions were completed during corrective action investigation activities. (8) CAS 02-60-05, French Drain, will be clean closed by removing contaminated soil. (9) CAS 02-60-06, French Drain, contains no COCs above action levels. No further action is required. (10) CAS 02-60-07, French Drain, requires no further action. The french drain identified in historical documentation was not located during corrective action investigation activities. (11) CAS 23-60-01, Mud Trap Drain and Outfall, will be clean closed by removing sediment from the mud trap. As a BMP, the mud trap and outfall pipe will be removed. (12) CAS 23-99-06, Grease Trap, will be clean closed by removing sediment from the grease trap and backfilling the grease trap with grout. (13) CAS 25-60-04, Building 3123 Outfalls, will be clean closed by removing contaminated soil and the sludge-containing outfall pipe.

  10. Composite Data Products (CDPs) from the Hydrogen Secure Data Center (HSDC) at the Energy Systems Integration Facility (ESIF), NREL

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    The Hydrogen Secure Data Center (HSDC) at NREL's Energy Systems Integration Facility (ESIF) plays a crucial role in NREL's independent, third-party analysis of hydrogen fuel cell technologies in real-world operation. NREL partners submit operational, maintenance, safety, and cost data to the HSDC on a regular basis. NREL's Technology Validation Team uses an internal network of servers, storage, computers, backup systems, and software to efficiently process raw data, complete quarterly analysis, and digest large amounts of time series data for data visualization. While the raw data are secured by NREL to protect commercially sensitive and proprietary information, individualized data analysis results are provided as detailed data products (DDPs) to the partners who supplied the data. Individual system, fleet, and site analysis results are aggregated into public results called composite data products (CDPs) that show the status and progress of the technology without identifying individual companies or revealing proprietary information. These CDPs are available from this NREL website: 1) Hydrogen Fuel Cell Vehicle and Infrastructure Learning Demonstration; 2) Early Fuel Cell Market Demonstrations; 3) Fuel Cell Technology Status [Edited from http://www.nrel.gov/hydrogen/facilities_secure_data_center.html].

  11. National Security and Cyber Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    National Security and Cyber Security National Security and Cyber Security National security depends on science and technology. The United States relies on Los Alamos National Laboratory for the best of both. No place on Earth pursues a broader array of world-class scientific endeavors. Contact thumbnail of Business Development Business Development Richard P. Feynman Center for Innovation (505) 665-9090 Email National security and weapons science at the laboratory spans essentially all the

  12. Departmental Personnel Security- Clearance Automation

    Broader source: Energy.gov [DOE]

    The primary objective of the DOE Integrated Security System (eDISS+) Initiative is to support the integration of multiple DOE security systems and databases. This integrated environment provides...

  13. Protocol, Security Assistance- January 2007

    Broader source: Energy.gov [DOE]

    Provide timely technical assistance and system support to Field and HQ Elements to enhance site safeguards and security.

  14. Safety, Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Safety, Security Safety, Security The Lab's mission is to develop and apply science and technology to ensure the safety, security, and reliability of the U.S. nuclear deterrent; reduce global threats; and solve other emerging national security and energy challenges. Contact Operator Los Alamos National Laboratory (505) 667-5061 We do not compromise safety for personal, programmatic, or operational reasons. Safety: we integrate safety, security, and environmental concerns into every step of our

  15. Security Perimeter

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Perimeter Security Perimeter Protecting the Laboratory against threats and vulnerabilities. Contact Security Perimeter Coordinators Email The security perimeter helps to protect the Laboratory Vehicle Access Portal graphic The security perimeter is intended to protect the Laboratory against the possibility of terrorist attacks. At each point of the perimeter, access is controlled by vehicle access portals (VAPs) at the following locations: East Jemez Road VAPs (pdf) (shown above) West

  16. Secure key storage and distribution

    DOE Patents [OSTI]

    Agrawal, Punit

    2015-06-02

    This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

  17. Framework for SCADA Security Policy

    Energy Savers [EERE]

    Framework for SCADA Security Policy Dominique Kilman Jason Stamp dkilman@sandia.gov jestamp@sandia.gov Sandia National Laboratories Albuquerque, NM 87185-0785 Abstract - Modern automation systems used in infrastruc- ture (including Supervisory Control and Data Acquisition, or SCADA) have myriad security vulnerabilities. Many of these relate directly to inadequate security administration, which precludes truly effective and sustainable security. Adequate security management mandates a clear

  18. A Systematic Comprehensive Computational Model for Stake Estimation in Mission Assurance: Applying Cyber Security Econometrics System (CSES) to Mission Assurance Analysis Protocol (MAAP)

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Grimaila, Michael R

    2010-01-01

    In earlier works, we presented a computational infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain as a result of security breakdowns. In this paper, we discuss how this infrastructure can be used in the subject domain of mission assurance as defined as the full life-cycle engineering process to identify and mitigate design, production, test, and field support deficiencies of mission success. We address the opportunity to apply the Cyberspace Security Econometrics System (CSES) to Carnegie Mellon University and Software Engineering Institute s Mission Assurance Analysis Protocol (MAAP) in this context.

  19. Security and Privacy Notices | NREL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security and Privacy Notices Security Notice This Web site is part of a Federal computer system used to accomplish Federal functions. The National Renewable Energy Laboratory monitors this Web site for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this Web site, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features, to use the system for other than

  20. Cyber Security Audit and Attack Detection Toolkit: Bandolier...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    optimize the security of their control system configuration using Bandolier Security Audit Files, which assess the current configuration against an optimal security configuration. ...

  1. Microsoft PowerPoint - 6_AMY_JOHNSON_MMSS 2014 AJohnson UUSA 06MAY14.ppt [Compatibility Mode]

    National Nuclear Security Administration (NNSA)

    Lessons Learned Associated with Obtaining License for a New Enrichment Plant Amy Johnson, URENCO USA URENCO USA History June to June - Combined License (COL) approval to production in 4 years  2003: License application to build in New Mexico  2006, June: COL issued by the NRC  2006, August: ground breaking  2007, July: first concrete placement - Central Utilities Building  2008, October: access to the Centrifuge Assembly Building  2009, September: first centrifuge installed 

  2. Water Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    SunShot Grand Challenge: Regional Test Centers Water Security HomeTag:Water Security Electricity use by water service sector and county. Shown are electricity use by (a) ...

  3. PRIVACY/SECURITY NOTICE

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    PRIVACY/SECURITY NOTICE By continuing to use this system you indicate your awareness of and consent to the following terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning. SECURITY NOTICE This Web site is part of a Federal computer system used to accomplish Federal functions. The Department of Energy monitors this Web site for security purposes to ensure it remains available to all users and to protect information in the system. The system

  4. Indirection and computer security.

    SciTech Connect (OSTI)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  5. Lab resumes work on NMSSUP security project

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    NMSSUP Security Project Lab resumes work on NMSSUP security project The project adds fences, cameras, sensors, utility and access buildings, and other systems to the existing...

  6. Lemnos Interoperable Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Lemnos Interoperable Security Program began with one logical concept: If vendors develop control systems security products using an agreed-upon set of capability and ...

  7. Water Security Toolkit

    Energy Science and Technology Software Center (OSTI)

    2012-09-11

    The Water Security Toolkit (WST) provides software for modeling and analyzing water distribution systems to minimize the potential impact of contamination incidents. WST wraps capabilities for contaminant transport, impact assessment, and sensor network design with response action plans, including source identification, rerouting, and decontamination, to provide a range of water security planning and real-time applications.

  8. Information Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1992-10-19

    To establish the Department of Energy (DOE) Information Security Program and set forth policies, procedures and responsibilities for the protection and control of classified and sensitive information. The Information Security Program is a system of elements which serve to deter collection activities, This directive does not cancel another directive. Canceled by DOE O 471.2 of 9-28-1995.

  9. Enterprise Assessments Targeted Review of the Safety System Management of the Secondary Confinement System and Power Distribution Safety System at the Y-12 National Security Complex Highly Enriched Uranium Materials Facility … December 2015

    Energy Savers [EERE]

    Targeted Review of the Safety System Management of the Secondary Confinement System and Safety Significant Power Distribution System at the Y-12 National Security Complex Highly Enriched Uranium Materials Facility December 2015 Office of Nuclear Safety and Environmental Assessments Office of Environment, Safety and Health Assessments Office of Enterprise Assessments U.S. Department of Energy i Table of Contents Acronyms

  10. Stratiform and Convective Precipitation Observed by Multiple Radars during the DYNAMO/AMIE Experiment

    SciTech Connect (OSTI)

    Deng, Min; Kollias, Pavlos; Feng, Zhe; Zhang, Chidong; Long, Charles N.; Kalesse, Heike; Chandra, Arunchandra; Kumar, Vickal; Protat, Alain

    2014-11-01

    The motivation for this research is to develop a precipitation classification and rain rate estimation method using cloud radar-only measurements for Atmospheric Radiation Measurement (ARM) long-term cloud observation analysis, which are crucial and unique for studying cloud lifecycle and precipitation features under different weather and climate regimes. Based on simultaneous and collocated observations of the Ka-band ARM zenith radar (KAZR), two precipitation radars (NCAR S-PolKa and Texas A&M University SMART-R), and surface precipitation during the DYNAMO/AMIE field campaign, a new cloud radar-only based precipitation classification and rain rate estimation method has been developed and evaluated. The resulting precipitation classification is equivalent to those collocated SMART-R and S-PolKa observations. Both cloud and precipitation radars detected about 5% precipitation occurrence during this period. The convective (stratiform) precipitation fraction is about 18% (82%). The 2-day collocated disdrometer observations show an increased number concentration of large raindrops in convective rain compared to dominant concentration of small raindrops in stratiform rain. The composite distributions of KAZR reflectivity and Doppler velocity also show two distinct structures for convective and stratiform rain. These indicate that the method produces physically consistent results for two types of rain. The cloud radar-only rainfall estimation is developed based on the gradient of accumulative radar reflectivity below 1 km, near-surface Ze, and collocated surface rainfall (R) measurement. The parameterization is compared with the Z-R exponential relation. The relative difference between estimated and surface measured rainfall rate shows that the two-parameter relation can improve rainfall estimation.

  11. Using Operational Security (OPSEC) to Support a Cyber Security Culture in

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Control Systems Environments | Department of Energy Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments This document reviews several key operational cyber security elements that are important for control systems and industrial networks and how those elements can drive the creation of a cyber security-sensitive culture. PDF icon Using

  12. Radiological Security Partnership | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration Programs / Nonproliferation / Global Material Security / Radiological Security Radiological Security Partnership Radiological Security Partnership Secure Your Business, Your Community, and Your Country. Sign Up Today for Services Provided by the Radiological Security Partnership. RSP Logo Initiative of the Global Material Security Program Formerly the Global Threat Reduction Initiative RSP Registration RSP More Info Learn More Radiological Secur

  13. Leveraging Formal Methods and Fuzzing to Verify Security and Reliability Properties of Large-Scale High-Consequence Systems.

    SciTech Connect (OSTI)

    Ruthruff, Joseph; Armstrong, Robert C.; Davis, Benjamin Garry; Mayo, Jackson; Punnoose, Ratish J.

    2012-09-01

    Formal methods describe a class of system analysis techniques that seek to prove specific propertiesabout analyzed designs, or locate flaws compromising those properties. As an analysis capability,these techniques are the subject of increased interest fromboth internal and external customersof Sandia National Laboratories. Given this lab's other areas of expertise, Sandia is uniquelypositioned to advance the state-of-the-art with respect toseveral research and application areaswithin formal methods. This research project was a one-yeareffort funded by Sandia's CyberSecurity S&T Investment Area in its Laboratory Directed Research&Development program toinvestigate the opportunities for formal methods to impactSandia's present mission areas, morefully understand the needs of the research community in the area of formal methods and whereSandia can contribute, and clarify from those potential research paths those that would best advancethe mission-area interests of Sandia. The accomplishmentsfrom this project reinforce the utilityof formal methods in Sandia, particularly in areas relevantto Cyber Security, and set the stagefor continued Sandia investments to ensure this capabilityis utilized and advanced within thislaboratory to serve the national interest.4

  14. Nuclear Safeguards and Security Challenge:

    National Nuclear Security Administration (NNSA)

    Safeguards and Security Challenge: The international safeguards and security system is being challenged by evolving proliferation and terrorism threats, expanding International Atomic Energy Agency (IAEA) responsibilities, a retiring safeguards workforce, and the need for better technologies to detect and deter proliferation, theft, and sabotage. Response: Revitalize, strengthen, and sustain U.S. and international safeguards and security capabilities through the Next Generation Safeguards

  15. Global security

    SciTech Connect (OSTI)

    Lynch, Patrick

    2014-07-14

    Patrick Lynch helps technical staff, academic leaders and governments around the world improve the safety and security of their nuclear power programs.

