National Library of Energy BETA

Sample records for information systems security

  1. PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ...

  2. Classified Information Systems Security Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1999-08-03

    This Manual provides requirements and implementation instructions for the graded protection of the confidentiality, integrity, and availability of information processed on all automated information systems used to collect, create, process, transmit, store, and disseminate classified information by, or on behalf of, the Department of Energy (DOE). DOE N 205.4 cancels Chapter III section 8, Incident Reporting, and DOE N 205.3 cancels Chapter VI, paragraph 4j(2), 4j(6); and Chapter VII, paragraph 12a(2)(a). Cancels: DOE M 5639.6A-1. Canceled by DOE M 205.1-4.

  3. Classified Automated Information System Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1994-07-15

    To establish uniform requirements, policies, responsibilities, and procedures for the development and implementation of a Department of Energy (DOE) Classified Computer Security Program to ensure the security of classified information in automated data processing (ADP) systems. Cancels DOE O 5637.1. Canceled by DOE O 471.2.

  4. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Does not cancel other directives. Canceled by DOE O 205.1B

  5. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  6. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09. Canceled by DOE O 205.1B.

  7. List of Major Information Systems,National Nuclear Security Administra...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    List of Major Information Systems,National Nuclear Security Administration ADaPT ... List of Major Information Systems, Defense Line of Business National Nuclear Security ...

  8. Information System Security Officer (ISSO) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Officer (ISSO) Information System Security Officer (ISSO) digital-388075_960_720.jpg The Information System Security Officer (ISSO) is responsible to the Information System Security Manager (SSM), information owner, and system owner for ensuring a proper security posture is in place. ISSO Core Competency Training Worksheet (241.41 KB) More Documents & Publications Cybersecurity Program Manager (CSPM) Authorizing Official Designated Representative (AODR) Information System Owner (ISO

  9. PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE (299.08 KB) More Documents & Publications PIA - INL Education Programs Business Enclave Manchester Software 1099 Reporting PIA, Idaho National Laboratory PIA - INL PeopleSoft - Human Resource System

  10. Information System Security Manager (ISSM) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Manager (ISSM) Information System Security Manager (ISSM) macbook-925595_960_720.jpg The Information Security System Manager (ISSM) is designated by an operating unit's (DOE organization or site) Senior Manager to manage the unit's cyber security program. The ISSM establishes, documents, and monitors an operating unit's cyber security program implementation plan, and ensures compliance with DOE management policies. Candidates must possess a working knowledge of cyber security policies and

  11. List of Major Information Systems,National Nuclear Security Administration

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ADaPT Networked: | Department of Energy List of Major Information Systems,National Nuclear Security Administration ADaPT Networked: List of Major Information Systems,National Nuclear Security Administration ADaPT Networked: List of Major Information Systems, Defense Line of Business National Nuclear Security Administration ADaPT Networked: Develops and deploys emerging information networking technology to production processes in support of the U.S. nuclear weapons stockpile. National Nuclear

  12. information systems | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    information systems NNSA's systems administrators keep the computers running For Systems Administrator (SysAdmin) Day, meet some of the men & women keeping NNSA going. Thanks for all you do! Michelle Swinkels, Senior Systems and Network Technologist at NNSA's Lawrence Livermore National Laboratory What excites you about your work for NNSA? I'... NNSA's G2 Management Information System Wins Association for Enterprise Information's (AFEI) "Excellence in Enterprise Information Award"

  13. Information security management system planning for CBRN facilities

    SciTech Connect (OSTI)

    Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

  14. Electronic DOE Information Security System (eDISS) PIA, Office of Health

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Safety and Security | Department of Energy DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security Electronic DOE Information Security System (eDISS) PIA, Office of Health Safety and Security (88.14 KB) More Documents & Publications Integrated Safety Management Workshop

  15. Zicom Electronic Security Systems Ltd | Open Energy Information

    Open Energy Info (EERE)

    Security Systems Ltd. Place: Mumbai, Maharashtra, India Zip: 400093 Sector: Solar, Wind energy Product: Mumbai-based electronic security systems integrator. The firm plans to...

  16. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-06-20

    The protection and control of classified information is critical to our nationís security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D.

  17. Manual of Security Requirements for the Classified Automated Information System Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1994-07-15

    This Manual provides specific instructions and delineates the requirements to ensure the graded security of classified information entrusted to the Department of Energy (DOE) that is processed, stored, transferred, or accessed on Automated Information Systems (AISs) and AIS networks. Canceled by DOE M 471.2-2.

