Powered by Deep Web Technologies
Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS...  

Office of Environmental Management (EM)

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY...

2

DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS...  

Broader source: Energy.gov (indexed) [DOE]

CORE COMPETENCY TRAINING REQUIREMENTS: CA DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS. Key Cyber...

3

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS...  

Broader source: Energy.gov (indexed) [DOE]

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA Cybersecurity Program Manager (CSPM...

4

DOE Cyber Security Role, Competency and Functional Matrix  

Broader source: Energy.gov (indexed) [DOE]

5/4/2011 5/4/2011 DOE Cyber Security Role, Competency and Functional Matrix DOE Cyber Security EBK: A Competency and Functional Framework for Cyber Security Workforce Development DOE Cyber Security Functional Roles Chief Information Officer (CIO) Information Owner/Steward Chief Information Security Officer (CISO) Authorizing Official (AO) AO Designated Representative (AODR) Common Control Provider Information System Owner Cyber Security Program Manager (CSPM) Information System Security Officer (ISSO) Information Security Architect Information System Security Engineer Security Control Assessor Core Competencies Data Security ● ● ● ● ● ● ● ● ● ● Enterprise Continuity ● ● ● ● ● ● ● ● ● ● ●

5

Cyber Security  

Office of Environmental Management (EM)

Associate CIO for Cyber Security (IM-30) Rod Turk Deputy Associate CIO for Cyber Security (IM-30) Paul Cunningham Incident Management Division (IM-32) Rob Ciochon Director Policy,...

6

2014 Headquarters Facilities Master Security Plan- Chapter 14, Cyber Security  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security Describes the DOE Headquarters Cyber Security Program.

7

Chapter_14_Cyber_Security  

Office of Environmental Management (EM)

4 Cyber Security The DOE Cyber Security Program aims to protect the Department's diverse missions in a cost- effective manner; identify threats, risks, and mitigations; and remain...

8

Cyber Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber Security Previous cybersecurity evaluations and designs were often dependent upon personal experience and limited empirical evidence. An LDRD project focused on cybersecurity...

9

Cyber Security Architecture Guidelines  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

2001-03-08T23:59:59.000Z

10

Chapter_14_Cyber_Security  

Broader source: Energy.gov (indexed) [DOE]

4 4 Cyber Security The DOE Cyber Security Program aims to protect the Department's diverse missions in a cost- effective manner; identify threats, risks, and mitigations; and remain flexible in a changing environment. Key Departmental directives, policies, and procedures governing the implementation of the Cyber Security Program at DOE HQ are: * DOE Order 205.1B, Department of Energy Cyber Security Management * DOE Policy 205.1, Department of Energy Cyber Security Management Policy * Headquarters Program Cyber Security Plan (HQ PCSP) HQ Implementation Procedures The head of each HQ element is responsible for implementing a cyber security program within his or her element that conforms to the policies and procedures set forth in the HQ PCSP. Each Head of Element must appoint, in writing, an

11

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

2009-01-08T23:59:59.000Z

12

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

2009-01-08T23:59:59.000Z

13

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

14

Cyber Security & Smart Grid  

E-Print Network [OSTI]

Cyber Security & Smart Grid Jonathan Shapiro Texas Institute The Clean Air Through Energy Efficiency (CATEE) Conference Cyber Security & Smart Grid ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Cyber Security and The Smart... and communication protocols. ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Smart Grid Systems ?Current Cyber Security Issues ? Advanced Metering Infrastructure (AMI) Security ? The wireless devices are used in the smart meters located...

Shapiro, J.

2011-01-01T23:59:59.000Z

15

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-08T23:59:59.000Z

16

Department of Energy Cyber Security Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

2006-12-04T23:59:59.000Z

17

Information Security: Coordination of Federal Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that...

18

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security management processes throughout the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B. No cancellations.

2008-08-12T23:59:59.000Z

19

Department of Energy Cyber Security Management Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

2003-03-21T23:59:59.000Z

20

Cyber Security Evaluations - Reports  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber Security Reports Cyber Security Reports 2012 Review of the Classified Cyber Security Programs at the Lawrence Livermore National Laboratory, January 2012, (OUO) Independent Oversight Review of the Classified Cyber Security Programs at the Savannah River Site, March 2012, (OUO) Independent Oversight Review of the Unclassified and Classified Cyber Security Programs at the Office of Scientific and Technical Information, March 2012, (OUO) Independent Oversight 2011 Report on Security Vulnerabilities of National Laboratory Computers, April 13, 2012, (OUO) Technical Review of the Office of Health, Safety and Security Classified Local Area Network, May 2012, (OUO) 2011 (U) Unclassified Cyber Security Technical Review of the Bonneville Power Administration Transmission Services Control Center Network, (OUO), May 2011

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

Cyber Security | National Security | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

National Security Home | Science & Discovery | National Security | Initiatives | Cyber Security SHARE Cyber Security Through Science A Science-Based Approach image ORNL uses a science-based approach that combines experimentation, theory, modeling, and high performance computing to solve some of the nation's cyber security grand challenges. Significant, 'game-changing' transformation requires a science-based approach that combines fundamental understanding with experimentation, theory, and modeling. The most successful scientific programs use peer review to maximize intellectual capital and prioritize research needs. The Department of Energy has applied this approach through programs such as the Scientific Discovery through Advanced Computing (SciDAC) and ASCI,

22

Departmental Cyber Security Management Policy  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Departmental Cyber Security Management (DCSM) Policy was developed to further clarify and support the elements of the Integrated Safeguards and Security Management (ISSM) Policy regarding cyber security. Certified 9-23-10. No cancellation.

2001-05-08T23:59:59.000Z

23

Cyber Security Issues and Requirements  

Broader source: Energy.gov (indexed) [DOE]

Program Program (SGIG) Cyber Security Issues and Requirements Jeff Dagle November 19, 2009 Communication and Information Technology will be Central to Smart Grid Deployment Final Interim Smart Grid Roadmap, prepared by the Electric Power Research Institute (EPRI) for the National Institute of Standards and Technology (NIST) Cyber Security Requirements Associated with ARRA Projects Proposals were required to include:  Discussion of how cyber security risks will be mitigated  What criteria will be used for vendor and technology selection  Relevant cyber security standards that will be followed (or industry best practices)  How emerging smart grid cyber security standards that are currently being developed will be adopted Cyber Security Objectives for Smart

24

Cyber Security Standards.PDF  

Broader source: Energy.gov (indexed) [DOE]

1 1 I N S P E C T I O N R E P O R T U.S. DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL OFFICE OF INSPECTIONS INSPECTION OF CYBER SECURITY STANDARDS FOR SENSITIVE PERSONAL INFORMATION NOVEMBER 2001 . DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL U.S. DEPARTMENT OF ENERGY Washington, DC 20585 November 13, 2001 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman /s/ Inspector General SUBJECT: INFORMATION: Report on "Inspection of Cyber Security Standards for Sensitive Personal Information" BACKGROUND The Office of Inspector General (OIG), U.S. Department of Energy (DOE), identified a concern relating to the cyber security of unclassified sensitive personal information maintained by the Department under the Privacy Act of 1974, and other personal information exempt from

25

DOE Issues Energy Sector Cyber Organization NOI  

Broader source: Energy.gov (indexed) [DOE]

Issues National Energy Sector Cyber Organization Notice of Intent Issues National Energy Sector Cyber Organization Notice of Intent February 11, 2010 The Department of Energy's (DOE) National Energy Technology Laboratory (NETL) announced on Jan. 7 that it intends to issue a Funding Opportunity Announcement (FOA) for a National Energy Sector Cyber Organization, envisioned as a partnership between the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security of the grid. The cyber organization is expected to have the knowledge, expertise, capabilities, and capacity, at a minimum to: * Identify and prioritize cyber security research and development issues.

26

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation.

2008-08-12T23:59:59.000Z

27

Cyber Security Evaluations Appraisal Process Guide - April 2008 |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 April 2008 Cyber Security Evaluations Appraisal Process Guide was developed for the purpose of documenting the appraisal approach and techniques specific to evaluations of classified and unclassified cyber security programs throughout DOE. Office of Cyber Security Evaluations Appraisal Process Guide provides additional insight into the Office of Cyber Security Evaluations (HS-62) evaluation approach and processes associated with assessing classified and unclassified cyber security programs. The objective of this document is to establish a standard approach and methodology for conducting cyber security reviews that is well understood by all inspection participants.

28

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8

2011-05-16T23:59:59.000Z

29

Security and Cyber Evaluations | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Security and Cyber Evaluations Security and Cyber Evaluations Security and Cyber Evaluations Security and Cyber Evaluations within the Office of Enforcement and Oversight implements the independent security performance monitoring functions for DOE. The other half of the Independent Oversight Program is implemented by the Office of Safety and Emergency Management Evaluations for safety oversight. The independent oversight function performed by these two offices is delineated in DOE Order 227.1, Independent Oversight Program, issued on August 30, 2011. This recently revised Order reflects lessons learned in conducting inspections and incorporates earlier and more frequent line management involvement in the inspection planning process. We welcome an opportunity to discuss our inspection process and potential

30

Using Operational Security (OPSEC) to Support a Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in...

31

The Cyber Security Crisis  

SciTech Connect (OSTI)

Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'

Spafford, Eugene (Purdue University) [Purdue University

2006-05-10T23:59:59.000Z

32

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation. Admin Chg 1 dated 9-1-09.

2008-08-12T23:59:59.000Z

33

Cyber Security Requirements for Wireless Devices and Information Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-11T23:59:59.000Z

34

Safeguards and Security and Cyber Security RM  

Broader source: Energy.gov (indexed) [DOE]

Safeguards and Security and Safeguards and Security and Cyber Security Review Module March 2010 CD- -0 OFFICE O S CD-1 OF ENVIRO Standard Safeguar and Cy Rev Critical D CD-2 M ONMENTA Review Pla rds and S yber Secu view Modul Decision (CD CD March 2010 AL MANAG an (SRP) Security urity le D) Applicabili D-3 GEMENT ity CD-4 Post Ope eration Standard Review Plan, 2 nd Edition, March 2010 i FOREWORD The Standard Review Plan (SRP) 1 provides a consistent, predictable corporate review framework to ensure that issues and risks that could challenge the success of Office of Environmental Management (EM) projects are identified early and addressed proactively. The internal EM project review process encompasses key milestones established by DOE O 413.3A, Change 1, Program and Project Management for the Acquisition of Capital Assets, DOE-STD-

35

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012; Chg 2, dated 3-11-13.

2011-05-16T23:59:59.000Z

36

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012.

2011-05-16T23:59:59.000Z

37

The Department's Unclassified Cyber Security Program - 2012, IG-0877  

Broader source: Energy.gov (indexed) [DOE]

Evaluation Report Evaluation Report The Department's Unclassified Cyber Security Program - 2012 DOE/IG-0877 November 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 November 8, 2012 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Department's Unclassified Cyber Security Program - 2012" INTRODUCTION AND OBJECTIVE As the use of information technology resources continues to expand, the number of cyber security threats against Federal agencies has also increased. In fact, Federal cyber security officials have warned that the number of cyber attackers has increased and that the Nation's

38

Cyber Security Requirements for Risk Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-19T23:59:59.000Z

39

INL@Work Cyber Security  

SciTech Connect (OSTI)

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

Chaffin, May

2010-01-01T23:59:59.000Z

40

INL@Work Cyber Security  

ScienceCinema (OSTI)

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

Chaffin, May

2013-05-28T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, cancels Chg 2.

2011-05-16T23:59:59.000Z

42

Collaborative Utility Task Force Partners with DOE to Develop Cyber  

Broader source: Energy.gov (indexed) [DOE]

Collaborative Utility Task Force Partners with DOE to Develop Cyber Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure The Advanced Metering Infrastructure Security (AMI-SEC) Task Force announces the release of the AMI System Security Requirements, a first-of-its-kind for the utility industry that will help utilities procure and implement secure components and systems using a common set of security requirements. Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure More Documents & Publications AMI System Security Requirements - v1_01-1 Before the Senate Energy and Natural Resources Committee

43

Visualizing Cyber Security: Usable Workspaces  

SciTech Connect (OSTI)

An environment that supports cyber analytics work should enable multiple, simultaneous investigations, information foraging, and provide a solution space for organizing data. We describe our study of cyber security professionals and visualizations in a large, high-resolution display work environment. We discuss the tasks and needs of analysts that such an environment can support and present several prototypes designed to support these needs. We conclude with a usability evaluation of the prototypes and additional lessons learned.

Fink, Glenn A.; North, Christopher L.; Endert, Alexander; Rose, Stuart J.

2009-10-11T23:59:59.000Z

44

Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

ITD Home Cyber Security Links Cyber Security Home Network Access Antivirus Measures SSH Gateways Remote Access Computer Security Incidents Cyber Security Homepage Report a Security Incident Hotline: 631.344.8484 Email: security@bnl.gov Cyber Security Note: The links below supplement the Cyber Security, Unclassified SBMS subject area. Network Access Cyber Security image Network Access Registration - New connections to BNL's internal network must complete the registration process described in this link. Machines that are not registered will be denied access to the Laboratory's network. Proxy Configuration Virtual Private Network (VPN) RSA SecurID User Guide Desktop Security Locking Your Computer Disable Automatic Login (Mac OS X) Virus Protection Secure Shell (SSH) Resources

45

Cyber Security Reports | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Reports Cyber Security Reports Cyber Security Reports 2012 Review of the Classified Cyber Security Programs at the Lawrence Livermore National Laboratory, January 2012, (OUO) Independent Oversight Review of the Classified Cyber Security Programs at the Savannah River Site, March 2012, (OUO) Independent Oversight Review of the Unclassified and Classified Cyber Security Programs at the Office of Scientific and Technical Information, March 2012, (OUO) Independent Oversight 2011 Report on Security Vulnerabilities of National Laboratory Computers, April 13, 2012, (OUO) Technical Review of the Office of Health, Safety and Security Classified Local Area Network, May 2012, (OUO) 2011 (U) Unclassified Cyber Security Technical Review of the Bonneville Power Administration Transmission Services Control Center Network, (OUO),

46

Office of Security and Cyber Evaluations  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Welcome to the Office of Security and Cyber Evaluations The Office of Security and Cyber Evaluations within the Office of Enforcement and Oversight implements the independent security performance monitoring functions for DOE. The other half of the Independent Oversight Program is implemented by the Office of Safety and Emergency Management Evaluations for safety oversight. The independent oversight function performed by these two offices is delineated in DOE Order 227.1, Independent Oversight Program, issued on August 30, 2011. This recently revised Order reflects lessons learned in conducting inspections and incorporates earlier and more frequent line management involvement in the inspection planning process. We welcome an opportunity to discuss our inspection process and potential differences in approach since your last interaction with us.

47

Office of Cyber Security Evaluations Appraisal Process Guide, April 2008  

Broader source: Energy.gov (indexed) [DOE]

CYBER SECURITY EVALUATIONS CYBER SECURITY EVALUATIONS APPRAISAL PROCESS GUIDE April 2008 Office of Health, Safety and Security U.S. Department of Energy Office of Cyber Security Evaluations Appraisal Process Guide Preface April 2008 i Preface Department of Energy (DOE) Order 470.2B, Independent Oversight and Performance Assurance Program, and Office of Health, Safety and Security (HSS) Standard Operating Procedure, SOP-10-01, Independent Oversight Appraisal Process Protocols, February 2008, provide direction for the Office of Independent Oversight (HS-60) to establish the requirements, responsibilities, and processes for the development and maintenance of Appraisal Process Protocols that describe the activities for evaluating the effectiveness of DOE safeguards and security; cyber security; emergency management; and

48

THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders  

E-Print Network [OSTI]

THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security in Engineering, ACE-CS immerses students in the cyber-security discipline through a combination of intense in Engineering on Cyber Security (ACE-CS) [1] is to develop the next generation of cyber-security leaders

Older, Susan

49

Before the House Subcommittee on Emerging Threats, Cyber Security...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and...

50

Transmission and Distribution World March 2007: DOE Focuses on Cyber Security  

Broader source: Energy.gov [DOE]

Energy sector owners, operators and system vendors team up to boost control system security with national SCADA test bed.

51

Microgrid cyber security reference architecture.  

SciTech Connect (OSTI)

This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

2013-07-01T23:59:59.000Z

52

Strengthening Cyber Security  

Broader source: Energy.gov (indexed) [DOE]

E E n E rgyB i z November/December 2008 » TECHNOLOGY FRONTIER (Guest OpiniOn) remOte attaCks On systems that control power production and distribution are no longer hypothetical events. At least four utilities have been subjected to extortion demands by criminals who used the Internet to infect the utilities' computers and caused or threatened power outages. Cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. These are criminal acts, but nation-states are actively targeting utility computers, as well, so that in time of war they can turn off their adversary's power. While all this is happening, most executives in the

53

Security and Cyber Guidance | Department of Energy  

Office of Environmental Management (EM)

April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 Performance Testing Guidance & Information Composite Adversary Team Brochure - April 9, 2008...

54

Information Security: Coordination of Federal Cyber Security Research and  

Broader source: Energy.gov (indexed) [DOE]

Security: Coordination of Federal Cyber Security Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that the Office of Science and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to repositories. In commenting on a draft of this report, OMB stated that it would review the need for such guidance. Information Security: Coordination of Federal Cyber Security Research and Development More Documents & Publications Networking and Information Technology Research and Development Supplement to the President's Budget (February 2010)

55

Common Cyber Security Vulnerabilities Observed in Control System...  

Broader source: Energy.gov (indexed) [DOE]

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

56

INL Cyber Security Research (2008) | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

INL Cyber Security Research (2008) INL Cyber Security Research (2008) Cybersecurity research at INL will help protect critical infrastructure control system computers against worms...

57

Report of the Cyber Security Research Needs for Open Science...  

Energy Savers [EERE]

Report of the Cyber Security Research Needs for Open Science Workshop Report of the Cyber Security Research Needs for Open Science Workshop Protecting systems and users, while...

58

Office of Electricity Delivery and Energy Reliability Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections On...

59

Cyber Security Audit and Attack Detection Toolkit: Bandolier...  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This...

60

Evaluation Report on The Department's Unclassified Cyber Security Program  

Broader source: Energy.gov (indexed) [DOE]

Report on The Department's Unclassified Cyber Security Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 Evaluation Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 As agencies strive to meet the President's goal of significantly increasing electronic government, the potential for disruption or damage to critical systems by malicious users continues to increase. In response to increasing threats to the Government's computer networks and systems, Congress enacted the Government hformation Security Reform Act (GISRA) in October 2000. GISRA focuses on program management, implementation, and evaluation of the security of unclassified and national security information. It requires agencies to conduct annual reviews and evaluations of unclassified and

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders  

E-Print Network [OSTI]

THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security Advanced Course in Engineering, ACE-CS immerses students in the cyber-security discipline through for the program. Key words: Cyber-security education, technical leadership, learning community. 1. INTRODUCTION

62

Cyber-Security of Networked Control Systems Karl Henrik Johansson  

E-Print Network [OSTI]

7/3/12 1 Cyber-Security of Networked Control Systems Karl Henrik Johansson #12;7/3/12 2 Recent Cyber-ARacks on Control Systems Cyber-Security of Networked

Johansson, Karl Henrik

63

Computational Intelligence Algorithms Analysis for Smart Grid Cyber Security  

Science Journals Connector (OSTI)

The cyber attack risks are threatening the smart grid security. Malicious worm could spread from meter to ... ) has thus developed several iterations of cyber security standards. According to the NERC cyber stand...

Yong Wang; Da Ruan; Jianping Xu; Mi Wen; Liwen Deng

2010-01-01T23:59:59.000Z

64

Definition: Cyber Security Incident | Open Energy Information  

Open Energy Info (EERE)

Security Incident Security Incident Jump to: navigation, search Dictionary.png Cyber Security Incident Any malicious act or suspicious event that: Compromises, or was an attempt to compromise, the Electronic Security Perimeter or Physical Security Perimeter of a Critical Cyber Asset, or, Disrupts, or was an attempt to disrupt, the operation of a Critical Cyber Asset.[1] Related Terms Electronic Security Perimeter References ↑ Glossary of Terms Used in Reliability Standards An LikeLike UnlikeLike You like this.Sign Up to see what your friends like. inline Glossary Definition Retrieved from "http://en.openei.org/w/index.php?title=Definition:Cyber_Security_Incident&oldid=480296" Categories: Definitions ISGAN Definitions What links here Related changes Special pages Printable version

65

A Two-Constraint Approach to Risky CyberSecurity  

E-Print Network [OSTI]

A Two-Constraint Approach to Risky CyberSecurity Experiment Management John Wroclawski, Jelena Mirkovic, Ted Faber, Stephen Schwab #12;Risky CyberSecurity Research CyberSecurity systems becoming more;Domains of interest Traditional risky experiment Virus dissection Modern risky CyberSecurity

Faber, Ted

66

The Science, Engineering, and Business of Cyber Security  

E-Print Network [OSTI]

's nuclear football © Ravi Sandhu 7 World-Leading Research with Real-World Impact! Cyber Security Goal ManyThe Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas at San

Sandhu, Ravi

67

Cyber Security Summer School: Lessons for the Modern Grid | Department of  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Summer School: Lessons for the Modern Grid Cyber Security Summer School: Lessons for the Modern Grid Cyber Security Summer School: Lessons for the Modern Grid June 20, 2011 - 4:34pm Addthis Carol Hawk Program Manager, Cyber Security for Energy Delivery Systems What does this mean for me? Computer systems do more than store and share information. They help control our traffic lights, trains and specifically, our electric grid -- tasks for which continuous function is the primary concern. Protecting control systems on the grid from cyber attack requires a completely different approach to cyber security than information technology systems. The Cyber Summer School gave aspiring attendees a practical understanding of the connection between power systems and computer science required to secure a clean, reliable energy future.

68

Cyber Security Audit and Attack Detection Toolkit  

SciTech Connect (OSTI)

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Peterson, Dale

2012-05-31T23:59:59.000Z

69

Management of Naval Reactors' Cyber Security Program, OIG-0884  

Broader source: Energy.gov (indexed) [DOE]

Naval Reactors' Naval Reactors' Cyber Security Program DOE/IG-0884 April 2013 U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Department of Energy Washington, DC 20585 April 12, 2013 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Naval Reactors' Cyber Security Program" INTRODUCTION AND OBJECTIVE The Naval Reactors Program (Naval Reactors), an organization within the National Nuclear Security Administration, provides the military with safe and reliable nuclear propulsion plants to power warships and submarines. Naval Reactors maintains responsibility for activities supporting the United States Naval fleet nuclear propulsion systems, including research and

70

Chapter 20 - Cyber Security Countermeasures to Combat Cyber Terrorism  

Science Journals Connector (OSTI)

Abstracts: In this chapter we first consider what constitutes cyber terrorism, to distinguish such events from other forms of cybercrime, and to establish a rationale for that distinction. We discuss some of the characteristics of cyber terrorist events in comparison with cybercriminal events, and the changes that have occurred, socially and technologically, that make such events both more likely and more damaging. We then go on to consider three key aspects of cyber terrorist attacks, cyber attacks on physical systems, malware specifically developed for such attacks, and insider threats to enable or support such attacks. Next, we look at the countermeasures that can be adopted by organizations and individuals to address such threats, highlighting the significant human component of such systems through the need for standards-based policies and protocols, good security hygiene, and the training of system users at all levels. We also consider some issues of physical systems upgrade, and some software measures that can be used to identify and isolate cyber threats. Finally, we consider the future in terms of the likely further growth of cyber terrorist events, and the threat they pose to critical infrastructure and the systems on which, socially and technologically, we increasingly rely.

Lachlan MacKinnon; Liz Bacon; Diane Gan; Georgios Loukas; David Chadwick; Dimitrios Frangiskatos

2013-01-01T23:59:59.000Z

71

of Western Area Power Administration's Cyber Security Program  

Broader source: Energy.gov (indexed) [DOE]

Western Area Power Western Area Power Administration's Cyber Security Program DOE/IG-0873 October 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 October 22, 2012 MEMORANDUM FOR THE UNDER SECRETARY OF ENERGY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Western Area Power Administration's Cyber Security Program" INTRODUCTION AND OBJECTIVE The Department of Energy's Western Area Power Administration (Western) markets and delivers hydroelectric power and related services to 15 states within the central and western United States. As the largest U.S. Power Marketing Administration, millions of households and

72

Cyber Assessment Methods for SCADA Security  

Broader source: Energy.gov (indexed) [DOE]

5 by ISA - The Instrumentation, Systems and Automation Society. 5 by ISA - The Instrumentation, Systems and Automation Society. Presented at 15th Annual Joint ISA POWID/EPRI Controls and Instrumentation Conference http://www.isa.org Cyber Assessment Methods for SCADA Security May Robin Permann Kenneth Rohde Staff Computer Security Researcher Information & Communications Systems Cyber Security Technologies Idaho National Laboratory Idaho National Laboratory Idaho Falls, ID 83415 Idaho Falls, ID 83415 KEYWORDS Supervisory Control and Data Acquisition, SCADA, Cyber Security, Testing, Assessment ABSTRACT The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical

73

Obama's Call for Public-Private Cyber Security Collaboration Reflected in  

Broader source: Energy.gov (indexed) [DOE]

Obama's Call for Public-Private Cyber Security Collaboration Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities May 29, 2009 - 4:08pm Addthis In releasing the results of his Administration's 60-day cyber security review, President Barack Obama today emphasized that partnering with the private sector will be paramount for agencies working to secure the power grid and other critical infrastructures from cyber attack. Securing the computer-based systems that monitor and control the nation's electric grid and oil and gas pipelines remains a shared challenge for the Department of Energy. As the industry quickly works to develop and demonstrate Smart Grid technologies to build a more reliable and resilient

74

Cyber-security Research Ethics Dialogue & Strategy Erin Kenneally  

E-Print Network [OSTI]

Cyber-security Research Ethics Dialogue & Strategy Workshop Erin Kenneally CAIDA/UC, San Diego La The inaugural Cyber-security Research Ethics Dialogue & Strat- egy Workshop was held on May 23, 2013

California at San Diego, University of

75

First steps toward scientific cyber-security experimentation in wide-area cyber-physical systems  

Science Journals Connector (OSTI)

This extended abstract reports on steps towards an environment for repeatable and scalable experiments on wide-area cyber-physical systems. The cyber-physical systems that underlie the world's critical infrastructure are increasingly vulnerable to attack ... Keywords: cyber-physical, cyber-security, experimental research, overlay network, smart grid, testbed

Ryan Goodfellow; Robert Braden; Terry Benzel; David E. Bakken

2013-01-01T23:59:59.000Z

76

Formulating Cyber-Security as Convex Optimization Problems  

E-Print Network [OSTI]

Formulating Cyber-Security as Convex Optimization Problems Kyriakos G. Vamvoudakis, Jo~ao P. Mission-centric cyber-security analysts require a complete overview and understanding of the state. Keywords: Cyber-Security, Convex Optimization, System Identifica- tion, iCTF 1 Introduction Guaranteeing

Hespanha, João Pedro

77

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director cai@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Squicciarini, Anna Cinzia

78

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director pliu@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Giles, C. Lee

79

Formulating Cyber-Security as Convex Optimization Problems  

E-Print Network [OSTI]

Formulating Cyber-Security as Convex Optimization Problems? Kyriakos G. Vamvoudakis1 , Jo~ao P,vigna}@cs.ucsb.edu Abstract. Mission-centric cyber-security analysts require a complete overview and understanding The Flag (iCTF) hacking competition. Keywords: Cyber-Security, Convex Optimization, System Identifica- tion

Vigna, Giovanni

80

Cyber Security Guidelines, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

BNL Cyber Security Guidelines BNL Cyber Security Guidelines Appropriate Use Unauthorized and Malicious Access and Actions Blatant Disregard for Laboratory Computer Security Privacy of Electronic Files, and E-MAIL Publishing & Accessing Information on Electronic Networks The Laboratory's main concerns are protecting data and systems critical to operations in pursuit of its mission. The Laboratory's Computer Security Plan covers Laboratory systems, whether on-site and connected directly to the Laboratory network, or on- or off-site and connected to the Laboratory network by the telephone system or other means. The procedures and rules described here cover these systems no matter who is the owner or the method of connection to the network. Laboratory employees and registered users are responsible for their own actions under the computer security policy, as well as for the actions of any person who they permit to access a Laboratory system.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

Department of Energy's July 2013 Cyber Security Breach  

Broader source: Energy.gov (indexed) [DOE]

The Department of Energy's July The Department of Energy's July 2013 Cyber Security Breach DOE/IG-0900 December 2013 U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Department of Energy Washington, DC 20585 December 6, 2013 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Special Review of the "Department of Energy's July 2013 Cyber Security Breach" BACKGROUND To facilitate its administrative and operational needs, the Department of Energy maintains a substantial amount of personally identifiable information (PII). The Department's Management Information System (MIS) provides a gateway for users to access a system known as the DOE Employee Data Repository (DOEInfo) database. That system was implemented in 1994, and

82

Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Brookhaven Cyber Security Requirements Brookhaven Cyber Security Requirements Backup Data Sensitivity Physical Protection Computer Security Incidents Software Copyright Laws Virus Protection Passwords Accounts Backup Data ALWAYS BACKUP YOUR DATA. Keep the backups in a protected area. The more critical the data the more often you should backup. REQUIREMENTS: Users ("data owners") are responsible for determining what data requires protection and how their data is to be recovered if the online copy is destroyed (either by accidental or malicious damage). Users may choose not to back up data, but if so they must make sure they know how to recreate the lost data if needed. If backup is necessary then the users must coordinate a backup plan. This may either be an individual backup done by the users themselves or coordinated with the system managers into a regular system backup plan.