  16. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering ...

  17. Global security

    ScienceCinema (OSTI)

    Lynch, Patrick

    2014-07-15

    Patrick Lynch helps technical staff, academic leaders and governments around the world improve the safety and security of their nuclear power programs.

  18. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    From a Department of Defense (DoD) perspective, SMrs offer great advantage for energy security with stable fuel cost profiles, a secure installation for meeting base-load power demands with a robust, secured reactor design (i.e., energy security), potential to provide potable water and synthetic fuels, and a means to exceed DoD greenhouse gases (GhG) reduction goals. While presently SMrs are being proposed based on various reactor technologies, SMrs based on light-water reactor (lWr)

  19. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and Small Modular reactors projects. the collaboration takes place under the umbrella of a joint oUSnl "Center for Energy, Security and Society". the Center serves to...

  20. security | National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    security Apex Gold discussion fosters international cooperation in run-up to 2016 Nuclear Security Summit Participants in Apex Gold at Lawrence Livermore National Laboratory. What would national leaders do in the face of a transnational nuclear terrorism threat? Last week, ministers and other senior delegates from 37 nations, along with representatives from the International Atomic Energy Agency, the... Pantex Plant's Calvin Nelson honored as Analyst of the Year for Transportation Security

  1. High fidelity nuclear energy system optimization towards an environmentally benign, sustainable, and secure energy source.

    SciTech Connect (OSTI)

    Tsvetkov, Pavel Valeryevich; Rodriguez, Salvador B.; Ames, David E., II; Rochau, Gary Eugene

    2010-10-01

    A new high-fidelity integrated system method and analysis approach was developed and implemented for consistent and comprehensive evaluations of advanced fuel cycles leading to minimized Transuranic (TRU) inventories. The method has been implemented in a developed code system integrating capabilities of Monte Carlo N - Particle Extended (MCNPX) for high-fidelity fuel cycle component simulations. In this report, a Nuclear Energy System (NES) configuration was developed to take advantage of used fuel recycling and transmutation capabilities in waste management scenarios leading to minimized TRU waste inventories, long-term activities, and radiotoxicities. The reactor systems and fuel cycle components that make up the NES were selected for their ability to perform in tandem to produce clean, safe, and dependable energy in an environmentally conscious manner. The diversity in performance and spectral characteristics were used to enhance TRU waste elimination while efficiently utilizing uranium resources and providing an abundant energy source. A computational modeling approach was developed for integrating the individual models of the NES. A general approach was utilized allowing for the Integrated System Model (ISM) to be modified in order to provide simulation for other systems with similar attributes. By utilizing this approach, the ISM is capable of performing system evaluations under many different design parameter options. Additionally, the predictive capabilities of the ISM and its computational time efficiency allow for system sensitivity/uncertainty analysis and the implementation of optimization techniques.

  2. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    all of our reactor designs employ a concurrent engineering approach that addresses the integration of safety, operations, security, and safeguards from the conceptual design level. Capabilities include core design, thermal hydraulics, waste characterization, simulator development, and severe service and accident testing. Design assessments include: safety, security, vulnerability, siting, emergency planning, and fuel cycle impact. organization 6221 serves as a window to sister organizations

  3. Cybersecurity for Energy Delivery Systems 2010 Peer Review Presentations- Secure Communications

    Broader source: Energy.gov [DOE]

    National lab researchers, industry partners, and academia from the Cybersecurity for Energy Delivery Systems Program in the DOE's Office of Electricity Delivery and Energy Reliability held a 2-day...

  4. TRAJECTORY SENSITIVITY ANALYSIS FOR DYNAMIC SECURITY ASSESSMENT AND OTHER APPLICATIONS IN POWER SYSTEMS

    SciTech Connect (OSTI)

    Nguyen, Tony B.; Pai, M. A.

    2014-07-10

    Real time stability evaluation and preventive scheduling in power systems offer many challenges in a stressed power system. Trajectory sensitivity analysis (TSA) is a useful tool for this and other applications in the emerging smart grid area. In this chapter we outline the basic approach of TSA, to extract suitable information from the data and develop reliable metrics or indices to evaluate proximity of the system to an unstable condition. Trajectory sensitivities can be used to compute critical parameters such as clearing time of circuit breakers, tie line flow, etc. in a power system by developing suitable norms for ease of interpretation. The TSA technique has the advantage that model complexity is not a limitation, and the sensitivities can be computed numerically. Suitable metrics are developed from these sensitivities. The TSA technique can be extended to do preventive rescheduling. A brief discussion of other applications of TSA in placement of distributed generation is indicated.

  5. HSEMC | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Blog Home HSEMC HSEMC Homeland Security and ... of Emergency Management assists the NNSA and Department of Energy sites in ... the NNSA Emergency Management System (EMS). ...

  6. Nuclear Security Enterprise | National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    About Our Programs Defense Programs Nuclear Security Enterprise The Nuclear Security Enterprise (NSE) mission is to ensure the Nation sustains a safe, secure, and effective ...

  7. Secure Manufacturing | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Secure Manufacturing Secure Manufacturing The depth and breadth of Y-12's manufacturing capabilities and expertise enable Y-12 to address current and emerging national security...

  8. Secure PVM

    SciTech Connect (OSTI)

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  9. Lemnos Interoperable Security Program

    SciTech Connect (OSTI)

    Stewart, John; Halbgewachs, Ron; Chavez, Adrian; Smith, Rhett; Teumim, David

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems.

  10. Personnel Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2005-08-26

    The manual establishes the overall objectives and requirements for the Department of Energy Personnel Security Program. Cancels DOE M 472.1-1B. Canceled by DOE O 472.2.

  11. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    3 - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management Programs Advanced Nuclear Energy Nuclear

  12. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-06-20

    The protection and control of classified information is critical to our nations security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D.

  13. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management Programs Advanced Nuclear Energy Nuclear

  14. Security, LLC

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Two-hundred twenty-five nonprofit organizations receive monetary donations from Los Alamos National Security, LLC September 21, 2015 Recognizing employee and retiree volunteer efforts LOS ALAMOS, N.M., Sept. 21, 2015-More than 225 nonprofit organizations received $162,650 from Los Alamos National Security, LLC, which manages Los Alamos National Laboratory. The LANS contributions are determined by the number of volunteer hours logged by Laboratory employees and retirees through an organization

  15. Personnel Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-07-27

    The Order establishes requirements for a successful, efficient and cost-effective personnel security program to ensure accurate, timely and equitable determinations of individuals eligibility for access to classified information and fitness for placement or retention in national security positions. Cancels DOE M 470.4-5, DOE N 470.4 and DOE N 470.5. Admin Chg 1, 10-8-13.

  16. Lessons Learned from Cyber Security Assessments of SCADA and...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems ...

  17. Lessons Learned from Cyber Security Assessments of SCADA and...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems...

  18. System for training and evaluation of security personnel in use of firearms

    DOE Patents [OSTI]

    Hall, Howard F.

    1990-01-01

    An interactive video display system comprising a laser disc player with a remote large-screen projector to view life-size video scenarios and a control computer. A video disc has at least one basic scenario and one or more branches of the basic scenario with one or more subbranches from any one or more of the branches and further subbranches, if desired, to any level of programming desired. The control computer is programmed for interactive control of the branching, and control of other effects that enhance the scenario, in response to detection of when the trainee has (1) drawn an infrared laser handgun from his holster, (2) fired his laser handgun, (3) taken cover, (4) advanced or retreated from the adversary on the screen, and (5) when the adversary has fired his gun at the trainee.

  19. Security | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Security The Y-12 National Security Complex places the highest priority on maintaining and improving its security posture. We employ security police officers, cyber security specialists, and other personnel to safeguard our security assets. Y-12 continuously monitors local and world events to prepare for potential risks to the site, our information and our employees. Security personnel also participate in numerous assessments each year to ensure readiness in protecting the site's vital

  20. National Nuclear Security Administration | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    National Nuclear Security Administration | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing...

  1. Radiological Security Partnership Information | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration Nonproliferation / Global Material Security / Radiological Security / Radiological Security Partnership Radiological Security Partnership Information Radioactive sources play an important role in a number of commercial, medical, and research facilities. The benefits of these sources must be balanced with proper security. The Department of Energy's (DOE) National Nuclear Security Administration (NNSA) is working with the Nuclear Regulatory Commission and state regulators,

  2. Secure Information Sharing

    Energy Science and Technology Software Center (OSTI)

    2005-09-09

    We are develoing a peer-to-peer system to support secure, location independent information sharing in the scientific community. Once complete, this system will allow seamless and secure sharing of information between multiple collaborators. The owners of information will be able to control how the information is stored, managed. ano shared. In addition, users will have faster access to information updates within a collaboration. Groups collaborating on scientific experiments have a need to share information and data.more » This information and data is often represented in the form of files and database entries. In a typical scientific collaboration, there are many different locations where data would naturally be stored. This makes It difficult for collaborators to find and access the information they need. Our goal is to create a lightweight file-sharing system that makes it’easy for collaborators to find and use the data they need. This system must be easy-to-use, easy-to-administer, and secure. Our information-sharing tool uses group communication, in particular the InterGroup protocols, to reliably deliver each query to all of the current participants in a scalable manner, without having to discover all of their identities. We will use the Secure Group Layer (SGL) and Akenti to provide security to the participants of our environment, SGL will provide confldentiality, integrity, authenticity, and authorization enforcement for the InterGroup protocols and Akenti will provide access control to other resources.« less

  3. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2007-06-29

    Establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Section E, Technical Surveillance Countermeasures Program, is Official Use Only. Please contact the DOE Office of Health, Safety and Security at 301-903-0292 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A

  4. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2005-08-26

    This Manual establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Attachment E, Technical Surveillance Countermeasures Program, is for Official Use Only. Contact the Office of Security and Safety Performance Assurance at 301-903-3653 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A.

  5. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-06-20

    The protection and control of classified information is critical to our nations security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D. Admin Chg 1, dated 11-23-2012, cancels DOE O 471.6. Canceled by Admin Chg 2 dated 5-15-15.

  6. Computer Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Computer Security All JLF participants must fully comply with all LLNL computer security regulations and procedures. A laptop entering or leaving B-174 for the sole use by a US citizen and so configured, and requiring no IP address, need not be registered for use in the JLF. By September 2009, it is expected that computers for use by Foreign National Investigators will have no special provisions. Notify maricle1@llnl.gov of all other computers entering, leaving, or being moved within B 174. Use

  7. Defense Nuclear Security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Programs Defense Nuclear Security The Office of Defense Nuclear Security develops and implements NNSA security programs to protect, control, and account for materials, information, and facilities across the nuclear security enterprise. The Office of the Chief, Defense Nuclear Security (CDNS) executes responsibility for the overall direction and management of security programs employed across the nuclear security enterprise comprised of NNSA's operations and facilities. The CDNS is charged with

  8. Security enhanced with increased vehicle inspections

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Under Budget | National Nuclear Security Administration Security Improvements Project Completed Ahead of Schedule, $20 Million Under Budget April 07, 2014 WASHINGTON, D.C. - The National Nuclear Security Administration's (NNSA) Security Improvements Project (SIP) was recently completed ahead of schedule and approximately $20 million under its original budget of $72 million. SIP upgraded security at Y-12 by replacing existing alarm stations and access control systems with Argus, a

  9. Security demo at Sunport October 13

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Administration by Design in the United States: Fact Sheet March 23, 2012 Since the events of September 11, 2001, security requirements for nuclear facilities have increased primarily due to changes in the Design Basis Threat against which planned facilities are designed and existing physical security systems are tested. As a result, security costs and operational impacts have increased significantly because facilities originally were not designed with intrinsic security measures.