  18. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-06-20

    The protection and control of classified information is critical to our nationís security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D. Admin Chg 1, dated 11-23-2012, cancels DOE O 471.6. Canceled by Admin Chg 2 dated 5-15-15.

  19. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2007-06-29

    Establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Section E, Technical Surveillance Countermeasures Program, is Official Use Only. Please contact the DOE Office of Health, Safety and Security at 301-903-0292 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A

  20. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2005-08-26

    This Manual establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Attachment E, Technical Surveillance Countermeasures Program, is for Official Use Only. Contact the Office of Security and Safety Performance Assurance at 301-903-3653 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A.

  1. Certification and Accreditation Process for Information Systems Including National Security Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice ensures the effectiveness of security controls on DOE Federal information systems including national security systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. No cancellations. DOE N 205.15, dated 3-18-05, extends this directive until 3-18-06.

  2. Information Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-06-29

    This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. (The original DOE O 471.6 canceled DOE M 470.4-4A, except for Section D). Admin Chg 2, dated 5-15-15, supersedes Admin Chg 1. Certified 5-21-2015.

  3. Information Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1992-10-19

    To establish the Department of Energy (DOE) Information Security Program and set forth policies, procedures and responsibilities for the protection and control of classified and sensitive information. The Information Security Program is a system of elements which serve to deter collection activities, This directive does not cancel another directive. Canceled by DOE O 471.2 of 9-28-1995.

  4. Secure Information Sharing

    Energy Science and Technology Software Center (OSTI)

    2005-09-09

    We are develoing a peer-to-peer system to support secure, location independent information sharing in the scientific community. Once complete, this system will allow seamless and secure sharing of information between multiple collaborators. The owners of information will be able to control how the information is stored, managed. ano shared. In addition, users will have faster access to information updates within a collaboration. Groups collaborating on scientific experiments have a need to share information and data.more¬†¬Ľ This information and data is often represented in the form of files and database entries. In a typical scientific collaboration, there are many different locations where data would naturally be stored. This makes It difficult for collaborators to find and access the information they need. Our goal is to create a lightweight file-sharing system that makes it¬íeasy for collaborators to find and use the data they need. This system must be easy-to-use, easy-to-administer, and secure. Our information-sharing tool uses group communication, in particular the InterGroup protocols, to reliably deliver each query to all of the current participants in a scalable manner, without having to discover all of their identities. We will use the Secure Group Layer (SGL) and Akenti to provide security to the participants of our environment, SGL will provide confldentiality, integrity, authenticity, and authorization enforcement for the InterGroup protocols and Akenti will provide access control to other resources.¬ę¬†less

  5. Information Technology Specialist (Security)

    Broader source: Energy.gov [DOE]

    A successful candidate in this position will serve as an Information Technology Specialist (Security) responsible for providing technical support in the information security environment which...

  6. Security classification of information

    SciTech Connect (OSTI)

    Quist, A.S.

    1989-09-01

    Certain governmental information must be classified for national security reasons. However, the national security benefits from classifying information are usually accompanied by significant costs -- those due to a citizenry not fully informed on governmental activities, the extra costs of operating classified programs and procuring classified materials (e.g., weapons), the losses to our nation when advances made in classified programs cannot be utilized in unclassified programs. The goal of a classification system should be to clearly identify that information which must be protected for national security reasons and to ensure that information not needing such protection is not classified. This document was prepared to help attain that goal. This document is the first of a planned four-volume work that comprehensively discusses the security classification of information. Volume 1 broadly describes the need for classification, the basis for classification, and the history of classification in the United States from colonial times until World War 2. Classification of information since World War 2, under Executive Orders and the Atomic Energy Acts of 1946 and 1954, is discussed in more detail, with particular emphasis on the classification of atomic energy information. Adverse impacts of classification are also described. Subsequent volumes will discuss classification principles, classification management, and the control of certain unclassified scientific and technical information. 340 refs., 6 tabs.