83

Primer Control System Cyber Security Framework and Technical Metrics  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Wayne F. Boyer; Miles A. McQueen

2008-05-01T23:59:59.000Z

84

Before the House Subcommittee on Emerging Threats, Cyber Security and  

Broader source: Energy.gov (indexed) [DOE]

Emerging Threats, Cyber Security Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security By: Patricia Hoffman, Acting Assistant Secretary for Electricity Delivery and Energy Reliability 7-21-09_Final_Testimony_Hoffman.pdf More Documents & Publications Statement of Patricia Hoffman, Acting Assistant Secretary for Electricity Delivery and Energy Reliability Before the Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security U.S. House of Representatives, Before the House Science and Technology Subcommittee on Energy and

85

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

86

CyberPhysical System Security for the Electric Power Grid  

E-Print Network [OSTI]

INVITED P A P E R Cyber­Physical System Security for the Electric Power Grid Control in power research efforts aimed at enhancing the smart grid's application and infrastructure security. Finally­physical systems (CPS); cyber security; electric grid; smart grid; supervisory control and data acquisi- tion

Manimaran, Govindarasu

87

Sandia National Laboratories: Cyber Security for Electric Infrastructu...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

advancements in phasor measurement units (PMUs), distributed energy resources (DER), smart-grid technologies, and cloud computing services represent significant cyber security...

88

Control Systems Cyber Security: Defense in Depth Strategies ...  

Broader source: Energy.gov (indexed) [DOE]

that use control system networks while maintaining a multi-tier information architecture. Control Systems Cyber Security: Defense in Depth Strategies More Documents &...

89

Help for the Developers of Control System Cyber Security Standards  

SciTech Connect (OSTI)

A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

Robert P. Evans

2008-05-01T23:59:59.000Z

90

Cyber Security Audit and Attack Detection Toolkit: Bandolier and  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Audit and Attack Detection Toolkit: Bandolier and Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This project of the cyber security audit and attack detection toolkit will employ Bandolier Audit Files for optimizing security configurations and the Portaledge event detection capability for energy control systems. By building configuration audit and attack detection capabilities into tools already used by the energy sector, Bandolier and Portaledge offer energy asset owners low-cost and easily integrable control systems security solutions. Energy system operators can optimize the security of their control system configuration using Bandolier Security Audit Files, which assess the current configuration against an optimal security configuration.

91

Follow-up Audit of the Department's Cyber Security Incident Management Program, IG-0878  

Broader source: Energy.gov (indexed) [DOE]

Department's Department's Cyber Security Incident Management Program DOE/IG-0878 December 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 December 11, 2012 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Follow-up Audit of the Department's Cyber Security Incident Management Program" INTRODUCTION AND OBJECTIVE The Department of Energy operates numerous networks and systems to help accomplish its strategic missions in the areas of energy, defense, science and the environment. The systems are frequently subjected to sophisticated cyber attacks that could impact the Department's

92

ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security  

Broader source: Energy.gov (indexed) [DOE]

and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed Twelve utilities have formed a consortium with ABB, a supervisory control and data acquisition (SCADA) system vendor, to privately fund advanced research and testing through the U.S. Department of Energy's (DOE) National SCADA Test Bed (NSTB), announced a recent article in the journal Transmission & Distribution World. ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed More Documents & Publications Security is Not an Option ABB SCADA/EMS System INEEL Baseline Summary Test Report (November 2004)

93

DOE Issues Energy Sector Cyber Organization NOI, Feb 2010 | Department of  

Broader source: Energy.gov (indexed) [DOE]

Issues Energy Sector Cyber Organization NOI, Feb 2010 Issues Energy Sector Cyber Organization NOI, Feb 2010 DOE Issues Energy Sector Cyber Organization NOI, Feb 2010 The Department of Energy's (DOE) National Energy Technology Laboratory (NETL) announced on Jan. 7 that it intends to issue a Funding Opportunity Announcement (FOA) for a National Energy Sector Cyber Organization, envisioned as a partnership between the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security of the grid. DOE Issues Energy Sector Cyber Organization NOI More Documents & Publications FAQ: Funding Opportunity Announcement-Smart Grid Investment Grants Grantsdown.xls Before the House Science and Technology Subcommittee on Energy and

94

Cyber security best practices for the nuclear industry  

SciTech Connect (OSTI)

When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

Badr, I. [Rational IBM Software Group, IBM Corporation, Evanston, IL 60201 (United States)

2012-07-01T23:59:59.000Z

95

CYBER SECURITY OF SUBSTATION AUTOMATION SYSTEMS .  

E-Print Network [OSTI]

??Cyber intrusions into substations of a power grid are a source of vulnerability since most substations are unmanned and with limited protection of the cyber (more)

[No author

2014-01-01T23:59:59.000Z

96

Cyber security analysis testbed : combining real, emulation, and simulation.  

SciTech Connect (OSTI)

Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems of computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed novel methods to combine these evaluation platforms into a hybrid testbed that combines real, emulated, and simulated components. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a system of interest, it is critical to realistically represent the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single, unified computing platform. This provides an 'experiment-in-a-box' capability. The result is rapidly-produced, large-scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

Villamarin, Charles H.; Eldridge, John M.; Van Leeuwen, Brian P.; Urias, Vincent E.

2010-07-01T23:59:59.000Z

97

Ant-Based Cyber Security  

SciTech Connect (OSTI)

We describe a swarming-agent-based, mixed-initiative approach to infrastructure defense where teams of humans and software agents defend cooperating organizations in tandem by sharing insights and solutions without violating proprietary boundaries. The system places human administrators at the appropriate level where they provide system guidance while lower-level agents carry out tasks humans are unable to perform quickly enough to mitigate todays security threats. Cooperative Infrastructure Defense (CID) uses our ant-based approach to enable dialogue between humans and agents to foster a collaborative problem-solving environment, increase human situational awareness and influence using visualization and shared control. We discuss theoretical implementation characteristics along with results from recent proof-of-concept implementations.

Haack, Jereme N.; Fink, Glenn A.; Maiden, Wendy M.; McKinnon, Archibald D.; Templeton, Steven J.; Fulp, Errin W.

2011-07-12T23:59:59.000Z

98

Leadership Development Series: "A Holistic Look at Cyber Security" |  

Broader source: Energy.gov (indexed) [DOE]

Leadership Development Series: "A Holistic Look at Cyber Security" Leadership Development Series: "A Holistic Look at Cyber Security" Leadership Development Series: "A Holistic Look at Cyber Security" January 30, 2014 10:30AM to 12:00PM EST Registration link: By e-mail, $0 Course type: Classroom/Auditorium, Video Cast & Teleconference Course Location: DOE Headquarters, Forrestal Building, Washington, DC/ Main Auditorium Course Description: Dr. Steven Bucci, Director, Douglas and Sarah Allison Center for Foreign Policy Studies. The sheer volume of cyber activity is masking serious threats that impact government, business and our personal lives every day. Incidents are now ubiquitous, pervasive and constitute the new "normal". These day to day threats are not existential, but if not addressed, will hinder our

99

Safeguards and Security and Cyber Security RM  

Broader source: Energy.gov [DOE]

The SSCS RM is a tool that assists the DOE federal project review teams in evaluating the technical sufficiency of the project SSCS activities at CD-0 through CD-4.

100

The Department's Cyber Security Incident Management Program, IG-0787 |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Incident Management Program, Cyber Security Incident Management Program, IG-0787 The Department's Cyber Security Incident Management Program, IG-0787 The Department of Energy operates numerous interconnected computer networks and systems to help accon~plishit s strategic missions in the areas of energy, defense, science, and the environment. These systems are frequently subjected to sophisticated cyber attacks that could potentially affect the Department's ability to carry out its mission. During Fiscal Year 2006, the Department experienced 132 incidents of sufficient severity to require reporting to law enforcement, an increase of 22 percent over the prior year. These statistics, troubling as they may be, are not unique to the Department; they are, in fact, reflective of a trend in cyber attacks throughout the government.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

Cyber Security Incidents, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Reporting Computing Security Incidents Reporting Computing Security Incidents Incident Reporting Hotline: 631-344-8484 Security Incidents A computer security incident can range from a simple virus to the disclosure of sensitive information. Incidents can be minor, important, or significant. Incidents that must be reported include computer or network related activity, internal or external to the Laboratory, that may impact the Laboratory's mission. Examples of such activities include: the possibility of: loss of data; denial of services; compromise of computer security; unauthorized access to data that the Laboratory is required to control by law, regulation, or DOE orders; investigative activity by legal, law enforcement, bureaucratic, or political authorities; or a public relations embarrassment.

102

NNSA Seeking Comments on Consolidated IT and Cyber Security Support  

Broader source: Energy.gov (indexed) [DOE]

Seeking Comments on Consolidated IT and Cyber Security Support Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013 - 9:10am Addthis John Hale III John Hale III Director, Office of Small and Disadvantaged Business Utilization The National Nuclear Security Administration (NNSA) is currently seeking comments, now through July 29, on an opportunity for Consolidated IT and Cyber Security Support Services. Comments are sought from interested vendors holding active GSA Schedule 70 contracts (General Purpose Commercial Information Technology Equipment, Software, and Services) covering SIN 132-51 (Information Technology Professional Services) on draft performance-based scopes of work. The anticipated NAICS code is 541513 - Computer Facilities Management Services,

103

NNSA Seeking Comments on Consolidated IT and Cyber Security Support  

Broader source: Energy.gov (indexed) [DOE]

NNSA Seeking Comments on Consolidated IT and Cyber Security Support NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013 - 9:10am Addthis John Hale III John Hale III Director, Office of Small and Disadvantaged Business Utilization The National Nuclear Security Administration (NNSA) is currently seeking comments, now through July 29, on an opportunity for Consolidated IT and Cyber Security Support Services. Comments are sought from interested vendors holding active GSA Schedule 70 contracts (General Purpose Commercial Information Technology Equipment, Software, and Services) covering SIN 132-51 (Information Technology Professional Services) on draft performance-based scopes of work. The anticipated NAICS code is 541513 - Computer Facilities Management Services,

104

NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |  

Broader source: Energy.gov (indexed) [DOE]

NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines September 2, 2010 - 3:15pm Addthis WASHINGTON, D.C. - The National Institute of Standards and Technology (NIST) issued today its first Guidelines for Smart Grid Cyber Security, which includes high-level security requirements, a framework for assessing risks, an evaluation of privacy issues at personal residences, and additional information for businesses and organizations to use as they craft strategies to protect the modernizing power grid from attacks, malicious code, cascading errors, and other threats. The product of two formal public reviews and the focus of numerous workshops and teleconferences over the past 17 months, the three-volume set

105

Management of Los Alamos National Laboratory's Cyber Security Program, IG-0880  

Broader source: Energy.gov (indexed) [DOE]

Los Alamos National Los Alamos National Laboratory's Cyber Security Program DOE/IG-0880 February 2013 U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Department of Energy Washington, DC 20585 February 11, 2013 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Los Alamos National Laboratory's Cyber Security Program" INTRODUCTION AND OBJECTIVE The Los Alamos National Laboratory (LANL), operated by the National Nuclear Security Administration on behalf of the Department of Energy, is one of the world's largest multi- disciplinary laboratories and is primarily responsible for helping to ensure the safety and

106

CYBER SECURITY Software firm identifies hacking program against chemical makers  

Science Journals Connector (OSTI)

A cyber-attack campaign emanating from China targeted private companies involved in the research, development, and manufacture of chemicals and advanced materials between July and September of this year, according to a report from the computer security ...

RICK MULLIN

2011-11-07T23:59:59.000Z

107

The Department's Unclassified Cyber Security Program 2002, IG-0567  

Broader source: Energy.gov (indexed) [DOE]

DEPARTMENT'S UNCLASSIFIED DEPARTMENT'S UNCLASSIFIED CYBER SECURITY PROGRAM 2002 SEPTEMBER 2002 Department of Energy Washington, DC 20585 September 9, 2002 MEMORANDUM FOR FROM: Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Department's Unclassified Cyber Security Program 2002" As agencies strive to meet the President's goal of significantly increasing electronic government, the potential for disruption or damage to critical systems by malicious users continues to increase. In response to increasing threats to the Government's computer networks and systems, Congress enacted the Government hformation Security Reform Act (GISRA) in October 2000. GISRA focuses on program management, implementation, and evaluation of the security of unclassified and national security

108

Secure control systems with application to cyber-physical systems  

SciTech Connect (OSTI)

Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

Dong, Jin [ORNL] [ORNL; Djouadi, Seddik M [ORNL] [ORNL; Nutaro, James J [ORNL] [ORNL; Kuruganti, Phani Teja [ORNL] [ORNL

2014-01-01T23:59:59.000Z

109

Gamification for Measuring Cyber Security Situational Awareness  

SciTech Connect (OSTI)

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

2013-03-01T23:59:59.000Z

110

Cyber Security Vulnerability Impact on I&C Reliability  

SciTech Connect (OSTI)

We present a discussion of the cyber security vulnerability impact on instrument and control reliability. In the discussion we demonstrate the likely vector of attack and vulnerabilities associated with commodity hardware, protocols and communication media. The current fleet of nuclear power plants in the United States utilizes aging analog instrument and control systems which are more frequently suffering from obsolescence and failure. The commodity equipment available now and in the near future incorporates features from information technology systems which compound cyber vulnerabilities.

Hadley, Mark D.; McBride, Justin B.

2006-11-01T23:59:59.000Z

111

Workshop on Scalable Cyber-Security Challenges in Large-Scale Networks: Deployment Obstacles  

E-Print Network [OSTI]

Workshop on Scalable Cyber-Security Challenges in Large-Scale Networks: Deployment Obstacles Large, and Definitions of Cybersecurity.... 8 Conventional Wisdom is Inadequate....................................... 9 Directions in Scalable Cyber-Security in Large-Scale Networks: Deployment Obstacles." The workshop

Feigenbaum, Joan

112

On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem  

E-Print Network [OSTI]

1 On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem Kin Cheong Sou, Henrik Sandberg and Karl Henrik Johansson Abstract--This paper considers a smart grid cyber-security problem

Johansson, Karl Henrik

113

Overcoming performance collapse for 100Gbps cyber security  

Science Journals Connector (OSTI)

In this paper, we present a series of performance tests carried out on R-Scope Dominate-T (RDT), a 1U network security appliance configured with four Tilera Gx-36 processors and with an aggregated network IO capacity of 160Gbps. RDT is optimized with ... Keywords: cyber-security

Jordi Ros-Giralt; Bob Rotsted; Alan Commike

2013-06-01T23:59:59.000Z

114

Secure control systems with application to cyber-physical systems  

Science Journals Connector (OSTI)

Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power ... Keywords: SCADA systems, cyber-physical systems, secure control, security

Jin Dong; Seddik. M. Djouadi; James J. Nutaro; Teja Kuruganti

2014-04-01T23:59:59.000Z

115

CYSEP --A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao  

E-Print Network [OSTI]

1 of 9 CYSEP -- A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao.2Interface Memory Controller Cyber-Security Processor SPI4.2Interface To PCI Bus To Memory ToFramer To NP or End Sy stem Figure 1. Cyber-Security Processor (CYSEP) architecture The Firewall and Intrusion

Chao, Jonathan

116

Cyber Security Evaluation of II&C Technologies  

SciTech Connect (OSTI)

The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industrys template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.

Ken Thomas

2014-11-01T23:59:59.000Z

117

A Hierarchical Security Architecture for Cyber-Physical Systems  

SciTech Connect (OSTI)

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Quanyan Zhu; Tamer Basar

2011-08-01T23:59:59.000Z

118

A Comparison of Cross-Sector Cyber Security Standards  

SciTech Connect (OSTI)

This report presents a review and comparison (commonality and differences) of three cross-sector cyber security standards and an internationally recognized information technology standard. The comparison identifies the security areas covered by each standard and reveals where the standards differ in emphasis. By identifying differences in the standards, the user can evaluate which standard best meets their needs. For this report, only cross-sector standards were reviewed.

Robert P. Evans

2005-09-01T23:59:59.000Z

119

CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the systems cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

Kathleen A. Lee

2008-01-01T23:59:59.000Z

120

Wireless Policy, Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Brookhaven Wireless Access Policy Brookhaven Wireless Access Policy Title: Deployment and Management of 802.11 and Related Wireless Standards Applicability: All Employees, Guests, System Administrators, and Management General Approved Technology Authentication Setting the Service Set Identifier (SSID) Exceptions Responsibilities of Requestor Responsibilities of the ITD WAP System Administrator Responsibility of Chief of Cyber Security Wireless Policy Definitions Standards-Based Management System (SBMS) Subject Area: Cyber Security, Unclassified Using Computing Resources (Steps 7-11 apply to BNL's wireless networks) General The purpose of the wireless policy and related standards and guidelines is to assure that Brookhaven National Laboratory's (BNL's) employees, guests, and contractors have access to a reliable, robust, and integrated wireless network, and to increase the security of the campus wireless network to the extent possible.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

GAO-06-811 Information Security: Coordination of Federal Cyber Security Research and Development  

Broader source: Energy.gov (indexed) [DOE]

the Chairman, Committee on the Chairman, Committee on Government Reform, House of Representatives INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development September 2006 GAO-06-811 What GAO Found United States Government Accountability Office Why GAO Did This Study Highlights Accountability Integrity Reliability September 2006 INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development Highlights of GAO-06-811, a report to Chairman, Committee on Government Reform, House of Representatives Research and development (R&D) of cyber security technology is essential to creating a broader range of choices and more robust tools for building secure, networked computer systems in the federal government and in the private sector. The National

122

GridStat Cyber Security and Regional Deployment Project Report  

SciTech Connect (OSTI)

GridStat is a developing communication technology to provide real-time data delivery services to the electric power grid. It is being developed in a collaborative effort between the Electrical Power Engineering and Distributed Computing Science Departments at Washington State University. Improving the cyber security of GridStat was the principle focus of this project. A regional network was established to test GridStats cyber security mechanisms in a realistic environment. The network consists of nodes at Pacific Northwest National Laboratory, Idaho National Laboratory, and Washington State University. Idaho National Laboratory (INL) was tasked with performing the security assessment, the results of which detailed a number or easily resolvable and previously unknown issues, as well as a number of difficult and previously known issues. Going forward we recommend additional development prior to commercialization of GridStat. The development plan is structured into three domains: Core Development, Cyber Security and Pilot Projects. Each domain contains a number of phased subtasks that build upon each other to increase the robustness and maturity of GridStat.

Clements, Samuel L.

2009-02-18T23:59:59.000Z

123

Cyber Assessment Methods for SCADA Security | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Assessment Methods for SCADA Security Assessment Methods for SCADA Security Cyber Assessment Methods for SCADA Security This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure. The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national

124

cyber security | OpenEI Community  

Open Energy Info (EERE)

and discussion of smart grid technologies, tools, and techniques. The Smart Grid Investment Grant (SGIG) program is authorized by the Energy Independence and Security Act of...

125

Cyber security in the Smart Grid: Survey and challenges  

Science Journals Connector (OSTI)

The Smart Grid, generally referred to as the next-generation power system, is considered as a revolutionary and evolutionary regime of existing power grids. More importantly, with the integration of advanced computing and communication technologies, the Smart Grid is expected to greatly enhance efficiency and reliability of future power systems with renewable energy resources, as well as distributed intelligence and demand response. Along with the silent features of the Smart Grid, cyber security emerges to be a critical issue because millions of electronic devices are inter-connected via communication networks throughout critical power facilities, which has an immediate impact on reliability of such a widespread infrastructure. In this paper, we present a comprehensive survey of cyber security issues for the Smart Grid. Specifically, we focus on reviewing and discussing security requirements, network vulnerabilities, attack countermeasures, secure communication protocols and architectures in the Smart Grid. We aim to provide a deep understanding of security vulnerabilities and solutions in the Smart Grid and shed light on future research directions for Smart Grid security.

Wenye Wang; Zhuo Lu

2013-01-01T23:59:59.000Z

126

Cyber and Security Assessments | Department of Energy  

Energy Savers [EERE]

material. To accomplish this independent oversight function, our office sponsors and trains the DOE composite adversary team to role play the postulated adversary during...

127

A quantitative man-machine model for cyber security efficiency analysis  

E-Print Network [OSTI]

of the level of their security defense processes' efficiency and the impact of their investment. Modeling and characterization of the dynamics of cyber security management are essential to risk prediction, damage assessment, and resource allocations...

Jung, Sung-Oh

2007-04-25T23:59:59.000Z

128

Comparison of two methods to quantify cyber and physical security effectiveness.  

SciTech Connect (OSTI)

With the increasing reliance on cyber technology to operate and control physical security system components, there is a need for methods to assess and model the interactions between the cyber system and the physical security system to understand the effects of cyber technology on overall security system effectiveness. This paper evaluates two methodologies for their applicability to the combined cyber and physical security problem. The comparison metrics include probabilities of detection (P{sub D}), interruption (P{sub I}), and neutralization (P{sub N}), which contribute to calculating the probability of system effectiveness (P{sub E}), the probability that the system can thwart an adversary attack. P{sub E} is well understood in practical applications of physical security but when the cyber security component is added, system behavior becomes more complex and difficult to model. This paper examines two approaches (Bounding Analysis Approach (BAA) and Expected Value Approach (EVA)) to determine their applicability to the combined physical and cyber security issue. These methods were assessed for a variety of security system characteristics to determine whether reasonable security decisions could be made based on their results. The assessments provided insight on an adversary's behavior depending on what part of the physical security system is cyber-controlled. Analysis showed that the BAA is more suited to facility analyses than the EVA because it has the ability to identify and model an adversary's most desirable attack path.

Wyss, Gregory Dane; Gordon, Kristl A.

2005-11-01T23:59:59.000Z

129

21 Steps to Improve Cyber Security of SCADA Networks | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

1 Steps to Improve Cyber Security of SCADA Networks 1 Steps to Improve Cyber Security of SCADA Networks 21 Steps to Improve Cyber Security of SCADA Networks Supervisory control and data acquisition (SCADA) networks contain computers and applications that perform key functions in providing essential services and commodities (e.g., electricity, natural gas, gasoline, water, waste treatment, transportation) to all Americans. As such, they are part of the nation's critical infrastructure and require protection from a variety of threats that exist in cyber space today. By allowing the collection and analysis of data and control of equipment such as pumps and valves from remote locations, SCADA networks provide great efficiency and are widely used. However, they also present a security risk. 21 Steps to Improve Cyber Security of SCADA Networks

130

Probabilistic Characterization of Adversary Behavior in Cyber Security  

SciTech Connect (OSTI)

The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

Meyers, C A; Powers, S S; Faissol, D M

2009-10-08T23:59:59.000Z

131

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability  

E-Print Network [OSTI]

of Smart Grid devices ? Describe progress made in Smart Grid security ? Propose a more robust approach to SG security ? Describe needs for further research and development ESL-HH-10-08-09 Proceedings of the 17th Symposium for Improving Building Systems...? ? Advanced security methods ? Power analysis for key discovery ? Hardware attacks such as ?decapping? chips ? Developing vulnerability exploits ? Security analysis of smart grid systems & communications ? Reverse engineering ? Penetration testing ? Threat...

Ragsdale, G.

132

Cyber Security Procurement Language for Control Systems Version 1.8 |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Supervisory Control and Data Acquisition (SCADA), Process Control System (PCS), Distributed Control System (DCS), etc. generally refer to the systems which control, monitor, and manage the nation's critical infrastructures such as electric power generators, subway systems, dams, telecommunication systems, natural gas pipelines, and many others. Simply stated, a control system gathers information and then performs a function based on established parameters or information it received. Cyber Security Procurement Language for Control Systems Version 1.8 More Documents & Publications AMI System Security Requirements - v1_01-1

133

Towards an Experimental Testbed Facility for Cyber-Physical Security Research  

SciTech Connect (OSTI)

Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

Edgar, Thomas W.; Manz, David O.; Carroll, Thomas E.

2012-01-07T23:59:59.000Z

134

Two-Tier Hierarchical Cyber-Physical Security Analysis Framework For Smart Grid  

E-Print Network [OSTI]

Two-Tier Hierarchical Cyber-Physical Security Analysis Framework For Smart Grid Jin Wei and Deepa stability in the smart grid in the face of cyber-physical attack. We model the smart grid as a networked the proposed framework. I. INTRODUCTION It is well known that the smart grid promises increased reliability

Kundur, Deepa

135

Control Systems Cyber Security:Defense in Depth Strategies  

SciTech Connect (OSTI)

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing defense-in-depth strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

David Kuipers; Mark Fabro

2006-05-01T23:59:59.000Z

136

Cyber Friendly Fire: Research Challenges for Security Informatics  

SciTech Connect (OSTI)

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a systems topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF including both training concepts and suggestions for decision aids and visualization approachesare discussed.

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

2013-06-06T23:59:59.000Z

137

Strategic philanthropy for cyber security : an extended cost-benefit analysis framework to study cybersecurity  

E-Print Network [OSTI]

The international climate of cyber security is dramatically changing and thus unpredictable. As such, agile yet sustainable solutions are needed, along with an effective and a pragmatic evaluation framework to assess and ...

Cho, Yiseul

2012-01-01T23:59:59.000Z

138

Multiple Tenure/Tenure-Track Faculty Positions Software Engineering Focus: CyberSecurity and Big Data  

E-Print Network [OSTI]

Multiple Tenure/Tenure-Track Faculty Positions Software Engineering Focus: CyberSecurity and Big to cybersecurity and big data. Outstanding candidates from all areas of software engineering and computer science

Carver, Jeffrey C.

139

Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer  

E-Print Network [OSTI]

Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer Dept security challenges for a fu- ture power grid. It highlights deficiencies and shortcom- ings of existing and fault resilience of power as a utility must be a prime objective for power grids. Security compromises

Mueller, Frank

140

DOE and Industry Showcase New Control Systems Security Technologies at  

Broader source: Energy.gov (indexed) [DOE]

Technology Development » Energy Delivery Systems Technology Development » Energy Delivery Systems Cybersecurity » Control Systems Security News Archive » DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH DistribuTECH Conference Tuesday-Thursday, March 23-25, 2010 Tampa Convention Center Booth #231 Tampa, FL Join the Department of Energy and its industry partners as they showcase six new products and technologies designed to secure the nation's energy infrastructure from cyber attack on Tuesday through Thursday, March 23-25. Visit Booth #231 at the DistribuTECH 2010 Conference & Exhibition in Tampa, FL, to see first-hand demonstrations of several newly commercialized control systems security products-each developed through a

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

Personnel Security - DOE Directives, Delegations, and Requirements  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

472.2 Chg 1, Personnel Security by Mark Pekrul Functional areas: Personnel Security, Security, Human Capital The order establishes requirements that will enable DOE to operate a...

142

Good Things in Small Packages: Micro Worlds and Cyber Security  

SciTech Connect (OSTI)

Cyber events, as perpetrated by terrorists and nation states, have become commonplace as evidenced in national and international news media. Cyber attacks affect day-to-day activities of end users through exploitation of social networks, businesses such as banking and stock exchanges, and government entities including Departments of Defense. They are becoming more frequent and sophisticated. Currently, efforts are directed to understanding the methods employed by attackers and towards dissecting the planning and activities of the perpetrator, including review of psychosocial factors.

David I Gertman

2013-11-01T23:59:59.000Z

143

T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security  

SciTech Connect (OSTI)

Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

2009-07-20T23:59:59.000Z

144

Modeling and simulation for cyber-physical system security research, development and applications.  