  10. Y-12 National Security Compex | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Y-12 National Security Compex

  11. Cyber Securing Control Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ... WorkPlace Tech 5.7.2 TAC 4.1 TAC Signal, XPSI & ZPSIPC Teletrol eBuilding Telvent OaSys DNA 7.4.* Trane Tracer SC Tracer 3.5 Trane Tracer Summit Tracer 11 Trane Tracer Summit ...

  12. Security Conditions

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2000-09-18

    To ensure that DOE uniformly meets the protection requirements specified in Presidential Decision Directive 39, "U.S. Policy on Counterterrorism (U)." Attachment 2 is no longer available online. Please e-mail your request for the Attachment to: Security.Directives@hq.doe.gov. DOE N 251.44, dated 05/06/02, extends this directive until 12/31/02.

  13. Personnel Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-07-21

    The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individuals eligibility for access to classified information and Special Nuclear Material (SNM). Admin Chg 1, 10-8-13.

  14. Privacy & Security Notice | Argonne National Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Privacy & Security Notice Security Notice October 31, 2000 This web site is part of a federal computer system used to accomplish federal functions. The U.S. Department of Energy (DOE) monitors this web site for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this web site, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features, to use the system for other

  15. Security Rulemaking | Department of Energy

    Office of Environmental Management (EM)

    Rulemaking Security Rulemaking Transportation Security Rulemaking Activities PDF icon Security Rulemaking More Documents & Publications Transportation Security Rulemaking...

  16. Computer Security Risk Assessment

    Energy Science and Technology Software Center (OSTI)

    1992-02-11

    LAVA/CS (LAVA for Computer Security) is an application of the Los Alamos Vulnerability Assessment (LAVA) methodology specific to computer and information security. The software serves as a generic tool for identifying vulnerabilities in computer and information security safeguards systems. Although it does not perform a full risk assessment, the results from its analysis may provide valuable insights into security problems. LAVA/CS assumes that the system is exposed to both natural and environmental hazards and tomore » deliberate malevolent actions by either insiders or outsiders. The user in the process of answering the LAVA/CS questionnaire identifies missing safeguards in 34 areas ranging from password management to personnel security and internal audit practices. Specific safeguards protecting a generic set of assets (or targets) from a generic set of threats (or adversaries) are considered. There are four generic assets: the facility, the organization''s environment; the hardware, all computer-related hardware; the software, the information in machine-readable form stored both on-line or on transportable media; and the documents and displays, the information in human-readable form stored as hard-copy materials (manuals, reports, listings in full-size or microform), film, and screen displays. Two generic threats are considered: natural and environmental hazards, storms, fires, power abnormalities, water and accidental maintenance damage; and on-site human threats, both intentional and accidental acts attributable to a perpetrator on the facility''s premises.« less

  17. the Y-12 Times, a newsletter for employees and friends of the Y-12 National Security Complex, March 2012

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    W H A T ' S I N S I D E Page 2 Employees embrace the VPP culture Page 3 Discipline and rules Page 5 Graham receives several accolades Page 7 Flashback to the 1980s Page 8 Helping others with an Extreme Makeover B&W Technical Services Y-12, LLC, a partnership between Babcock & Wilcox Technical Services Group Inc. and Bechtel National Inc., operates the Y-12 National Security Complex. A newsletter for employees and friends of the Y-12 National Security Complex Managing Editors Amy Alley:

  18. Framework for SCADA Security Policy (October 2005) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Framework for SCADA Security Policy (October 2005) Framework for SCADA Security Policy (October 2005) Modern automation systems used in infrastruc-ture (including Supervisory Control and Data Acquisition, or SCADA) have myriad security vulnerabilities. Many of these relate directly to inadequate security administration, which precludes truly effective and sustainable security. Adequate security management mandates a clear administrative struc-ture and enforcement hierarchy. The security policy

  19. Technical Services | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Technical Services Technical Services Technical services spans Y-12 disciplines that support manufacturing at Y-12. Information Systems (National Security Systems Development) Provide solutions for information security, including the protection of national security, proprietary and any other class of highly sensitive information. Develop highly integrated, enterprise level software applications for use within the federal space and adaptable to commercial application. Leverage the transformative

  20. Nuclear security

    SciTech Connect (OSTI)

    Not Available

    1991-07-01

    This paper reports that despite an Executive Order limiting the authority to make original classification decisions to government officials, DOE has delegated this authority to a number of contractor employees. Although the number of original classification decisions made by these contractors is small, this neither negates nor diminishes the significance of the improper delegation of authority. If misclassification were to occur, particularly at the Top Secret level, U.S. national security interests could potentially be seriously affected and threatened. DOE's argument that the delegation of such authority is a long-standing policy and done on a selective basis does not legitimize the practice and does not relieve DOE of its responsibility to meet the requirements of the Executive Order. DOE needs to independently assess all original classification determinations made by contractors; otherwise, it cannot be sure that U.S. national security interests have been or are being adequately protected.

  1. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    wholly owned subsidiary of Lockheed Martin Corporation, for the U.S. Department of Energy's National Nuclear Security Administration under contract DE-AC04-94AL85000. SAND2014-0672P Sandia National Laboratories is developing a thermal-to-electric power conversion technology that utilizes carbon dioxide (CO2) as the working fluid in a closed Brayton cycle. This technology possesses the capability to generate electricity at high efficiencies while reducing both costs and greenhouse gas emissions.

  2. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-06-29

    This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. (The original DOE O 471.6 canceled DOE M 470.4-4A, except for Section D). Admin Chg 2, dated 5-15-15, supersedes Admin Chg 1. Certified 5-21-2015.

  3. Security seal

    DOE Patents [OSTI]

    Gobeli, Garth W.

    1985-01-01

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  4. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    ExcEptional sErvicE in thE national intErEst Investigating Containment Integrity Sandia is a nationally and internationally recognized leader in Nuclear Reactor containment research, supporting operations, lifetime extensions, and security and vulnerability assessments over a broad range of phenomena. Sandia's expertise includes evaluation of containment when subjected to high velocity impacts, enormous pressures and stresses, and attacks by saboteurs. Sandia's resources enable the completion of

  5. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    to enhance the nation's security and prosperity through sustainable, transformative approaches to our most challenging energy, climate, and infrastructure problems. vision Important applications of these capabilities include performing assessment of facility vulnerabilities and resultant consequences of a range of attack scenarios related to nuclear facilities after 9/11. these comprehensive analyses were able to realistically represent the actual attack, the response of the facility to the

  6. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    the computational, physics, and engineering capability spans multiple physics phenomenologies, engineering disciplines, and brings to bear massively parallel processing computational power to solve very complex problems that result in realistic estimates of potential consequences resulting from these types of postulated accidents. the Sar that is developed must go through rigorous external review before it goes to the national Security Council for approval prior to launch. this process provides

  7. Security Rulemaking

    Office of Environmental Management (EM)

    Securing America's Clean Energy Future The Office of Energy Efficiency and Renewable Energy (EERE) invests in clean energy technologies that strengthen the economy, reduce dependence on foreign oil, and protect the environment. EERE leverages partnerships with the private sector, state and local governments, DOE national laboratories, and universities to transform the nation's economic engine to one powered by clean energy. EERE Programs 2011 Budget (in $ millions) EERE operates with $1.8

  8. Cyber Security Audit and Attack Detection Toolkit: National SCADA...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 This project of the cyber security audit and attack detection toolkit is adding control system ...

  9. Development of a Secure, Economic and Environmentally friendly...

    Open Energy Info (EERE)

    Secure, Economic and Environmentally friendly Modern Power System (Smart Grid Project) Jump to: navigation, search Project Name Development of a Secure, Economic and...

  10. Workshop at Nevada National Security Site Brings Together Experts...

    National Nuclear Security Administration (NNSA)

    on best security practices for nuclear power plants and other major nuclear facilities. ... to test nuclear security systems, evaluate and improve performance and ensure quality. ...

  11. INL Efficiency and Security Testing of EVSE, DC Fast Chargers...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    INL Efficiency and Security Testing of EVSE, DC Fast Chargers, and Wireless Charging Systems INL Efficiency and Security Testing of EVSE, DC Fast Chargers, and Wireless Charging ...

  12. Recommended Practices Guide For Securing ZigBee Wireless Networks...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Practices Guide For Securing ZigBee Wireless Networks in Process Control System Environments Recommended Practices Guide For Securing ZigBee Wireless Networks in Process Control ...

  13. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

  14. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

  15. cygnus | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Home cygnus Cygnus fires its 3,000th shot Cygnus, a dual-axis flash X-ray radiography system designed by Sandia National Laboratories (SNL) and jointly constructed and operated with National Securities Technologies and Los Alamos National Laboratory (LANL) at the Nevada National Security Site (NNSS), has fired its 3,000th shot. Originally...

  16. Cyber Security Evaluation Tool

    SciTech Connect (OSTI)

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization?¢????s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied to enhance cybersecurity controls.

  17. Cyber Security Evaluation Tool

    Energy Science and Technology Software Center (OSTI)

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization’s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied tomore » enhance cybersecurity controls.« less

  18. Global Security | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    sector. Global Security Cooley joins Y-12's Global Security and Strategic Partnerships Manufacturing and Technical Services Nuclear Material Recovery Nuclear Detection and...

  19. Headquarters Security Quick Reference Book Headquarters Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Directive HSS Office of Health, Safety and Security HQ ... Regulations 707, a negative drug test result is required ... knowledgeable of security policy at HQ. Consult the HQFMSP ...

  20. physical security | National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    physical security | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear...

  1. defense nuclear security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    nuclear security | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear ...

  2. Information Security: Coordination of Federal Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that the Office of Science and Technology Policy establish timelines for ...

  3. Validating Cyber Security Requirements: A Case Study

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2011-01-01

    Vulnerabilities in a system may have widely varying impacts on system security. In practice, security should not be defined as the absence of vulnerabilities. In practice, security should not be quantified by the number of vulnerabilities. Security should be managed by pursuing a policy that leads us first to the highest impact vulnerabilities. In light of these observations, we argue in favor of shifting our focus from vulnerability avoidance/removal to measurable security attributes. To this effect, we recommend a logic be used for system security, which captures/represents security properties in quantifiable, verifiable, measurable terms so that it is possible to reason about security in terms of its observable/perceptible effects rather than its hypothesized causes. This approach is orthogonal to existing techniques for vulnerability avoidance, removal, detection, and recovery, in the sense that it provides a means to assess, quantify, and combine these techniques.

  4. Personnel Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-07-21

    The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individuals’ eligibility for access to classified information and Special Nuclear Material (SNM). This limited revision will ensure that individuals holding dual citizenship receive proper consideration from a counterintelligence perspective prior to being granted access to classified matter or Special Nuclear Material. Pg Chg 1, 7-9-14 supersedes DOE O 472.2 Admin Chg 1.

  5. Security Technologies for Open Networking Environments (STONE)

    SciTech Connect (OSTI)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi-domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The group security system has been designed to support four roles: The Security Domain Administrator is responsible for providing security functions defined in the top layer The Server Administrator. The central component of the group security system is the Policy and Group Key Distribution Server The Group Officer (GO) authorizes the creation of groups at a specific Policy and Group Key Distribution Server The Group Member (user) is any entity that participates in group transactions. Secure Group Applications The group security system has been designed to support four secure group applications: A Secure Instant Messaging: with the Secure Instant Messaging application A Secure Whiteboard A Secure Document Sharing A Secure Document Archiving: During the project, the group security system architecture was fully designed and preliminary prototyping was carried out for some of its components.