  7. Foreign Affairs Information System (FAIS) Early Operational Capability (EOC) network security criteria

    SciTech Connect (OSTI)

    Not Available

    1988-09-12

    The Joint Center for Information Security Technology (JCIST) at Oak Ridge, Tennessee, under an interagency agreement between the Department of State (DOS) and the Department of Energy (DOE), has been tasked with the security certification testing of the Foreign Affairs Information system (FAIS) Early Operational Capability (EOC) software. The basis for this certification is the FAIS (EOC) Security Requirements Allocation (SRA) document. This document defines the security requirements for the FAIS EOC software. Security certification of the FAIS system is the responsibility of the Office of Information Systems Security, Bureau of Diplomatic Security (DS/ST/ISS). The overall FAIS EOC certification will be completed in two general steps. First, a test of a stand-alone FAIS EOC system against the SRA requirements which is currently in progress. Second is a test of all FAIS network system interfaces against the SRA requirements as expanded to adequately address the network security issues. This accumulation of requirements is referred to as the FAIS EOC Network Security Criteria. 5 refs.

  8. Cyber Security Requirements for Wireless Devices and Information Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-11

    The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  9. DOE integrated safeguards and security (DISS) system a nation-wide distributed information system for personnel security

    SciTech Connect (OSTI)

    Block, B.

    1997-06-05

    DISS uses secure client-server and relational database technology across open networks to address the problems of security clearance request processing and tracking of security clearances for the Department of energy. The system supports the entire process from data entry by the prospective clearance holders through tracking of all DOE clearances, and use of standard DOE badges in automated access control systems throughout the DOE complex.

  10. Security classification of information

    SciTech Connect (OSTI)

    Quist, A.S.

    1993-04-01

    This document is the second of a planned four-volume work that comprehensively discusses the security classification of information. The main focus of Volume 2 is on the principles for classification of information. Included herein are descriptions of the two major types of information that governments classify for national security reasons (subjective and objective information), guidance to use when determining whether information under consideration for classification is controlled by the government (a necessary requirement for classification to be effective), information disclosure risks and benefits (the benefits and costs of classification), standards to use when balancing information disclosure risks and benefits, guidance for assigning classification levels (Top Secret, Secret, or Confidential) to classified information, guidance for determining how long information should be classified (classification duration), classification of associations of information, classification of compilations of information, and principles for declassifying and downgrading information. Rules or principles of certain areas of our legal system (e.g., trade secret law) are sometimes mentioned to .provide added support to some of those classification principles.

  11. Office of Information Security

    Broader source: Energy.gov [DOE]

    The Office of Information Security is responsible for implementation of the Classified Matter Protection and Control Program (CMPC), the Operations Security Program (OPSEC) and the Facility Clearance Program and the Survey Program for Headquarters

  12. Radiological Security Partnership Information | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) Programs / Nonproliferation / Global Material Security / Radiological Security / Radiological Security Partnership Radiological Security Partnership Information Radioactive sources play an important role in a number of commercial, medical, and research facilities. The benefits of these sources must be balanced with proper security. The Department of Energy's (DOE) National Nuclear Security Administration (NNSA) is working with the Nuclear Regulatory Commission and

  13. Information Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1997-03-27

    Establishes an Information Security Program for the protection and control of classified and sensitive information. Extended until 5-11-06 by DOE N 251.63, dated 5-11-05. DOE O 471.2A, Information Security Program, dated 3/27/1997, extended by DOE N 251.57, dated 4/28/2004. Cancels: DOE O 471.2

  14. Electronic DOE Information Security System (eDISS) PIA, Office...

    Energy Savers [EERE]

    Safety Management Workshop Registration, PIA, Idaho National Laboratory Occupational Medicine - Assistant PIA, Idaho National Laboratory Occupational Injury & Illness System...

  15. Security system

    DOE Patents [OSTI]

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  16. The theory of diversity and redundancy in information system security : LDRD final report.

    SciTech Connect (OSTI)

    Mayo, Jackson R.; Torgerson, Mark Dolan; Walker, Andrea Mae; Armstrong, Robert C.; Allan, Benjamin A.; Pierson, Lyndon George

    2010-10-01

    The goal of this research was to explore first principles associated with mixing of diverse implementations in a redundant fashion to increase the security and/or reliability of information systems. Inspired by basic results in computer science on the undecidable behavior of programs and by previous work on fault tolerance in hardware and software, we have investigated the problem and solution space for addressing potentially unknown and unknowable vulnerabilities via ensembles of implementations. We have obtained theoretical results on the degree of security and reliability benefits from particular diverse system designs, and mapped promising approaches for generating and measuring diversity. We have also empirically studied some vulnerabilities in common implementations of the Linux operating system and demonstrated the potential for diversity to mitigate these vulnerabilities. Our results provide foundational insights for further research on diversity and redundancy approaches for information systems.