SciTech Connect (OSTI)

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

2010-02-01T23:59:59.000Z

145

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program … 2013  

Broader source: Energy.gov (indexed) [DOE]

Evaluation Report Evaluation Report The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2013 OAS-M-14-01 October 2013 Department of Energy Washington, DC 20585 October 23, 2013 MEMORANDUM FOR THE EXECUTIVE DIRECTOR, FEDERAL ENERGY REGULATORY COMMISSION FROM: Rickey R. Hass Deputy Inspector General for Audits and Inspections Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2013" BACKGROUND The Federal Energy Regulatory Commission (Commission) is an independent agency within the Department of Energy (Department) responsible for, among other things, regulating the interstate

146

Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed  

Broader source: Energy.gov (indexed) [DOE]

Audit and Attack Detection Toolkit: National SCADA Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 This project of the cyber security audit and attack detection toolkit is adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers While many energy utilities employ vulnerability scanners and security event managers (SEM) on their enterprise systems, these tools often lack the intelligence necessary to be effective in control systems. This two-year project aims to integrate control system intelligence into widely deployed vulnerability scanners and SEM, and to integrate security incident detection intelligence into control system historians. These upgrades will

147

Survey Paper Cyber security in the Smart Grid: Survey and challenges q  

E-Print Network [OSTI]

), and renewable energy resources (e.g., solar and hydro) [2]. Therefore, the National Institute of StandardsSurvey Paper Cyber security in the Smart Grid: Survey and challenges q Wenye Wang , Zhuo Lu importantly, with the integration of advanced computing and communication technologies, the Smart Grid

Wang, Wenye

148

Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems  

Broader source: Energy.gov (indexed) [DOE]

U.S. Department of Energy U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB September 2006 LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS Raymond K. Fink David F. Spencer Rita A. Wells NSTB INL/CON-06-11665 iii ABSTRACT Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems, or components of those systems, were reviewed to identify common problem areas. The common vulnerabilities identified ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and

149

cyber  

National Nuclear Security Administration (NNSA)

and the review of information prior to public release or posting to publicly available web sites to assure it does not contain data that would assist an adversary.

150

The Future of Cyber Security Prof. Ravi Sandhu  

E-Print Network [OSTI]

! Net-centric military Intelligence Smart grid Electronic health records and healthcare Smart! Productivity Security Let's build it Cash out the benefits Next generation can secure it Let's not build it Let

Sandhu, Ravi

151

Defining and Computing a Valued Based Cyber-Security Measure  

SciTech Connect (OSTI)

In earlier work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

2012-01-01T23:59:59.000Z

152

Office of Cyber and Security Assessments | Department of Energy  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

security policies and programs throughout the Department, including protection of special nuclear material, and classified and sensitive information. The Office has established and...

153

Applications for cyber security - System and application monitoring  

SciTech Connect (OSTI)

Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

Marron, J. E. [Invensys Process Systems, 33 Commercial Street, Foxboro, MA 02035 (United States)

2006-07-01T23:59:59.000Z

154

Remote Access to the BNL Network, Cyber Security, Information Technology  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Virtual Private Network (VPN) Virtual Private Network (VPN) at Brookhaven CryptoCard tokens (hard or soft) will not supported after December 31, 2010. Please switch to RSA SecurID tokens as soon as possible. Contact the ITD Helpdesk at x5522 (631-344-5522) or send an email to itdhelp@bnl.gov if you have questions or concerns. The VPN service allows remote users to securely access the Brookhaven internal network through their own personal Internet Service Provider, so that it appears as if their home computer is right on the BNL internal network. Requirements Some form of internet connectivity. Only BNL employees can access this service. You must have a RSA SecurID token. Desktop VPN Client Clientless VPN Obtain a RSA SecurID Token RSA SecurID User Guide Last Modified: September 23, 2013

155

CyberCrime - A Clear and Present Danger The Ceo's Guide to Cyber Security  

Science Journals Connector (OSTI)

Is Your Information Easy to Steal? Every business has something it needs to protect. Whether it's top-secret Ip, an exclusive client list, or a secure payment portal, your data is what sets you apart from the competition. But most businesses aren't doing ...

Roger Smith

2014-06-01T23:59:59.000Z

156

Fact Sheet: Cyber Security Audit and Attack Detection Toolkit  

Broader source: Energy.gov (indexed) [DOE]

Audit and Audit and Attack Detection Toolkit Adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers While many energy utilities employ vulnerability scanners and security event managers (SEM) on their enterprise systems, these tools often lack the intelligence necessary to be effective in control systems. This two-year project aims to integrate control system intelligence into widely deployed vulnerability scanners and SEM, and to integrate security incident detection intelligence into control system historians. These upgrades will be provided at no or a low cost to control system asset owners. The popular Nessus Vulnerability Scanner supports an audit plug-in that gathers configuration information from

157

Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for remote connections to DOE and contractor information technology systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, to protect DOE information and information technology systems commensurate with the risk and magnitude of harm that could result from their unauthorized access, use, disclosure, modification or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06. No cancellations.

2004-02-19T23:59:59.000Z

158

Proxy Documentation, Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Proxy Configuration Proxy Configuration Here you will find instructions for using the FTP and Web proxies. Keep in mind that depending on where you access the proxies from (whether you are inside or outside of the BNL network), the process will differ slightly. For FTP, you will not be required to enter any passwords to use the proxies while on the BNL network. However, when accessing the proxies from an outside network (e.g. anything not .bnl.gov), you will be required to authenticate using a RSA SecurID Token. If you do not already have one of these, please visit the RSA SecurID User Guide for instructions on obtaining one. Users who are only interested in configuring their web browsers need NOT bother with RSA SecurID, as the web proxies will not be needed when you are outside the BNL network.

159

DOE Safety and Security Reform Meeting | Department of Energy  

Office of Environmental Management (EM)

DOE Safety and Security Reform Meeting DOE Safety and Security Reform Meeting Meeting Date: August 13, 2010 HSS senior managers with lead responsibilities in DOE's safety and...

160

NNSA Seeking Comments on Consolidated IT and Cyber Security Support...  

Energy Savers [EERE]

search criteria, click on the down arrow and select "Reference Number". Type in,DE-SOL-0005569. Addthis Related Articles DOE Issues Draft Request for Proposals for Hanford Site...

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

Cyber Innovation Technology Summit | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Cyber Innovation Technology Summit Cyber Innovation Technology Summit Cyber Innovation Technology Summit November 5, 2013 8:00AM EST Course Title: Cyber Innovation Technology Summit Course Start/End Date: November 5, 2013 Start/End Time: 8:00AM-12:00 PM Course Type: Classrooom Course Location: Forrestal Large Auditorium Course Description: Every October and November, the Department of Energy (DOE) joins the Department of Homeland Security (DHS) and other federal, state and local agencies across the country in support of National Cybersecurity Awareness Month and the "Stop. Think. Connect." campaign. This year marks the tenth year of the cyber security awareness campaign. The theme for this year is Achieving Cybersecurity Together: It's Our Shared Responsibility. By consistently following simple

162

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011, OAS-M-12-01  

Broader source: Energy.gov (indexed) [DOE]

1 1 OAS-M-12-01 November 2011 Department of Energy Washington, DC 20585 November 15, 2011 MEMORANDUM FOR THE CHAIRMAN, FEDERAL ENERGY REGULATORY COMMISSION FROM: Rickey R. Hass Deputy Inspector General for Audits and Inspections Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011" INTRODUCTION AND OBJECTIVE The Federal Energy Regulatory Commission (Commission) is an independent agency within the Department of Energy responsible for regulating the Nation's oil pipeline, natural gas, hydroelectric and wholesale electric industries. The Commission relies on a wide range of information technology (IT) resources in achieving its mission of assisting consumers in

163

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2012, OAS-L-13-01  

Broader source: Energy.gov (indexed) [DOE]

2 2 OAS-L-13-01 November 2012 Department of Energy Washington, DC 20585 November 7, 2012 MEMORANDUM FOR THE EXECUTIVE DIRECTOR, FEDERAL ENERGY REGULATORY COMMISSION FROM: Daniel M. Weeber Assistant Inspector General for Audits and Administration Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2012" BACKGROUND The Federal Energy Regulatory Commission (Commission) is an independent agency within the Department of Energy responsible for, among other things, regulating interstate transmission of the Nation's electricity, natural gas and oil. In addition, the Commission licenses and inspects private, municipal and state hydroelectric projects. To achieve its mission, the Commission relies

164

Shopping For Danger: E-commerce techniques applied to collaboration in cyber security  

SciTech Connect (OSTI)

Collaboration among cyber security analysts is essential to a successful protection strategy on the Internet today, but it is uncommonly practiced or encouraged in operating environments. Barriers to productive collaboration often include data sensitivity, time and effort to communicate, institutional policy, and protection of domain knowledge. We propose an ambient collaboration framework, Vulcan, designed to remove the barriers of time and effort and mitigate the others. Vulcan automated data collection, collaborative filtering, and asynchronous dissemination, eliminating the effort implied by explicit collaboration among peers. We instrumented two analytic applications and performed a mock analysis session to build a dataset and test the output of the system.

Bruce, Joseph R.; Fink, Glenn A.

2012-05-24T23:59:59.000Z

165

Disable Automatic Login, Cyber Security, Information Technology Division,  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Disable Automatic Login Disable Automatic Login Automatic Login MUST be disabled... Follow the steps below to verify that auto login is disabled. Verify Security Settings Select Personal Section: Click Make sure the following required boxes are checked. - Require password to wake this computer from sleep or screen saver - Disable automatic login If so, close panel. If not, continue... Note: Mac users should have the panel locked at all times. Click the lock image to lock the panel if its open to prevent further changes. To unlock the above panel, click the lock image to bring up the login box. Insert your username & password, click . You should now be able to make changes to the panel.

166

Data-Intensive Visual Analysis for Cyber Security  

SciTech Connect (OSTI)

Protecting communications networks against attacks where the aim is to steal information, disrupt order, or harm critical infrastructure can require the collection and analysis of staggering amounts of data. The ability to detect and respond to threats quickly is a paramount concern across sectors, and especially for critical government, utility and financial networks. Yet detecting emerging or incipient threats in immense volumes of network traffic requires new computational and analytic approaches. Network security increasingly requires cooperation between human analysts able to spot suspicious events through means such as data visualization and automated systems that process streaming network data in near real-time to triage events so that human analysts are best able to focus their work.

Pike, William A.; Best, Daniel M.; Love, Douglas V.; Bohn, Shawn J.

2013-01-29T23:59:59.000Z

167

BNL Password Procedures, Cyber Security,Information Technology Division,  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Password Policy, Procedures, and Guidance Password Policy, Procedures, and Guidance Password Policy Choosing a Good Password - Online Random Password Generator Password Do's and Don'ts Password Protection Password Changing Password Change Process - Using Windows NT/2000/XP Operating Systems - Unix Systems Users not logged into the BNL Domain Password Policy for BlackBerry and Windows-based Hand-held Wireless Devices Password Policy Based upon DOE Notice N205.3 and guidance in DOE G 205.3-1, all BNL computer platforms capable of supporting password protection systems must have passwords that are in accord with the following. Password contains at least eight non-blank characters, provided such passwords are allowed by the operating system or application. Password contains a combination of letters (a mixture of upper and lowercase), numbers, and at least one special character within the first seven positions, provided such passwords are allowed by the operating system or application.

168

Electronic DOE Information Security System (eDISS) PIA, Office...  

Office of Environmental Management (EM)

DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security...

169

2011 DOE Safety and Security Enforcement Workshop  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

2011 DOE Safety and Security Workshop 2011 DOE Safety and Security Workshop Enforcement Home Registration - CLOSED Agendas Day 1 Agenda and Presentations Day 2 Agenda and Presentations Hotel Information Enforcement Home 2011 DOE Safety and Security Enforcement Workshop Office of Enforcement and Oversight The Office of Health, Safety and Security's (HSS) Office of Enforcement will be hosting its 2011 DOE Safety and Security Enforcement Workshop on the dates and location provided below. When: April 5 - 7, 2011 April 5 and 6 are open to Federal employees and contractors (8 am - 5 pm) April 7 is a half-day session for Federal participants only (8 - 11:30 am) The Energy Facility Contractors Group (EFCOG) Enforcement Coordination Working Group will be holding a meeting on April 7 at the Nevada Support Facility. For more information about that meeting, click here.

170

2014 Headquarters Facilities Master Security Plan - Chapter 14...  

Broader source: Energy.gov (indexed) [DOE]

4, Cyber Security 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security June 2014 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber...

171

PARS II New Contractor Information for Interconnection Security...  

Office of Environmental Management (EM)

V1.0 (November 18, 2010) The Department of Energy (DOE) Headquarters Program Cyber Security Plan (PCSP), dated February 2008, requires the Project Assessment and Reporting System...

172

2015 DOE Safety and Security Enforcement Workshop - Badging and...  

Office of Environmental Management (EM)

2015 DOE Safety and Security Enforcement Workshop - Badging and Facility Information 2015 DOE Safety and Security Enforcement Workshop - Badging and Facility Information January...

173

Cyber Security  

Office of Environmental Management (EM)

Advisor Robert Green Staff Action Control Officer Gale Mitchell Deputy Chief Information Officer Donald Adcock Deputy Associate IT Policy & Governance (IM-20) Russell Pereira...

174

Cyber Security  

Broader source: Energy.gov (indexed) [DOE]

(IM-21) Robin Crisp Director Policy & Performance Management Division (IM-22) Russell Pereira Director Records & Privacy Management Division (IM-23) Troy Manigault Director...

175

Cyber Security  

Office of Environmental Management (EM)

Policy & Performance Management Division (IM-22) Russell Pereira Director, Acting Records & Privacy Management Division (IM-23) Troy Manigault Director Associate CIO for IT...

176

DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy...  

Energy Savers [EERE]

in DOE funding to develop and integrate technologically- advanced controls and cyber-security devices into our electric grid and energy infrastructure. These projects aim to...

177

DOE and Industry Showcase New Control Systems Security Technologies...  

Broader source: Energy.gov (indexed) [DOE]

Technology Development Energy Delivery Systems Cybersecurity Control Systems Security News Archive DOE and Industry Showcase New Control Systems Security Technologies at...

178

Cyber security of the smart grid: Attack exposure analysis, detection algorithms, and testbed evaluation.  

E-Print Network [OSTI]

??While smart grid technologies are deployed to help achieve improved grid resiliency and efficiency, they also present an increased dependency on cyber resources which may (more)

Hahn, Adam

2013-01-01T23:59:59.000Z

179

Safeguards and Security Program - DOE Directives, Delegations...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

70.1A, Safeguards and Security Program by jcowden Functional areas: Safeguards, Security, and Emergency Management, Safety and Security The Safeguards and Security Program ensures...

180

Extension of DOE Directives on Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Notice extends 15 Office of Security and Emergency Operation directives that have expired or will expire until December 31, 2001. This Notice will remain in effect until its expiration date or until new/revised directives are published. The following statement will be added to the summary of the extended directives-DOE N 251.40, dated 5/3/01, extends this directive until 12/31/01.

2001-12-31T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

Enforcement of DOE Classified Information Security Requirements Under Title  

Broader source: Energy.gov (indexed) [DOE]

of DOE Classified Information Security Requirements of DOE Classified Information Security Requirements Under Title 10, Code of Federal Regulations, Part 824 Enforcement of DOE Classified Information Security Requirements Under Title 10, Code of Federal Regulations, Part 824 In publishing 10 CFR Part 824, DOE has determined that civil penalties under Part 824 will only be assessed for violations of requirements for the protection of classified information (Restricted Data, Formerly Restricted Data and National Security Information). The rule does not include civil penalties relating to failure to protect sensitive but unclassified information. IMPLEMENTATION GUIDANCE More Documents & Publications Safety and Security Enforcement Process Overview Preliminary Notice, Battelle Energy Alliance, LLC, SEA-2011-01

182

Security | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security The Y-12 National Security Complex places the highest priority on maintaining and improving its security posture. We employ security police officers, cyber...

183

Cyber-physical security metric inference in smart grid critical infrastructures based on system administrators' responsive behavior  

Science Journals Connector (OSTI)

Abstract To protect complex power-grid control networks, efficient security assessment techniques are required. However, efficiently making sure that calculated security measures match the expert knowledge is a challenging endeavor. In this paper, we present EliMet, a framework that combines information from different sources and estimates the extent to which a control network meets its security objective. Initially, EliMet passively observes system operators' online reactive behavior against security incidents, and accordingly refines the calculated security measure values. To make the values comply with the expert knowledge, EliMet actively queries operators regarding those states for which sufficient information was not gained during the passive observation. Finally, EliMet makes use of the estimated security measure values for predictive situational awareness by ranking potential cyber-physical contingencies that the security administrators should plan for upfront. Our experimental results show that EliMet can optimally make use of prior knowledge as well as automated inference techniques to minimize human involvement and efficiently deduce the expert knowledge regarding individual states of that particular system.

Saman Zonouz; Parisa Haghani

2013-01-01T23:59:59.000Z

184

Personnel Security - DOE Directives, Delegations, and Requirements  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

2.2 Admin Chg 1, Personnel Security by Mark Pekrul Functional areas: Administrative Change, Personnel Security, Safety and Security The order establishes requirements that will...

185

2015 DOE Safety and Security Enforcement Workshop | Department...  

Energy Savers [EERE]

Workshop 2015 DOE Safety and Security Enforcement Workshop WHEN: May 5 and 6, 2015 (EFCOG Meeting on May 7) WHERE: Nevada Support Facility Nevada Field Office REGISTRATION FEE:...

186

Safeguards and Security Program - DOE Directives, Delegations...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

O 470.4B, Safeguards and Security Program by Mary Gallion Functional areas: Safety, Safety and Security, Security, Work Processes, To establish responsibilities for the U.S....

187

Pacific Basin Nuclear Conference (PBNC 2012), BEXCO, Busan, Korea, March 18 ~ 23, 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS  

E-Print Network [OSTI]

PBNC 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS Kwangjo Kim KAIST, Daejeon, Korea.kim@kustar.ac.ae Abstract Nuclear Power Plants (NPPs) become one of the most important infrastructures in providing improvement. 1. Introduction Nuclear Power Plants (NPPs) become one of the most important infrastructures

Kim, Kwangjo

188

Microsoft Word - OE Cyber Release 10 18 07.doc  

Broader source: Energy.gov (indexed) [DOE]

Megan Barnett, (202) 586-4940 Thursday, October 18, 2007 Megan Barnett, (202) 586-4940 Thursday, October 18, 2007 DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks WASHINGTON, DC - U.S. Department of Energy (DOE) Assistant Secretary for Electricity Delivery and Energy Reliability Kevin M. Kolevar today announced five projects that have been selected for negotiation of awards of up to $7.9 million in DOE funding to develop and integrate technologically- advanced controls and cyber-security devices into our electric grid and energy infrastructure. These projects aim to protect our Nation's energy infrastructure from cyber attacks and seek to modernize our electricity grid, advancing the President's efforts to increase energy and economic security. These projects will

189

Matrix, Drug Testing for DOE Security Clearance - September 1, 2011 |  

Broader source: Energy.gov (indexed) [DOE]

Matrix, Drug Testing for DOE Security Clearance - September 1, 2011 Matrix, Drug Testing for DOE Security Clearance - September 1, 2011 Matrix, Drug Testing for DOE Security Clearance - September 1, 2011 September 1, 2011 The following matrix identifies those individuals required to have a current negative drug test as a prerequisite for being processed for a security clearance The following matrix identifies those individuals required to have a current negative drug test as a prerequisite for being processed for a security clearance. A current test is one taken within 60 calendar days of the individual's SF-86/SF-86C signature date. For those cases where no such form is collected (e.g. reciprocity) the test must have been taken within 60 calendar days of the date of the request for security clearance. Matrix, Drug Testing for DOE security clearance - September 1, 2011

190

Safeguards and Security Program - DOE Directives, Delegations...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

0.4B Admin Chg 1, Safeguards and Security Program by Mary Gallion Functional areas: Administrative Change, Safeguards, Security, and Emergency Management, Safety, Safety and...

191

Extension of DOE Directives on Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice extends the following directives until 12/31/02. DOE N 205.1, DOE N 205.2, DOE 205.3, DOE N 471.3, and DOE 473.6.

2002-05-06T23:59:59.000Z

192

The Fragmented Securitization of Cyber Threats  

Science Journals Connector (OSTI)

Cybersecurity is one of the most pressing national security issues nowadays. Cyber threats reached truly global scales, cyber attacks that potentially or actually cause physical damage are on the rise, and sec...

Agnes Kasper

2014-01-01T23:59:59.000Z

193

Energy Cyber Other Degree Program  

E-Print Network [OSTI]

Rev. Energy Cyber Other Yes No Degree Program States National Security Implications of Energy & Environmental Stress New Theories of Cross-Advisor: Graduation Date: Curric Num: Power and Energy New Approaches to Understanding Dimensions of National Security

194

"Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O 471.6,  

Broader source: Energy.gov (indexed) [DOE]

"Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O "Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O 471.6, INFORMATION SECURITY, DOE O 473.3 "Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O 471.6, INFORMATION SECURITY, DOE O 473.3 The familiar level of this module is divided into four sections. In the first section, we will discuss the DOE security programs and design basis threat included in DOE O 470.4B, Safeguards and Security Program. In the second section, we will discuss information security programs, including control of classified materials and the responsibilities of field elements and contractor employees in identifying classified information as covered in DOE O 471.6, Information Security. In section three, we will discuss the security programs to include security areas, intrusion detection, and

195

"Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O 471.6,  

Broader source: Energy.gov (indexed) [DOE]

"Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O "Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O 471.6, INFORMATION SECURITY, DOE O 473.3 "Order Module--DOE O 470.4B, SAFEGUARDS AND SECURITY PROGRAM, DOE O 471.6, INFORMATION SECURITY, DOE O 473.3 The familiar level of this module is divided into four sections. In the first section, we will discuss the DOE security programs and design basis threat included in DOE O 470.4B, Safeguards and Security Program. In the second section, we will discuss information security programs, including control of classified materials and the responsibilities of field elements and contractor employees in identifying classified information as covered in DOE O 471.6, Information Security. In section three, we will discuss the security programs to include security areas, intrusion detection, and

196

Nuclear safety information sharing agreement between NRC and DOEs Office of Environment, Health, Safety and Security  

Broader source: Energy.gov [DOE]

Nuclear safety information sharing agreement between NRC and DOEs Office of Environment, Health, Safety and Security.

197

Cyber Crime, Cyber Security and Cyber Warfare  

Science Journals Connector (OSTI)

The digital world has become a battleground for the forces of good and evil. There is an ever increasing awareness that the digital world provides an unlimited opportunity to further ones goals.

Mark A. Gregory; David Glance

2013-01-01T23:59:59.000Z

198

Safeguards and Security Program - DOE Directives, Delegations...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

1 Chg 1, Safeguards and Security Program by Website Administrator Functional areas: Environment, Safety, and Health, Hazardous Materials, Radiation Protection, Safeguards,...

199

Microsoft Word - Blue Cover Report - DOE FISMA  

Broader source: Energy.gov (indexed) [DOE]

Evaluation Report Evaluation Report The Department's Unclassified Cyber Security Program - 2010 DOE/IG-0843 October 2010 Department of Energy Washington, DC 20585 October 22, 2010 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Department's Unclassified Cyber Security Program - 2010" BACKGROUND Federal information systems are routinely confronted with increasingly sustained cyber attacks - many of which involve targeted and serious threats - executed with varying levels of technical sophistication. The number of incidents reported by Federal agencies to the Department of Homeland Security has, in fact, increased by over 400 percent in the past 4 years. To help

200

Reducing Cyber Risk to Critical Infrastructure: NIST Framework...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

The Vulnerability Analysis of Energy Delivery Control Systems Report Guidelines for Smart Grid Cyber Security (3.4 MB PDF) A Guide to Developing a Cyber Security and Risk...

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

An inter-realm, cyber-security infrastructure for virtual supercomputing  

SciTech Connect (OSTI)

Virtual supercomputing, (ise ., high-performance grid computing), is poised to revolutionize the way we think about and use computing. However, the security of the links interconnecting the nodes within such an environment will be its Achilles heel, particularly when secure communication is required to tunnel through heterogeneous domains. In this paper we examine existing security mechanisms, show their inadequacy, and design a comprehensive cybersecurity infrastructure that meets the security requirements of virtual supercomputing. Keywords Security, virtual supercomputing, grid computing, high-performance computing, GSS-API, SSL, IPsec, component-based software, dynamic reconfiguration.

Al-Muhtadi, J. (Jalal); Feng, W. C. (Wu-Chun); Fisk, M. E. (Mike E. )

2001-01-01T23:59:59.000Z

202

DOE Selects Lawrence Livermore National Security, LLC to Manage its  

Broader source: Energy.gov (indexed) [DOE]

Lawrence Livermore National Security, LLC to Manage its Lawrence Livermore National Security, LLC to Manage its Lawrence Livermore National Laboratory DOE Selects Lawrence Livermore National Security, LLC to Manage its Lawrence Livermore National Laboratory May 8, 2007 - 12:45pm Addthis WASHINGTON, DC - The U.S. Department of Energy (DOE) today announced that Lawrence Livermore National Security, LLC (LLNS) has been selected to be the management and operating contractor for DOE's National Nuclear Security Administration's (NNSA) Lawrence Livermore National Laboratory in California. "Livermore National Laboratory is a critical part of our nuclear weapons complex and has been for the last 55 years," Secretary Bodman said. "For the first time since the beginning of the laboratory a new contractor is

203

PACIFIC NORTHWEST CYBER SUMMIT  

SciTech Connect (OSTI)

On March 26, 2013, the Snohomish County Public Utility District (PUD) and the U.S. Department of Energys (DOEs) Pacific Northwest National Laboratory (PNNL) jointly hosted the Pacific Northwest Cyber Summit with the DOEs Office of Electricity Delivery and Energy Reliability, the White House, Washington State congressional delegation, Washington State National Guard, and regional energy companies.

Lesperance, Ann M.; Matlock, Gordon W.; Becker-Dippmann, Angela S.; Smith, Karen S.

2013-08-07T23:59:59.000Z

204

DOE Policies | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

DOE Policies DOE Policies DOE Policies Cyber Security DOE O 205.1B Department of Energy Cyber Security Management (Approved May 16, 2011) Information Management Planning DOE Guide to IT Capital Planning and Investment, September 2010 (pdf) DOE IRM Strategic Plan, FY 2009 - 2011 (pdf) DOE N 203.1, Software Quality Assurance (pdf) DOE G 242.1-1, Forms Management Guide (pdf) DOE O 203.1 Limited Personal Use of Government Office Equipment Including Information Technology (pdf) Information Management Program Order, DOE O 200.1A (pdf) (Access to this document is restricted to DOE employees only) Records Management DOE Directive, O 243.1, Records Management Program (pdf) DOE Directive, O 243.2, Vital Records (pdf) DOE Directive, O 200.2, Information Collection Management Program

205

WIPP Security Contractor Receives DOE Voluntary Protection Program Award |  

Broader source: Energy.gov (indexed) [DOE]

Contractor Receives DOE Voluntary Protection Program Contractor Receives DOE Voluntary Protection Program Award WIPP Security Contractor Receives DOE Voluntary Protection Program Award October 24, 2012 - 12:00pm Addthis Department of Energy Carlsbad Field Site Operations Director Casey Gadbury (right) and Farok Sharif, President and Project Manager for Nuclear Waste Partnership LLC, the management and operating contractor at the Waste Isolation Pilot Plant, present the DOE's Voluntary Protection Program Legacy Star Award to Richard De Los Santos, protective force manager for Security Walls, the security contractor at the Waste Isolation Pilot Plant. The DOE-VPP legacy star award is the highest level of recognition possible in the VPP. Department of Energy Carlsbad Field Site Operations Director Casey Gadbury

206

ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber...  

Broader source: Energy.gov (indexed) [DOE]

and Energy Utilities Form Consortium to Fund SCADAEMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADAEMS Cyber...

207

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security, 1st edition  

Science Journals Connector (OSTI)

If you are responsible for meeting federal information security requirements such as FISMA, this book is all you need to know to get a system authorized. Now in the first full revision of FISMA since its inception in 2002, a new wave of stronger security ...

Stephen D. Gantz; Daniel R. Philpott

2012-12-01T23:59:59.000Z

208

Guide to Critical Infrastructure Protection Cyber Vulnerability...  

Broader source: Energy.gov (indexed) [DOE]

Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June 2012)...

209

Sandia National Laboratories: Sandia Cyber Engineering Research...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyberdefenders * CERL * computer security * Cyber Engineering Research Laboratory * cybersecurity * SAND2013-2827P * Sandia computing expertise * Sandia Science & Technology Park...

210

Safeguards and Security Glossary - DOE M 470.4-7 | Department...  

Office of Environmental Management (EM)

Safeguards and Security Glossary - DOE M 470.4-7 Safeguards and Security Glossary - DOE M 470.4-7 August 26, 2005 Cancelled Safeguards and Security Glossary The Safeguards and...