  6. Improved Meteorological Input for Atmospheric Release Decision support Systems and an Integrated LES Modeling System for Atmospheric Dispersion of Toxic Agents: Homeland Security Applications

    SciTech Connect (OSTI)

    Arnold, E; Simpson, M; Larsen, S; Gash, J; Aluzzi, F; Lundquist, J; Sugiyama, G

    2010-04-26

    When hazardous material is accidently or intentionally released into the atmosphere, emergency response organizations look to decision support systems (DSSs) to translate contaminant information provided by atmospheric models into effective decisions to protect the public and emergency responders and to mitigate subsequent consequences. The Department of Homeland Security (DHS)-led Interagency Modeling and Atmospheric Assessment Center (IMAAC) is one of the primary DSSs utilized by emergency management organizations. IMAAC is responsible for providing 'a single piont for the coordination and dissemination of Federal dispersion modeling and hazard prediction products that represent the Federal position' during actual or potential incidents under the National Response Plan. The Department of Energy's (DOE) National Atmospheric Release Advisory Center (NARAC), locatec at the Lawrence Livermore National Laboratory (LLNL), serves as the primary operations center of the IMAAC. A key component of atmospheric release decision support systems is meteorological information - models and data of winds, turbulence, and other atmospheric boundary-layer parameters. The accuracy of contaminant predictions is strongly dependent on the quality of this information. Therefore, the effectiveness of DSSs can be enhanced by improving the meteorological options available to drive atmospheric transport and fate models. The overall goal of this project was to develop and evaluate new meteorological modeling capabilities for DSSs based on the use of NASA Earth-science data sets in order to enhance the atmospheric-hazard information provided to emergency managers and responders. The final report describes the LLNL contributions to this multi-institutional effort. LLNL developed an approach to utilize NCAR meteorological predictions using NASA MODIS data for the New York City (NYC) region and demonstrated the potential impact of the use of different data sources and data parameterizations on IMAAC/NARAC fate and transport predictions. A case study involving coastal sea breeze circulation patterns in the NYC region was used to investigate the sensitivity of atmospheric dispersion results on the source of three-dimensional wind field data.

  7. Radiological Security Program | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Radiological Security Program Armenia Secures Dangerous Radioactive Sources in Cooperation with NNSA The Department of Energy's National Nuclear Security Administration (NNSA) joined the Republic of Armenia today to announce the safe and secure removal of three unused radioactive sources from two locations in Yerevan, Armenia. The successful completion of the radioactive source recovery campaign

  8. security | OpenEI Community

    Open Energy Info (EERE)

    Dc(266) Contributor 31 October, 2014 - 10:58 What do you know about the grid? black out brown out bulk power system electricity grid future grid grid history security Smart Grid...

  9. Global Material Security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Nonproliferation Global Material Security The mission of the Office of Global Material Security (GMS) is to help partner countries secure and account for nuclear weapons, weapons-useable nuclear and radiological materials, as well as to build capacity to deter, detect and interdict the illicit trafficking of such materials. GMS achieves its mission through three subprograms: International Nuclear Security Radiological Security Nuclear Smuggling Detection and Deterrence (formerly Second Line of

  10. Department of Energy Cyber Security Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-21

    The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

  11. Department of Energy Cyber Security Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2006-12-04

    The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

  12. Energy Security Council

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    NSEC » Energy Security Council Energy Security Council Reliable, secure, sustainable carbon energy solutions for the nation. Contact Albert Migliori (505) 663-5627 Email David Morris (505) 665 6487 Email David Watkins (50)5 665-1144 Email Energy Security Council The Los Alamos National Laboratory Energy Security Council works to develop new ideas for reliable, secure and sustainable carbon neutral energy solutions for the nation. We serve as the portal to LANL's diverse energy security research

  13. Sandia National Laboratories: National Security Missions: International

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Homeland and Nuclear Security: Homeland Defense and Force Protection Programs Homeland Defense & Force Protection HDPF We design and implement advanced systems for intrusion detection and denial. We anticipate new threats and develop responses and countermeasures. We field technologies for protecting security forces and military personnel. We are committed to providing a Center of Excellence for Physical Security to support the DOE and DOD in ensuring the security of the nation's

  14. Strengthening Cyber Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Strengthening Cyber Security Strengthening Cyber Security Describes the goals and activities of the National SCADA Test Bed program to secure control systems in the energy sector from cyber attack PDF icon Strengthening Cyber Security More Documents & Publications Considering Cumulative Effects Under the National Environmental Policy Act (CEQ, 1997) Vision for 2025: A Framework for Change Demand Response and Smart Metering Policy Actions Since the Energy Policy Act of 2005: A Summary for

  15. Security classification of information

    SciTech Connect (OSTI)

    Quist, A.S.

    1989-09-01

    Certain governmental information must be classified for national security reasons. However, the national security benefits from classifying information are usually accompanied by significant costs -- those due to a citizenry not fully informed on governmental activities, the extra costs of operating classified programs and procuring classified materials (e.g., weapons), the losses to our nation when advances made in classified programs cannot be utilized in unclassified programs. The goal of a classification system should be to clearly identify that information which must be protected for national security reasons and to ensure that information not needing such protection is not classified. This document was prepared to help attain that goal. This document is the first of a planned four-volume work that comprehensively discusses the security classification of information. Volume 1 broadly describes the need for classification, the basis for classification, and the history of classification in the United States from colonial times until World War 2. Classification of information since World War 2, under Executive Orders and the Atomic Energy Acts of 1946 and 1954, is discussed in more detail, with particular emphasis on the classification of atomic energy information. Adverse impacts of classification are also described. Subsequent volumes will discuss classification principles, classification management, and the control of certain unclassified scientific and technical information. 340 refs., 6 tabs.

  16. PIA - Access Security Plan, Bechtel Jacobs Company LLC | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Access Security Plan, Bechtel Jacobs Company LLC PIA - Access Security Plan, Bechtel Jacobs Company LLC PIA - Access Security Plan, Bechtel Jacobs Company LLC PDF icon PIA - Access Security Plan, Bechtel Jacobs Company LLC More Documents & Publications Occupational Medical Surveillance System (OMSS) PIA, Idaho National Laboratory PIA - WEB iPASS System DOE PIA

  17. PIA - WEB Physical Security Major Application | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Physical Security Major Application PIA - WEB Physical Security Major Application PIA - WEB Physical Security Major Application PDF icon PIA - WEB Physical Security Major Application More Documents & Publications PIA - WEB Unclassified Business Operations General Support System Occupational Medical Surveillance System (OMSS) PIA, Idaho National Laboratory PIA - Advanced Test Reactor National Scientific User Facility Users Week 2009

  18. Open PCS Security Architecture For Interoperable Design (OPSAID) |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Open PCS Security Architecture For Interoperable Design (OPSAID) Open PCS Security Architecture For Interoperable Design (OPSAID) The OPSAID program provides a design basis for vendors to build add-on security devices. The addition of these devices can bring the security of legacy systems up to an acceptable level, while providing a path forward for the development of inherently-secure PCS elements in the future. PDF icon Open PCS Security Architecture For Interoperable

  19. Special Training Materials | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    68 Special Report: IG-0868 August 29, 2012 Inquiry into the Security Breach at the National Nuclear Security Administration's Y-12 National Security Complex We initiated this inquiry to identify the circumstances surrounding the Y-12 National Security Complex breach because of the importance of ensuring the safe and secure storage of nuclear materials. Our review found that the Y-12 security incident represented multiple system failures on several levels. We identified troubling displays of

  20. Headquarters Facilities Master Security Plan- Chapter 10, Security Awareness Program

    Broader source: Energy.gov [DOE]

    2016 Headquarters Facilities Master Security Plan - Chapter 10, Security Awareness Program Describes the DOE Headquarters Security Awareness Program

  1. Headquarters Facilities Master Security Plan- Chapter 8, Operations Security Program

    Broader source: Energy.gov [DOE]

    2016 Headquarters Facilities Master Security Plan - Chapter 8, Operations Security Program Describes the DOE Headquarters Operations Security (OPSEC) Program.

  2. Headquarters Facilities Master Security Plan- Chapter 14, Cyber Security

    Broader source: Energy.gov [DOE]

    2016 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security Describes the DOE Headquarters Cyber Security Program.

  3. Mechanisms of Convective Cloud Organization by Cold Pools over Tropical Warm Ocean during the AMIE/DYNAMO Field Campaign

    SciTech Connect (OSTI)

    Feng, Zhe; Hagos, Samson M.; Rowe, Angela; Burleyson, Casey D.; Martini, Matus; de Szoeke, S.

    2015-06-01

    This paper investigates the mechanisms of convective cloud organization by precipitation-driven cold pools over the warm tropical Indian Ocean during the 2011 Atmospheric Radiation Measurement (ARM) Madden-Julian Oscillation (MJO) Investigation Experiment / Dynamics of the MJO (AMIE/DYNAMO) field campaign. A high-resolution regional model simulation is performed using the Weather Research and Forecasting model during the transition from suppressed to active phases of the November 2011 MJO. The simulated cold pool lifetimes, spatial extent and thermodynamic properties agree well with the radar and ship-borne observations from the field campaign. The thermodynamic and dynamic structures of the outflow boundaries of isolated and intersecting cold pools in the simulation and the associated secondary cloud populations are examined. Intersecting cold pools last more than twice as long, are twice as large, 41% more intense (measured by buoyancy), and 62% deeper than isolated cold pools. Consequently, intersecting cold pools trigger 73% more convective clouds than isolated ones. This is possibly due to stronger outflows that enhance secondary updraft velocities by up to 45%. However, cold pool-triggered convective clouds grow into deep convection not because of the stronger secondary updrafts at cloud base, but rather due to closer spacing (aggregation) between clouds and larger cloud clusters that formed along the cold pool boundaries when they intersect. The close spacing of large clouds moistens the local environment and reduces entrainment drying, allowing the clouds to further develop into deep convection. Implications to the design of future convective parameterization with cold pool-modulated entrainment rates are discussed.

  4. Security for grids

    SciTech Connect (OSTI)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  5. Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2002-03-18

    To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

  6. Headquarters Facilities Master Security Plan - Chapter 10, Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    receives hisher security clearance; the Annual Security Refresher Briefing, which must be completed each year by all those who hold a security clearance; and the Security ...

  7. Headquarters Facilities Master Security Plan- Chapter 3, Personnel Security

    Broader source: Energy.gov [DOE]

    2016 Headquarters Facilities Master Security Plan - Chapter 3, Personnel Security Describes DOE Headquarters Personnel Security procedures for acquiring, maintaining, and passing security clearances.

  8. Nuclear Security Enterprise | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Study options for ensuring the safety, security, and reliability of nuclear warheads on a ... required to ensure the long-term safety, security, and reliability of the nuclear arsenal.

  9. DEMO Project Goals | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    DEMO Project Goals | National Nuclear Security Administration Facebook Twitter Youtube ... and responsiveness of the position classification system to managers; Increase the ...

  10. Request for Proposal | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Attachment L-9 - Accounting System Questionnaire Attachment L-10 - Contract Security Classification Specification (CSCS) Attachment L-11 - Basis of Estimate Log Attachment L-12 ...

  11. Individualized Site Training | National Nuclear Security Administratio...

    National Nuclear Security Administration (NNSA)

    Blog Home About Us Our Programs Defense Nuclear Security Nuclear Materials Management & Safeguards System Training ... U.S. Department of Energy U.S. Nuclear ...

  12. Change Request Forms | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Blog Home About Us Our Programs Defense Nuclear Security Nuclear Materials Management & Safeguards System NMMSS ... Change Request Forms U.S. Department of Energy ...

  13. Action Codes Table | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Blog Home About Us Our Programs Defense Nuclear Security Nuclear Materials Management & Safeguards System NMMSS ... Action Codes Table U.S. Department of Energy ...

  14. Office of Security Assessments | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Office has established and maintains a continuous program for assessing the security ... force-on-force exercises using weapons simulation systems and limited-notice performance ...

  15. NMMSS Information, Reports & Forms | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    Us Our Programs Defense Nuclear Security Nuclear Materials Management & Safeguards System NMMSS Information, Reports & Forms NMMSS Information, Reports & Forms D-23 DOE...

  16. National Nuclear Security Administration Contractor Governance...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of NNSA's approach to contractor governance. In 2009, in response to the President's ... Given the near total reliance on contractor ... that the site's physical security systems ...

  17. Cybersecurity Intrusion Detection and Security Monitoring for...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    A formal investigation of security weaknesses will sample over-the-air traffic in a production system. The application of deep packet inspection and behavioral and statistical ...

  18. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  19. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    For many years we have supported the development of a nuclear powered moon base. While current concepts focus on Stirling engine power systems, the Fission Surface power program lead to our initial discoveries of a closed Brayton cycle power system. For the current program, Sandia has developed a reactor simulator to drive Stirling engines under moon-like conditions at naSa. In the past year, Sandia has teamed with northrop Grumman aerospace to develop a Solar Electric propulsion (SEp) system

  20. Information Technology Specialist (Security)

    Broader source: Energy.gov [DOE]

    A successful candidate in this position will serve as an Information Technology Specialist (Security) responsible for providing technical support in the information security environment which...

  1. Advancing Global Nuclear Security

    Broader source: Energy.gov [DOE]

    Today world leaders gathered at The Hague for the Nuclear Security Summit, a meeting to measure progress and take action to secure sensitive nuclear materials.