  17. Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice establishes DOE policy requirements and responsibilities for remote connections to DOE and contractor information technology systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, to protect DOE information and information technology systems commensurate with the risk and magnitude of harm that could result from their unauthorized access, use, disclosure, modification or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06. No cancellations.

  18. The use of information technology security assessment criteria to protect specialized computer systems

    SciTech Connect (OSTI)

    Lykov, V.A.; Shein, A.V.; Piskarev, A.S.; Devaney, D.M.; Melton, R.B.; Hunteman, W.J.; Prommel, J.M.; Rothfuss, J.S.

    1997-10-01

    The purpose of this paper is to discuss the information security assessment criteria used in Russia and compare it with that used in the United States. The computer system security assessment criteria utilized by the State Technical Commission of Russia and similar criteria utilized by the US Department of Defense (TCSEC) are intended for the development and implementation of proven methods for achieving a required level of information security. These criteria are utilized, first and foremost, when conducting certification assessments of general purpose systems. The Russian Federation is creating specialized systems for nuclear material control and accountancy (MC and A) within the framework of the international laboratory-to-laboratory collaboration. Depending on the conditions in which the MC and A system is intended to operate, some of the criteria and the attendant certification requirements may exceed those established or may overlap the requirements established for attestation of such systems. In this regard it is possible to modify the certification and attestation requirements depending on the conditions in which a system will operate in order to achieve the ultimate goal--implementation of the systems in the industry.

  19. Information Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1995-09-28

    Establishes an Information Security Program for the protection and control of classified and sensitive information. Cancels DOE 5630.8A, DOE 5639.1, DOE 5639.5, DOE 5639.6A, DOE 5639.7, DOE M 5632.1C-1, Chapter III, Para. 1, 2, and 4-9

  20. National Security System Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2007-03-08

    The manual provides baseline requirements and controls for the graded protection of the confidentiality, integrity, and availability of classified information and information systems used or operated by the Department of Energy (DOE), contractors, and any other organization on behalf of DOE, including the National Nuclear Security Administration. Cancels DOE M 471.2-2. Canceled by DOE O 205.1B.

  1. T-582: RSA systems has resulted in certain information being extracted from RSA systems that relates to RSA SecurID

    Broader source: Energy.gov [DOE]

    RSA investigation has revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is related to RSA's SecurID two-factor authentication products.

  2. Implementing Information Security and Its Technology: A LineManagement...

    Office of Scientific and Technical Information (OSTI)

    Country of Publication: United States Language: English Subject: 29; 99; INFORMATION SYSTEMS; MANAGEMENT; SECURITY cybersecurity cyberlaw information management privacy Word...

  3. Information Security Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-16

    This Manual establishes security requirements for the protection and control of matter required to be classified or controlled by statutes, regulations, or U.S. Department of Energy directives. Cancels DOE M 470.4-4 Chg 1. DOE M 470.4-4A Chg 1 issued 10-12-10.

  4. Information Security Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2010-10-12

    The Manual establishes security requirements for the protection and control of matter required to be classified or controlled by statutes, regulations, or U.S. Department of Energy (DOE) directives. Original dated dated 1-16-09. Canceled by DOE O 471.6--except for Section D.

  5. Security Forms and Information | Department of Energy

    Office of Environmental Management (EM)

    New Employee Orientation Security Forms and Information Security Forms and Information ... Until such time as the new employee receives a permanent photo identification badge, the ...

  6. Information Security: Coordination of Federal Cyber Security Research and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Development | Department of Energy Information Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that the Office of Science and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to

  7. ETTP Security Access Control System (ESACS) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) ETTP Security Access Control System (ESACS) (218.51 KB) More Documents & Publications PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL PeopleSoft - Human Resource System PIA - Human Resources - Personal Information Change Request - Idaho National Engineering Laboratory

  8. Secure video communications system

    DOE Patents [OSTI]

    Smith, Robert L.

    1991-01-01

    A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  9. Intelligent mobile security systems

    SciTech Connect (OSTI)

    Allen, M.S. )

    1991-01-01

    This paper reports that mobile security systems are becoming increasingly important to military (Army, Air Force) and non-military (Drug Enforcement Agency, Border Patrol) organizations as the level and sophistication of terrorist activity increases. Frequently, organizations are required to deploy at remote sites on little notice. To ensure protection of life and equipment, security systems are sometimes required. Often, the personnel deployed on these missions are not adequately trained in the selection, installation, and operation of today's complex security equipment. The Intelligent Mobile Security System (IMSS) concept, as being developed by Sandia National Laboratories (SNL), allows untrained, non-technical personnel to configure, deploy, operate, and troubleshoot temporary/mobile physical security system. The IMSS may be used at nuclear facilities.