211

DOE/ID-Number  

Broader source: Energy.gov (indexed) [DOE]

INL/EXT-08-13979 INL/EXT-08-13979 U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB National SCADA Test Bed Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program November 2008 November 2008 INL/EXT-08-13979 Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program November 2008 Idaho National Laboratory Idaho Falls, Idaho 83415 http://www.inl.gov Prepared for the U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Under DOE Idaho Operations Office Contract DE-AC07-05ID14517 Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB

212

Homeland Security | U.S. DOE Office of Science (SC)  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Homeland Security Homeland Security High Energy Physics (HEP) HEP Home About Research Facilities Science Highlights Benefits of HEP Medicine Homeland Security Industry Computing Sciences Workforce Development A Growing List Accelerators for Americas Future External link Funding Opportunities Advisory Committees News & Resources Contact Information High Energy Physics U.S. Department of Energy SC-25/Germantown Building 1000 Independence Ave., SW Washington, DC 20585 P: (301) 903-3624 F: (301) 903-2597 E: sc.hep@science.doe.gov More Information » Benefits of HEP Homeland Security Print Text Size: A A A RSS Feeds FeedbackShare Page Homeland security: monitoring nuclear nonproliferation In nuclear reactors, the amount of plutonium builds up as the uranium fuel is used, and the number and characteristics of antineutrinos emitted by

213

Cautionary tales from real world failures for managing security in the cyber world  

Science Journals Connector (OSTI)

Any field of endeavor benefits from a body of knowledge of failures that provide guidance on what to avoid. As a relatively young discipline whose failures can often be handled privately, information security professionals do not have access to the volume ... Keywords: bridges, catastrophic failure, civil engineering, failure, lessons learned

Bill Naber

2010-10-01T23:59:59.000Z

214

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Does not cancel other directives. Canceled by DOE O 205.1B

2009-01-05T23:59:59.000Z

215

The Technology of Cyber Operations Symposium on Cyber Operations and National  

E-Print Network [OSTI]

operations can be conducted with plausible deniability But adversaries make mistakes too, and allThe Technology of Cyber Operations Herb Lin Symposium on Cyber Operations and National Security not acknowledge role of offensive operations. · Offensive cyber operations can also have non-defensive purposes

216

Policing Cyber Hate, Cyber Threats and Cyber Terrorism  

Science Journals Connector (OSTI)

What are cyber threats? This book brings together a diverse range of multidisciplinary ideas to explore the extent of cyber threats, cyber hate and cyber terrorism. This ground-breaking text provides a comprehensive understanding of the range of activities ...

Imran Awan; Brian Blakemore

2012-07-01T23:59:59.000Z

217

SECURING HARDWARE, SOFTWARE AND DATA  

Broader source: Energy.gov (indexed) [DOE]

of the Cyber Security of the Cyber Security Research Needs for Open Science Workshop July 23-24, 2007 Sponsored by the DOE Office of Science in Cooperation with the Office of Electricity Delivery and Energy Reliability i PNNL-16971 Report of the Cyber Security Research Needs for Open Science Workshop July 23-24, 2007 Sponsored by the DOE Office of Science in Cooperation with the Office of Electricity Delivery and Energy Reliability iii Acknowledgements The workshop chairs wish to thank Joree O'Neal and Rachel Smith for all their help and support with organizing the logistics and registration activities for this workshop; Sue Chin, Ted Tanasse, Barbara Wilson, and Stacy Larsen for their expert help with the assembly, text editing, and graphics for this report; and Lance Baatz for his masterful

218

NISTIR 7916 Proceedings of the Cybersecurity in Cyber-  

E-Print Network [OSTI]

NISTIR 7916 Proceedings of the Cybersecurity in Cyber- Physical Systems Workshop, April 23 ­ 24 of the Cybersecurity in Cyber- Physical Systems Workshop, April 23 ­ 24, 2012 Editor: Tanya Brewer Computer Security

219

EAC Recommendations for DOE Action Regarding Implementing Effective Enterprise Security Governance- March 2014  

Broader source: Energy.gov [DOE]

EAC Recommendations for DOE Action Regarding Implementing Effective Enterprise Security Governance, approved at the March 12-13, 2014 meeting.

220

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

222

STEM Incubator in Cyber Security (Haxor) Wednesdays 4:00 5:00pm, Manchester 244 Spring 2014  

E-Print Network [OSTI]

curity. Students will experiment with ethical hacking, cyber defense, and reverse engineering techniques: Demonstrable Outcomes . Understanding of ethical hacking approaches and awareness of laws concerning hacking code . The end of semester hacking challenge There is not a single text book that is best suited

Fulp, Errin W.

223

STEM Incubator in Cyber Security (Haxor) Wednesdays 4:00 -5:00pm, Manchester 244 Spring 2014  

E-Print Network [OSTI]

curity. Students will experiment with ethical hacking, cyber defense, and reverse engineering techniques:Demonstrable Outcomes · Understanding of ethical hacking approaches and awareness of laws concerning hacking code · The end of semester hacking challenge There is not a single text book that is best suited

Fulp, Errin W.

224

Notice of Intent to Develop DOE O 470.5, Integrating Existing Technical Security Program Requirements  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This memorandum provides justification for the development of one integrated and consolidated set of requirements for the Department of Energy (DOE) Technical Security Program (TSP). This Order will combine the existing necessary requirements from DOE Manual (M) 205.1-3, Telecommunications Security Manual, dated 4-17-2006 and DOE M 470.4-4A chg.1, Information Security Manual, dated 10-12-2010; Section D -Technical Surveillance Countermeasures, into a single DOE Order defining the DOE TSP.

2013-08-21T23:59:59.000Z

225

Certification and Accreditation Process for Information Systems Including National Security Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures the effectiveness of security controls on DOE Federal information systems including national security systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. No cancellations. DOE N 205.15, dated 3-18-05, extends this directive until 3-18-06.

2004-02-19T23:59:59.000Z

226

Updated Skill Set with Annual Skill Set Model Review and VISION Training completion. Revision does not impact MGTF-002 Template 08_1014. Added EOTA IT Security Course and Exam  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

330 330 Reformatted and reorganized entire document. Broke down by position and bumped against Position Descriptions for accuracy, updated names of documents and made consistent throughout 09_0623 Updated Skill Set with Annual Skill Set Model Review and VISION Training completion. Revision does not impact MGTF-002 Template 08_1014. Added EOTA IT Security Course and Exam to process section. 09_0807 Updated Skill Set with Annual Skill Set Model Review. Added Required DOE contractor Training (IT Security, FEOSH & Cyber Security). Added EOTA IT Security Course and Exam to process section. 08_1014 Removed employee no longer with EOTA. MGTP-004, Employee Satisfaction Process no longer active. 08_0829 Annual Skill Set Model Review completed and documented for all EOTA staff. Additional lines added for future training items.

227

DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy  

Broader source: Energy.gov (indexed) [DOE]

DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks October 18, 2007 - 3:21pm Addthis WASHINGTON, DC - U.S. Department of Energy (DOE) Assistant Secretary for Electricity Delivery and Energy Reliability Kevin M. Kolevar today announced five projects that have been selected for negotiation of awards of up to $7.9 million in DOE funding to develop and integrate technologically- advanced controls and cyber-security devices into our electric grid and energy infrastructure. These projects aim to protect our Nation's energy infrastructure from cyber attacks and seek to modernize our electricity grid, advancing the President's efforts to increase energy and economic security. These

228

The cyber threat landscape: Challenges and future research directions  

Science Journals Connector (OSTI)

Cyber threats are becoming more sophisticated with the blending of once distinct types of attack into more damaging forms. Increased variety and volume of attacks is inevitable given the desire of financially and criminally-motivated actors to obtain ... Keywords: Culture of security, Cyber crime, Cyber exploitation, Policing and preventative strategy, Public private partnership, Routine Activity Theory

Kim-Kwang Raymond Choo

2011-11-01T23:59:59.000Z

229

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Broader source: Energy.gov (indexed) [DOE]

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June 2012)

230

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Broader source: Energy.gov (indexed) [DOE]

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June

231

Deception used for Cyber Defense of Control Systems  

SciTech Connect (OSTI)

Control system cyber security defense mechanisms may employ deception to make it more difficult for attackers to plan and execute successful attacks. These deceptive defense mechanisms are organized and initially explored according to a specific deception taxonomy and the seven abstract dimensions of security previously proposed as a framework for the cyber security of control systems.

Wayne F. Boyer; Miles A. McQueen

2009-05-01T23:59:59.000Z

232

Security and Trust Convergence: Attributes, Relations and Provenance  

E-Print Network [OSTI]

-World Impact! State of Cyber Security Cyber should be "controllable" Nuclear, chemical, biological have beenSecurity and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas

Sandhu, Ravi

233

Security and Trust Convergence: Attributes, Relations and Provenance  

E-Print Network [OSTI]

-World Impact! State of Cyber Security Cyber should be "controllable" Nuclear, chemical, biological have been1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas

Sandhu, Ravi

234

Cyber Incident Information | Department of Energy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Services » Guidance » Privacy » Cyber Incident Information Services » Guidance » Privacy » Cyber Incident Information Cyber Incident Information July 2013 Cyber Incident The Department of Energy has confirmed a cyber incident that occurred at the end of July and resulted in the unauthorized disclosure of federal employee Personally Identifiable Information (PII). January 2013 Cyber Incident The Department of Energy (DOE) has confirmed a cyber incident that occurred in mid-January 2013 which targeted the Headquarters' network and resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information (PII). Tips to Monitor Your Identity Here is a suggested list of tips to monitor and protect yourself. Assistive Technology Forms Guidance Capital Planning Information Collection Management

235

Savannah River Site Team Wins Carolina Challenge at 2012 DOE Security  

Broader source: Energy.gov (indexed) [DOE]

Team Wins Carolina Challenge at 2012 DOE Team Wins Carolina Challenge at 2012 DOE Security Protection Officer Competition Savannah River Site Team Wins Carolina Challenge at 2012 DOE Security Protection Officer Competition April 26, 2012 - 12:00pm Addthis Media Contact Bill Taylor, (803) 952-8564, bill.taylor@srs.gov Savannah River Site, Aiken, S.C. - Security Protection Officers from Savannah River Site's (SRS) security contractor WSI-SRS, today won the Department of Energy (DOE) Secretary's Trophy as the top DOE team in the 2012 Security Protection Officer Team Competition (SPOTC)- 2012 Carolina Challenge, held here, April 22-26. It was the 40th anniversary of the SPOTC competition. In 2012 Carolina Challenge, SRS was among 11 teams representing DOE sites. The threeman team competition was won by Security Protection Officers

236

Savannah River Site Team Wins Carolina Challenge at 2012 DOE Security  

Broader source: Energy.gov (indexed) [DOE]

Savannah River Site Team Wins Carolina Challenge at 2012 DOE Savannah River Site Team Wins Carolina Challenge at 2012 DOE Security Protection Officer Competition Savannah River Site Team Wins Carolina Challenge at 2012 DOE Security Protection Officer Competition April 26, 2012 - 12:00pm Addthis Media Contact Bill Taylor, (803) 952-8564, bill.taylor@srs.gov Savannah River Site, Aiken, S.C. - Security Protection Officers from Savannah River Site's (SRS) security contractor WSI-SRS, today won the Department of Energy (DOE) Secretary's Trophy as the top DOE team in the 2012 Security Protection Officer Team Competition (SPOTC)- 2012 Carolina Challenge, held here, April 22-26. It was the 40th anniversary of the SPOTC competition. In 2012 Carolina Challenge, SRS was among 11 teams representing DOE sites. The threeman team competition was won by Security Protection Officers

237

Cyber Incidents Involving Control Systems  

SciTech Connect (OSTI)

The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).

Robert J. Turk

2005-10-01T23:59:59.000Z

238

Delegation of Authority for Safeguards and Security (EM) - DOE...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Authority for Safeguards and Security (EM) by goodwin Delegation-AuthorityforSafeguards-SecurityEM.pdf -- PDF Document, 63 KB ID: NA Type: Organizations' Assignment of...

239

DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy  

Broader source: Energy.gov (indexed) [DOE]

8 Million to Safeguard the Nation's Energy 8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks October 18, 2007 - 3:21pm Addthis WASHINGTON, DC - U.S. Department of Energy (DOE) Assistant Secretary for Electricity Delivery and Energy Reliability Kevin M. Kolevar today announced five projects that have been selected for negotiation of awards of up to $7.9 million in DOE funding to develop and integrate technologically- advanced controls and cyber-security devices into our electric grid and energy infrastructure. These projects aim to protect our Nation's energy infrastructure from cyber attacks and seek to modernize our electricity grid, advancing the President's efforts to increase energy and economic security. These

240

New Article on Cybersecurity Discusses DOEs Partnership with the Energy Sector to Keep the Grid Reliable and Secure  

Broader source: Energy.gov [DOE]

An article by OEs Carol Hawk and Akhlesh Kaushiva in The Electricity Journal discusses cybersecurity for the power grid and how DOE and the energy sector are partnering to keep the smart grid reliable and secure.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May  

Broader source: Energy.gov (indexed) [DOE]

Protecting Intelligent Distributed Power Grids Against Cyber Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Development of a novel distributed and hierarchical security layer specific to intelligent grid design will help protect intelligent distributed power grids from cyber attacks. Intelligent power grids are interdependent energy management systems-encompassing generation, distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, efficiency, and reliability. But increased interconnection and automation over a large geographical area requires a distributed and hierarchical approach to cybersecurity. Protecting Intelligent Distributed Power Grids Again Cyber Attacks.pdf

242

Lemnos Interoperable Security Program  

SciTech Connect (OSTI)

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or ?? tunnels?, to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems Lemnos is built on the successes of Open PCS Security Architecture for Interoperable Design (OPSAID), a previous DOE National SCADA Test Bed (NSTB) project. It enhances security interoperability by identifying basic cyber security functions based on utility requirements and then selecting open source solutions, namely Internet Engineering Task Force (IETF) RFCs, to support these functions. Once identified, specific configuration parameters for each RFC suitable for the electric utility control system environment are identified and documented. These configuration parameters are referred to as Interoperable Configuration Profiles (ICP) and their effectiveness within the utility control systems environment is verified with comprehensive testing as the final step in the process. The project focused on development of ICPs for four security protocols (IPsec, SSH, LDAP, and Syslog) which represent fundamental building blocks which can be utilized for securing utility control systems. These ICPs are product agnostic and can be applied modularly to any device (router, substation gateway, intelligent electronic device, etc.) within the utility control system as the end user deems necessary for their unique system architecture. The Lemnos Interoperable Security Program is a public-private partnership under the U.S. Department of Energy (DOE) Office of Electricity Delivery and Energy Reliability's Cybersecurity for Energy Delivery Systems (CEDS) program and supports The Roadmap to Secure Energy Delivery Systems. In addition to EnerNex, the core team supporting the effort includes Tennessee Valley Authority, Sandia National Laboratories, and Schweitzer Engineering Laboratories. Adding to the core team effort is collaboration from additional industry participants in the project including the Electric Power Research Institute (EPRI), Alien Vault, Cisco, Encore Networks, GarrettCom, Industrial Defender, N-Dimension Solutions, Phoenix Contact, RuggedCom, and Siemens.

John Stewart; Ron Halbgewachs; Adrian Chavez; Rhett Smith; David Teumim

2012-01-31T23:59:59.000Z

243

Environment/Health/Safety/Security (EHSS): Security & Emergency Services:  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security & Emergency Services Security & Emergency Services Security Update ID Cards Gate Procedures Visitor/Guest Access Bus/Shuttle Reporting Foreign Contacts Mail Handling Contacts Cyber Protection Website ISSM Website ISSM: Counterintelligence and Counterterrorism Emergency Services Website Security and Emergency Operations Website Security Update THREAT ASSESSMENT: January 9, 2004-- The Department of Energy has directed all DOE sites to lower their security status to Secon Level 3, to coincide with the Department of Homeland Security advisory system. Security measures as listed below are in place. If you have any questions, call Dan Lunsford at x6016. ID Cards: Every employee must have a valid LBNL proximity badge and either wear it or produce it upon request. Badges and clips are available in the Site Access

244

DOE Order Self Study Modules - DOE O 440.1B, Worker Protection Management for DOE (Including the National Nuclear Security Administration) Federal Employees  

Broader source: Energy.gov (indexed) [DOE]

0.1B 0.1B WORKER PROTECTION PROGRAM FOR DOE (INCLUDING THE NATIONAL NUCLEAR SECURITY ADMINISTRATION) FEDERAL EMPLOYEES DOE O 440.1B Familiar Level June 2011 1 DOE O 440.1B WORKER PROTECTION MANAGEMENT FOR DOE (INCLUDING THE NATIONAL NUCLEAR SECURITY ADMINISTRATION) FEDERAL EMPLOYEES FAMILIAR LEVEL OBJECTIVES Given the familiar level of this module and the resources listed below, you will be able to answer the following questions: 1. What are the objectives of DOE O 440.1B? 2. What are the requirements that DOE elements must meet according to DOE O 440.1B? 3. What is the hazard prevention/abatement process that must be implemented according to DOE O 440.1B? 4. What are three responsibilities assigned by DOE O 440.1B for heads of field elements?

245

Sandia National Laboratories: National Security Missions: Defense...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cybersecurity Delivering experience & expertise Training the next generation of cyber defenders Cybersecurity computing Defending national security Applying science and engineering...

246

Microsoft PowerPoint - DOE-RL Hanford Metrics Presentation.pptx  

Broader source: Energy.gov (indexed) [DOE]

from the Field: from the Field: Implementing Cyber Security Metrics that Work Rick Grandy & Gregg Serene Cyber Security MSA/Lockheed Martin DOE Hanford Site "To make our customers extraordinarily successful in our unified mission of cleaning up the Hanford cleaning up the Hanford Site..." Hanford Site Scope - 586 square miles - 9 000+ PCs 9,000+ PCs - 500+ servers - 400+ applications - 1 000+ miles fiber to 300 bldgs 1,000+ miles fiber to 300 bldgs - 12,500+ phones 2 Why Metrics? * How do you know if you're How do you know if you re doing well in school? * How do you know if an athlete is performing well? p g * How do you know if you're o do you o you e healthy? - Weight, Blood Pressure 3 Why Metrics? * Does a FISMA Score of "A" mean... - The cyber program is more effective? - The cyber program is more efficient?

247

DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy  

Broader source: Energy.gov (indexed) [DOE]

to Provide Nearly $8 Million to Safeguard the Nation's Energy to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks U.S. Department of Energy (DOE) Assistant Secretary for Electricity Delivery and Energy Reliability Kevin M. Kolevar today announced five projects that have been selected for negotiation of awards of up to $7.9 million in DOE funding to develop and integrate technologically- advanced controls and cyber-security devices into our electric grid and energy infrastructure. DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks More Documents & Publications "Cybersecurity for State Regulators" - NARUC Primer (June 2012)

248

Matrix, Drug Testing for DOE Security Clearance- September 1, 2011  

Broader source: Energy.gov [DOE]

The following matrix identifies those individuals required to have a current negative drug test as a prerequisite for being processed for a security clearance

249

DOE celebrates Earth Day | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

celebrates Earth Day | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the...

250

Worker Protection Program for DOE (Including the National Nuclear Security Administration) Federal Employees  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes the framework for an effective worker protection program that will reduce or prevent injuries, illnesses, and accidental losses by providing Department of Energy (DOE), including National Nuclear Security Administration (NNSA), Federal workers with a safe and healthful workplace. Cancels DOE O 440.1A. Certified 6/17/2011. Canceled by DOE O 440.1B Chg 1.

2007-05-17T23:59:59.000Z

251

The NIAC Convergence of Physical and Cyber Technbologies and Related  

Broader source: Energy.gov (indexed) [DOE]

The NIAC Convergence of Physical and Cyber Technbologies and The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations The NIAC convened the Physical/Cyber Convergence Working Group (CWG), in October 2005, to investigate the ongoing convergence of physical and cyber technologies for Supervisory Control and Data Acquisition (SCADA) and process control systems and their consolidated network management. The Working Group convened a Study Group of subject matter experts to inform its work. The Working Group report informed the NIAC's deliberations. The NIAC Convergence of Physical and Cyber Technbologies and Related

252

National Security Initiatives | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Our Primary Thrusts A science-based approach to cyber security Develop breakthrough nuclear forensic science Expand bioinformatics program to address critical biosurveillance gaps...

253

Rethinking information privacy-security: does it really matter?  

Science Journals Connector (OSTI)

This paper reports some of the findings of a bigger study that examined the role of technological, individual, cultural, and informational traits in shaping the intention to buy and sell online. The focus of this paper is on information privacy-security ... Keywords: culture, information privacy, information security, online buying and selling, structural equation modeling

Waseem Afzal

2013-11-01T23:59:59.000Z

254

Transforming CyberSecurity R&D within the Department of Energy: Getting Ahead of The Threat  

SciTech Connect (OSTI)

This report outlines a preliminary response from DOE researchers to the following three questions: a) what are the key priorities w.r.t. cybersecurity R&D over the next decade? b) what would we recommend, in terms of a program, to address those priorities c) how would a DOE Office of Science program in this area complement other cybersecurity R&D initiatives such as NSF's or other agency programs?

Frincke, Deborah A.; Catlett, Charlie; Siebenlist, Frank; Strelitz, Richard; Talbot, Ed; Worley, Brian

2008-01-01T23:59:59.000Z

255

ADMINISTRATIVE CHANGE TO DOE O 470.4B, Safeguards and Security...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

70.4B Chg 1 1 2-15-2013 ADMINISTRATIVE CHANGE TO DOE O 470.4B, Safeguards and Security Program Locations of Changes: Page Paragraph Changed To p. 5 5.c.(1) Responsible for the...

256

EVALUATING THREAT ASSESSMENT FOR MULTI-STAGE CYBER ATTACKS Shanchieh Jay Yang  

E-Print Network [OSTI]

EVALUATING THREAT ASSESSMENT FOR MULTI-STAGE CYBER ATTACKS Shanchieh Jay Yang Rochester Institute on how to evaluate a threat assessment algorithm, especially for cyber security. Because of the variety and the constantly changing nature of hacker behavior and network vulnerabilities, a cyber threat assessment

Jay Yang, Shanchieh

257

January 2014 Cybersecurity Awareness Campaign - Secure Online...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

January 2014 Cybersecurity Awareness Campaign - Secure Online Shopping January 2014 Cybersecurity Awareness Campaign - Secure Online Shopping The primary cyber theme for the...

258

Time-based intrusion detection in cyber-physical systems  

Science Journals Connector (OSTI)

Embedded systems, particularly real-time systems with temporal constraints, are increasingly deployed in every day life. Such systems that interact with the physical world are also referred to as cyber-physical systems (CPS). These systems commonly find ... Keywords: cyber-physical systems, real-time systems, security, timing analysis

Christopher Zimmer; Balasubramanya Bhat; Frank Mueller; Sibin Mohan

2010-04-01T23:59:59.000Z

259

Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.  

SciTech Connect (OSTI)

Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

2005-12-01T23:59:59.000Z

260

Chapter 2 - Definitions of Cyber Terrorism  

Science Journals Connector (OSTI)

Abstract The term cyber terror appeared for the first time in the mid-eighties. Since then the notion has been misused a number of times by journalists and politicians. It does not help that cyber terror does not have a clear, agreed definition. This chapter first analyses the background of the confusion. Secondly, the chapter provides a definition of cyber terrorism which aligns with national definitions of terrorism. From this, it becomes clear that no act of cyber terror has yet occurred. We need to be prepared however as the increasing societal critical reliance on ICT will make ICT systems and services as well as embedded ICT an interesting target for future terrorists.

Eric Luiijf

2014-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Safeguards & Security | U.S. DOE Office of Science (SC)  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Safeguards & Security Safeguards & Security Integrated Support Center (ISC) ISC Home About Services Freedom of Information Act (FOIA) Privacy Act Categorical Exclusion Determinations Contact Information Integrated Support Center Roxanne Purucker U.S. Department of Energy 9800 S. Cass Avenue Argonne, IL 60439 P: (630) 252-2110 Larry Kelly U.S. Department of Energy 200 Administration Road Oak Ridge, TN 37830 P: (865) 576-0885 Services Safeguards & Security Print Text Size: A A A RSS Feeds FeedbackShare Page Security and Emergency Management staff ensures the people, materials, and information at DOE sites remain safe and secure. The Office of Science complex contains some of the U.S. Department of Energy's most important assets, and these organizations ensure the security of these crucial and

262

Cyber Train Videos | The Ames Laboratory  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber Train Videos 1. Cyber Train Overview 2. Cyber Train Opt-Out Process 3. Cyber Train Complete Training 4. Submitting Course Completion Materials...

263

DOE/EA-1557; Final Envrionmental Assessment for the National Security Test Range  

Broader source: Energy.gov (indexed) [DOE]

Environmental Assessment for the National Security Test Range DOE/EA-1557 April, 2007 CONTENTS 1. PURPOSE AND NEED ..................................................................................................................... 1 2. ALTERNATIVES .............................................................................................................................. 3 2.1. Consolidate Testing on a New National Security Test Range at the INL (Preferred Alternative)3 2.1.1 Construction Activities ................................................................................................. 6 2.1.2 Operational Activities................................................................................................... 6 2.2 Alternatives Considered, but Eliminated from Detailed Analysis................................................

264

DOE Statement on UK Government's "Road to 2010" Report on Nuclear Security  

Broader source: Energy.gov (indexed) [DOE]

Statement on UK Government's "Road to 2010" Report on Nuclear Statement on UK Government's "Road to 2010" Report on Nuclear Security DOE Statement on UK Government's "Road to 2010" Report on Nuclear Security July 17, 2009 - 12:00am Addthis WASHINGTON, DC - Thomas P. D'Agostino, the Department of Energy's Under Secretary for Nuclear Security and Administrator of the National Nuclear Security Administration, today applauded the British government's new report on advancing the global nuclear security agenda. Issued yesterday, "The Road to 2010 - Addressing the Nuclear Question in the Twenty First Century" outlines a strategy for addressing the threat posed by the proliferation of nuclear weapons ahead of the 2010 Nuclear Non-Proliferation Treaty (NPT) Review Conference. Among other steps, it includes the creation of a UK Center for Nuclear

265

Energy Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber-physical solutions Cybersecurity for energy delivery systems outreach AMI smart metering upgradeability test framework Practical quantum security for grid automation...

266

Data Intensive Architecture for Scalable Cyber Analytics  

SciTech Connect (OSTI)

Cyber analysts are tasked with the identification and mitigation of network exploits and threats. These compromises are difficult to identify due to the characteristics of cyber communication, the volume of traffic, and the duration of possible attack. In this paper, we describe a prototype implementation designed to provide cyber analysts an environment where they can interactively explore a months worth of cyber security data. This prototype utilized On-Line Analytical Processing (OLAP) techniques to present a data cube to the analysts. The cube provides a summary of the data, allowing trends to be easily identified as well as the ability to easily pull up the original records comprising an event of interest. The cube was built using SQL Server Analysis Services (SSAS), with the interface to the cube provided by Tableau. This software infrastructure was supported by a novel hardware architecture comprising a Netezza TwinFin for the underlying data warehouse and a cube server with a FusionIO drive hosting the data cube. We evaluated this environment on a months worth of artificial, but realistic, data using multiple queries provided by our cyber analysts. As our results indicate, OLAP technology has progressed to the point where it is in a unique position to provide novel insights to cyber analysts, as long as it is supported by an appropriate data intensive architecture.

Olsen, Bryan K.; Johnson, John R.; Critchlow, Terence J.

2011-12-19T23:59:59.000Z

267

DOE | Office of Health, Safety and Security | 2012 Facility Representative,  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Facility Representative Facility Representative Office of Nuclear Safety Home Facility Representative Home Annual Facility Rep Workshop › 2012 › 2011 › 2010 › 2009 › 2008 › 2007 › 2006 › 2005 › 2004 › 2003 › 2002 › 2001 › 2000 DOE Safety Links › ORPS Info › Operating Experience › DOE Lessons Learned › Accident Investigation Assessment Tools › FR CRADs › Surveillance Guides › Manager's Guide for Safety and Health Subject Matter Links General Program Information › Program Mission Statement › Program Directives and Guidance › FR of the Year Award Program › FR of the Year Award › FR Program Assessment Guide (Appendix B, DOE STD 1063-2011) FR Quarterly Performance Indicators Training & Qualification Information › Qualification Standards › Energy Online Courses

268

National SCADA Test Bed Enhancing control systems security in the energy  

Broader source: Energy.gov (indexed) [DOE]

SCADA Test Bed Enhancing control systems security in the SCADA Test Bed Enhancing control systems security in the energy sector National SCADA Test Bed Enhancing control systems security in the energy sector Improving the security of energy control systems has become a national priority. Since the mid-1990's, security experts have become increasingly concerned about the threat of malicious cyber attacks on the vital supervisory control and data acquisition (SCADA) and distributed control systems (DCS) used to monitor and manage our energy infrastructure. Many of the systems still in use today were designed to operate in closed, proprietary networks. National SCADA Test Bed Enhancing control systems security in the energy sector More Documents & Publications NSTB Summarizes Vulnerable Areas Transmission and Distribution World March 2007: DOE Focuses on Cyber

269

Critical Infrastructure and Cyber Security  

E-Print Network [OSTI]

indicators vis-a-vis one another, which is especially important in the midst of the current budgetary uncertainty in Washington. In this study, we present our definitions of the three indicators; an overview of the eighteen sectors of critical infrastructure...