  2. Personnel Security Specialist

    Broader source: Energy.gov [DOE]

    This position is located in the Office of Associate Under Secretary for Environment, Health, Safety, and Security (AU), Office of Headquarters Personnel Security Operations. A successful candidate...

  3. National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    U.S. Department of Energy National Nuclear Security Administration Federal Equal ... of September 24, 2011 3 The Department of Energy (DOE) National Nuclear Security ...

  4. National Security, Weapons Science

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    National Security, Weapons Science National security depends on science and technology. The United States relies on Los Alamos National Laboratory for the best of...

  5. Personnel Security Activities

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-25

    Establishes objectives, requirements and responsibilities for the Personnel Security Program and Personnel Security Assurance Program. Cancels DOE O 472.1B

  6. Women @ Energy: Amy Bauer

    Broader source: Energy.gov [DOE]

    "Do something you are passionate about. Don’t wait for your opportunities; position yourself opportunistically and create them! Develop and adhere to a strong work ethic. Think for yourself. Listen and be heard. Find a way to do what’s right, even if it is an unpopular thing."

  7. Scientist profile: Amy Bauer

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    angiogenesis). Her research suggested a way to combat cancer by starving a tumor of its blood flow and rendering it harmless. She also studied tuberculosis and HIV co-infection,...

  8. ADP computer security classification program

    SciTech Connect (OSTI)

    Augustson, S.J.

    1984-01-01

    CG-ADP-1, the Automatic Data Processing Security Classification Guide, provides for classification guidance (for security information) concerning the protection of Department of Energy (DOE) and DOE contractor Automatic Data Processing (ADP) systems which handle classified information. Within the DOE, ADP facilities that process classified information provide potentially lucrative targets for compromise. In conjunction with the security measures required by DOE regulations, necessary precautions must be taken to protect details of those ADP security measures which could aid in their own subversion. Accordingly, the basic principle underlying ADP security classification policy is to protect information which could be of significant assistance in gaining unauthorized access to classified information being processed at an ADP facility. Given this policy, classification topics and guidelines are approved for implementation. The basic program guide, CG-ADP-1 is broad in scope and based upon it, more detailed local guides are sometimes developed and approved for specific sites. Classification topics are provided for system features, system and security management, and passwords. Site-specific topics can be addressed in local guides if needed.

  9. INL Cyber Security Research (2008) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    INL Cyber Security Research (2008) INL Cyber Security Research (2008) Cybersecurity research at INL will help protect critical infrastructure control system computers against worms and other viruses. PDF icon INL Cyber Security Research (2008) More Documents & Publications Mitigations for Security Vulnerabilities Found in Control System Networks The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations

  10. PIA - Savannah River Nuclear Solutions Electronic Safeguards Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    System (E3S) | Department of Energy Electronic Safeguards Security System (E3S) PIA - Savannah River Nuclear Solutions Electronic Safeguards Security System (E3S) PIA - Savannah River Nuclear Solutions Electronic Safeguards Security System (E3S) PDF icon PIA - Savannah River Nuclear Solutions Electronic Safeguards Security System (E3S) More Documents & Publications PIA - 10th International Nuclear Graphite Specialists Meeting registration web site PIA - HSPD-12 Physical and Logical

  11. Asian Energy Security

    SciTech Connect (OSTI)

    Peter Hayes, PhD

    2003-12-01

    OAK-B135 In the Asian Energy Security (AES) Project, Nautilus Institute works together with a network of collaborating groups from the countries of Northeast Asia to evaluate the energy security implications of different national and regional energy ''paths''. The goal of the Asia Energy Security project is to illuminate energy paths--and the energy policy choices that might help to bring them about--that result in a higher degree of energy security for the region and for the world as a whole, that is, to identify energy paths that are ''robust'' in meeting many different energy security and development objectives, while also offering flexibility in the face of uncertainty. In work to date, Nautilus has carefully assembled a network of colleagues from the countries of the region, trained them together as a group in the use of a common, flexible, and transparent energy and environmental analysis planning software tool (LEAP, the Long-range Energy Alternatives Planning system), and worked with them to prepare base-year energy sector models for each country. To date, complete data sets and models for ''Business as Usual'' (BAU) energy paths have been compiled for China, Japan, the Republic of Korea, and the Democratic Peoples' Republic of Korea. A partial data set and BAU path has been compiled for the Russian Far East, and a data set is being started in Mongolia, where a team of researchers has just joined the AES project. In several countries, ''Alternative'' energy paths have been developed as well, or partially elaborated. National energy sector developments, progress on national LEAP modeling, additional LEAP training, and planning for the next phase of the AES project were the topics of a recent (early November) workshop held in Vancouver, British Columbia. With funding from the Department of Energy, Nautilus is poised to build upon the successes of the project to date with a coordinated international effort to research the energy security ramifications of regional coordination on energy issues in Northeast Asia. The paragraphs below summarize Nautilus' plans for the AES project in the coming months.

  12. FOILFEST :community enabled security.

    SciTech Connect (OSTI)

    Moore, Judy Hennessey; Johnson, Curtis Martin; Whitley, John B.; Drayer, Darryl Donald; Cummings, John C., Jr.

    2005-09-01

    The Advanced Concepts Group of Sandia National Laboratories hosted a workshop, ''FOILFest: Community Enabled Security'', on July 18-21, 2005, in Albuquerque, NM. This was a far-reaching look into the future of physical protection consisting of a series of structured brainstorming sessions focused on preventing and foiling attacks on public places and soft targets such as airports, shopping malls, hotels, and public events. These facilities are difficult to protect using traditional security devices since they could easily be pushed out of business through the addition of arduous and expensive security measures. The idea behind this Fest was to explore how the public, which is vital to the function of these institutions, can be leveraged as part of a physical protection system. The workshop considered procedures, space design, and approaches for building community through technology. The workshop explored ways to make the ''good guys'' in public places feel safe and be vigilant while making potential perpetrators of harm feel exposed and convinced that they will not succeed. Participants in the Fest included operators of public places, social scientists, technology experts, representatives of government agencies including DHS and the intelligence community, writers and media experts. Many innovative ideas were explored during the fest with most of the time spent on airports, including consideration of the local airport, the Albuquerque Sunport. Some provocative ideas included: (1) sniffers installed in passage areas like revolving door, escalators, (2) a ''jumbotron'' showing current camera shots in the public space, (3) transparent portal screeners allowing viewing of the screening, (4) a layered open/funnel/open/funnel design where open spaces are used to encourage a sense of ''communitas'' and take advantage of citizen ''sensing'' and funnels are technological tunnels of sensors (the tunnels of truth), (5) curved benches with blast proof walls or backs, (6) making it easy for the public to report, even if not sure/''non-event'' (e.g. ''I'm uncomfortable'') and processing those reports in aggregate not individually, (7) transforming the resident working population into a part-time undercover security/sensor force through more innovative training and (8) adding ambassadors/security that engage in unexpected conversation with the public. The group recommended that we take actions to pursue the following ideas next: (a) A concept for a mobile sensor transport (JMP); (b) Conduct a follow-on workshop; (c) Conduct social experiments/activities to see how people would react to the concepts related to community and security; (d) Explore further aesthetically pleasing, blast-resistance seating areas; and (e) The Art of Freedom (an educational, multi-media campaign).

  13. port security

    National Nuclear Security Administration (NNSA)

    0%2A en NNSA Transfers Responsibility for Radiation Detection System to China Customs http:nnsa.energy.govmediaroompressreleasesnnsa%E2%80%99s-second-line-defense

  14. emergency exercise | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    emergency exercise Emergency Exercise to Focus on Aerial Radiation Detection and Measuring Systems at Nevada National Security Site LAS VEGAS - The National Nuclear Security Administration (NNSA) and the Department of Homeland Security's Federal Emergency Management Agency (FEMA) will be sponsoring an Aerial Measuring System (AMS) WINGS exercise March 25-27, the agencies announced today. WINGS is a series of tabletop exercises... Emergency Exercise to Focus on Aerial Radiation Detection and

  15. Integrated Safeguards and Security Management (ISSM) Policy

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-05-08

    The purpose of this Policy is to formalize an Integrated Safeguards and Security Management (ISSM) framework. Safeguards and security management systems provide a formal, organized process for planning, performing, assessing, and improving the secure conduct of work in accordance with risk-based protection strategies. These systems are institutionalized through Department of Energy (DOE) directives and contracts. Does not cancel other directives. Canceled by DOE P 470.1A.

  16. Radiological Security Partnership | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Administration Programs / Nonproliferation / Global Material Security / Radiological Security Radiological Security Partnership Radiological Security Partnership Secure Your Business, Your Community, and Your Country. Sign Up Today for Services Provided by the Radiological Security Partnership. RSP Logo Initiative of the Global Material Security Program Formerly the Global Threat Reduction Initiative RSP Registration RSP More Info Learn More Radiological Security Partnership Information

  17. Alliance Project: Cyber-Physical Security Unified Access Solution

    Energy Savers [EERE]

    Alliance Project: Cyber-Physical Security Unified Access Solution Unified cyber-physical security to protect energy sector control systems and facilities Background The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards require utility operators to control, monitor, and record physical access to cybersecurity assets and establish physical security perimeters (PSPs). Many operators engage security contractors to provide access controls,

  18. Office of Security Assistance

    Broader source: Energy.gov [DOE]

    The Office of Security Assistance manages the Technology Deployment Program to improve the security posture of the Department of Energy and the protection of its assets and facilities through the deployment of new safeguards and security technologies and development of advanced technologies that reduce operating costs, save protective force lives, and improve security effectiveness.

  19. Personnel Security Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1998-05-22

    This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE). This Manual addresses only the Personnel Security Program.

  20. Personnel Security Program Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2000-11-16

    provides detailed requirements and procedures to supplement DOE O 472.1B, PERSONNEL SECURITY ACTIVITIES, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Cancels DOE M 472.1-1

  1. CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Systems Are Under Way, but Challenges Remain | Department of Energy CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain GAO is making recommendations to the Department of Homeland Security (DHS) to develop a strategy for coordinating control systems security efforts and to enhance information sharing with relevant

  2. Safeguards and Security for Program and Project Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2013-08-15

    This Guide addresses the implementation steps for achieving safeguards and security systems that support the Department's projection objectives.

  3. Implementing Information Security and Its Technology: A LineManagement...

    Office of Scientific and Technical Information (OSTI)

    Country of Publication: United States Language: English Subject: 29; 99; INFORMATION SYSTEMS; MANAGEMENT; SECURITY cybersecurity cyberlaw information management privacy Word...

  4. Numerical Simulation of Inter-basin Groundwater Flow into Northern Yucca Flat, Nevada National Security Site, Using the Death Valley Regional Flow System Model

    SciTech Connect (OSTI)

    Pohlmann Karl,Ye Ming

    2012-03-01

    Models of groundwater flow for the Yucca Flat area of the Nevada National Security Site (NNSS) are under development by the U.S. Department of Energy (DOE) for corrective action investigations of the Yucca Flat-Climax Mine Corrective Action Unit (CAU). One important aspect of these models is the quantity of inter-basin groundwater flow from regional systems to the north. This component of flow, together with its uncertainty, must be properly accounted for in the CAU flow models to provide a defensible regional framework for calculations of radionuclide transport that will support determinations of the Yucca Flat-Climax Mine contaminant boundary. Because characterizing flow boundary conditions in northern Yucca Flat requires evaluation to a higher level of detail than the scale of the Yucca Flat-Climax Mine CAU model can efficiently provide, a study more focused on this aspect of the model was required.

  5. Macro Security Methodology for Conducting Facility Security and Sustainability Assessments

    SciTech Connect (OSTI)

    Herdes, Greg A.; Freier, Keith D.; Wright, Kyle A.

    2007-07-09

    Pacific Northwest National Laboratory (PNNL) has developed a macro security strategy that not only addresses traditional physical protection systems, but also focuses on sustainability as part of the security assessment and management process. This approach is designed to meet the needs of virtually any industry or environment requiring critical asset protection. PNNL has successfully demonstrated the utility of this macro security strategy through its support to the NNSA Office of Global Threat Reduction implementing security upgrades at international facilities possessing high activity radioactive sources that could be used in the assembly of a radiological dispersal device, commonly referred to as a dirty bomb. Traditional vulnerability assessments provide a snap shot in time of the effectiveness of a physical protection system without significant consideration to the sustainability of the component elements that make up the system. This paper describes the approach and tools used to integrate technology, plans and procedures, training, and sustainability into a simple, quick, and easy-to-use security assessment and management tool.