  10. Information Security: Coordination of Federal Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to repositories. In commenting on a draft ...

  11. Cyber Securing Control Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Industrial Control Systems Integration into the DoD Networks A Briefing in Response to House Report 113-102, Accompanying the FY14 National Defense Authorization Act Unclassified - Distribution Statement A August, 2015 Cyber Securing Control Systems Acquisition, Technology and Logistics 2 DoD Scope of Platform IT & Control Systems * Acquisitions / Weapon Systems - H,M & E (ships / subs, missiles, UVs, etc.) - Training Simulators, 3D printing, etc. * EI&E - Buildings & linear

  12. Program Information | National Nuclear Security Administration | (NNSA)

    National Nuclear Security Administration (NNSA)

    Program Information FY 2015 Performance Evaluation Plan (PEP) FY 2013 Performance Evaluation Report (PER) International Union, Security, Police and Fire Professionals of America Contract International Association of Machinists and Aerospace Workers Agreement HS&E Management System Description and Worker Safety and Health Program 2015 Small Business Program (FY 2009 - 2015); Link to FY 2014 Negotiated Subcontracting Goals with Agencies (including DOE)

  13. Nuclear Materials Information Program | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    Information Program | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing Proliferation Powering the...

  14. Security Equipment and Systems Certification Program (SESCP)

    SciTech Connect (OSTI)

    Steele, B.J.; Papier, I.I.

    1996-06-20

    Sandia National Laboratories (SNL) and Underwriters Laboratories, Inc., (UL) have jointly established the Security Equipment and Systems Certification Program (SESCP). The goal of this program is to enhance industrial and national security by providing a nationally recognized method for making informed selection and use decisions when buying security equipment and systems. The SESCP will provide a coordinated structure for private and governmental security standardization review. Members will participate in meetings to identify security problems, develop ad-hoc subcommittees (as needed) to address these identified problems, and to maintain a communications network that encourages a meaningful exchange of ideas. This program will enhance national security by providing improved security equipment and security systems based on consistent, reliable standards and certification programs.

  15. Determining Home Range and Preferred Habitat of Feral Horses on the Nevada National Security Site Using Geographic Information Systems

    SciTech Connect (OSTI)

    Burns, Ashley V.

    2014-05-30

    Feral horses (Equus caballus) are free-roaming descendants of domesticated horses and legally protected by the Wild and Free-Roaming Horses and Burros Act of 1971, which mandates how feral horses and burros should be managed and protected on federal lands. Using a geographic information system to determine the home range and suitable habitat of feral horses on the federally managed Nevada National Security Site can enable wildlife biologists in making best management practice recommendations. Home range was estimated at 88.1 square kilometers. Site suitability was calculated for elevation, forage, slope, water presence and horse observations. These variables were combined in successive iterations into one polygon. Suitability rankings established that 85 square kilometers are most suitable habitat, with 2,052 square kilometers of good habitat 1,252 square kilometers of fair habitat and 122 square kilometers of least suitable habitat.

  16. Information Security | National Nuclear Security Administration...

    National Nuclear Security Administration (NNSA)

    It includes awareness training, evaluation of data, and the review of information prior to public release or posting to publicly available web sites to assure it does not contain ...

  17. Cyberspace security system

    DOE Patents [OSTI]

    Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

    2014-06-24

    A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

  18. Data Mining for Security Information: A Survey

    SciTech Connect (OSTI)

    Brugger, S T; Kelley, M; Sumikawa, K; Wakumoto, S

    2001-04-19

    This paper will present a survey of the current published work and products available to do off-line data mining for computer network security information. Hundreds of megabytes of data are collected every second that are of interest to computer security professionals. This data can answer questions ranging from the proactive, ''Which machines are the attackers going to try to compromise?'' to the reactive, ''When did the intruder break into my system and how?'' Unfortunately, there's so much data that computer security professionals don't have time to sort through it all. What we need are systems that perform data mining at various levels on this corpus of data in order to ease the burden of the human analyst. Such systems typically operate on log data produced by hosts, firewalls and intrusion detection systems as such data is typically in a standard, machine readable format and usually provides information that is most relevant to the security of the system. Systems that do this type of data mining for security information fall under the classification of intrusion detection systems. It is important to point out that we are not surveying real-time intrusion detection systems. Instead, we examined what is possible when the analysis is done off-line. Doing the analysis off-line allows for a larger amount of data correlation between distant sites who transfer relevant log files periodically and may be able to take greater advantage of an archive of past logs. Such a system is not a replacement for a real-time intrusion detection system but should be used in conjunction with one. In fact, as noted previously, the logs of the real-time IDS may be one of the inputs to the data mining system. We will concentrate on the application of data mining to network connection data, as opposed to system logs or the output of real-time intrusion detection systems. We do this primarily because this data is readily obtained from firewalls or real-time intrusion detectors and it