Doll, Abby; Pirrong, Renee; Jennings, Matthew; Stasny, George; Giblin, Andy; Shaffer, Steph; Anderson, Aimee

2011-01-01T23:59:59.000Z

270

DOE/CX-00007 CATEGORICAL EXCLUSION SAFEGUARDS AND SECURITY ENHANCED ASSESSMENT SYSTEM  

Broader source: Energy.gov (indexed) [DOE]

07 07 CATEGORICAL EXCLUSION SAFEGUARDS AND SECURITY ENHANCED ASSESSMENT SYSTEM (PROJECT S-221) HANFORD SITE, RICHLAND, WASHINGTON PROPOSED ACTION The U.S. Department of Energy (DOE) proposes to install six wooden utility poles to support the safeguards and security enhanced assessment system. LOCATION OF ACTION The locations of the proposed action are generally within and around 200 East Area of the Hanford Site. The specific locations cannot be disclosed due to their safeguards and security related nature, and the locations have been designated Official Use Only. It is the policy of the DOE to make records available to the public to the greatest extent possible, in keeping with the spirit of the Freedom of Information Act (FOIA), while at the same time

271

DOE-STD-1171-2003; Safeguards and Security Functional Area Standard  

Broader source: Energy.gov (indexed) [DOE]

DOE-STD-1171-2003 December 2003 DOE STANDARD SAFEGUARDS AND SECURITY FUNCTIONAL AREA STANDARD DOE Defense Nuclear Facilities Technical Personnel U.S. Department of Energy AREA TRNG Washington, D.C. 20585 DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. DOE-STD-1171-2003 This document has been reproduced directly from the best available copy. Available to DOE and DOE contractors from ES&H Technical Information Services, U.S. Department of Energy, (800) 473-4375, fax: (301) 903-9823. Available to the public from the U.S. Department of Commerce, Technology Administration, National Technical Information Service, Springfield, VA 22161; (703) 605-6000.

272

Los Alamos director echoes cyber concerns  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Los Alamos director echoes cyber concerns Los Alamos director echoes cyber concerns Los Alamos director echoes cyber concerns Director Charlie McMillan told a gathering of energy executives that securing the electrical grid is a major concern now and it's only becoming more serious. May 21, 2013 Los Alamos National Laboratory Director Charlie McMillan (right), with, from left, Anthony Cugini of the National Energy Technology Laboratory, Thom Mason of Oak Ridge National Laboratory, and Tomas Diaz de la Rubia of Deloitte Consulting LLP. Los Alamos National Laboratory Director Charlie McMillan (right), with, from left, Anthony Cugini of the National Energy Technology Laboratory, Thom Mason of Oak Ridge National Laboratory, and Tomas Diaz de la Rubia of Deloitte Consulting LLP. Contact Fred deSousa

273

DOE Cites Battelle Energy Alliance, LLC for Classified Information Security Violations  

Broader source: Energy.gov (indexed) [DOE]

February 25,2011 February 25,2011 CERTIFIED MAIL RETURN RECEIPT REQUESTED Mr. John 1. Grossenbacher Director, Idaho National Laboratory and President, Battelle Energy Alliance, LLC P. O. Box 1625 Idaho Falls, Idaho 83415-3695 SEA-20ll-01 Dear Mr. Grossenbacher: The Office of Health, Safety and Security's Office of Enforcement has completed its investigation into the facts and circumstances associated with an incident of security concern regarding the introduction of classified information into unapproved information systems (security event) at the U.S. Department of Energy's (DOE) Idaho National Laboratory (INL). Based on the on-site investigation and evaluation of the evidence in this matter, and in consideration of information presented by you and other Battelle Energy Alliance, LLC (BEA)

274

Fact Sheet: Protecting Intelligent Distributed Power Grids Against Cyber Attacks  

Broader source: Energy.gov (indexed) [DOE]

Protecting Intelligent Distributed Protecting Intelligent Distributed Power Grids Against Cyber Attacks Development of a novel distributed and hierarchical security layer specific to intelligent grid design Intelligent power grids are interdependent energy management systems- encompassing generation, distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, efficiency, and reliability. But increased interconnection and automation over a large geographical area requires a distributed and hierarchical approach to cyber security. This two-year project will develop three security components unique to intelligent power grids. The first is an automated

275

Operations Security (OPSEC) Reminder | Department of Energy  

Office of Environmental Management (EM)

or 301-903-9990. Addthis Related Articles Operations Security (OPSEC) Reminder Cybersecurity Is Every Citizen's Responsibility Secretary Moniz visits the Office of Cyber...

276

Security  

Broader source: Energy.gov [DOE]

Security refers to the security of the stream of principal and interest repayments and what happens in the event that a secured loan defaults.

277

Cyber in the Cloud -- Lessons Learned from INL's Cloud E-Mail Acquisition  

SciTech Connect (OSTI)

As we look at the cyber security ecosystem, are we planning to fight the battle as we did yesterday, with firewalls and intrusion detection systems (IDS), or are we sensing a change in how security is evolving and planning accordingly? With the technology enablement and possible financial benefits of cloud computing, the traditional tools for establishing and maintaining our cyber security ecosystems are being dramatically altered.

Troy Hiltbrand; Daniel Jones

2012-12-01T23:59:59.000Z

278

ica meeting | netl.doe.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Based Control for Power Systems Aditya Kumar, GE Presentation Model Based Control for Chemical Looping Xinsheng Lou, Alstom Presentation Cyber Security Solution - Demonstration of...

279

Control Systems Security News Archive | Department of Energy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

News Archive News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu Announces Latest Efforts to Address Cybersecurity August 2010: - DOE 2010 Cybersecurity Peer Review Update March 2010 - DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH Feb. 2010 - DOE Issues National Energy Sector Cyber Organization Notice of Intent Nov. 2009 - New TCIPG Research Program Builds on Past Successes with Nearly $18.8 Million DOE Award October 2009 - DOE NSTB researchers demonstrated R&D successes to asset owners at EnergySec Conference September 2009 - ISA approves standard for wireless automation in process control applications Sept. 2009 - Government and Industry a Force for Collaboration at the

280

NAPA Collaboration Project: Worker Dialogue to Improve Worker Health, Safety and Security - June 14, 2010, DOE Worker Dialogue Event Flyer  

Broader source: Energy.gov (indexed) [DOE]

Improving Health, Safety and Security at the U.S. Department of Energy Worker health and safety programs at the Department of Energy (DOE) are most effective when they reflect the knowledge and experience of the Department's frontline workers. Workers will now have the opportunity to share their experiences and provide their feedback to help enhance and shape DOE's worker safety initiatives. Beginning on Monday, June 14 th , the Office of Health, Safety and Security (HSS) at DOE, in partnership with the nonprofit, nonpartisan National Academy of Public Administration, will host A Worker Dialogue: Improving Health, Safety and Security at DOE. This web-based "conversation" will engage the DOE workforce in an open, online dialogue to discuss

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

DOE 2010 Safety and Security Reform Project - HSS Directives Disposition and Status (December 4, 2012)  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

10 Safety and Security Reform Project - HSS Directives Disposition and Status (December 4, 2012) 10 Safety and Security Reform Project - HSS Directives Disposition and Status (December 4, 2012) Page 1 of 3 2010 HSS Directives Disposition Status Secretary of Energy Notice SEN-35-91, Nuclear Safety Policy Revise Complete - see Policy 420.1. Order 5400.5, Radiation Protection of the Public and the Environment Revise Complete - see Order 458.1. Order 5480.19, Conduct of Operations Requirements for DOE Facilities Revise Complete - see Order 422.1. Order 5480.20A, Personnel Selection, Training, Qualification, and Certification Requirements Revise Complete - see Order 426.2. Order 5480.30, Nuclear Reactor Design Criteria Re-certify Complete - re-certified. Manual 140.1-1B, Interface with the Defense Nuclear Facilities Safety Board Re-certify Complete - re-certified.

282

DOE's Nuclear Weapons Complex: Challenges to Safety, Security, and Taxpayer Stewardship  

Broader source: Energy.gov (indexed) [DOE]

Oversight and Investigations Oversight and Investigations Committee on Energy and Commerce U.S. House of Representatives "DOE's Nuclear Weapons Complex: Challenges to Safety, Security, and Taxpayer Stewardship" FOR RELEASE ON DELIVERY 10:00 AM September 12, 2012 1 Mr. Chairman and Members of the Subcommittee, I am pleased to be here at your request to testify on matters relating to the Department of Energy's oversight of the nuclear weapons complex. 1 The National Nuclear Security Administration (NNSA) was established under the National Defense Authorization Act of 2000 as a separately organized agency within the Department of Energy. This action was intended to allow NNSA to concentrate on its defense-related mission, free from other Departmental operations. Its creation was, in large measure, a reaction to highly

283

Cyber sleuths face off  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

to plasma physics and new materials. Contact Communications Office (505) 667-7000 Hacking skills put to the test in week of hands-on cyber warfare training LOS ALAMOS, New...

284

Innovating to Meet the Evolving Cyber Challenge | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge September 19, 2013 - 12:02pm Addthis Innovating to Meet the Evolving Cyber Challenge Patricia A. Hoffman Patricia A. Hoffman Assistant Secretary, Office of Electricity Delivery & Energy Reliability What are the key facts? Protecting critical energy infrastructure -- which makes reliable electricity transmission and robust national security possible -- is a top priority for the Energy Department. This week, the Energy Department announced more than $30 million in awards to cutting-edge energy sector stakeholders in seven states across the country. This funding will drive the development of new technologies that will help utilities and the oil and gas sectors further strengthen

285

Innovating to Meet the Evolving Cyber Challenge | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge September 19, 2013 - 12:02pm Addthis Innovating to Meet the Evolving Cyber Challenge Patricia A. Hoffman Patricia A. Hoffman Assistant Secretary, Office of Electricity Delivery & Energy Reliability What are the key facts? Protecting critical energy infrastructure -- which makes reliable electricity transmission and robust national security possible -- is a top priority for the Energy Department. This week, the Energy Department announced more than $30 million in awards to cutting-edge energy sector stakeholders in seven states across the country. This funding will drive the development of new technologies that will help utilities and the oil and gas sectors further strengthen

286

PARS II New Contractor Information for Interconnection Security Agreement  

Broader source: Energy.gov (indexed) [DOE]

New Contractor Information for Interconnection Security Agreement New Contractor Information for Interconnection Security Agreement V1.0 (November 18, 2010) The Department of Energy (DOE) Headquarters Program Cyber Security Plan (PCSP), dated February 2008, requires the Project Assessment and Reporting System (PARS) II System Owner and the contractor sign an Interconnection Security Agreement (ISA). The requirement for an Interconnection Security Agreement can be found on page 182 of the PCSP. The ISA template is available for review on the PARS II portal (http://management.energy.gov/online_resources/pars2.htm) under Contractor Documents. Before the contractor begins sending data to PARS II, DOE will send the ISA to the contractor for review and signature. In order to prepare the ISA for review and signature, the PARS II Support Team needs

287

September 27 29, 2010, Baltimore Convention Center Focusing on Emerging Automation Specifications and Use Cases, Software Assurance, Healthcare IT, Cyber Security, and Regulatory Compliance  

E-Print Network [OSTI]

the technical burdens of policy compliance, and innovated uses of automation across the enterprise in both, Vulnerability Identification, and Remediation Federal Information Security Management Act (FISMA) Federal Validated Tools Content Validation Innovative Case Studies Highlights Beautiful Baltimore Inner Harbor

288

DOE Cybersecurity Training and Education  

Broader source: Energy.gov [DOE]

Introductory information to describe DOE Cybersecurity training and education programs, to include available role-based/core competency courses as well as other Fedeal cyber training programs.

289

PSERC Webinar Series: Issues in Designing the Future Grid - Cyber-Physical  

Broader source: Energy.gov (indexed) [DOE]

Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 PSERC Webinar Series: Issues in Designing the Future Grid - Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 PSERC is offering a free, public webinar series from January to May 2012 entitled "Issues in Designing the Future Grid," focusing on the information hierarchy for the future grid and grid enablers of sustainable energy systems. The second webinar, Cyber-Physical Systems Security for the Smart Grid, will be held on Fecruary 7, 2012 by Manimaran Govindarasu, Professor if Electrical and Computer Engineering at Iowa State University. Govindarasu_PSERC_Webinar_Feb_2012.pdf More Documents & Publications April 2012 PSERC Webinars on Issues in Designing the Future Grid

290

Protecting the Nation's Electric Grid from Cyber Threats | Department of  

Broader source: Energy.gov (indexed) [DOE]

Protecting the Nation's Electric Grid from Cyber Threats Protecting the Nation's Electric Grid from Cyber Threats Protecting the Nation's Electric Grid from Cyber Threats January 11, 2012 - 11:28am Addthis A smarter, modernized, and more secure grid will be pivotal to the United States’ world leadership in a clean energy future. | Photo courtesy of National Renewable Energy Laboratory. A smarter, modernized, and more secure grid will be pivotal to the United States' world leadership in a clean energy future. | Photo courtesy of National Renewable Energy Laboratory. Howard A. Schmidt White House Cybersecurity Coordinator Secretary Steven Chu: "Establishing a comprehensive cybersecurity approach will give utility companies and grid operators another important tool to improve the grid's ability to respond to cybersecurity risks."

291

NAPA Collaboration Project: Worker Dialogue to Improve Worker Health, Safety and Security - June 14, 2010, DOE Worker Dialogue Event Flyer  

Broader source: Energy.gov (indexed) [DOE]

Worker Dialogue Worker Dialogue Improving Health, Safety and Security at the U.S. Department of Energy Log on and participate starting on Monday June 14, 2010 at www.WorkerDialogue.org (username: worker -- password: dialogue) Worker health and safety programs at the Department of Energy (DOE) are most effective when they reflect your knowledge and experience as one of DOE's front-line workers. You will now have the opportunity to share your experience and provide feedback to help enhance and shape DOE's worker safety initiatives. This Worker Dialogue has the support of labor unions and organi- Beginning on Monday, June 14 th , the Office of Health, Safety and zations representing front-line workers Security (HSS) at DOE, in partnership with the nonprofit, non- at DOE.

292

DOE Transmission System Integration Workshop  

Broader source: Energy.gov (indexed) [DOE]

Heyeck, AEP, Sr. Vice President, Transmission Heyeck, AEP, Sr. Vice President, Transmission and Chair, EPRI Power Delivery & Utilization Sector Council November 01-02, 2012 DoubleTree Hotel, Crystal City Washington D.C. DOE Transmission System Integration Workshop 2 © 2012 Electric Power Research Institute, Inc. All rights reserved. Near-Zero Emissions Long-Term Operations Renewable Integration Water Management Electric Vehicles Demand Response & Efficiency Renewable Energy Energy Storage Sensors & Control Cyber Security Supply = Demand The Power System Supply to Demand Requires a full portfolio of innovative technologies. Tomorrow's Power System One size does not fit all 3 © 2012 Electric Power Research Institute, Inc. All rights reserved. Grid Transformation to Ensure Reliability, Efficiency, Resiliency and Security

293

The Basics of Cyber Warfare: Understanding the Fundamentals of Cyber Warfare in Theory and Practice  

Science Journals Connector (OSTI)

The Basics of Cyber Warfare provides readers with fundamental knowledge of cyber war in both theoretical and practical aspects. This book explores the principles of cyber warfare, including military and cyber doctrine, social engineering, and ...

Steve Winterfeld; Jason Andress

2012-12-01T23:59:59.000Z

294

The Oil Security Metrics Model: A Tool for Evaluating the Prospective Oil Security Benefits of DOE's Energy Efficiency and Renewable Energy R&D Programs  

SciTech Connect (OSTI)

Energy technology R&D is a cornerstone of U.S. energy policy. Understanding the potential for energy technology R&D to solve the nation's energy problems is critical to formulating a successful R&D program. In light of this, the U.S. Congress requested the National Research Council (NRC) to undertake both retrospective and prospective assessments of the Department of Energy's (DOE's) Energy Efficiency and Fossil Energy Research programs (NRC, 2001; NRC, 2005). ("The Congress continued to express its interest in R&D benefits assessment by providing funds for the NRC to build on the retrospective methodology to develop a methodology for assessing prospective benefits." NRC, 2005, p. ES-2) In 2004, the NRC Committee on Prospective Benefits of DOE's Energy Efficiency and Fossil Energy R&D Programs published a report recommending a new framework and principles for prospective benefits assessment. The Committee explicitly deferred the issue of estimating security benefits to future work. Recognizing the need for a rigorous framework for assessing the energy security benefits of its R&D programs, the DOE's Office of Energy Efficiency and Renewable Energy (EERE) developed a framework and approach for defining energy security metrics for R&D programs to use in gauging the energy security benefits of their programs (Lee, 2005). This report describes methods for estimating the prospective oil security benefits of EERE's R&D programs that are consistent with the methodologies of the NRC (2005) Committee and that build on Lee's (2005) framework. Its objective is to define and implement a method that makes use of the NRC's typology of prospective benefits and methodological framework, satisfies the NRC's criteria for prospective benefits evaluation, and permits measurement of that portion of the prospective energy security benefits of EERE's R&D portfolio related to oil. While the Oil Security Metrics (OSM) methodology described in this report has been specifically developed to estimate the prospective oil security benefits of DOE's R&D programs, it is also applicable to other strategies and policies aimed at changing U.S. petroleum demand.

Greene, David L [ORNL; Leiby, Paul Newsome [ORNL

2006-05-01T23:59:59.000Z

295

Computer Security Division 2009 Annual Report  

E-Print Network [OSTI]

Security 12 Smart Grid Cyber Security 13 Supply Chain Risk Management 13 Cryptographic Validation Programs Computing Project 36 Policy Machine 36 Security for Grid and Pervasive Systems 38 Security OntologiesComputer Security Division 2009 Annual Report #12;Table of Contents Welcome 1 Division

296

DRAFT - DOE O 452.2C, Security and Use Control of Nuclear Explosives and Nuclear Weapons  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes requirements to implement the nuclear explosive security and use control (UC) elements of DOE O 452.1D, Nuclear Explosive and Weapon Surety (NEWS) Program, to ensure authorized use, when directed by proper authority, and protect against deliberate unauthorized acts (DUAs), deliberate unauthorized use (DUU), and denial of authorized use (DAU).

297

The Oil Security Metrics Model: A Tool for Evaluating the Prospective Oil Security Benefits of DOE's Energy Efficiency and Renewable Energy R&D Programs  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

505 505 The Oil Security Metrics Model: A Tool for Evaluating the Prospective Oil Security Benefits of DOE's Energy Efficiency and Renewable Energy R&D Programs May 2006 David L. Greene Corporate Fellow Paul N. Leiby Senior Research Staff DOCUMENT AVAILABILITY Reports produced after January 1, 1996, are generally available free via the U.S. Department of Energy (DOE) Information Bridge: Web site: http://www.osti.gov/bridge Reports produced before January 1, 1996, may be purchased by members of the public from the following source: National Technical Information Service 5285 Port Royal Road Springfield, VA 22161 Telephone: 703-605-6000 (1-800-553-6847) TDD: 703-487-4639 Fax: 703-605-6900 E-mail: info@ntis.fedworld.gov

298

Argonne Team Challenges Physical Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Engineering & Systems Analysis Engineering & Systems Analysis Success Stories For further information, contact Roger Johnston, rogerj@anl.gov "Real security is thinking like the bad guys," maintains Roger Johnston, head of Argonne's VAT. Argonne Team Challenges Physical Security Physical security-the art of protecting tangible assets-is the counterpart to cyber security. Physical security can take the form of locks, tamper-indicating seals, guards who stand watch

299

DOE, NREL Help DoD Enhance Energy Security (Fact Sheet), Integrated Deployment: Military, Energy Efficiency & Renewable Energy (EERE)  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

NREL Help DoD Enhance NREL Help DoD Enhance Energy Security The U.S. Department of Energy (DOE) and the National Renewable Energy Laboratory (NREL) are helping the U.S. government, including the U.S. Department of Defense (DoD), deploy large-scale energy efficiency measures and renewable energy technologies to reduce costs, increase energy security, and meet federal mandates. As the largest energy consumer within the U.S. federal government, DoD has long recognized the strategic impor- tance of energy to its mission and is particularly challenged to address energy security, reliability, and cost concerns. DoD has more than 500 military installations encompassing nearly 2 billion square feet of space, and had an annual installations energy bill of more than $4 billion in 2010.

300

Security is Not an Option | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

is Not an Option Security is Not an Option A 10-year roadmap for achieving control system cyber security in the energy industry has been hailed as a model for other industries....

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

Cyber-Security week is coming up during the week of October 13, thru October 17, 2008. This year the Residence Hall Association is sponsoring a poster contest to educate and  

E-Print Network [OSTI]

the Residence Hall Association is sponsoring a poster contest to educate and bring awareness of cyber this is an issue that affects all of us. How do you get involved? Your poster should created electronically the document in a PDF format. What will you be doing? The poster should consist of information about the topic

Ray, David

302

E-Print Network 3.0 - analytical resources securely Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

and Computational Science Collection: Mathematics 28 ITL BULLETIN FOR OCTOBER 2010 CYBER SECURITY STRATEGIES FOR THE SMART GRID: PROTECTING THE Summary: Standards, Release 1.0....

303

Recommended Practice: Creating Cyber Forensics Plans for Control Systems  

SciTech Connect (OSTI)

Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are not comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.

Eric Cornelius; Mark Fabro

2008-08-01T23:59:59.000Z

304

Cyber and physical infrastructure interdependencies.  

SciTech Connect (OSTI)

The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

2008-09-01T23:59:59.000Z

305

INMM 55th Annual Meeting, July 2024, 2014, Atlanta Marriott Marquis, Atlanta, Georgia, USA Transport Security for Nuclear and Other Radioactive Materials --A DOE Training Course  

E-Print Network [OSTI]

Laboratory. The course was developed by Argonne for the U.S. Department of Energy Packaging Certification of Energy, Washington, D.C. 20585 ABSTRACT In early December of 2013, a weeklong training course on security Transport Security for Nuclear and Other Radioactive Materials -- A DOE Training Course Ronald B. Pope, Yung

Kemner, Ken

306

Strengthening Cyber Security | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

the National Environmental Policy Act Vision for 2025: A Framework for Change Demand Response and Smart Metering Policy Actions Since the Energy Policy Act of 2005: A Summary...

307

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

infrastructure systems in the analysis of safety and stability - a significant contribution to the theory of hybrid

Amin, Saurabh

2011-01-01T23:59:59.000Z

308

Design Security and Cyber-Physical Threats  

Science Journals Connector (OSTI)

The trustworthiness of reconfigurable hardware, such as FPGAs is defined by the mechanisms protecting the configuration data. The field programmability of an FPGA is a distinct feature enabling various possibi...

Thomas Feller

2014-01-01T23:59:59.000Z

309

MODELING SECURITY IN CYBER-PHYSICAL SYSTEMS  

E-Print Network [OSTI]

novel aspects of networked systems that include integrating dis- tributed computing systems with monitoring and controlling entities in the physical environment. For example, in real-time control systems stations. Other examples include smart grid systems and supervisory control and data acquisition (SCADA

Burmester, Mike

310

Essential Body of Knowledge (EBK) | Department of Energy  

Office of Environmental Management (EM)

Essential Body of Knowledge (EBK) DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA...

311

Concrete Security for Entity Recognition: The Jane Doe Protocol (Full Paper)  

E-Print Network [OSTI]

://medsec.medien.uni-weimar.de/ 2 Technical University of Denmark http://www.erikzenner.name/ 3 escrypt Inc., USA http a formal proof of its concrete security. The protocol neither em- ploys asymmetric cryptography, nor

312

B&W Y-12 garners DOE Sustainability Awards | Y-12 National Security...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

garners DOE ... B&W Y-12 garners DOE Sustainability Awards Posted: October 10, 2012 - 4:45pm B&W Y-12 recently received two Department of Energy Sustainability Awards at a ceremony...

313

January 2015 | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

with members of the Idaho National Laboratory. The lab has a long history in the nuclear energy area and its growing expertise in new threat areas such as cyber security; make it...

314

Extension of DOE Directives  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Notice extends the following directives until 2/16/04: DOE N 205.2, Foreign National Access to DOE Cyber Systems, and DOE N 205.3, Password Generation, Protection, and Use, dated 11/23/99-7/1/00.

2003-02-24T23:59:59.000Z

315

Implementing Least Privilege on Windows XP computers at DOE-RL Hanford  

Broader source: Energy.gov (indexed) [DOE]

Least Privilege on Microsoft Least Privilege on Microsoft Windows ® XP computers at DOE-RL Hanford Presented By Eric Anderson, PMP, CISM, CISSP, MCSE Cyber Projects and Technical Lead MSA / Lockheed Martin IS&GS DOE Hanford Site "To make our customers extraordinarily successful in our unified mission of cleaning up the Hanford Site..." Hanford Site Scope - 586 square miles - 9,000+ PCs - 500+ servers - 400+ applications - 1,000+ miles fiber to 300 bldgs - 12,500+ phones 2 What's the problem? Compliance problem - - OIG finding in 2007 ... too many users operate as a "privileged," Local Administrator (LA) on their computers. Cyber Security problem - - Users engage in risky activities while operating as LA.

316

Cyber Attacks, Prevention, and Countermeasures  

Science Journals Connector (OSTI)

In response to the ever-increasing number of cyber attacks on both private companies and the United States government, U.S. Congress has introduced the Cybersecurity Enhancement Act of 2007, the National Commi...

Newton Lee

2013-01-01T23:59:59.000Z

317

Safety, Security and Infrastructure (SSI) Homepage | U.S. DOE Office of  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Laboratories » SSI Home Laboratories » SSI Home Safety, Security and Infrastructure (SSI) SSI Home Facilities and Infrastructure Safeguards & Security Environment, Safety and Health (ES&H) Organization Chart .pdf file (82KB) Phone Listing .pdf file (129KB) SC HQ Continuity of Operations (COOP) Implementation Plan .pdf file (307KB) Categorical Exclusion Determinations SLI & SS Budget Contact Information Safety, Security and Infrastructure U.S. Department of Energy SC-31/Germantown Building 1000 Independence Ave., SW Washington, DC 20585 P: (301) 903-4097 F: (301) 903-7047 BNL Chemistry Building 555 August 2012: Renovated lab space in the west wing of the BNL Chemistry Building 555 at Brookhaven National Laboratory. The New York Section of the American Chemistry Society recently designated

318

Worker Protection Program for DOE (Including the National Nuclear Security Administration) Federal Employees  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes the framework for an effective worker protection program that will reduce or prevent injuries, illnesses, and accidental losses by providing DOE and NNSA Federal workers with a safe and healthful workplace. Chg 1 dated 8-21-12, cancels DOE M 440.1-1A. Admin Chg 1, dated 3-14-13, cancels DOE O 440.1B Chg 1.

2007-05-17T23:59:59.000Z

319

2014 Headquarters Facilities Master Security Plan- Chapter 10, Security Awareness Program  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 10, Security Awareness Program Describes the DOE Headquarters Security Awareness Program

320

2014 Headquarters Facilities Master Security Plan- Chapter 8, Operations Security Program  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 8, Operations Security Program Describes the DOE Headquarters Operations Security (OPSEC) Program.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

Convergence Approach to Model Physical World and Cyber World of Aviation Cyber Physical System  

Science Journals Connector (OSTI)

Aviation Cyber-Physical Systems are the integration of cyber systems and physical systems. Recent concentration to Aviation Cyber Physical Systems (ACPS) is driven by the demand for deeper Convergence of design disciplines that integrate physical and ... Keywords: Aviation Cyber Physical System CPS, Modelica, AADL, SysML, Spatial-Temporal Features, Dynamic Continuous Features

Lichen Zhang

2014-08-01T23:59:59.000Z

322

DOE Issues Funding Opportunity for Innovations to Increase Cybersecurity  

Broader source: Energy.gov (indexed) [DOE]

Issues Funding Opportunity for Innovations to Increase Issues Funding Opportunity for Innovations to Increase Cybersecurity for Energy Delivery Systems DOE Issues Funding Opportunity for Innovations to Increase Cybersecurity for Energy Delivery Systems February 11, 2013 - 10:53am Addthis The Office of Electricity Delivery and Energy Reliability issued a new Funding Opportunity Announcement (FOA), Innovation for Increasing Cybersecurity for Energy Delivery Systems, on February 8. The announcement is seeking applications to conduct research, development and demonstrations leading to next generation tools and technologies that will become widely adopted to enhance and accelerate deployment of cybersecurity capabilities for the U.S energy infrastructure, including cyber secure integration of smart grid technologies.

323

Architecture-driven smart grid security management  

Science Journals Connector (OSTI)

The introduction of smart grids goes along with an extensive use of ICT technologies in order to support the integration of renewable energy sources. However, the use of ICT technologies bears risks in terms of cyber security attacks which could negatively ... Keywords: risks, security, security management, smart grid

Markus Kammerstetter; Lucie Langer; Florian Skopik; Wolfgang Kastner

2014-06-01T23:59:59.000Z

324

Worker Protection Program for DOE (Including the National Nuclear Security Administration) Federal Employees  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes the framework for an effective worker protection program that will reduce or prevent injuries, illnesses, and accidental losses by providing DOE and NNSA Federal workers with a safe and healthful workplace. Chg 1 dated 8-21-12. Cancels DOE M 440.1-1A. Admin Chg 1, dated 3-14-13.