  6. Secure Storage Architectures

    SciTech Connect (OSTI)

    Aderholdt, Ferrol; Caldwell, Blake A; Hicks, Susan Elaine; Koch, Scott M; Naughton, III, Thomas J; Pogge, James R; Scott, Stephen L; Shipman, Galen M; Sorrillo, Lawrence

    2015-01-01

    The purpose of this report is to clarify the challenges associated with storage for secure enclaves. The major focus areas for the report are: - review of relevant parallel filesystem technologies to identify assets and gaps; - review of filesystem isolation/protection mechanisms, to include native filesystem capabilities and auxiliary/layered techniques; - definition of storage architectures that can be used for customizable compute enclaves (i.e., clarification of use-cases that must be supported for shared storage scenarios); - investigate vendor products related to secure storage. This study provides technical details on the storage and filesystem used for HPC with particular attention on elements that contribute to creating secure storage. We outline the pieces for a a shared storage architecture that balances protection and performance by leveraging the isolation capabilities available in filesystems and virtualization technologies to maintain the integrity of the data. Key Points: There are a few existing and in-progress protection features in Lustre related to secure storage, which are discussed in (Chapter 3.1). These include authentication capabilities like GSSAPI/Kerberos and the in-progress work for GSSAPI/Host-keys. The GPFS filesystem provides native support for encryption, which is not directly available in Lustre. Additionally, GPFS includes authentication/authorization mechanisms for inter-cluster sharing of filesystems (Chapter 3.2). The limitations of key importance for secure storage/filesystems are: (i) restricting sub-tree mounts for parallel filesystem (which is not directly supported in Lustre or GPFS), and (ii) segregation of hosts on the storage network and practical complications with dynamic additions to the storage network, e.g., LNET. A challenge for VM based use cases will be to provide efficient IO forwarding of the parallel filessytem from the host to the guest (VM). There are promising options like para-virtualized filesystems to help with this issue, which are a particular instances of the more general challenge of efficient host/guest IO that is the focus of interfaces like virtio. A collection of bridging technologies have been identified in Chapter 4, which can be helpful to overcome the limitations and challenges of supporting efficient storage for secure enclaves. The synthesis of native filesystem security mechanisms and bridging technologies led to an isolation-centric storage architecture that is proposed in Chapter 5, which leverages isolation mechanisms from different layers to facilitate secure storage for an enclave. Recommendations: The following highlights recommendations from the investigations done thus far. - The Lustre filesystem offers excellent performance but does not support some security related features, e.g., encryption, that are included in GPFS. If encryption is of paramount importance, then GPFS may be a more suitable choice. - There are several possible Lustre related enhancements that may provide functionality of use for secure-enclaves. However, since these features are not currently integrated, the use of Lustre as a secure storage system may require more direct involvement (support). (*The network that connects the storage subsystem and users, e.g., Lustre s LNET.) - The use of OpenStack with GPFS will be more streamlined than with Lustre, as there are available drivers for GPFS. - The Manilla project offers Filesystem as a Service for OpenStack and is worth further investigation. Manilla has some support for GPFS. - The proposed Lustre enhancement of Dynamic-LNET should be further investigated to provide more dynamic changes to the storage network which could be used to isolate hosts and their tenants. - The Linux namespaces offer a good solution for creating efficient restrictions to shared HPC filesystems. However, we still need to conduct a thorough round of storage/filesystem benchmarks. - Vendor products should be more closely reviewed, possibly to include evaluation of performance/protection of select products. (Note, we are investigation the option of evaluating equipment from Seagate/Xyratex.) Outline: The remainder of this report is structured as follows: - Section 1: Describes the growing importance of secure storage architectures and highlights some challenges for HPC. - Section 2: Provides background information on HPC storage architectures, relevant supporting technologies for secure storage and details on OpenStack components related to storage. Note, that background material on HPC storage architectures in this chapter can be skipped if the reader is already familiar with Lustre and GPFS. - Section 3: A review of protection mechanisms in two HPC filesystems; details about available isolation, authentication/authorization and performance capabilities are discussed. - Section 4: Describe technologies that can be used to bridge gaps in HPC storage and filesystems to facilitate...

  7. Water Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Water Power Events Water Power Events Below is an industry calendar with meetings, conferences, and webinars of interest to the conventional hydropower and marine and hydrokinetic technology communities.

    Water Power Information Resources Water Power Information Resources How Hydropower Works How Hydropower Works See a detailed view of the inside of a hydropower energy generation system. Read more Marine and Hydrokinetic Technology Database on OpenEI Marine and Hydrokinetic Technology Database

  8. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    legacy of nuclear Waste Management Snl is the only national laboratory that has experienced and participated in two transitions from 'science to compliance,' (WIpp and YM) like those that will be required in the licensing of any future nuclear waste disposal facility. Key aspects of this experience have been the integration of experimental programs and conceptual facility design and the use of system-level analyses to guide decision making in research and regulatory environments. Snl has used

  9. Nuclear Security Summit | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Nuclear Security Summit U.S. and China Continue Cooperative Partnership to Advance Safe, Secure Civil Nuclear Energy for Clean Energy Future DOE/NNSA Hosts 11th U.S.-China Peaceful Uses of Nuclear Technology Meeting at Savannah River National Laboratory in Aiken, South Carolina (Aiken, South Carolina) - On May 10-11, 2016 the U.S. Department of Energy's (DOE) National Nuclear Security Administration (NNSA) and the China... Statement on Signing of the Administrative Arrangement to the Agreement

  10. Radiological Security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    About / Our Programs / Nonproliferation / Global Material Security Radiological Security The program collaborates with domestic and international partners to address the threat of illicit use of high-priority radiological materials in the United States and abroad. The Radiological Security program accomplishes its mission by removing and disposing of excess or orphaned radioactive sources; promoting the replacement of radioactive sources with non-isotopic technologies, where feasible; and

  11. Design of a smart, survivable sensor system for enhancing the safe and secure transportation of hazardous or high-value cargo on railroads

    SciTech Connect (OSTI)

    Hogan, J.R.; Rey, D.; Faas, S.E.

    1994-01-01

    An application of smart sensor technology developed by Sandia National Laboratories for use in the safe and secure transportation of high value of hazardous materials is proposed for a railroad application. The Green Box would be capable of surviving most typical railroad accidents. In an accident, the system would send a distress signal notifying authorities of the location and condition of the cargo; permitting them to respond in the most effective manner. The concept proposes a strap-on sensor package, the Green Box, that could be attached to any railroad car or cargo container. Its primary purpose is to minimize the number, severity and consequences of accidents and to reduce losses due to theft. The system would also be capable of recognizing component failure conditions, notifying the operators and logging sensor data for use in directing preventative maintenance. The modular implementation, which facilitates system integration in a number of applications including the Advanced Train Control System (ACTS), is discussed. The methodology for determining the environmental specification for accident survivability is presented. A test plan for evaluating hardware performance in both normal operating and accident conditions is described.

  12. Electronic security device

    DOE Patents [OSTI]

    Eschbach, E.A.; LeBlanc, E.J.; Griffin, J.W.

    1992-03-17

    The present invention relates to a security device having a control box containing an electronic system and a communications loop over which the system transmits a signal. The device is constructed so that the communications loop can extend from the control box across the boundary of a portal such as a door into a sealed enclosure into which access is restricted whereby the loop must be damaged or moved in order for an entry to be made into the enclosure. The device is adapted for detecting unauthorized entries into such enclosures such as rooms or containers and for recording the time at which such entries occur for later reference. Additionally, the device detects attempts to tamper or interfere with the operation of the device itself and records the time at which such events take place. In the preferred embodiment, the security device includes a microprocessor-based electronic system and a detection module capable of registering changes in the voltage and phase of the signal transmitted over the loop. 11 figs.

  13. Electronic security device

    DOE Patents [OSTI]

    Eschbach, Eugene A.; LeBlanc, Edward J.; Griffin, Jeffrey W.

    1992-01-01

    The present invention relates to a security device having a control box (12) containing an electronic system (50) and a communications loop (14) over which the system transmits a signal. The device is constructed so that the communications loop can extend from the control box across the boundary of a portal such as a door into a sealed enclosure into which access is restricted whereby the loop must be damaged or moved in order for an entry to be made into the enclosure. The device is adapted for detecting unauthorized entries into such enclosures such as rooms or containers and for recording the time at which such entries occur for later reference. Additionally, the device detects attempts to tamper or interfere with the operation of the device itself and records the time at which such events take place. In the preferred embodiment, the security device includes a microprocessor-based electronic system (50) and a detection module (72) capable of registering changes in the voltage and phase of the signal transmitted over the loop.

  14. National Nuclear Security Administration | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration Rights / Workforce Statistics National Nuclear Security Administration FY15 Year End Report Semi Annual Report FY14 Year End Report Semi Annual Report

  15. nuclear security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    25M NNSA Grant for Nuclear Science and Security Research Working With PNNL Mentors, Engineering Students Deliver Prototype Safeguards Fixtures Shaping the future of nuclear ...

  16. Tag: security | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    our website, please follow these instructions. More... Category: Security Emergency Vocabulary These are terms you might hear during an emergency situation. More... Category:...

  17. Nuclear Security 101 | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Twenty-eight nations have plans to eliminate all current stocks of HEU by the end of 2013. Upgrading security measures, including physical protection, material control and ...

  18. Security Notice | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Notice This computer system is operated on a U.S. Federal Government network (unclassified information only). This system is for the use of authorized users only. Unauthorized access is prohibited and makes you liable to civil and criminal penalties. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities monitored and recorded by system personnel. In the course of monitoring individuals improperly using

  19. Security Improvements Project Completed Ahead of Schedule, $20 Million

    National Nuclear Security Administration (NNSA)

    Under Budget | National Nuclear Security Administration Security Improvements Project Completed Ahead of Schedule, $20 Million Under Budget April 07, 2014 WASHINGTON, D.C. - The National Nuclear Security Administration's (NNSA) Security Improvements Project (SIP) was recently completed ahead of schedule and approximately $20 million under its original budget of $72 million. SIP upgraded security at Y-12 by replacing existing alarm stations and access control systems with Argus, a

  20. Hallmark Project Commercialization of the Secure SCADA Communications

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Protocol, a cryptographic security solution for device-to-device communication | Department of Energy Project Commercialization of the Secure SCADA Communications Protocol, a cryptographic security solution for device-to-device communication Hallmark Project Commercialization of the Secure SCADA Communications Protocol, a cryptographic security solution for device-to-device communication Increased connectivity and automation in the control systems that manage the nation's energy

  1. Collaborative Utility Task Force Partners with DOE to Develop Cyber

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security Requirements for Advanced Metering Infrastructure | Department of Energy Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure The Advanced Metering Infrastructure Security (AMI-SEC) Task Force announces the release of the AMI System Security Requirements, a first-of-its-kind for the

  2. Sandia National Laboratories: National Security Missions: International

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Homeland and Nuclear Security: Cyber and Infrastructure Security Cyber and Infrastructure Security Cyber Infrastructure Image We assess physical and cyber vulnerabilities under a common risk-management framework. We conduct large-scale analyses to understand infrastructure interdependencies and guide efforts to improve resiliency. We develop technologies for preventing disruption and enhancing recovery in vital cyber systems. We are committed to working with U.S. government agencies to

  3. Sandia National Laboratories: National Security Programs

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Nuclear Weapons Defense Systems International, Homeland, & Nuclear Security Energy and Climate Facebook Twitter YouTube Flickr RSS Programs National Security Programs We strive to become the laboratory that the U.S. turns to first for technology solutions to the most challenging problems that threaten peace and freedom for our nation and the globe. At Sandia, national security is our business. We apply advanced science and engineering to help our nation and allies detect, repel, defeat, or

  4. Mathematical and Statistical Opportunities in Cyber Security

    Office of Scientific and Technical Information (OSTI)

    Mathematical and Statistical Opportunities in Cyber Security ∗ Juan Meza † Scott Campbell ‡ David Bailey § Abstract The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question "What fundamental problems exist within cyber security research that can be helped by advanced

  5. Cyber Security Audit and Attack Detection Toolkit

    SciTech Connect (OSTI)

    Peterson, Dale

    2012-05-31

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  6. Wide Area Security Region Final Report

    SciTech Connect (OSTI)

    Makarov, Yuri V.; Lu, Shuai; Guo, Xinxin; Gronquist, James; Du, Pengwei; Nguyen, Tony B.; Burns, J. W.