  19. Emergency Information | National Nuclear Security Administration | (NNSA)

    National Nuclear Security Administration (NNSA)

    Emergency Information The Sandia Field Office (SFO) Emergency Management System is designed to ensure that SFO, its contractors, and its tenants can respond effectively and efficiently to events categorized as operational emergencies and significant non-emergency events, and can provide emergency assistance so that appropriate response measures can be taken to protect workers, the public, the environment, and national security. The SFO maintains a cadre of experienced emergency response subject

  20. Management and Security of Personally Identifiable Information

    Broader source: Energy.gov [DOE]

    This Policy Flash transmits for your information and appropriate action the Deputy Secretary's Memorandum, Management and Security of Personally Identifiable Information, dated April 17, 2013. Further information will be transmitted as it becomes available.

  1. Site Information | National Nuclear Security Administration | (NNSA)

    National Nuclear Security Administration (NNSA)

    Site Information Facilities & Projects Nuclear Operations Environment, Safety & Health Safeguards & Security Performance & Quality Assurance Programs NEPA Reading Room

  2. T-592: Cisco Security Advisory: Cisco Secure Access Control System...

    Energy Savers [EERE]

    Control System Unauthorized Password Change Vulnerability T-592: Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability March 31, ...

  3. Laser-guidance systems, security classification. Instruction

    SciTech Connect (OSTI)

    Flickinger, A.

    1982-12-03

    The Instruction reissues Department of Defense (DoD) Instruction 5210.62, April 25, 1980, and prescribes policies, standards, and criteria governing the security classification of information pertaining to any laser-guidance system that is developed in whole or in part with information or knowledge obtained from or developed for the Department of Defense; and provides guidance to DoD Components responsible for issuing security classification guides for individual systems and equipment under their control.

  4. Center for Control System Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Control System Security Critical Infrastructure is at Risk As America's infrastructures have become more complex and interconnected, their operation and control has become more complicated as well. Automated control systems have been widely deployed to operate these infrastructures, and coupled with the networks they use to transfer data are a security vulnerability for the infrastructures they control. The Center for Control System Security at Sandia National Laboratories works with several

  5. Cyberspace Security Econometrics System (CSES)

    Energy Science and Technology Software Center (OSTI)

    2012-07-27

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for themore¬†¬Ľ criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement.¬ę¬†less

  6. Information Technology Specialist (Info Security)

    Broader source: Energy.gov [DOE]

    (See Frequently Asked Questions for more information). Where would I be working? Western Area Power Administration, Corporate Services Office, Office of the Chief Information Officer, Cyber...

  7. Aviation security: A system's perspective

    SciTech Connect (OSTI)

    Martin, J.P.

    1988-01-01

    For many years the aviation industry and airports operated with security methods and equipment common to most other large industrial complexes. At that time, the security systems primarily provided asset and property protection. However, soon after the first aircraft hijacking the focus of security shifted to emphasize the security requirements necessary for protecting the traveling public and the one feature of the aviation industry that makes it unique---the airplane. The airplane and its operation offered attractive opportunities for the homesick refugee, the mentally unstable person and the terrorist wanting to make a political statement. The airport and its aircraft were the prime targets requiring enhanced security against this escalated threat. In response, the FAA, airport operators and air carriers began to develop plans for increasing security and assigning responsibilities for implementation.

  8. Control Systems Cyber Security Standards Support Activities

    SciTech Connect (OSTI)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  9. U-200: Red Hat Directory Server Information Disclosure Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    0: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability U-200: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability June 27,...

  10. Physical Security Systems | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    NNSA uses, for example, concrete blocks, razor-wire barriers, and steel-plated fighting positions to upgrade its physical security features. It has eliminated public access to ...

  11. Selecting RMF Controls for National Security Systems

    SciTech Connect (OSTI)

    Witzke, Edward L.