2007-05-17T23:59:59.000Z

325

DOE National SCADA Test Bed Program Multi-Year Plan | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

National SCADA Test Bed Program Multi-Year Plan National SCADA Test Bed Program Multi-Year Plan DOE National SCADA Test Bed Program Multi-Year Plan This document presents the National SCADA Test Bed Program Multi-Year Plan, a coherent strategy for improving the cyber security of control systems in the energy sector. The NSTB Program is conducted within DOE's Office of Electricity Delivery and Energy Reliability (OE), which leads national efforts to modernize the electric grid, enhance the security and reliability of the energy infrastructure, and facilitate recovery from disruptions to the energy supply. The Plan covers the planning period of fiscal year 2008 to 2013. DOE National SCADA Test Bed Program Multi-Year Plan More Documents & Publications DOE/OE National SCADA Test Bed Fiscal Year 2009 Work Plan

326

BROOKHAVEN NATIONAL LABORATORYS CAPABILITIES FOR ADVANCED ANALYSES OF CYBER THREATS  

SciTech Connect (OSTI)

BNL has several ongoing, mature, and successful programs and areas of core scientific expertise that readily could be modified to address problems facing national security and efforts by the IC related to securing our nations computer networks. In supporting these programs, BNL houses an expansive, scalable infrastructure built exclusively for transporting, storing, and analyzing large disparate data-sets. Our ongoing research projects on various infrastructural issues in computer science undoubtedly would be relevant to national security. Furthermore, BNL frequently partners with researchers in academia and industry worldwide to foster unique and innovative ideas for expanding research opportunities and extending our insights. Because the basic science conducted at BNL is unique, such projects have led to advanced techniques, unlike any others, to support our mission of discovery. Many of them are modular techniques, thus making them ideal for abstraction and retrofitting to other uses including those facing national security, specifically the safety of the nations cyber space.

DePhillips M. P.

2014-06-06T23:59:59.000Z

327

Cyberspace security system  

SciTech Connect (OSTI)

A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

2014-06-24T23:59:59.000Z

328

A Key Management Scheme for Secure Communications of Advanced Metering Infrastructure  

Science Journals Connector (OSTI)

Key management for secure communications of Advanced Metering Infrastructure is an unsolved problem until now. The ... proposing a key management scheme based on a hybrid-tree graph for AMI. The cyber security...

Jinshan Chen; Nian Liu; Wenxia Liu; Hong Luo

2011-01-01T23:59:59.000Z

329

National SCADA Test Bed- Enhancing control systems security in the energy sector (September 2009)  

Broader source: Energy.gov [DOE]

Improving the security of energy control systems has become a national priority. Since the mid-1990s, security experts have become increasingly concerned about the threat of malicious cyber...

330

Roadmap to Secure Control Systems in the Energy Sector- January 2006  

Broader source: Energy.gov [DOE]

This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

331

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes the overall objectives and requirements for the Department of Energy Personnel Security Program. Cancels DOE M 472.1-1B. Canceled by DOE O 472.2.

2005-08-26T23:59:59.000Z

332

Personnel Security Program Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

provides detailed requirements and procedures to supplement DOE O 472.1B, PERSONNEL SECURITY ACTIVITIES, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Cancels DOE M 472.1-1

2000-11-16T23:59:59.000Z

333

Impact of Cyber Attacks on Transient Stability of Smart Grids with Voltage Support Devices  

E-Print Network [OSTI]

these requirements, some technologies such as Phasor Measurement Unit (PMU), Flexible AC Transmission System (FACTS. Therefore, cyber physical security is vitally important for smart grid infrastructure. The data representing on the U.S. infrastructure increased 17-fold from 2009 to 2011 [4]. The Supervisory Control and Data

Kundur, Deepa

334

The DOE Security Plan for the Energy Employees Occupational Illness Compensation Program  

Broader source: Energy.gov [DOE]

The U.S. Congress passed the Energy Employees Occupational Illness Compensation Program Act (EEOICPA) in 2000. The purpose of EEOICPA is to compensate eligible employees and former employees of the Department of Energy (DOE), its contractors and subcontractors, or certain survivors of such individuals for occupational illness and death arising from work at a covered facility.

335

Microsoft PowerPoint - Risk_Portfolio_Manager(RPM)_overview_Under_Sec_DOE__2011_V4 Final 3-22-2011.ppt [Read-Only] [Compatibili  

Broader source: Energy.gov (indexed) [DOE]

Corporate Headquarters: Corporate Headquarters: Risk Management: Overview of 1010 Wayne Avenue, Suite 1150 Silver Spring, Maryland 20910 301.565.2988 Telephone 301.565.2995 Facsimile www.e-mcinc.com Overview of e-Gov Risk Portfolio Manager(tm) (e Gov RPM(tm)) V4 Satellite Offices: 80 M Street, S.E., Suite 715 Washington, DC 20003 13800 Coppermine Road, Suite 221 (e-Gov RPM(tm)) V4 for Under Secretary of Energy 13800 Coppermine Road, Suite 221 Herndon, Virginia 20171 e-Management - Proprietary Information March 2011 Today's Agenda 1) eGov RPM and use at DOE EM 2) Overview of the capabilities of eGov RPM(tm) 3) eGov RPM supports the Under Secretary of Energy's Program Cyber Security Plan (PCSP) Cyber Security Plan (PCSP) e-Management - Proprietary Information 2 e-Gov Risk Portfolio Manager is a multi-user, web based tool used for continuous monitoring

336

US Nuclear Regulatory Commission Input to DOE Request for Information Smart  

Broader source: Energy.gov (indexed) [DOE]

US Nuclear Regulatory Commission Input to DOE Request for US Nuclear Regulatory Commission Input to DOE Request for Information Smart Grid Implementation Input US Nuclear Regulatory Commission Input to DOE Request for Information Smart Grid Implementation Input US Nuclear Regulatory Commission Input to DOE Request for Information Smart Grid Implementation Input. Comments relevant to the following two sections of the RFI: "Long Term Issues: Managing a Grid with High Penetration of New Technologies" and "Reliability and Cyber-Security," US Nuclear Regulatory Commission Input to DOE Request for Information Smart Grid Implementation Input More Documents & Publications Comments of DRSG to DOE Smart Grid RFI: Addressing Policy and Logistical Challenges Reply Comments of Entergy Services, Inc. Progress Energy draft regarding Smart Grid RFI: Addressing Policy and

337

Personnel Security Activities  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes objectives, requirements and responsibilities for the Personnel Security Program and Personnel Security Assurance Program. Cancels DOE O 472.1B

2003-03-25T23:59:59.000Z

338

November 2010, A Worker Dialogue - Improving Health Safety and Security at DOE  

Broader source: Energy.gov (indexed) [DOE]

by a Panel of the by a Panel of the NATIONAL ACADEMY OF PUBLIC ADMINISTRATION for the U.S. Department of Energy A Worker Dialogue: Improving Health, Safety and Security at the U.S Department of Energy 2010 The National Academy of Public Administration is a non-profi t, indepen- dent organization of top public management and organizational leaders who tackle the nation's most critical and complex public management challenges. With a network of more than 680 distinguished Fellows and an experienced professional staff, the Academy is uniquely qualifi ed and trusted across government to provide objective advice and practical solu- tions based on systematic research and expert analysis. Established in 1967 and chartered by Congress in 1984, the Academy continues to make

339

FY 2013 DOE Agency Financial Report | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Agency Financial Reports » FY 2013 DOE Agency Financial Agency Financial Reports » FY 2013 DOE Agency Financial Report FY 2013 DOE Agency Financial Report Notable accomplishments in FY 2013: Investments in energy transformation have resulted in testing of greenhouse gas storage, the first grid-connected offshore wind prototype, cost competitive advances in cellulosic ethanol, the first commercial geothermal system to deliver power to the electric grid, improved efficiency and cyber security for the electric grid, new appliance efficiency standards, the first full-scale nuclear reactor simulation. Basic research in the science field yielded several results, such as: the discovery of a powerful new microbe, major improvements to organic electronics, high-resolution molecular images, 3D printed batteries, improved efficiency in thermoelectric devices.

340

FY 2013 DOE Agency Financial Report | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Agency Financial Reports » FY 2013 DOE Agency Financial Agency Financial Reports » FY 2013 DOE Agency Financial Report FY 2013 DOE Agency Financial Report Notable accomplishments in FY 2013: Investments in energy transformation have resulted in testing of greenhouse gas storage, the first grid-connected offshore wind prototype, cost competitive advances in cellulosic ethanol, the first commercial geothermal system to deliver power to the electric grid, improved efficiency and cyber security for the electric grid, new appliance efficiency standards, the first full-scale nuclear reactor simulation. Basic research in the science field yielded several results, such as: the discovery of a powerful new microbe, major improvements to organic electronics, high-resolution molecular images, 3D printed batteries, improved efficiency in thermoelectric devices.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Office Inspector General DOE Annual Performance Report FY 2008, Annual  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Inspector General DOE Annual Performance Report FY 2008, Inspector General DOE Annual Performance Report FY 2008, Annual Performance Plan FY 2009 Office Inspector General DOE Annual Performance Report FY 2008, Annual Performance Plan FY 2009 During Fiscal Year (FY) 2008, we reviewed a variety of critical areas relevant to the Department's mission priorities. One of our goals, for example, was to examine possible programmatic improvements in Department operations relating to cyber security and contract management. Overall, our efforts resulted in the issuance of over 70 audit and inspection reports containing recommendations for enhancing Departmental operations, with likely savings of over $7 million. Further as a result of our investigative efforts, we obtained 20 criminal convictions, recovered $22.8 million in

342

OCIO Technology Summit: Cyber Innovation | Department of Energy  

Energy Savers [EERE]

Articles OCIO Technology Summit: Cyber Innovation OCIO Technology Summit: Data Analytics OCIO Technology Summit: Cyber Innovation OCIO Technology Summit: High Performance Computing...

343

Audit of Selected Aspects of the Unclassified Computer Security Program at a DOE Headquarters Computing Facility, AP-B-95-02  

Broader source: Energy.gov (indexed) [DOE]

OFFICE OF INSPECTOR GENERAL AUDIT OF SELECTED ASPECTS OF THE UNCLASSIFIED COMPUTER SECURITY PROGRAM AT A DOE HEADQUARTERS COMPUTING FACILITY The Office of Inspector General wants to make the distribution of its reports as customer friendly and cost effective as possible. Therefore, this report will be available electronically through the Internet five to seven days after publication at the alternative addresses: Department of Energy Headquarters Gopher gopher.hr.doe.gov Department of Energy Headquarters Anonymous FTP vm1.hqadmin.doe.gov U.S. Department of Energy Human Resources and Administration Home Page

344

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes requirements for a successful, efficient and cost-effective personnel security program to ensure accurate, timely and equitable determinations of individuals eligibility for access to classified information and fitness for placement or retention in national security positions. Cancels DOE M 470.4-5, DOE N 470.4 and DOE N 470.5. Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

345

Survey on Security Threats and Protection Mechanisms  

E-Print Network [OSTI]

Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan Studnia1 and can be seen as entry points for cyber attacks. In this paper, we present a survey on security threats in the embedded networks of current vehicles, we then analyze the potential threats targeting these networks

Paris-Sud XI, Université de

346

Does  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Does Does the cellulose-binding module move on the cellulose surface? Yu-San Liu Æ Yining Zeng Æ Yonghua Luo Æ Qi Xu Æ Michael E. Himmel Æ Steve J. Smith Æ Shi-You Ding Received: 26 November 2008 / Accepted: 11 May 2009 / Published online: 19 June 2009 Ó Springer Science+Business Media B.V. 2009 Abstract Exoglucanases are key enzymes required for the efficient hydrolysis of crystalline cellulose. It has been proposed that exoglucanases hydrolyze cellulose chains in a processive manner to produce primarily cellobiose. Usually, two functional modules are involved in the processive mechanism: a catalytic module and a carbohydrate-binding module (CBM). In this report, single molecule tracking techniques were used to analyze the molecular motion of CBMs labeled with quantum dots (QDs) and bound to cellulose crystals. By tracking the single QD, we observed that the family 2 CBM from

347

Cognitive Cyber Weapon Selection Tool Empirical Evaluation.  

E-Print Network [OSTI]

??Keeping in pace with the latest technological innovations in the cyber world, the misuse of this powerful infrastructure has also increased proportionally. Although a lot (more)

Ponangi, Preethi Vinayak

2011-01-01T23:59:59.000Z

348

Cyber - Protection for utilities ... | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber - Protection for utilities ... Hackers hoping to disrupt the power grid, water or natural gas service may be foiled by an intrusion detection system developed by researchers...

349

Headquarters Security Quick Reference Book  

Broader source: Energy.gov [DOE]

This quick reference book provides an overview of Department of Energy (DOE) Headquarters (HQ) security programs.

350

Worker Protection Program for DOE (including the National Nuclear Security Administration) Federal Employees Guide for Use with DOE O 440.1B  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Guide provides suggestions and alternative approaches that DOE elements may consider in implementing their worker protection program. Cancels DOE G 440.1-1.

2007-06-04T23:59:59.000Z

351

US Nuclear Regulatory Commission Input to DOE Request for Information...  

Broader source: Energy.gov (indexed) [DOE]

Comments relevant to the following two sections of the RFI: "Long Term Issues: Managing a Grid with High Penetration of New Technologies" and "Reliability and Cyber-Security," US...

352

Graph anomalies in cyber communications  

SciTech Connect (OSTI)

Enterprises monitor cyber traffic for viruses, intruders and stolen information. Detection methods look for known signatures of malicious traffic or search for anomalies with respect to a nominal reference model. Traditional anomaly detection focuses on aggregate traffic at central nodes or on user-level monitoring. More recently, however, traffic is being viewed more holistically as a dynamic communication graph. Attention to the graph nature of the traffic has expanded the types of anomalies that are being sought. We give an overview of several cyber data streams collected at Los Alamos National Laboratory and discuss current work in modeling the graph dynamics of traffic over the network. We consider global properties and local properties within the communication graph. A method for monitoring relative entropy on multiple correlated properties is discussed in detail.

Vander Wiel, Scott A [Los Alamos National Laboratory; Storlie, Curtis B [Los Alamos National Laboratory; Sandine, Gary [Los Alamos National Laboratory; Hagberg, Aric A [Los Alamos National Laboratory; Fisk, Michael [Los Alamos National Laboratory

2011-01-11T23:59:59.000Z

353

Personnel Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE). This Manual addresses only the Personnel Security Program.

1998-05-22T23:59:59.000Z

354

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Section E, Technical Surveillance Countermeasures Program, is Official Use Only. Please contact the DOE Office of Health, Safety and Security at 301-903-0292 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A

2007-06-29T23:59:59.000Z

355

Personnel Security Program Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels: DOE M 472.1-1A.

2001-07-12T23:59:59.000Z

356

Security Conditions  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To ensure that DOE uniformly meets the protection requirements specified in Presidential Decision Directive 39, "U.S. Policy on Counterterrorism (U)." Attachment 2 is no longer available online. Please e-mail your request for the Attachment to: Security.Directives@hq.doe.gov. DOE N 251.44, dated 05/06/02, extends this directive until 12/31/02.

2000-09-18T23:59:59.000Z

357

DOE  

Gasoline and Diesel Fuel Update (EIA)

DOE DOE /E/A- 0202( 83//Q J Sh or t-T er m En er gy O ut lo ok a to m Quar terly Proje ction s Febru ary 1983 Ene rgy Info rma tion Adm inist ratio n Was hing ton, D.C. t rt jrt .or t lor t lor t .lor t- ior t- ior t <.o rt ort . m .er m -Te rm -Te rm -Te rm -Te rm -Te rm -Te rm -Te rm -Te rm -Te rm -Te rm -Te rm -Te rm -T erm -T erm -T erm Nrm ue rgy En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y En erg y ^n erg y Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Ou tlo ok Sh ort -T erm 1 Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm Sh ort -T erm

358

DOE Cybersecurity Awareness Program  

Broader source: Energy.gov [DOE]

The OCIO supports a variety of cybersecurity awareness activities that impress upon DOE employees the importance of cybersecurity and the adverse consequences of its failure. The primary purpose of awareness activities is to enhance the 'general awareness and understanding' of current cyber threats and recommended mitigations as well as to cultivate a computing environment where cybersecurity behaviors and responses are automatic and consistent.

359

From Manual Cyber Attacks Forensic to  

E-Print Network [OSTI]

From Manual Cyber Attacks Forensic to Automatic Characterization of Attackers' Profiles J. Briffaut-00995211,version1- #12;From Manual Cyber Attacks Forensic to Automatic Characterization of Attackers, or governmental organisations. Experimental results of these forensic and high level characteriza- tion methods

Paris-Sud XI, Université de

360

Cyber-Physical System Verification Embedded Systems Group  

E-Print Network [OSTI]

(Felipe Bichued) 21 Introducing Simulation of Hybrid Systems with the Modelica Tool 32 #12;Cyber Physical

Berns, Karsten

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

New TCIPG Research Program Builds on Past Successes with Nearly $18.8 Million DOE Award  

Broader source: Energy.gov (indexed) [DOE]

TCIPG Research Program Builds on Past Successes with Nearly $18.8 Million DOE Award TCIPG Research Program Builds on Past Successes with Nearly $18.8 Million DOE Award November 5, 2009 A new award of nearly $18.8 million over a five-year period from the Department of Energy (DOE) and contributions from the Department of Homeland Security (DHS) will fund the new Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) project, an expanded effort of the current project TCIP. The new TCIPG research program will develop and integrate information technologies with properties-such as real-time availability, integrity, authentication, and confidentiality-that are key to a modern, reliable, and efficient electric power grid. Formerly funded primarily by the National Science Foundation, the original TCIP project was formed in fall 2005 with support from DOE and DHS. In its first three years, the project developed a range of

362

U.S. Department of Energy Office of Inspector General report on audit of selected aspects of the unclassified computer security program at a DOE headquarters computing facility  

SciTech Connect (OSTI)

The purpose of this audit was to evaluate the effectiveness of the unclassified computer security program at the Germantown Headquarters Administrative Computer Center (Center). The Department of Energy (DOE) relies on the application systems at the Germantown Headquarters Administrative Computer Center to support its financial, payroll and personnel, security, and procurement functions. The review was limited to an evaluation of the administrative, technical, and physical safeguards governing utilization of the unclassified computer system which hosts many of the Department`s major application systems. The audit identified weaknesses in the Center`s computer security program that increased the risk of unauthorized disclosure or loss of sensitive data. Specifically, the authors found that (1) access to sensitive data was not limited to individuals who had a need for the information, and (2) accurate and complete information was not maintained on the inventory of tapes at the Center. Furthermore, the risk of unauthorized disclosure and loss of sensitive data was increased because other controls, such as physical security, had not been adequately implemented at the Center. Management generally agreed with the audit conclusions and recommendations, and initiated a number of actions to improve computer security at the Center.

NONE

1995-07-31T23:59:59.000Z

363

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Attachment E, Technical Surveillance Countermeasures Program, is for Official Use Only. Contact the Office of Security and Safety Performance Assurance at 301-903-3653 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A.

2005-08-26T23:59:59.000Z

364

Training and Mentoring the Next Generation of Scientists and Engineers to Secure Continuity and Successes of the US DOE's Environmental Remediation Efforts - 13387  

SciTech Connect (OSTI)

The DOE Office of Environmental Management (DOE-EM) oversees one of the largest and most technically challenging cleanup programs in the world. The mission of DOE-EM is to complete the safe cleanup of the environmental legacy from five decades of nuclear weapons development and government-sponsored nuclear energy research. Since 1995, Florida International University's Applied Research Center (FIU-ARC) has supported the DOE-EM mission and provided unique research capabilities to address some of these highly technical and difficult challenges. This partnership has allowed FIU-ARC to create a unique infrastructure that is critical for the training and mentoring of science, technology, engineering, and math (STEM) students and has exposed many STEM students to 'hands-on' DOE-EM applied research, supervised by the scientists and engineers at ARC. As a result of this successful partnership between DOE and FIU, DOE requested FIU-ARC to create the DOE-FIU Science and Technology Workforce Development Initiative in 2007. This innovative program was established to create a 'pipeline' of minority STEM students trained and mentored to enter DOE's environmental cleanup workforce. The program was designed to help address DOE's future workforce needs by partnering with academic, government and private companies (DOE contractors) to mentor future minority scientists and engineers in the research, development, and deployment of new technologies and processes addressing DOE's environmental cleanup challenges. Since its inception in 2007, the program has trained and mentored 78 FIU STEM minority students. Although, the program has been in existence for only five years, a total of 75 internships have been conducted at DOE National Laboratories, DOE sites, DOE Headquarters and field offices, and DOE contractors. Over 85 DOE Fellows have participated in the Waste Management Symposia since 2008 with a total of 68 student posters and 7 oral presentations given at WM. The DOE Fellows participation at WM has resulted in three Best Student Poster Awards (WM09, WM10, and WM11) and one Best Professional Poster Award (WM09). DOE Fellows have also presented their research at ANS DD and R and ANS Robotics Topical meetings. Moreover, several of our DOE Fellows have already obtained employment with DOE-EM, other federal agencies, DOE contractors. This paper will discuss how DOE Fellows program is training and mentoring FIU STEM students in Department of Energy's Office of Environmental Management technical challenges and research. This training and mentoring has resulted in the development of well trained and polished young scientists and engineers that will become the future workforce in charge of carrying on DOE-EM's environmental cleanup mission. The paper will showcase FIU's DOE Fellows model and highlight some of the applied research the DOE Fellows have conducted at FIU's Applied Research Center and across the Complex by participating in summer internship assignments. This paper will also present and highlight other Fellowships and internships programs sponsored by National Nuclear Security Agency (NNSA), DOE-EM, NRC, Energy (NE), and other federal agencies targeting workforce development. (authors)

Lagos, L. [Applied Research Center, Florida International University, 10555 West Flagler Street, Suite 2100, Miami FL 33174 (United States)] [Applied Research Center, Florida International University, 10555 West Flagler Street, Suite 2100, Miami FL 33174 (United States)

2013-07-01T23:59:59.000Z

365

Worker Safety and Health Program for DOE (Including the National Nuclear Security Administration) Federal and Contractor Employees  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This document was developed to assist the Department of Energy (DOE or the Department) Federal and contractor employees in effectively developing, managing, and implementing a worker safety and health program. Cancels DOE G 440.1-1A and DOE G 440.1-8. Adm Chg 1, dated 3-22-13, cancels DOE G 440.1-1B.

2011-10-20T23:59:59.000Z

366

Information Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes an Information Security Program for the protection and control of classified and sensitive information. Extended until 5-11-06 by DOE N 251.63, dated 5-11-05. DOE O 471.2A, Information Security Program, dated 3/27/1997, extended by DOE N 251.57, dated 4/28/2004. Cancels: DOE O 471.2

1997-03-27T23:59:59.000Z

367

Energy Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Energy Security SHARE Energy Security ORNL has supported the DOE Cybersecurity for Energy Delivery Systems (CEDS) program in making advances in cybersecurity capabilities for...

368

Headquarters Facilities Master Security Plan  

Office of Environmental Management (EM)

Chapter 10-1 Chapter 10 Security Awareness Program This chapter describes the DOE HQ Security Awareness Program. It implements the requirements of: Title 32, CFR, Part 2001,...

369

2014 Headquarters Facilities Master Security Plan- Chapter 11, Incidents of Security Concern  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 11, Incidents of Security Concern Describes DOE Headquarters procedures for reporting, investigating, and correcting Incidents of Security Concern.

370

Operations Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish policies, responsibilities and authorities for implementing and sustaining the Department of Energy (DOE) Operations Security (OPSEC) Program. Cancels DOE O 5632.3B. Canceled by DOE O 471.2 of 9-28-1995.

1992-04-30T23:59:59.000Z

371

A rational jurisdiction for cyber terrorism  

Science Journals Connector (OSTI)

Abstract Cyberspace is a cross-national world that transcends geopolitical national borders. Jurisdiction is the focal point for any dispute arising in the international arena, because it determines which state court has the authority to settle a dispute. The objective of this paper is to analyse territorial and universal jurisdiction principles which can be specifically related to cyberspace to determine which of them is best suited to providing the appropriate jurisdiction in combating cyber terrorism and how conflicts arising between them can be settled. The transnational nature of cyber terrorism offences leads to jurisdictional complexity, thereby investigation and prosecution is difficult. Lack of harmonisation in legislating among countries leads to difficulty in investigation and prosecution of cyber terrorism offences. This paper notes that universal jurisdiction is the most feasible and effective method to deter cyber terrorism.

Pardis Moslemzadeh Tehrani; Nazura Abdul Manap

2013-01-01T23:59:59.000Z

372

Model Transformation for Cyber Physical Systems  

Science Journals Connector (OSTI)

Cyber Physical Systems(CPS) are composed with discrete and continuous dynamics. Traditional modeling techniques cant implement the requirement of modeling CPS. One way of solving this is to model CPS parts wi...

Shuguang Feng; Lichen Zhang

2014-01-01T23:59:59.000Z

373

Worker Safety and Health Program for DOE (Including the National Nuclear Security Administration) Federal and Contractor Employees  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This document was developed to assist the Department of Energy (DOE or the Department) Federal and contractor employees in effectively developing, managing, and implementing a worker safety and health program. Cancels DOE G 440.1-1A and DOE G 440.1-8. Adm Chg 1, dated 3-22-13.

2011-10-20T23:59:59.000Z

374

Office of Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOEDOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Welcome to the Office of Security Mission and Functions The Office of Security (HS-50) developes security policy, provides security expertise to assist field elements in planning site protection strategies and coordinates with domestic authorities to provide safeguards and security technical assistance, technical systems support, and technology development and deployment opportunities. The Office of Security, through the Office of Departmental Personnel Security, also ensures that Departmental personnel security programs (included the National Nuclear Security Administration) are consistent and effectively implemented.

375

DOE/EA-1538; Environmental Assessment for the Safeguards and Security Upgrades for the Storage of Plutonium Materials at the Savannah River Site  

Broader source: Energy.gov (indexed) [DOE]

8 8 December 2005 U. S. DEPARTMENT OF ENERGY SAVANNAH RIVER OPERATIONS OFFICE SAVANNAH RIVER SITE ENVIRONMENTAL ASSESSMENT FOR THE SAFEGUARDS AND SECURITY UPGRADES FOR STORAGE OF PLUTONIUM MATERIALS AT THE SAVANNAH RIVER SITE DOE/EA-1538 ENVIRONMENTAL ASSESSMENT FOR THE SAFEGUARDS AND SECURITY UPGRADES FOR STORAGE OF PLUTONIUM MATERIALS AT THE SAVANNAH RIVER SITE December 2005 U. S. DEPARTMENT OF ENERGY SAVANNAH RIVER OPERATIONS OFFICE SAVANNAH RIVER SITE ii This page is intentionally left blank iii TABLE OF CONTENTS Page 1.0 INTRODUCTION 1 1.1 Background 1 1.2 Purpose and Need for Action 3 2.0 PROPOSED ACTION AND ALTERNATIVES 3 2.1 Proposed Action 3 2.1.1 Modified Storage Capability within K Area for

376

Information Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes an Information Security Program for the protection and control of classified and sensitive information. Cancels DOE 5630.8A, DOE 5639.1, DOE 5639.5, DOE 5639.6A, DOE 5639.7, DOE M 5632.1C-1, Chapter III, Para. 1, 2, and 4-9

1995-09-28T23:59:59.000Z

377

Nuclear Forensics | National Security | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Initiatives Initiatives Cyber Security Nuclear Forensics Bioinformatics National Security Home | Science & Discovery | National Security | Initiatives | Nuclear Forensics SHARE Nuclear Forensics image Tools, techniques, and expertise in nuclear fuel cycle research gained over seven decades help ORNL scientists control and track nuclear bomb-grade materials to be sure they don't fall into the wrong hands. Among the leading-edge technologies used by researchers are high-resolution techniques that allow analysis of radiation detector data in stunning detail. Researchers are also developing aerosol sampling systems to collect airborne particulates and instantly send an alert if radiation is detected. For more information, please contact: nuclearforensicsinitiative

378

2014 Headquarters Facilities Master Security Plan- Chapter 1, Physical Security  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 1, Physical Security Describes DOE Headquarters Physical Security procedures related to badges, inspections, access controls, visitor controls, and removal of government property.

379

DOE Directives, Delegations, and Requirements  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

information, use the DOE Phonebook. Latest content created by this user Aug 26, 2005 Safeguards and Security Program Planning and Management Jul 26, 2011 Safeguards and Security...

380

A nexus of Cyber-Geography and Cyber-Psychology: Topos/Notopia and identity in hacking  

Science Journals Connector (OSTI)

This paper explores the Cyber-Psychological and Cyber-Geographic aspects of hacking and hacktivism. An examination of the literature related to hackers and hacking reveals a complex nexus of spatial (including cyber-spatial such as Notopia) and psychological aspects of hacking, from which emerges a central question of how humans perceive and manipulate their cyber-identities. Concealing (real and cyber) identities is typical in hacking. With our progressive acculturation with identity-less and place-less modes of existence, our cyber-identities through time may be studied from within John Lockes criterion of memory and the spatial-geographical criterion of identity.