    2010-03-31

    This report develops innovative and efficient methodologies and practical procedures to determine the wide-area security region of a power system, which take into consideration all types of system constraints including thermal, voltage, voltage stability, transient and potentially oscillatory stability limits in the system. The approach expands the idea of transmission system nomograms to a multidimensional case, involving multiple system limits and parameters such as transmission path constraints, zonal generation or load, etc., considered concurrently. The security region boundary is represented using its piecewise approximation with the help of linear inequalities (so called hyperplanes) in a multi-dimensional space, consisting of system parameters that are critical for security analyses. The goal of this approximation is to find a minimum set of hyperplanes that describe the boundary with a given accuracy. Methodologies are also developed to use the security hyperplanes, pre-calculated offline, to determine system security margins in real-time system operations, to identify weak elements in the system, and to calculate key contributing factors and sensitivities to determine the best system controls in real time and to assist in developing remedial actions and transmission system enhancements offline . A prototype program that automates the simulation procedures used to build the set of security hyperplanes has also been developed. The program makes it convenient to update the set of security hyperplanes necessitated by changes in system configurations. A prototype operational tool that uses the security hyperplanes to assess security margins and to calculate optimal control directions in real time has been built to demonstrate the project success. Numerical simulations have been conducted using the full-size Western Electricity Coordinating Council (WECC) system model, and they clearly demonstrated the feasibility and the effectiveness of the developed technology. Recommendations for the future work have also been formulated.

  7. Secure authenticated video equipment

    SciTech Connect (OSTI)

    Doren, N.E.

    1993-07-01

    In the verification technology arena, there is a pressing need for surveillance and monitoring equipment that produces authentic, verifiable records of observed activities. Such a record provides the inspecting party with confidence that observed activities occurred as recorded, without undetected tampering or spoofing having taken place. The secure authenticated video equipment (SAVE) system provides an authenticated series of video images of an observed activity. Being self-contained and portable, it can be installed as a stand-alone surveillance system or used in conjunction with existing monitoring equipment in a non-invasive manner. Security is provided by a tamper-proof camera enclosure containing a private, electronic authentication key. Video data is transferred communication link consisting of a coaxial cable, fiber-optic link or other similar media. A video review station, located remotely from the camera, receives, validates, displays and stores the incoming data. Video data is validated within the review station using a public key, a copy of which is held by authorized panics. This scheme allows the holder of the public key to verify the authenticity of the recorded video data but precludes undetectable modification of the data generated by the tamper-protected private authentication key.

  8. Cognitive models applied to human effectiveness in national security environments (ergonomics of augmented cognition system design and application).

    SciTech Connect (OSTI)

    Ntuen, Celestine; Winchester, Woodrow III

    2004-06-01

    In complex simulation systems where humans interact with computer-generated agents, information display and the interplay of virtual agents have become dominant media and modalities of interface design. This design strategy is reflected in augmented reality (AR), an environment where humans interact with computer-generated agents in real-time. AR systems can generate large amount of information, multiple solutions in less time, and perform far better in time-constrained problem solving. The capabilities of AR have been leveraged to augment cognition in human information processing. In this sort of augmented cognition (AC) work system, while technology has become the main source for information acquisition from the environment, the human sensory and memory capacities have failed to cope with the magnitude and scale of information they encounter. This situation generates opportunity for excessive cognitive workloads, a major factor in degraded human performance. From the human effectiveness point of view, research is needed to develop, model, and validate simulation tools that can measure the effectiveness of an AR technology used to support the amplification of human cognition. These tools will allow us to predict human performance for tasks executed under an AC tool construct. This paper presents an exploration of ergonomics issues relevant to AR and AC systems design. Additionally, proposed research to investigate those ergonomic issues is discussed.

  9. Kansas City National Security Campus | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    Operations Acquisition and Project Management M & O Support Department Kansas City National Security Campus Kansas City National Security Campus National Security Campus ...

  10. SECURITY AND CYBER REPORTS | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SECURITY AND CYBER REPORTS SECURITY AND CYBER REPORTS Office of Security Assessments Office of Security Assessments - Report Titles

  11. Security - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security by Website Administrator Back

  12. Security Notice | Critical Materials Institute

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    User login Username * Password * Request new password Log in Forgot Your Password? Security Notice This computer system is operated on a U.S. Federal Government network (unclassified information only). This system is for the use of authorized users only. Unauthorized access is prohibited and makes you liable to civil and criminal penalties. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities monitored and

  13. Office of Information Security

    Broader source: Energy.gov [DOE]

    The Office of Information Security is responsible for implementation of the Classified Matter Protection and Control Program (CMPC), the Operations Security Program (OPSEC) and the Facility Clearance Program and the Survey Program for Headquarters

  14. nevada national security site

    National Nuclear Security Administration (NNSA)

    7%2A en Nevada National Security Site operator recognized for green fleet http:www.nnsa.energy.govblognevada-national-security-site-operator-recognized-green-fleet

    The...

  15. Office of Security Policy

    Broader source: Energy.gov [DOE]

    The Office of Security Policy is the central source within the Department of Energy for the development and analysis of safeguards and security policies and standards affecting facilities, nuclear materials, personnel, and classified information.

  16. Beyond a series of security nets: Applying STAMP & STPA to port security

    SciTech Connect (OSTI)

    Williams, Adam D.

    2015-11-17

    Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systems and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.

  17. Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Home Y-12 National Security Complex Home Nuclear Deterrence Global Security Naval Reactors Partnerships Security News Search form Search... Search Latest News | CNS, UT chemical...

  18. National Security Science Archive

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    NSS Archive National Security Science Latest Issue:April 2016 past issues All Issues » submit National Security Science Archive National Security Science magazine showcases the importance, breadth, and depth of the Laboratory's scientific and technical work that is used to solve key challenges to U.S. national security. NSS April 2016 April 2016 viewer | web | print NSS July 2014 July 2015 viewer | web | print NSS July 2014 December 2014 viewer | web | print NSS July 2014 July 2014 viewer | web

  19. Security Risk Assessment

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy ... Hydrogen Infrastructure Hydrogen Production Market Transformation Fuel Cells ...

  20. Lab announces security changes

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Lab announces security changes Lab announces security changes The Laboratory is implementing several changes to its security procedures as the result of a recent security assessment conducted jointly by the Department of Defense and Department of Energy. February 23, 2012 Aerial view of Los Alamos National Laboratory Aerial view of Los Alamos National Laboratory. Contact Kevin Roark Communications Office (505) 665-9202 Email LOS ALAMOS, New Mexico, February 23, 2012-Los Alamos National

  1. Security, Safety and Health

    Energy Savers [EERE]

    Security Through Innovation Security Through Innovation December 2, 2014 - 2:28pm Addthis Security, in all forms, can thrive through innovation. With a mission scope that encompasses technology, energy, science, and nuclear security, the Department of Energy (DOE) has been on the forefront of producing ground-breaking solutions to safeguard our nation's precious resources. DOE is working to develop and pioneer the next generation of technology solutions to protect our critical infrastructure.

  2. Energy Security Center

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Energy Security Center Energy Security Center Developing new ideas for reliable, secure, and sustainable carbon neutral energy solutions for the nation-the portal to LANL's diverse energy security research enterprise. Contact Leader Steven Buelow (505) 663 5629 Email Program Administrator Jutta Kayser (505) 663-5649 Email Research focus areas Materials and concepts for clean energy Science for renewable energy sources Superconducting cables Energy storage Fuel cells Mitigating impacts of global

  3. Personnel Security Program Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-07-12

    This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels: DOE M 472.1-1A.

  4. Security of databases

    SciTech Connect (OSTI)

    Yeh, Y.S.

    1985-01-01

    In this thesis, the security of databases using cryptographic methods is considered. An algebra for encrypted relational databases is considered and examined. Other database cryptosystems are presented, namely multilevel secure databases including three different approaches; multikey multilevel, cumulative key multilevel, and permutational multilevel secure databases. Finally, entity-relationship encryption is examined.

  5. Security-by-design handbook.

    SciTech Connect (OSTI)

    Snell, Mark Kamerer; Jaeger, Calvin Dell; Scharmer, Carol; Jordan, Sabina Erteza; Tanuma, Koji; Ochiai, Kazuya; Iida, Toru

    2013-01-01

    This document is a draft SecuritybyDesign (SeBD) handbook produced to support the Work Plan of the Nuclear Security Summit to share best practices for nuclear security in new facility design. The Work Plan calls on States to %E2%80%9Cencourage nuclear operators and architect/engineering firms to take into account and incorporate, where appropriate, effective measures of physical protection and security culture into the planning, construction, and operation of civilian nuclear facilities and provide technical assistance, upon request, to other States in doing so.%E2%80%9D The materials for this document were generated primarily as part of a bilateral project to produce a SeBD handbook as a collaboration between the Japan Atomic Energy Agency (JAEA) Nuclear Nonproliferation Science and Technology Center and Sandia National Laboratories (SNL), which represented the US Department Energy (DOE) National Nuclear Security Administration (NNSA) under a Project Action Sheet PASPP04. Input was also derived based on tours of the Savannah River Site (SRS) and Japan Nuclear Fuel Limited (JNFL) Rokkasho Mixed Oxide Fuel fabrication facilities and associated project lessonslearned. For the purposes of the handbook, SeBD will be described as the systemlevel incorporation of the physical protection system (PPS) into a new nuclear power plant or nuclear facility resulting in a PPS design that minimizes the risk of malicious acts leading to nuclear material theft; nuclear material sabotage; and facility sabotage as much as possible through features inherent in (or intrinsic to) the design of the facility. A fourelement strategy is presented to achieve a robust, durable, and responsive security system.

  6. Predictive Dynamic Security Assessment through Advanced Computing

    SciTech Connect (OSTI)

    Huang, Zhenyu; Diao, Ruisheng; Jin, Shuangshuang; Chen, Yousu

    2014-11-30

    Abstract— Traditional dynamic security assessment is limited by several factors and thus falls short in providing real-time information to be predictive for power system operation. These factors include the steady-state assumption of current operating points, static transfer limits, and low computational speed. This addresses these factors and frames predictive dynamic security assessment. The primary objective of predictive dynamic security assessment is to enhance the functionality and computational process of dynamic security assessment through the use of high-speed phasor measurements and the application of advanced computing technologies for faster-than-real-time simulation. This paper presents algorithms, computing platforms, and simulation frameworks that constitute the predictive dynamic security assessment capability. Examples of phasor application and fast computation for dynamic security assessment are included to demonstrate the feasibility and speed enhancement for real-time applications.

  7. computing | National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    computing NNSA Announces Procurement of Penguin Computing Clusters to Support Stockpile Stewardship at National Labs The National Nuclear Security Administration's (NNSA's) Lawrence Livermore National Laboratory today announced the awarding of a subcontract to Penguin Computing - a leading developer of high-performance Linux cluster computing systems based in Silicon Valley - to bolster computing for stockpile

  8. lllnl | National Nuclear Security Administration

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    lllnl NNSA Announces Procurement of Penguin Computing Clusters to Support Stockpile Stewardship at National Labs The National Nuclear Security Administration's (NNSA's) Lawrence Livermore National Laboratory today announced the awarding of a subcontract to Penguin Computing - a leading developer of high-performance Linux cluster computing systems based in Silicon Valley - to bolster computing for stockpile

  9. MIS | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    MIS NNSA's G2 Management Information System Wins Association for Enterprise Information's (AFEI) "Excellence in Enterprise Information Award" The G2 team and the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information Award. (WASHINGTON, D.C) - The National Nuclear Security Administration (NNSA) has received the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information

  10. Embracing the Cloud for Better Cyber Security

    SciTech Connect (OSTI)

    Shue, Craig A; Lagesse, Brent J

    2011-01-01

    The future of cyber security is inextricably tied to the future of computing. Organizational needs and economic factors will drive computing outcomes. Cyber security researchers and practitioners must recognize the path of computing evolution and position themselves to influence the process to incorporate security as an inherent property. The best way to predict future computing trends is to look at recent developments and their motivations. Organizations are moving towards outsourcing their data storage, computation, and even user desktop environments. This trend toward cloud computing has a direct impact on cyber security: rather than securing user machines, preventing malware access, and managing removable media, a cloud-based security scheme must focus on enabling secure communication with remote systems. This change in approach will have profound implications for cyber security research efforts. In this work, we highlight existing and emerging technologies and the limitations of cloud computing systems. We then discuss the cyber security efforts that would support these applications. Finally, we discuss the implications of these computing architecture changes, in particular with respect to malware and social engineering.