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  12. Page 10, Security Forms and Information

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    10 of 11 Previous Page Security Forms and Information Building Access and DOE Badges Employees entering DOE facilities must have either a DOE photo identification Security Badge or a DOE Temporary Badge. Either badge must be displayed above the waist in plain view at all times while in DOE facilities. Employees must present said badges to Protective Force personnel for inspection prior to entry into the facilities. You should have been provided instruction by email regarding training that must

  13. The U.S. Department of Energy, National Nuclear Security Agency's Use of Geographic Information Systems for Nuclear Emergency Response Support

    SciTech Connect (OSTI)

    A. L. Guber

    2001-06-01

    The U.S, Department of Energy (DOE), National Nuclear Security Agency's (NNSA) Remote Sensing Laboratory (RSL) provides Geographic Information System (GIS) support during nuclear emergency response activities. As directed by the NNSA, the RSL GIS staff maintains databases and equipment for rapid field deployment during an emergency response. When on location, GIS operators provide information products to on-site emergency managers as well as to emergency managers at the DOE Headquarters (HQ) Emergency Operations Center (EOC) in Washington, D.C. Data products are derived from multiple information sources in the field including radiological prediction models, field measurements taken on the ground and from the air, and pertinent information researched on the Internet. The GIS functions as a central data hub where it supplies the information to response elements in the field, as well as to headquarters officials at HQ during emergency response activities.

  14. Supervisory Information Technology Specialist (Information Security)

    Broader source: Energy.gov [DOE]

    The Office of the Chief Information Officer is seeking a motivated and highly-qualified candidate to serve as the Director of the Cybersecurity Operations Office and oversee development and...

  15. Cyber Security and Resilient Systems

    SciTech Connect (OSTI)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation‚Äôs cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested ‚Äď both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  16. Securing Control Systems Modems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ......... 17 Figure 5. Man-In-The-Middle attack on modem ... System LAN Local Area Network MITM Man-In-The-Middle OS Operating System PBX ...

  17. DOE Releases Request for Information for Y-12 National Security...

    Office of Environmental Management (EM)

    Y-12 National Security Complex Water Treatment Facility Construction DOE Releases Request for Information for Y-12 National Security Complex Water Treatment Facility Construction ...

  18. How to implement security controls for an information security program at CBRN facilities

    SciTech Connect (OSTI)

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  19. System and method for secure group transactions

    DOE Patents [OSTI]

    Goldsmith, Steven Y.

    2006-04-25

    A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

  20. Integrated Security System | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Integrated Security System Integrated Security System A security platform providing multi-layer intrusion detection and security management for a networked energy control systems architecture Integrated Security System (1.49 MB) More Documents & Publications Cybersecurity for Energy Delivery Systems 2010 Peer Review Presentations - Vulnerability and Intrusion Detection Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Impacts of IPv6 on Infrastructure Control

  1. Secure Control Systems for the Energy Sector

    SciTech Connect (OSTI)

    Smith, Rhett; Campbell, Jack; Hadley, Mark

    2012-03-31

    Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

  2. PIA - Security Clearance Work Tracking and Budget System | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Work Tracking and Budget System PIA - Security Clearance Work Tracking and Budget System PIA - Security Clearance Work Tracking and Budget System PIA - Security Clearance Work Tracking and Budget System (202.44 KB) More Documents & Publications Freedom of Information and Privacy Act Database PIA, Idaho Operations Office PIA - INL Education Programs Business Enclave Integrated Safety Management Workshop Registration, PIA, Idaho National Laboratory

  3. PIA - Security Clearance Tracking System | Department of Energy

    Office of Environmental Management (EM)

    Tracking System PIA - Security Clearance Tracking System PIA - Security Clearance Tracking System PIA - Security Clearance Tracking System (209.32 KB) More Documents & Publications ...

  4. DOE Integrated Security System (DISS) preliminary communication security analysis

    SciTech Connect (OSTI)

    Sweeney, D. J.

    1993-10-01

    The purpose of this analysis is to document a technical approach to improve DOE Integrated Security System (DISS) dial-up communications security and the requirements to address them. This document is not intended as a comprehensive analysis of the security aspects of the DISS computer system but rather as an analysis of the dial-up communications security as it pertains to the use of the DISS database in the new DOE Automated Visitors Access Control System (DAVACS) procedures. Current access controls into the DISS will be discussed with emphasis on the DAVACS procedures. Recommendations will be provided for increasing the dial-up communications security into DISS as it relates to the automated visit procedures. Finally a design for an encrypted dial-up communication link to DISS will be given.