Fivos Papadimitriou

2009-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

Microsoft Word - Cyber Effects Analysis Using VCSE 09.doc  

Broader source: Energy.gov (indexed) [DOE]

8-5954 8-5954 Unlimited Release Printed September 2008 Cyber Effects Analysis Using VCSE Promoting Control System Reliability Michael J. McDonald, Gregory N. Conrad, Travis C. Service, Regis H. Cassidy Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 and Livermore, California 94550 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000. Approved for public release; further dissemination unlimited. Issued by Sandia National Laboratories, operated for the United States Department of Energy by Sandia Corporation. NOTICE: This report was prepared as an account of work sponsored by an agency of

382

Departmental Personnel Security- Clearance Automation  

Broader source: Energy.gov [DOE]

The primary objective of the DOE Integrated Security System (eDISS+) Initiative is to support the integration of multiple DOE security systems and databases. This integrated environment provides...

383

Information Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish the Department of Energy (DOE) Information Security Program and set forth policies, procedures and responsibilities for the protection and control of classified and sensitive information. The Information Security Program is a system of elements which serve to deter collection activities, This directive does not cancel another directive. Canceled by DOE O 471.2 of 9-28-1995.

1992-10-19T23:59:59.000Z

384

Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song  

E-Print Network [OSTI]

Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song-- Cyber Security of smart grids becomes more and more important to our everyday life for its wide of this important area. We believe that simulation systems designed for research purposes in the smart grid security

Wang, Weichao

385

Incidents of Security Concern  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Sets forth requirements for the DOE Incidents of Security Concern Program, including timely identification and notification of, response to, inquiry into, reporting of, and closure actions for incidents of security concern. Cancels Chapter VII of DOE O 470.1; DOE N 471.3; and Chapter IV of DOE M 471.2-1B (Note: Paragraphs 1 and 2 of Chapter III remain in effect.) Canceled by DOE O 470.4.

2004-03-17T23:59:59.000Z

386

Safeguard Security and Awareness Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Provides detailed requirements and procedures to supplement DOE O 470.1, Safeguards and Security Program, Chapter IV.

2002-10-02T23:59:59.000Z

387

IG-0704 Report Cover  

Broader source: Energy.gov (indexed) [DOE]

Federal Energy Regulatory Federal Energy Regulatory Commission's Unclassified Cyber Security Program-2005 DOE/IG-0704 October 2005 REPORT ON THE FEDERAL ENERGY REGULATORY COMMISSION'S UNCLASSIFIED CYBER SECURITY PROGRAM - 2005 TABLE OF CONTENTS Cyber Security Program Details of Finding ..........................................................................................................1 Recommendations and Comments.................................................................................4 Appendices 1. Objective, Scope, and Methodology.........................................................................6 2. Related Audit Reports...............................................................................................8 CYBER SECURITY PROGRAM

388

Office of Security Assistance  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOEDOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Director's Perspective Welcome to the Office of Security Assistance Samuel N. Callahan, Director Mission and Functions The Office of Health, Safety, and Security (HSS) created the Office of Security Assistance Program to provide timely technical assistance and system support to field and Headquarters elements to enhance site security programs, upon request. The program is comprised of technologists and subject matter experts from all security disciplines including Program Management, Protection Program Operations, Information Security, Materials Control and Accountability, and Personnel Security. HSS is committed to building a security assistance program to serve the interests of the Department based upon the needs of our customers - with emphasis on customer-focus and meeting multi-disciplinary security needs. In Fiscal Year 2007, HSS performed extensive assistance activities at the request of DOE/NNSA program offices and field sites. The activities ranged from special and routine site survey assistance, physical and technical security inspections in support of the Office of Intelligence, Vulnerability Assessment and Design Basis Threat (DBT) implementation assistance, third-party, adversary support, and DBT implementation and planning validation activities associated with the Site Assistance Visits and Technology Assistance Visits. The security assistance provided to our customers included technical expertise tailored to augment site capabilities in critical fields.

389

Public Comments on DOE's NOI re Section 934 of the Energy Independence and Security Act of 2007  

Broader source: Energy.gov [DOE]

Comments by the United States Enrichrnent Corporation (USEC) in response to DOE's Notice of Inquiry (N0l) on the Convention on Supplementary Compensation for Nuclear Damage (CSC) Contingent Cost...

390

National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

University of California Extend Management Contracts For Defense Labs The Department of Energy (DOE), the National Nuclear Security Administration (NNSA) and the University of...

391

Technical Services | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Technical Technical Services Technical Services Technical services spans Y-12 disciplines that support manufacturing at Y-12. Information Systems (National Security Systems Development) Provide solutions for information security, including the protection of national security, proprietary and any other class of highly sensitive information. Develop highly integrated, enterprise level software applications for use within the federal space and adaptable to commercial application. Leverage the transformative information technology capabilities of the NNSA to a broad spectrum of federal applications for rapidly deployed, cost effective and reproducible technical solutions. Develop virtual collaborative networks for cluster manufacturing. Develop, test, and implement operational cyber security strategies

392

Enhance-Energy-Security-MOU.pdf | Department of Energy  

Office of Environmental Management (EM)

Enhance-Energy-Security-MOU.pdf Enhance-Energy-Security-MOU.pdf Enhance-Energy-Security-MOU.pdf More Documents & Publications Memorandum of understanding between DOE and NGLIA...

393

GAO Challenges and Efforts to Secure Control Systems (March 2004) |  

Broader source: Energy.gov (indexed) [DOE]

GAO Challenges and Efforts to Secure Control Systems (March 2004) GAO Challenges and Efforts to Secure Control Systems (March 2004) GAO Challenges and Efforts to Secure Control Systems (March 2004) Computerized control systems perform vital functions across many of our nation's critical infrastructures. For example, in natural gas distribution, they can monitor and control the pressure and flow of gas through pipelines. In October 1997, the President's Commission on Critical Infrastructure Protection emphasized the increasing vulnerability of control systems to cyber attacks. The House Committee on Government Reform and its Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census asked GAO to report on potential cyber vulnerabilities, focusing on (1) significant cybersecurity risks associated with control systems (2) potential and reported cyber attacks

394

Office of Security Policy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Office of Security Policy Office of Security Policy Mission and Functions The Office of Security Policy develops and promulgates safeguards and security policy governing the protection of National Security and other critical assets entrusted to the Department. Director's Perspective Welcome to the Office of Security Policy Jack Cowden, Director The Office of Security Policy analyzes, develops and interprets safeguards and security policy governing national security functions and the protection of related critical assets entrusted to the Department. This includes the protection of DOE nuclear facilities, nuclear weapons components, special nuclear materials and classified information. Our broad topical areas are organized as: Program Planning and Management, Protection Program Operations (which includes both physical security and protective forces), Information Security and Material Control and Accountability.

395

DOE/EA-1538: Finding of No Significant Impact for the Safeguards and Security Upgrades for Storage of Plutonium Materials at the Savannah River Site (12/16/2005)  

Broader source: Energy.gov (indexed) [DOE]

Safeguards and Security Upgrades for Storage of Plutonium Materials Safeguards and Security Upgrades for Storage of Plutonium Materials at the Savannah River Site Agency: U.S. Department of Energy Action: Finding of No Significant Impact Summary: The Department of Energy (DOE) has prepared an environmental assessment (EA) (DOE/EA-1538) to evaluate the potential environmental impacts associated with the implementation of proposed and alternative actions to enhance the safe and secure storage of plutonium-bearing materials at the Savannah River Site (SRS) to meet the enhanced terrorist threat. The draft EA was made available to the States of South Carolina and Georgia, and to the public, for a 30-day comment period. Based on the analyses in the EA, and after careful consideration of comments received, DOE has

396

Materials and Security Consolidation Complex Facilities Radioactive Waste Management Basis and DOE Manual 435.1-1 Compliance Tables  

SciTech Connect (OSTI)

Department of Energy Order 435.1, 'Radioactive Waste Management,' along with its associated manual and guidance, requires development and maintenance of a radioactive waste management basis for each radioactive waste management facility, operation, and activity. This document presents a radioactive waste management basis for Idaho National Laboratory's Materials and Security Consolidation Center facilities that manage radioactive waste. The radioactive waste management basis for a facility comprises existing laboratory-wide and facility-specific documents. Department of Energy Manual 435.1-1, 'Radioactive Waste Management Manual,' facility compliance tables also are presented for the facilities. The tables serve as a tool for developing the radioactive waste management basis.

Not Listed

2011-09-01T23:59:59.000Z

397

Safeguards and Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes roles and responsibilities for the Department of Energy Safeguards and Security Program. Cancels DOE O 470.4. Canceled by DOE O 470.4B

2007-05-25T23:59:59.000Z

398

Safeguards and Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish the policy and responsibilities for the Department of Energy safeguards and security program. Does not cancel another directive. Canceled by DOE O 5630.11A dated 12-7-92.

1988-01-22T23:59:59.000Z

399

Facility Security Officer Contractor Toolcart  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

U.S. DOE SECURITY CLEARANCES U.S. DOE SECURITY CLEARANCES Clearnce Home Initial Clearance Clearance Reinstate Clearance Upgrade Clearance Downgrade Clearance Extension Clearance Reciprocity Clearance Reinvestigation Clearance Termination Clearance Transfer Sandia National Laboratories sponsors and processes U.S. DOE Security Clearances for contractor personnel working on an authorized contract requiring access to classified information. Clearance Office Functions Contractor Pre-Process Background Review Certification Clearance File Change Drug Testing e-Fingerprinting Enrollment Process Maintaining a DOE Security Clearance During an Extended Absence DOE Personnel Security Reporting Requirements Data Report on Spouse/Cohabitant Name Change Change in Citizenship Contractor Clearance Tools Clearance Action Status Inquiries

400

Headquarters Facilities Master Security Plan  

Broader source: Energy.gov [DOE]

The purpose of the Headquarters Facilities Master Security Plan (HQFMSP) is to inform employees, contractors, and visitors of the security procedures in place at Department of Energy (DOE) Headquarters (HQ) facilities in the Washington, DC area. The HQFMSP does not establish new security requirements; security requirements are established by various Federal laws and regulations, Executive Orders, and DOE directives. This plan explains how these requirements are implemented at HQ and gives HQ personnel and visitors access to the security policies and procedures that affect them regularly. The HQFMSP does not apply to DOE sites or facilities outside the Washington, DC area.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

Incidents of Security Concern  

Broader source: Energy.gov (indexed) [DOE]

NOT MEASUREMENT NOT MEASUREMENT SENSITIVE DOE-STD-1210-2012 September 2012 DOE STANDARD Incidents of Security Concern U.S. Department of Energy AREA SANS Washington, D.C. 20585 DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. DOE-STD-1210-2012 INTENTIONALLY BLANK DOE-STD-1210-2012 TABLE OF CONTENTS PARAGRAPH PAGE FOREWORD ................................................................................................................................ IV INCIDENTS OF SECURITY CONCERN......................................................................................1 1. SCOPE ....................................................................................................................................1 2. PURPOSE...............................................................................................................................1

402

DOE F 473.2 | Department of Energy  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

More Documents & Publications DOE F 473.2 2014 Headquarters Facilities Master Security Plan - Chapter 1, Physical Security 2014 Headquarters Facilities Master Security Plan -...

403

DOE HQ F 5631.2 | Department of Energy  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AND NOTIFICATION More Documents & Publications 2014 Headquarters Facilities Master Security Plan - Chapter 3, Personnel Security The DOE Security Plan for the Energy Employees...

404

Transportation Security  

Broader source: Energy.gov (indexed) [DOE]

For Review Only 1 Transportation Security Draft Annotated Bibliography Review July 2007 Preliminary Draft - For Review Only 2 Work Plan Task * TEC STG Work Plan, dated 8/2/06, Product #16, stated: "Develop an annotated bibliography of publicly-available documents related to security of radioactive material transportation." * Earlier this year, a preliminary draft annotated bibliography on this topic was developed by T-REX , UNM, to initially address this STG Work Plan Task. Preliminary Draft - For Review Only 3 Considerations in Determining Release of Information * Some "Publicly-available" documents could potentially contain inappropriate information according to standards set by DOE information security policy and DOE Guides. - Such documents would not be freely

405

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individuals eligibility for access to classified information and Special Nuclear Material (SNM). Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

406

Cyber-Physical Systems CPS Program  

E-Print Network [OSTI]

prosthetics Critical Infrastructure More reliable and efficient power grid Highways that allow denser traffic hybridization of computational (logical), physical, and human action." Examples of cyber-physical systems devices and systems, next-generation power grid, future defense systems, next-generation automobiles

Rajkumar, Ragunathan "Raj"

407

T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability |  

Broader source: Energy.gov (indexed) [DOE]

74: Drupal Secure Password Hashes Module Security Bypass 74: Drupal Secure Password Hashes Module Security Bypass Vulnerability T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability July 22, 2011 - 3:00pm Addthis PROBLEM: Drupal Secure Password Hashes Module Security Bypass Vulnerability PLATFORM: Drupal Secure Password Hashes 6.X-1.0 Drupal Secure Password Hashes 5.X-1.4 ABSTRACT: The Secure Password Hashes module for Drupal is prone to a security-bypass vulnerability. reference LINKS: Drupal Homepage SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities IMPACT ASSESSMENT: Medium Discussion: This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the {users} database column but does not replace the pass attribute of the account

408

Chapter_10_Security_Awareness_Program  

Office of Environmental Management (EM)

0 Security Awareness Program This chapter describes the DOE HQ Security Awareness Program. It implements the requirements of: * Title 32, CFR, Part 2001, Classified National...

409

Secure Cyber Incident Information Sharing UTSA Team Leads  

E-Print Network [OSTI]

A #12;Next Steps · UTSA to incorporate INL input · Develop prototype in OpenStack · Share research results with INL ­ August/September #12;Thanks · Comments, Q&A #12;Backup #12;OpenStack · Open

Sandhu, Ravi

410

The Use of SNePS for Cyber Security Reasoning  

E-Print Network [OSTI]

Seyed, and Stuart C. Shapiro Department of Computer Science and Engineering Center for Cognitive Science National Center for Multisource Information Fusion State University of New York at Buffalo {mwk3|apseyed|shapiro with acting is required, and for these purposes, we have chosen SNePS (Shapiro, 2000; Shapiro and The SNe

Shapiro, Stuart C.

411

Obama's Call for Public-Private Cyber Security Collaboration...  

Broader source: Energy.gov (indexed) [DOE]

Sector and the collaborative online project database. Media contact(s): Office of Electricity Delivery & Energy Reliability (202) 586-4940 Addthis Related Articles...

412

Cyber Security Expert Jim Mellander Retires from NERSC  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

experts, but not to a bug or a virus. Jim Mellander, senior cybersecurity engineer at NERSC, is retiring November 1. He's been with NERSC since 2009 and affiliated with...

413

DOE Announces Transfer of Depleted Uranium to Advance the U.S. National Security Interests, Extend Operations at Paducah Gaseous Diffusion Plant  

Broader source: Energy.gov [DOE]

Transfer to deliver important national security benefits, while keeping Kentucky plant operating for the next year

414

Safeguards and Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish responsibilities for the U.S. Department of Energy (DOE) Safeguards and Security (S&S) Program, and to establish program planning and management requirements for the S&S Program. Cancels DOE O 470.4A, DOE M 470.4-1, Chg. 2, and DOE O 142.1.

2011-07-21T23:59:59.000Z

415

National Security System Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual provides baseline requirements and controls for the graded protection of the confidentiality, integrity, and availability of classified information and information systems used or operated by the Department of Energy (DOE), contractors, and any other organization on behalf of DOE, including the National Nuclear Security Administration. Cancels DOE M 471.2-2. Canceled by DOE O 205.1B.

2007-03-08T23:59:59.000Z

416

National cyber defense high performance computing and analysis : concepts, planning and roadmap.  

SciTech Connect (OSTI)

There is a national cyber dilemma that threatens the very fabric of government, commercial and private use operations worldwide. Much is written about 'what' the problem is, and though the basis for this paper is an assessment of the problem space, we target the 'how' solution space of the wide-area national information infrastructure through the advancement of science, technology, evaluation and analysis with actionable results intended to produce a more secure national information infrastructure and a comprehensive national cyber defense capability. This cybersecurity High Performance Computing (HPC) analysis concepts, planning and roadmap activity was conducted as an assessment of cybersecurity analysis as a fertile area of research and investment for high value cybersecurity wide-area solutions. This report and a related SAND2010-4765 Assessment of Current Cybersecurity Practices in the Public Domain: Cyber Indications and Warnings Domain report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

Hamlet, Jason R.; Keliiaa, Curtis M.

2010-09-01T23:59:59.000Z

417

6/16/13 New search tool developed to catch cyber thieves post.jagran.com/new-search-tool-developed-to-catch-cyber-thieves-1370602608 1/5  

E-Print Network [OSTI]

cyber thieves Montreal: A new search tool developed by researchers in Canada can now help crime Lifestyle News Desk Cyber thief child porn search tool Canada cyber crime #12;6/16/13 New search tool6/16/13 New search tool developed to catch cyber thieves post.jagran.com/new-search-tool

Fung, Benjamin C. M.

418

DOE/SEA-03; Special Environmental Analysis for the Department of Energy, National Nuclear Security Administration, Actions Taken in Response to the Cerro Grande Fire at Los Alamos National Laboratory, Los Alamos, New Mexico (September 2000)  

Broader source: Energy.gov (indexed) [DOE]

Analysis Analysis Actions taken in Response to the Cerro Grande Fire at Los Alamos National Laboratory, Los Alamos, New Mexico September 2000 U.S. Department of Energy Los Alamos Area Office Los Alamos, New Mexico for the Department of Energy, National Nuclear Security Administration DOE/SEA-03 COVER SHEET Responsible Agency: U.S. Department of Energy (DOE), National Nuclear Security Administration Title: Special Environmental Analysis for the Department of Energy, National Nuclear Security Administration, Actions Taken in Response to the Cerro Grande Fire at Los Alamos National Laboratory, Los Alamos, New Mexico Contacts: For further information on this Special Environmental Analysis (SEA) or to provide comments contact: Ms. Elizabeth Withers SEA Document Manager Los Alamos Area Office,

419

National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

i. i. Message from the Administrator President Obama has reshaped our national security priorities making enterprise infrastructure modernization with integrated Information Technology (IT) capabilities a key strategic initiative. Our IT infrastructure must ensure that our workforce can access appropriate information in a secure, reliable, and cost-effective manner. Effective information sharing throughout the government enhances the national security of the United States (US). For the National Nuclear Security Administration (NNSA), effective information sharing helps strengthen our nuclear security mission; builds collaborative networks within NNSA as well as with the Department of Energy (DOE), Department of Defense (DoD), and other national security

420

Security Policy, Guidance & Reports  

Broader source: Energy.gov [DOE]

Preventing nuclear weapons materials and technologies from falling into the hands of adversaries seeking to develop weapons of mass destruction is the top priority of the Department of Energys corporate security programs. All Secretarial objectives are supported by a tailored level of security requirements for a wide range of Departmental scientific, research, and national security objectives based on the security significance of their national assets. DOE ensures that Departmental personnel security programs (including the National Nuclear Security Administration [NNSA]) are consistent and effectively implemented.

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

DOE/EA-1471: Environmental Assessment for the Transportation of Highly Enriched Uranium from the Russian Federation to the Y-12 National Security Complex and Finding of No Significant Impact (January 2004)  

Broader source: Energy.gov (indexed) [DOE]

EA for the Transportation of Highly Enriched Uranium from the Russian Federation to the Y-12 National Security Complex EA for the Transportation of Highly Enriched Uranium from the Russian Federation to the Y-12 National Security Complex i FINDING OF NO SIGNIFICANT IMPACT FOR THE TRANSPORTATION OF HIGHLY ENRICHED URANIUM FROM THE RUSSIAN FEDERATION TO THE Y-12 NATIONAL SECURITY COMPLEX ISSUED BY: United States Department of Energy ACTION: Finding of No Significant Impact SUMMARY: The United States (U.S.) Department of Energy (DOE) proposes to transport highly enriched uranium (HEU) from Russia to a secure storage facility in Oak Ridge, TN. This proposed action would allow the United States and Russia to accelerate the disposition of excess nuclear weapons materials in the interest of promoting nuclear disarmament, strengthening nonproliferation, and combating terrorism. The HEU

422

Security Cases | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

January 11, 2012 January 11, 2012 TSO-01113 - In the Matter of Personnel Security Hearing The individual currently is employed by a DOE contractor, and that contractor has requested that he receive a DOE security clearance. Based on financial issues contained in the individual's security file, the Local Security Office (LSO) conducted a Personnel Security Interview (PSI) with the individual in July 2011. PSI, DOE Ex. 13 In August 2011, the LSO issued the individual a Notification Letter, together with a statement (Enclosure 2) setting forth the information that created a substantial doubt about his eligibility to hold a DOE security clearance. (DOE Ex. 1). December 21, 2011 TSO-1106 - In the Matter of Personnel Security Hearing The Individual is an applicant for a DOE access authorization in connection

423

Chapter_3_Personnel_Security  

Broader source: Energy.gov (indexed) [DOE]

Personnel Security Personnel Security This chapter covers the security procedures adopted by DOE HQ to implement the requirements of the following DOE directives: * Privacy Act of 1974 * Title 10, Code of Federal Regulations, Part 707 * Title 10, Code of Federal Regulations, Part 710 * Title 48, Code of Federal Regulations, Part 952.204-2 * DOE Order 470.4B, Safeguards and Security Program * DOE Order 472.2, Personnel Security * DOE Order 475.1, Counterintelligence Program The DOE Personnel Security Program is designed to ensure that individuals authorized to access classified information and Special Nuclear Material (SNM) do not pose a threat to national security interests. This assurance is provided by the process for issuing initial and continuing

424

Office of Security Operations: Headquarters Security Officers (HSO) Program  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Headquarters Security Officers (HSO) Program Headquarters Security Officers (HSO) Program Responsible Individual/Contact: Wayne Berkebile - (301) 903-1163 - D-320 Scope: The Headquarters Security Officer (HSO) Program was established in 1990 by the Under Secretary of Energy in order to improve communications between the Office of Headquarters Security Operations and component organizations within DOE Headquarters. It is governed by DOE Headquarters Order 472.1, Headquarters Security Officer Program, dated 3-19-2010. Each Headquarters element is required to appoint at least one HSO and an Alternate HSO. HSOs perform a wide variety of security-related functions within their element such as obtaining security badges and clearances, maintaining Security Areas, acquiring security equipment, implementing procedures for protecting classified and sensitive information, conducting security inquiries, and arranging for required security services.

425

Hallmark Project Commercialization of the Secure SCADA Communications  

Broader source: Energy.gov (indexed) [DOE]

Project Commercialization of the Secure SCADA Project Commercialization of the Secure SCADA Communications Protocol, a cryptographic security solution for device-to-device communication Hallmark Project Commercialization of the Secure SCADA Communications Protocol, a cryptographic security solution for device-to-device communication Increased connectivity and automation in the control systems that manage the nation's energy infrastructure have improved system functionality, but left systems more vulnerable to cyber attack. Intruders could severely disrupt control system operation by sending fabricated information or commands to control system devices. To ensure message integrity, supervisory control and data acquisition (SCADA) systems require a method to validate device-to-device communication and verify that information has

426

The cyber threat landscape: Challenges and future research directions  

Science Journals Connector (OSTI)

Cyber threats are becoming more sophisticated with the blending of once distinct types of attack into more damaging forms. Increased variety and volume of attacks is inevitable given the desire of financially and criminally-motivated actors to obtain personal and confidential information, as highlighted in this paper. We describe how the Routine Activity Theory can be applied to mitigate these risks by reducing the opportunities for cyber crime to occur, making cyber crime more difficult to commit and by increasing the risks of detection and punishment associated with committing cyber crime. Potential research questions are also identified.

Kim-Kwang Raymond Choo

2011-01-01T23:59:59.000Z

427

Use of Multi-attribute Utility Functions in Evaluating Security Systems  

SciTech Connect (OSTI)

In analyzing security systems, we are concerned with protecting a building or facility from an attack by an adversary. Typically, we address the possibility that an adversary could enter a building and cause damage resulting in an immediate loss of life, or at least substantial disruption in the operations of the facility. In response to this setting, we implement security systems including devices, procedures, and facility upgrades designed to (a) prevent the adversary from entering, (b) detect and neutralize him if he does enter, and (c) harden the facility to minimize damage if an attack is carried out successfully. Although we have cast this in terms of physical protection of a building, the same general approach can be applied to non-physical attacks such as cyber attacks on a computer system. A rigorous analytic process is valuable for quantitatively evaluating an existing system, identifying its weaknesses, and proposing useful upgrades. As such, in this paper we describe an approach to assess the degree of overall protection provided by security measures. Our approach evaluates the effectiveness of the individual components of the system, describes how the components work together, and finally assesses the degree of overall protection achieved. This model can then be used to quantify the amount of protection provided by existing security measures, as well as to address proposed upgrades to the system and help identify a robust and cost effective set of improvements. Within the model, we use multiattribute utility functions to perform the overall evaluations of the system.

Meyers, C; Lamont, A; Sicherman, A

2008-06-13T23:59:59.000Z

428

Chapter_10_Security_Awareness_Program  

Broader source: Energy.gov (indexed) [DOE]

0 0 Security Awareness Program This chapter describes the DOE HQ Security Awareness Program. It implements the requirements of: * Title 32, CFR, Part 2001, Classified National Security Information * Executive Order 13526, Classified National Security Information * DOE Order 470.4B, Safeguards and Security (S&S) Program, Appendix B. Section 3 * DOE Order 475.2A, Identifying Classified Information * DOE Order 475.1, Counterintelligence Program The Security Awareness Program Manager, within HS-92, manages the HQ security awareness program. The goal of the HQ Security Awareness Program is to assist Federal and contractor employees in understanding DOE security requirements, their individual security responsibilities, and security procedures specific to HQ. This goal is accomplished by providing HQ employees

429

Departmental Personnel Security- Policy and Procedures  

Broader source: Energy.gov [DOE]

Departmental Personnel Security provides centralized and authoritative policy guidance and ensures consistent and effective implementation of the DOE personnel security program Department-wide to include the National Nuclear Security Administration.

430

Office of Security Operations  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Office of Physical Protection Office of Physical Protection Bill Dwyer Director, 202-586-7887 Mission The mission of the Office of Physical Protection is to implement and oversee dedicated human resources, processes, and equipment designed to protect personnel and assets entrusted to our care at Department of Energy (DOE) Headquarters facilities. The Office is comprised of dedicated DOE Federal security professionals, Headquarters Protective Force personnel, and Alarms and Access Control Technicians. These security subject matter experts work together to ensure compliance with DOE Safeguards and Security regulations, Interagency Security Committee guidance, and federal laws. The result of this collaboration is a security program designed to ensure a safe and secure working environment for all Headquarters employees.

431

DOE International Energy Advisors  

Broader source: Energy.gov [DOE]

DOEs Office of Electricity Delivery and Energy Reliability's (OE) Infrastructure Security and Energy Restoration Division (ISER) has coordinated and executed interagency support agreements with five of the geographic Combatant Commands to assign a DOE representative a DOE Energy Advisor to each of their headquarters.

432

Message Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Message Message Security Services Overview ECS Audio/Video Conferencing Fasterdata IPv6 Network Network Performance Tools (perfSONAR) ESnet OID Registry PGP Key Service Virtual Circuits (OSCARS) OSCARS Case Study Documentation User Manual FAQ Design Specifications Functional Specifications Notifications Publications Authorization Policy Default Attributes Message Security Clients For Developers Interfaces Links Hardware Requirements DOE Grids Service Transition Contact Us Technical Assistance: 1 800-33-ESnet (Inside the US) 1 800-333-7638 (Inside the US) 1 510-486-7600 (Globally) 1 510-486-7607 (Globally) Report Network Problems: trouble@es.net Provide Web Site Feedback: info@es.net Message Security Overview The OSCARS Web pages and Web Services are run within a Tomcat container which uses SSL connections to encrypt all messages. The OSCARS Web Service

433

Safeguards and Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Ensures appropriate levels of protection against unauthorized access; theft, diversion, loss of custody, or destruction of nuclear weapons, or weapons components; espionage; loss or theft of classified matter or Government property; and other hostile acts that may cause unacceptable adverse impacts on national security or on the health and safety of Department of Energy (DOE) and contractor employees, the public, or the environment. DOE N 251.40, dated 5/3/01, extends this directive until 12/31/01. Cancels DOE 5630.11B, DOE 5630.13A, DOE 5630.14A, DOE 5630.15, DOE 5630.16A, DOE 5630.17, DOE 5631.1C, DOE 5631.4A, DOE 5634.1B, DOE 5634.3, DOE 5639.3, and Chapter IX of DOE M 5632.1C-1

1995-09-28T23:59:59.000Z

434

Safeguards and Security Program, acronyms and abbereviations...  

Office of Environmental Management (EM)

Program, acronyms and abbereviations - DOE M 470.4-7 Safeguards and Security Program, acronyms and abbereviations - DOE M 470.4-7 August 26, 2005 Canceled Safeguards and Security...