  11. Security classification of information

    SciTech Connect (OSTI)

    Quist, A.S.

    1993-04-01

    This document is the second of a planned four-volume work that comprehensively discusses the security classification of information. The main focus of Volume 2 is on the principles for classification of information. Included herein are descriptions of the two major types of information that governments classify for national security reasons (subjective and objective information), guidance to use when determining whether information under consideration for classification is controlled by the government (a necessary requirement for classification to be effective), information disclosure risks and benefits (the benefits and costs of classification), standards to use when balancing information disclosure risks and benefits, guidance for assigning classification levels (Top Secret, Secret, or Confidential) to classified information, guidance for determining how long information should be classified (classification duration), classification of associations of information, classification of compilations of information, and principles for declassifying and downgrading information. Rules or principles of certain areas of our legal system (e.g., trade secret law) are sometimes mentioned to .provide added support to some of those classification principles.

  12. Safeguards and Security and Cyber Security RM | Department of Energy

    Energy Savers [EERE]

    Safeguards and Security and Cyber Security RM Safeguards and Security and Cyber Security RM The SSCS RM is a tool that assists the DOE federal project review teams in evaluating the technical sufficiency of the project SSCS activities at CD-0 through CD-4. PDF icon Safeguards and Security and Cyber Security RM More Documents & Publications Safeguards and Security Program, acronyms and abbereviations - DOE M 470.4-7 Safeguards and Security Glossary - DOE M 470.4-7 References, Canceled -7

  13. Secure Transportation Management

    SciTech Connect (OSTI)

    Gibbs, P. W.

    2014-10-15

    Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

  14. Beyond a series of security nets: Applying STAMP & STPA to port security

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Williams, Adam D.

    2015-11-17

    Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

  15. Beyond a series of security nets: Applying STAMP & STPA to port security

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Williams, Adam D.

    2015-11-17

    Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore »and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

  16. Homeland Security | U.S. DOE Office of Science (SC)

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Administration Homeland Security Presidential Directive (HSPD)-12 HSPD-12 mandates a common identification standard for all Federal employees and contractors who have a need to access government facilities and information systems. The NNSA goal is to develop a common solution for effective and secure logical and physical access for longer than six months. Individuals who have a valid need to access NNSA-owned security areas, facilities and information systems will be issued an

  17. Homeland Security Presidential Directive (HSPD)-12 | National Nuclear

    National Nuclear Security Administration (NNSA)

    Security Administration Homeland Security Presidential Directive (HSPD)-12 HSPD-12 mandates a common identification standard for all Federal employees and contractors who have a need to access government facilities and information systems. The NNSA goal is to develop a common solution for effective and secure logical and physical access for longer than six months. Individuals who have a valid need to access NNSA-owned security areas, facilities and information systems will be issued an

  18. Cyber security best practices for the nuclear industry

    SciTech Connect (OSTI)

    Badr, I.

    2012-07-01

    When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

  19. Implementing Effective Enterprise Security Governance Outline for Energy Sector Executives and Boards

    Energy Savers [EERE]

    Implementing Effective Enterprise Security Governance Outline for Energy Sector Executives and Boards Introduction As recent attacks, Presidential Executive Order for Improving Critical Infrastructure Cybersecurity, and Presidential Policy Directive 21 for Critical Infrastructure Security and Resilience have illustrated, managing security risks to our most important organizations and systems, including the electric grid, has become a national security priority. Enterprise security program

  20. safeguards and security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    safeguards and security ProForce marks 65 years protecting Sandia resources, facilities, ... Over the past 65 years, the force has changed in size and structure but its mission has... ...

  1. NATIONAL SECURITY TECHNOLOGIES - NEVADA NATIONAL SECURITY SITE

    National Nuclear Security Administration (NNSA)

    - NEVADA NATIONAL SECURITY SITE FISCAL YEARS 2009 THRU 2015 SMALL BUSINESS PROGRAM RESULTS & FORECAST CATEGORY Total Procurement Total SB Small Disad. Bus Woman-Owned SB Hub-Zone ...

  2. Secure Storage | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    material that it protects. Y-12 is the "Fort Knox" of uranium. We oversee the secure management and storage of strategic and special nuclear materials that have been removed...

  3. Privacy and Security Notice | Jefferson Lab

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Privacy and Security Notice Security Notice This is a Federal computer system and is the property of the U.S. Government. It is for authorized use only. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system, associated connected systems and all files may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorized site, Department of Energy, and law enforcement personnel, as well as authorized

  4. Cyber Security Requirements for Risk Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  5. Constructing a Merged Cloud-Precipitation Radar Dataset for Tropical Convective Clouds during the DYNAMO/AMIE Experiment at Addu Atoll

    SciTech Connect (OSTI)

    Feng, Zhe; McFarlane, Sally A.; Schumacher, Courtney; Ellis, Scott; Comstock, Jennifer M.; Bharadwaj, Nitin

    2014-05-16

    To improve understanding of the convective processes key to the Madden-Julian-Oscillation (MJO) initiation, the Dynamics of the MJO (DYNAMO) and Atmospheric Radiation Measurement MJO Investigation Experiment (AMIE) collected four months of observations from three radars, the S-band Polarization Radar (S-Pol), the C-band Shared Mobile Atmospheric Research & Teaching Radar (SMART-R), and Ka-band Zenith Radar (KAZR) on Addu Atoll in the tropical Indian Ocean. This study compares the measurements from the S-Pol and SMART-R to those from the more sensitive KAZR in order to characterize the hydrometeor detection capabilities of the two scanning precipitation radars. Frequency comparisons for precipitating convective clouds and non-precipitating high clouds agree much better than non-precipitating low clouds for both scanning radars due to issues in ground clutter. On average, SMART-R underestimates convective and high cloud tops by 0.3 to 1.1 km, while S-Pol underestimates cloud tops by less than 0.4 km for these cloud types. S-Pol shows excellent dynamic range in detecting various types of clouds and therefore its data are well suited for characterizing the evolution of the 3D cloud structures, complementing the profiling KAZR measurements. For detecting non-precipitating low clouds and thin cirrus clouds, KAZR remains the most reliable instrument. However, KAZR is attenuated in heavy precipitation and underestimates cloud top height due to rainfall attenuation 4.3% of the time during DYNAMO/AMIE. An empirical method to correct the KAZR cloud top heights is described, and a merged radar dataset is produced to provide improved cloud boundary estimates, microphysics and radiative heating retrievals.

  6. Information Security | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Information Security Information security deals with requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or NNSA and Department of Energy (DOE) directives. Classified Matter Protection and Control ensures the protection and control of classified matter. It includes briefing and training requirements for personnel who work with classified on identifying, marking, reproducing, protecting, handling, transmitting,

  7. Sandia Energy - Installation Energy Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Installation Energy Security Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Resilient Electric Infrastructures Military...

  8. What is Security? A perspective on achieving security

    SciTech Connect (OSTI)

    Atencio, Julian J.

    2014-05-05

    This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

  9. Security is Not an Option | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    is Not an Option Security is Not an Option A 10-year roadmap for achieving control system cyber security in the energy industry has been hailed as a model for other industries. Here's a look at progress to date. PDF icon Security is Not an Option More Documents & Publications Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop DOE National SCADA Test Bed Program Multi-Year Plan National SCADA Test Bed - Enhancing control systems security

  10. CNS securing success across both sites | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    securing success across ... CNS securing success across both sites Posted: April 13, 2016 - 12:31pm Pantex Emergency Services members (from left) Maribel Martinez, Brenda Graham and Greg Roddahl learn how to use the Emergency Management Information System, or EMInS. Safeguards, Security and Emergency Services integrated, consolidated and standardized processes at Pantex and Y-12 in 2015. According to Gary Wisdom, SS&ES senior director at Pantex, "The exchange of information has been our

  11. PCS Security Technology Evaluation Tool

    Energy Science and Technology Software Center (OSTI)

    2007-01-30

    P-STET assists in the security technology decision making process from a costlbeneflt perspective. It aids in addressing such questions as whether to acquire and deploy new security technology, to re-configure an existing product or system, or to maintain status quo. P-STET offers both a qualitative and quantitative option. P-STET is most efficient when tailored to an organization’s security cost/benefit environment. It then serves as both a guide to show what types of security questions shouldmore » be addressed and as a means to analyze the data gathered from the questions to make an informed decision. The quantitative option provides a straightforward way to express costs/benefits in terms of dollars. It relies on the organization to quantify benefits or cost avoidances, and, therefore, best serves as a guide to ensure various cost and benefit angles are evaluated. The qualitative option allows the organization to assess costs by levels with respect to security and PCS budgets, operational impacts, and opportunity costs. Benefits are represented in terms of improvements to the organization’s operations and are also assessed by levels with respect to some benchmark such as compliance with best practices. Results are displayed graphically using radar charts, allowing the user to make a more intuitive decision. The shaded area of each chart represents the overall cost and benefit of the security investment. A good investment is denoted when the ratio of benefit shaded area to cost shaded area is large.« less

  12. November 2015 | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    ... This software package speeds up simulations of chemical systems by 1,000-fold over methods ... Y-12 National Security Complex Chemical Identification by Magneto-Elastic Sensing The ...

  13. Life Extension Programs | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    ... LEPs will address known aging issues in weapon systems, and each LEP will study the options for increasing the safety, security and reliability of weapons on a case-by-case basis. ...

  14. NNSA orders security enhancements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Administration labs and sites get girls excited about engineering Wednesday, March 16, 2016 - 1:41pm Future engineers K. Potter, left, and T. Herrin at Y-12 National Security Complex's Introduce a Girl to Engineering event. NNSA workers across the nuclear security enterprise took advantage of "Introduce a girl to engineering day" to instill hundreds of young women with excitement for science, technology, engineering, and math (STEM) careers. This year's theme,

  15. National Security Science

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Science National Security Science Latest Issue:April 2016 past issues All Issues » submit National Security Science Showcasing Los Alamos National Laboratory's work on nuclear weapons and in science for national and global security April 2016 july 2015 The Hurt-Locker School Explosive Results Questing for the Holy Grail of High Explosives Learning from (Near) Disaster A Safer Liftoff Shake, Rattle, and Roll Manhattan Project National Historical Park Strategic Deterrent Forces Charting a

  16. Security | Argonne National Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Enhancing national and homeland security requires technological advancements in everything from biosensors to risk assessments. Game-changing scientific discovery is required for the development of sensors, detectors and other technological advancements used to protect and defend our country. At Argonne, our highly collaborative community of scientists and engineers discover and develop critical security and defense technologies to prevent and mitigate events with the potential for mass

  17. National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    NNSA hosts CTBT inspectors at Nevada National Security Site Read more Y-12 honors its inventors for technology transfer Read more Sandia National Laboratories Contract Process Announced Read more NNSA honors two security professionals who protect U.S. nuclear enterprise Read more NNSA lab makes fire tornados to ensure weapon safety Read more Sandia's California site invites community to 60th anniversary Read more CTBT inspectors Tech Transfer Sandia Contract Security awards Fire tornados Sandia

  18. Alamos National Security, LLC

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Eleven nonprofit organizations receive community giving grants from Los Alamos National Security, LLC December 15, 2009 Los Alamos, New Mexico, December 15, 2009- Eleven local nonprofit organizations with projects supported by Los Alamos National Laboratory employee volunteers received $75,000 in Community Giving grants from Los Alamos National Security, LLC, the company that manages the Lab for the National Nuclear Security Administration. The organizations are located in Los Alamos, Española,

  19. Security Risk Assessment

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Risk Assessment - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Fuel Cycle Defense Waste Management Programs Advanced

  20. National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    The Department of Energy (DOE), the National Nuclear Security Administration (NNSA) and the University of California (UC) have agreed on new management and operations contracts for ...