435

Office of the CISO, December 2010 Information Security Risk Advisory  

E-Print Network [OSTI]

Office of the CISO, December 2010 Information Security Risk Advisory Web Browsing Software attacks that exploit web browsers (e.g., Internet Explorer, Firefox, Safari, Chrome, Opera) are on the rise. Cyber criminals frequently attack web browsers to take control of computers, delete files, steal personally

Queitsch, Christine

436

Security Enforcement Reporting Criteria | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Security Enforcement Reporting Criteria Security Enforcement Reporting Criteria Security Enforcement Reporting Criteria Classified information security noncompliances are categorized according to the disclosure or potential disclosure of DOE classified information placed at risk. There are two categories of noncompliances that are based on the relative severity of a classified information security incident. The categories are identified by an event category and type. Each of the two categories is further subdivided into three types based on the type of interest (security interest, management interest, and procedural interest). Security Enforcement Reporting Criteria More Documents & Publications Safety and Security Enforcement Coordinator Handbook DOE-STD-1210-2012 HQFMSP Chapter 11, Incidents of Security Concern

437

Mitigations for Security Vulnerabilities Found in Control System Networks |  

Broader source: Energy.gov (indexed) [DOE]

Mitigations for Security Vulnerabilities Found in Control System Mitigations for Security Vulnerabilities Found in Control System Networks Mitigations for Security Vulnerabilities Found in Control System Networks Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in

438

Safety and Security Enforcement Process Overview | Department...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

of Energy (DOE) Office of Enforcement and Oversight (HS-40), within the Office of Health, Safety and Security (HSS), to implement DOE's regulatory obligations as authorized by...

439

Secure Defences  

Science Journals Connector (OSTI)

......friendly attack - employing penetration testers or ethical hackers...for what is also known as penetration tester (note that there has...interchangeably). With the rate of cyber attacks doubling...friendly attack' employing penetration testers or ethical hackers......

Jutta Mackwell

2011-03-01T23:59:59.000Z

440

Cyber-physical energy systems: focus on smart buildings  

Science Journals Connector (OSTI)

Operating at the intersection of multiple sensing and control systems designed for occupant comfort, performability and operational efficiency, modern buildings represent a prototypical cyber-physical system with deeply coupled embedded sensing and networked ... Keywords: LEED, ZNEB, buildings, cyber-physical, embedded, energy management, energy metering, smart grid

Jan Kleissl; Yuvraj Agarwal

2010-06-01T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Cyber Threat Trees for Large System Threat Cataloging and Analysis*  

E-Print Network [OSTI]

Cyber Threat Trees for Large System Threat Cataloging and Analysis* P. Ongsakorn, K. Turney, M, kturney, mitch, nair, szygenda, manikas}@lyle.smu.edu Abstract--The implementation of cyber threat. Because large systems have many possible threats that may be interdependent, it is crucial

Thornton, Mitchell

442

Implementing constrained cyber-physical systems with IEC 61499  

Science Journals Connector (OSTI)

Cyber-physical systems (CPS) are integrations of computation and control with sensing and actuation of the physical environment. Typically, such systems consist of embedded computers that monitor and control physical processes in a feedback loop. While ... Keywords: Compilers, IEC 61499, cyber-physical systems, function blocks, software synthesis, synchronous

Li Hsien Yoong; Partha S. Roop; Zoran Salcic

2012-12-01T23:59:59.000Z

443

View Consistency in Architectures for Cyber-Physical Systems  

Science Journals Connector (OSTI)

Current methods for modeling, analysis, and design of cyber-physical systems lack a unifying framework due to the complexity and heterogeneity of the constituent elements and their interactions. Our approach is to define relationships between system ... Keywords: system architecture, view consistency, graph morphism, multi-domain modeling, cyber-physical systems

Ajinkya Bhave; Bruce H. Krogh; David Garlan; Bradley Schmerl

2011-04-01T23:59:59.000Z

444

A modelica coordination pattern library for cyber-physical systems  

Science Journals Connector (OSTI)

Today's embedded systems often do not operate individually anymore. Instead, they form so called cyber-physical systems, where the overall functionality is provided by the collaboration of systems. Consequently, the design of this collaboration is an ... Keywords: cyber-physical systems, design patterns, modelica, real-time coordination, simulation

Uwe Pohlmann; Stefan Dziwok; Matthias Meyer; Matthias Tichy; Sebastian Thiele

2014-03-01T23:59:59.000Z

445

Towards a theory for cyber-physical systems modeling  

Science Journals Connector (OSTI)

Modeling the heterogeneous composition of physical, computational and communication systems is an important challenge in engineering Cyber-Physical Systems (CPS), where the major sources of heterogeneity are causality, time semantics, and different physical ... Keywords: cyber-physical systems, formalization, heterogeneous composition, model-based engineering

Gabor Simko; Tihamer Levendovszky; Miklos Maroti; Janos Sztipanovits

2014-04-01T23:59:59.000Z

446

2014 Headquarters Facilities Master Security Plan- Chapter 9, Technical Surveillance Countermeasures  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 9, Technical Surveillance Countermeasures Describes the DOE Headquarters Technical Security Countermeasures (TSCM) Program.

447

Quantitative Cyber Risk Reduction Estimation Methodology for a Small Scada Control System  

SciTech Connect (OSTI)

We propose a new methodology for obtaining a quick quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.

Miles A. McQueen; Wayne F. Boyer; Mark A. Flynn; George A. Beitel

2006-01-01T23:59:59.000Z

448

Cyber Effects Analysis Using VCSE Promoting Control System Reliability |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Effects Analysis Using VCSE Promoting Control System Cyber Effects Analysis Using VCSE Promoting Control System Reliability Cyber Effects Analysis Using VCSE Promoting Control System Reliability This report describes the Virtual Control System Environment (VCSE) technology- developed at Sandia National Laboratories-to investigate Supervisory Control And Data Acquisition (SCADA) vulnerabilities associated with energy systems; and it describes a set of experiments with findings from using that environment. The report explains how VCSE can be used to analyze and develop an understanding of cyber attacks. Specific analyses in this report focus on unencrypted, unsecured data channels on Internet protocol (IP)-routed computer networks within electric power systems. Cyber Effects Analysis Using VCSE Promoting Control System Reliability

449

Chapter_1_Physical_Security  

Broader source: Energy.gov (indexed) [DOE]

Physical Security Physical Security This chapter describes the security procedures adopted by DOE HQ to implement the requirements of the following DOE directives: * Title 10 Code of Federal Regulations (CFR) Part 860.4 * Title 41 CFR Parts 101-19.3 and 102.74, Subpart C * Homeland Security Presidential Directive (HSPD)-12, Policy for a Common Identification Standard for Federal Employees and Contractors * DOE Order 473.3, Protection Program Operations * DOE Order 471.6, Information Security * DOE Order 580.1, Change 1, DOE Personal Property Management Program The objective of these directives is to protect DOE sensitive and classified information, facilities, property, and employees from threats posed by intelligence collectors, terrorists, violent activists,

450

Facility Security Officer Contractor Toolcart  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

the potential danger associated with an item is questionable, consult the physical security contact for additional information. Illegal drugs (does not include controlled...

451

Revised Finding of No Significant Impact for Safeguards and Security Upgrades for Storage of Plutonium Materials at the Savannah River Site (DOE/EA-1538)(03/11/08)  

Broader source: Energy.gov (indexed) [DOE]

Finding of No Significant Impact Finding of No Significant Impact for Safeguards and Security Upgrades for Storage of Plutonium Materials at the Savannah River Site Agency: U.S. Department of Energy Action: Revised Finding of No Significant Impact Summary: The Department of Energy (DOE) prepared an environmental assessment (EA) (DOEEA-1538) in 2005 to evaluate the potential environmental impacts associated with the implementation of proposed and alternative actions to enhance the safe and secure storage of plutonium-bearing materials at the Savannah River Site (SRS) to meet the enhanced terrorist threat that has existed since the events of September 11, 2001. Based on the analyses in the EA, DOE determined that the proposed action was not a major Federal action significantly affecting

452

FY 2014 DOE Agency Financial Report  

Broader source: Energy.gov [DOE]

Provides key financial and performance information that demonstrates DOEs accountability to enhance U.S. security and economic growth through transformative science, technology innovation, and market solutions to meet our energy, nuclear security, and environmental challenges.

453

Microsoft Word - Attachment J-6 List of Applicable DOE Directives...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Chg.3 DOE Cyber Program CRD O 206.1 DOE Privacy Program CRD O 243.1B, Admin. Chg 1. Records Management Program CRD O 414.1D, Admin Chg 1. Quality Assurance CRD O 442.1A...

454

Security Cases | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

31, 2012 31, 2012 PSH-11-0029 - In the Matter of Personnel Security Hearing The individual is employed by a Department of Energy (DOE) contractor, and was granted a security clearance in connection with that employment. A routine reinvestigation of the individual revealed information concerning his finances that raised security concerns, and the local security office (LSO)summoned the individual for an interview with a personnel security specialist in August 2011. March 30, 2012 PSH-12-0002 - In the Matter of Personnel Security Hearing The individual has been employed by a Department of Energy (DOE) contractor since 1997, and has held a DOE access authorization for over 10 years. In October 2011, the individual tested positive for marijuana on a random drug test. The local security office (LSO) conducted a personnel security

455

Security Topic Group  

Broader source: Energy.gov (indexed) [DOE]

Group Group Security and TEC * Tension exists between open forum concept of TEC and the ability of STG members to discuss security topics. - DOE will maintain the open forum - it will not form a subgroup of cleared members NAS Study * Some members want STG to formally recommend a fully independent review of security issues - DOE is reviewing the NAS study and has not formulated a position Security Topic Group (Continued) Classification Guide & Information Sharing Protocol * Guide is finished and undergoing internal concurrence - Slated for late September release * Protocol will be completed once the guide is issued Security-Related Lessons Learned * Lessons learned document was distributed and comments requested by the end of March Security Topic Group (Continued) SRG/CVSA Survey

456

Los Alamos director echoes cyber concerns  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

of times by adversaries. Our systems, and yours, are very attractive. Securing the grid will be key for energy security going forward NATIONAL HARBOR, Md.,May 21, 2013-Los...

457

Development and Demonstration of a Security Core Component  

SciTech Connect (OSTI)

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on security through obscurity. Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. The rise of the Internet and the accompanying demand for more data about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. Cyber crime has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group has something to prove. Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be on the front line if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utilitys SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values even results from a SIEM (Security Information and Event Management) system. When the system deviates from normal, CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSMs built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that real world training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipients SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.

Turke, Andy

2014-02-28T23:59:59.000Z

458

Safeguards and Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes responsibilities and program planning and management requirements for the Safeguards and Security Program. Admin Chg 1, dated 2-15-13, cancels DOE O 470.4B.

2011-07-21T23:59:59.000Z

459

Safeguards and Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Safeguards and Security Program ensures that the Department of Energy efficiently and effectively meets all its obligations to protect Special Nuclear Material, other nuclear materials, classified matter, sensitive information, government property, and the safety and security of employees, contractors, and the general public. Cancels DOE P 470.1.

2010-12-29T23:59:59.000Z

460

Master Safeguards and Security Agreements  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish the Department of Energy policy, requirements, responsibilities, and authorities for the development and implementation of Master Safeguards and Security Agreements (MSSA's). Does not cancel another directive. Canceled by DOE O 5630.13A

1988-02-03T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Security Area Vouching and Piggybacking  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes requirements for the Department of Energy (DOE) Security Area practice of "vouching" or "piggybacking" access by personnel. DOE N 251.40, dated 5-3-01, extends this directive until 12-31-01.

2000-06-05T23:59:59.000Z

462

2014 Headquarters Facilities Master Security Plan- Chapter 16, Equivalencies and Exemptions  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 16, Equivalencies and Exemptions Describes DOE Headquarters procedures for requesting Equivalencies and Exemptions to DOE security directives.

463

Chapter_11_Incidents_of_Security_Concern  

Broader source: Energy.gov (indexed) [DOE]

1 1 Incidents of Security Concern This chapter covers the DOE HQ implementation of DOE Order 470.4B, Safeguards and Security Program, Attachment 5, Incidents of Security Concern. HS-91 manages the HQ Security Incidents Program. Incidents of Security Concern (henceforth referred to as Incidents) are actions, inactions, or events that are believed to: * Pose threats to national security interests and/or DOE assets * Create potentially serious or dangerous security situations * Significantly affect the safeguards and security program's capability to protect DOE safeguards and security interests * Indicate failure to adhere to security procedures * Reveal that the system is not functioning properly, by identifying and/or mitigating potential threats (e.g., detecting suspicious activity, hostile acts, etc.).

464

Safeguards and Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Ensures appropriate levels of protection against unauthorized access; theft, diversion, loss of custody, or destruction of nuclear weapons, or weapons components; espionage; loss or theft of classified matter or Government property; and other hostile acts that may cause unacceptable adverse impacts on national security or on the health and safety of Department of Energy (DOE) and contractor employees, the public, or the environment. DOE O 470.1 Extended until 5-11-06 by DOE N 251.63, dated 5-11-05. Chg 1, Safeguards and Security Program, dated 9/28/95, extended by DOE N 251.57, dated 4/28/2004. Change 1, 5/21/96, revises Chapter IV. Cancels: DOE 5630.11B, DOE 5630.13A, DOE 5630.14A, DOE 5630.15, DOE 5630.16A, DOE 5630.17, DOE 5631.1C, DOE 5631.4A, DOE 5634.1B, DOE 5634.3, DOE 5639.3, DOE M 5632.1C-1 in part.

1995-09-28T23:59:59.000Z

465

Safeguards and Security Independent Oversight Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes the DOE Safeguards and Security Independent Oversight Program that provides DOE and contractor managers, Congress, and other stakeholders with an independent evaluation of the effectiveness of DOE safeguards and security policy and programs, and the implementation of those policies and programs. Cancels DOE 5630.12A.

1998-12-23T23:59:59.000Z

466

DOE Order on Quality Assurance  

Broader source: Energy.gov [DOE]

The purpose of this order is to ensure that Department of Energy (DOE), including National Nuclear Security Administration (NNSA), products and services meet or exceed customers requirements and...

467

Incident Management | Department of Energy  

Energy Savers [EERE]

systems report cyber security incidents to JC3. JC3 Bulletins are distributed to the DOE community to notify sites of computer security vulnerabilities and recommended actions....

468

TEC Working Group Topic Groups Security | Department of Energy  

Office of Environmental Management (EM)

concerned with secure transport of spent nuclear fuel (SNF) and high level waste (HLW) to Yucca Mountain. Current activities include updating the security portion of DOE's...

469

2014 Headquarters Facilities Master Security Plan- Chapter 15, Outprocessing  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 15, Outprocessing Describes DOE Headquarters procedures for completing required security actions by departing employees and contractors.

470

Department of Energy Security Condition (SECON) Level | Department...  

Energy Savers [EERE]

Department of Energy Security Condition (SECON) Level Department of Energy Security Condition (SECON) Level The information on this page is provided as a service by EHSS. EHSS does...

471

Global Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Applications Global Security science-innovationassetsimagesicon-science.jpg Global Security National security depends on science and technology. The United States relies on...

472

DOE/SEA-03; Special Environmental Analysis for the Department of Energy, National Nuclear Security Administration, Actions Taken in Response to the Cerro Grande Fire at Los Alamos National Laboratory, Los Alamos, New Mexico (September 2000)  

Broader source: Energy.gov (indexed) [DOE]

Analysis for Actions Taken in Response to the Cerro Grande Fire at LANL Analysis for Actions Taken in Response to the Cerro Grande Fire at LANL DOE/LAAO September 2000 S-1 SUMMARY The U.S. Department of Energy (DOE), National Nuclear Security Administration, is issuing this special environmental analysis (SEA) to document its assessment of impacts associated with emergency activities conducted at Los Alamos National Laboratory (LANL), Los Alamos County, New Mexico, in response to major disaster conditions caused by the recent wildfire known as the Cerro Grande Fire. This wildfire burned about 7,650 1 acres (ac) (3,061 hectares [ha]) within the boundaries of LANL and about an additional 35,500 ac (14,200 ha) in neighboring areas. DOE's emergency response to the threat of this fire began with certain preventative actions undertaken immediately before

473

Facility Security Officer Contractor Toolcart  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

RESPONSIBILITIES RESPONSIBILITIES FSO Overview FSO Reporting Responsibilities Questions an FSOs at a Non-Possesssing Site Could Be Asked During an Audit Non-Possessing Contractor Security Requirements Plan Training for Facility Security Officers (FSOs) PHY-210DE Facility Security Officer Overview PHY-210DB, Introduction to Facility Security Officer (Self-Study Course ) Duration: 3 days Description: This correspondence course provides an overview of the roles and responsibilities of the DOE or DOE-contractor FSO. The course emphasizes facility clearance requirements, personnel security, information security, incident reporting, and other related programs. The course references the National Industrial Security Program Operating Manual (NISPOM) (DoD 5220.22-M) and a comprehensive listing of DOE orders, manuals, guides, forms, and notices.

474

Reporting Incidents Of Security Concern  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To enhance the Department of Energy (DOE) Incidents of Security Concern Reporting Program through more consistent reporting, better information tracking, and interactive coordination. DOE N 251.54, dated 07/08/03, extends this directive until 07/08/04. Cancels Deputy Secretary Glauthier memorandum, subject: Reporting Security Incidents, dated 9-7-99.

2001-04-03T23:59:59.000Z

475

Ruminati : modeling the detection of textual cyber-bullying  

E-Print Network [OSTI]

The scourge of cyber-bullying has received widespread attention at all levels of society including parents, educators, adolescents, social scientists, psychiatrists and policy makers at the highest echelons of power. ...

Dinakar, Karthik

2012-01-01T23:59:59.000Z

476

Advances in Materials Genomics: Making CyberSteels Fly | Argonne...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Events Upcoming Events Upcoming Events Advances in Materials Genomics: Making CyberSteels Fly January 7, 2015 3:00PM to 4:00PM Presenter Greg Olson, Northwestern University and...

477

Managing Threats to Web Databases and Cyber Systems  

Science Journals Connector (OSTI)

This chapter provides an overview of some of the cyber threats information systems as well as data management ... then discusses potential solutions and challenges. The threats include access control violations, ...

Bhavani Thuraisingham

2005-01-01T23:59:59.000Z

478

Towards a modeling language for cyber-physical systems  

Science Journals Connector (OSTI)

A cyber-physical system (CPS) is an interactive system of continuous plants and real-time controller programs. These systems usually feature a tight relationship between the physical and computational components and exhibit true concurrency with respect ...

Longfei Zhu; Yongxin Zhao; Huibiao Zhu; Qiwen Xu

2013-01-01T23:59:59.000Z

479

July 2013 Cyber Incident | Department of Energy  

Energy Savers [EERE]

7. How is the Department of Energy responding to this attack? The Department's Cybersecurity office, the Office of Health, Safety and Security and the Inspector General's...

480

Information Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual establishes security requirements for the protection and control of matter required to be classified or controlled by statutes, regulations, or U.S. Department of Energy directives. Cancels DOE M 470.4-4 Chg 1. DOE M 470.4-4A Chg 1 issued 10-12-10.

2009-01-16T23:59:59.000Z

Note: This page contains sample records for the topic "doe cyber security" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

Information Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes security requirements for the protection and control of matter required to be classified or controlled by statutes, regulations, or U.S. Department of Energy (DOE) directives. Original dated dated 1-16-09. Canceled by DOE O 471.6--except for Section D.

2010-10-12T23:59:59.000Z

482

Headquarters Security Operations  

Broader source: Energy.gov [DOE]

DOE strengthens national security by protecting personnel, facilities, property, classified information, and sensitive unclassified information for DOE Headquarters facilities in the National Capital Area under normal and abnormal (i.e., emergency) conditions; manages access authorization functions; ensures that executives and dignitaries are fully protected, and supports efforts to ensure the continuity of government in all circumstances as mandated by Presidential Decision Directive.

483

National Security & Safety | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Safety Safety National Security & Safety In the video above, three veterans discuss how the skills they learned in the service are helping them advance energy security and grow the clean energy economy. The veterans shared their experiences at a Champions of Change event at the White House. | Video by Matty Greene, Energy Department. The Energy Department plays an important and multifaceted role in protecting national security. In addition to our work to increase nuclear nonproliferation and ensure the security of the U.S. nuclear weapons stockpile, we manage the Strategic Petroleum Reserve, invest in protections against cyber and physical attacks on U.S. energy infrastructure, conduct programs to ensure worker health and safety, provide training tools and

484

DOE F 5631.25  

Broader source: Energy.gov (indexed) [DOE]

5 5 (07/2012) All Other Editions Are Obsolete U.S. DEPARTMENT OF ENERGY FILE TRANSFER RECORD THE FOLLOWING PERSONNEL SECURITY FILE(S) IS/ARE TRANSMITTED AS INDICATED: NAME (LAST, FIRST, MIDDLE) DOE NUMBER RECEIVING OFFICE SYMBOL REVIEW AND RETURN RETAIN PRIVACY ACT STATEMENT - Collection of the information requested is authorized by Department of Energy (DOE) Order 472.2, "Personnel Security." The information placed on this form is used to officially transmit DOE Personnel Security Files (PSFs) among DOE Cognizant Personnel Security Offices and authorized officials. Copies of this document may be maintained in PSFs and personnel security administrative files as necessary. Access to DOE PSFs is permitted as stipulated in DOE O

485

DOE-STD-1171-2003 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Safeguard and Security Functional Area Standard Replaced by DOE-STD-1171-2009 The Safeguards and Security (S&S) Functional Area Qualification Standard establishes common...

486

DOE-STD-1123-2009 | Department of Energy  

Office of Environmental Management (EM)

3-2009 DOE-STD-1123-2009 August 12, 2009 Safeguards and Security General Technical Base Qualification Standard The Safeguards and Security General Technical Base Qualification...

487

DOE F 470.8 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

More Documents & Publications DOE F 5634.1 2014 Headquarters Facilities Master Security Plan - Chapter 7, Surveys and Reviews FAQS Reference Guide - Safeguards and Security...

488

DOE F 5631.20 | Department of Energy  

Office of Environmental Management (EM)

Access Approval More Documents & Publications 2014 Headquarters Facilities Master Security Plan - Chapter 3, Personnel Security DOE HQ F 5631.2 2014 Headquarters Facilities...

489

DOE F 471.2 | Department of Energy  

Energy Savers [EERE]

DOE F 471.2.pdf More Documents & Publications 2014 Headquarters Facilities Master Security Plan - Chapter 5, Classified Matter Protection and Control Security Policy, CMPC...

490

DOE F 5631.34 | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

ON SPOUSECOHABITANT More Documents & Publications DATA REPORT ON SPOUSECOHABITANT 2014 Headquarters Facilities Master Security Plan - Chapter 3, Personnel Security DOE F 5631.18...

491

DOE F 5631.18 | Department of Energy  

Office of Environmental Management (EM)

More Documents & Publications 5631.18SecurityAcknowledgement.pdf The DOE Security Plan for the Energy Employees Occupational Illness Compensation Program 2014...

492

Protecting IT Systems from Cyber Crime  

Science Journals Connector (OSTI)

......company's own personnel. The rotation of...vetting and security training of that staff more...than for intramural personnel. (However, it...utilization, its operating procedures--and...Security awareness training (2) Integrated...PRIORITIZATION IN THE SELECTION OF DEFENCE OPTIONS......

R. Benjamin; B. Gladman; B. Randell

1998-01-01T23:59:59.000Z

493

AstroCloud, a Cyber-Infrastructure for Astronomy Research: Architecture  

E-Print Network [OSTI]

AstroCloud is a cyber-Infrastructure for Astronomy Research initiated by Chinese Virtual Observatory (China-VO) under funding support from NDRC (National Development and Reform commission) and CAS (Chinese Academy of Sciences). The ultimate goal of this project is to provide a comprehensive end-to-end astronomy research environment where several independent systems seamlessly collaborate to support the full lifecycle of the modern observational astronomy based on big data, from proposal submission, to data archiving, data release, and to in-situ data analysis and processing. In this paper, the architecture and key designs of the AstroCloud platform are introduced, including data access middleware, access control and security framework, extendible proposal workflow, and system integration mechanism.

Xiao, Jian; Cui, Chenzhou; He, Boliang; Li, Changhua; Fan, Dongwei; Hong, Zhi; Yin, Shucheng; Wang, Chuanjun; Cao, Zihuang; Fan, Yufeng; Li, Shanshan; Mi, Linying; Wan, Wanghui; Wang, Jianguo; Zhang, Hailong

2014-01-01T23:59:59.000Z

494

5631.18_Security_Acknowledgement.pdf | Department of Energy  

Office of Environmental Management (EM)

5631.18SecurityAcknowledgement.pdf 5631.18SecurityAcknowledgement.pdf 5631.18SecurityAcknowledgement.pdf More Documents & Publications DOE F 5631.18 2014 Headquarters...

495

Security Cases | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

August 22, 2012 August 22, 2012 PSH-12-0065 - In the Matter of Personnel Security Hearing The Individual is a contractor employee at a DOE facility. Exhibit (Ex.) 10 at 3. The Local Security Office (LSO) discovered that the Individual failed to list a 2004 Driving Under the Influence (DUI) arrest in a Questionnaire for National Security Positions form completed in October 2011. Ex. 10 at 10. August 22, 2012 PSH-12-0045 - In the Matter of Personnel Security Hearing OHA Hearing Officer issued a decision in which he determined that an Individual's DOE security clearance should be restored. The Individual had been caught viewing pornography on a DOE workplace computer. August 17, 2012 PSH-12-0048 - In the Matter of Personnel Security Hearing OHA Hearing Officer issued a decision in which he concluded that an

496

Security Cases | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

June 20, 2012 June 20, 2012 PSH-12-0044 - In the Matter of Personnel Security Hearing The Individual is a contractor employee at a DOE facility and has possessed a security clearance on various occasions since 1978. Exhibit (Ex.) 8 at 2. In December 2011, the Individual reported to the Local Security Office (LSO) that his wages were being garnished for back federal taxes. Ex. 13 at 1. Consequently, the LSO conducted a personnel security interview (PSI) with the Individual in January 2012. Ex. 15. June 13, 2012 PSH-12-0010 - In the Matter of Personnel Security Hearing The individual works for a Department of Energy (DOE) contractor and is an applicant for DOE access authorization. In August 2010, the individual completed a Questionnaire for National Security Positions (QNSP) and was

497

Security Cases | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

May 8, 2012 May 8, 2012 PSH-12-0004 - In the Matter of Personnel Security Hearing The individual works for a Department of Energy (DOE) contractor and holds a DOE access authorization, now in suspension. In September of 2011, the individual informed his contractor, which in turn informed the local DOE security office (LSO), that he had been hospitalized for treatment of his depression and suicidal thoughts. Exhibit 15. The LSO summoned the individual for an interview with a personnel security specialist on September 20, 2011. Exhibit 22 (Transcript of Personnel Security Interview). May 4, 2012 PSH-12-0007 - In the Matter of Personnel Security Hearing The individual began working at a DOE site in March 1992. Tr. at 87. In September 1999, his employer requested an access authorization for him. Ex.

498

Security Cases | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

July 19, 2011 July 19, 2011 TSO-1013 - In the Matter of Personnel Security The individual works for a Department of Energy (DOE) contractor and is an applicant for a DOE access authorization. In the report of a background investigation, the Office of Personnel Management noted that the individual had a history of anger, unusual behaviors, animal abuse, illegal drug use, court-ordered anger management, and counseling. The Local Security Office (LSO) interviewed the individual on June 9, 2010, regarding these concerns in a Personnel Security Interview (PSI). July 15, 2011 TSO-1003 - In the Matter of Personnel Security Hearing The individual has been employed by a Department of Energy (DOE) contractor since 2010. His employer requested that DOE grant the individual a clearance. The individual completed a Questionnaire for National Security

499

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 |  

Broader source: Energy.gov (indexed) [DOE]

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 July 12, 2007 Issued to Los Alamos National Security, LLC related to the Unauthorized Reproduction and Removal of Classified Matter from the Los Alamos National Laboratory The Compliance Order directs LANS to implement specific corrective actions to remediate both the laboratory management deficiencies that contributed to the thumb drive security incident at Los Alamos National Laboratory (LANL) discovered in October 2006 and, more broadly, longstanding deficiencies in the classified information and cyber security programs at LANL. Violation of the Compliance Order would subject LANS to issuance of a notice of violation and assessment of civil penalties up to S100,000 per

500

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 |  

Broader source: Energy.gov (indexed) [DOE]

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 July 12, 2007 Issued to Los Alamos National Security, LLC related to the Unauthorized Reproduction and Removal of Classified Matter from the Los Alamos National Laboratory The Compliance Order directs LANS to implement specific corrective actions to remediate both the laboratory management deficiencies that contributed to the thumb drive security incident at Los Alamos National Laboratory (LANL) discovered in October 2006 and, more broadly, longstanding deficiencies in the classified information and cyber security programs at LANL. Violation of the Compliance Order would subject LANS to issuance of a notice of violation and assessment of civil penalties up to S100,000 per