  5. Control Systems Security Standards: Accomplishments And Impacts |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Control Systems Security Standards: Accomplishments And Impacts Control Systems Security Standards: Accomplishments And Impacts This report describes the accomplishments and impacts of the standards team towards achieving these three goals and describes the follow-on efforts that need to be made toward meeting the priority strategies defined in the DOE/DHS Roadmap to Secure Control Systems in the Energy Sector. Control Systems Security Standards: Accomplishments

  6. V-192: Symantec Security Information Manager Input Validation...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Flaws Permit Cross-Site Scripting, SQL Injection, and Information Disclosure Attacks V-192: Symantec Security Information Manager Input Validation Flaws Permit Cross-Site...

  7. Headquarters Facilities Master Security Plan- Chapter 13, Controlled Unclassified Information

    Office of Energy Efficiency and Renewable Energy (EERE)

    2016 Headquarters Facilities Master Security Plan - Chapter 13, Controlled Unclassified Information Describes DOE Headquarters procedures for protecting Controlled Unclassified Information (CUI).

  8. Sandia National Laboratories: National Security Missions: Defense Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and Assessments: Program Areas Defense Systems About Defense Systems & Assessments Program Areas Accomplishments Cybersecurity Programs Program Areas EOD security and defense photo Sandia's engineering, science, and technology expertise helps anticipate and solve the nation's toughest security challenges. Defense Systems & Assessments work is focused in seven main program areas: Information Operations: Information Operations develops technologies that help protect U.S. government,

  9. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    SciTech Connect (OSTI)

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  10. Security classification of information concerning high-energy lasers. Instruction

    SciTech Connect (OSTI)

    MacCallum, J.

    1981-09-18

    The Instruction reissues Department of Defense (DoD) Instruction 5210.61, April 7, 1977, to update policy and guidance, and establishes uniform criteria for the security classification of information concerning DoD programs and projects involving the research, development, test and evaluation (RDT E), application, production, and operational use of high-energy lasers (HEL), and their application for military purposes, whether as weapons or in other military systems.

  11. Control Systems Security News Archive | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu Announces Latest Efforts to Address Cybersecurity ...

  12. Roadmap to Secure Control Systems in the Energy Sector - January...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy Sector - January 2006 Roadmap to Secure Control Systems in the Energy Sector - January 2006 This document, the Roadmap to Secure...

  13. Farmland Security Zone | Open Energy Information

    Open Energy Info (EERE)

    Security Zone Jump to: navigation, search OpenEI Reference LibraryAdd to library Legal Document- OtherOther: Farmland Security ZoneLegal Abstract California Department of...

  14. Pantex Occupational Health System (OHS), National Nuclear Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security ...

  15. Pantex Occupational Health System (OHS), National Nuclear Security...

    Energy Savers [EERE]

    Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security...

  16. Small Business Sourcing System | National Nuclear Security Administration |

    National Nuclear Security Administration (NNSA)

    (NNSA) Sourcing System NNSA is implementing a system housing small businesses that have participated in our Opportunity Sessions, and have completed the NNSA Capabilities Questionnaire. Information is gathered relevant to the performance of each small business and included in the system. Among the information contained is: Active contract vehicles Past performance information Primary performance areas Security clearance information Teaming partners As the database becomes more fully

  17. The Department of Energy's National Security Information Fundamental...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Department of Energy's National Security Information Fundamental Classification Guidance Review The goals of this review process was to evaluate the guidance content, determine ...

  18. Developing Secure Power Systems Professional Competence: Alignment...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Professional Competence: Alignment and Gaps in Workforce Development Programs - Phase 2 (JulyAugust 2013) Developing Secure Power Systems Professional Competence: Alignment and ...

  19. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    SciTech Connect (OSTI)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  20. Common Cyber Security Vulnerabilities Observed in Control System

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Assessments by the INL NSTB Program | Department of Energy Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program This document presents results from 16 control system assessments performed under the NSTB program from 2003 through 2007. Information found in individual stakeholder reports is protected from disclosure. Researchers recognized that

  1. Secure Smart Grid Association | Open Energy Information

    Open Energy Info (EERE)

    Smart Grid Association Jump to: navigation, search Name: Secure Smart Grid Association Address: 2374 S Josephine St Place: Denver, Colorado Zip: 80210 Region: Rockies Area Number...

  2. PKI-based security for peer-to-peer information sharing

    SciTech Connect (OSTI)

    Berket, Karlo; Essiari, Abdelilah; Muratas, Artur

    2004-05-02

    The free flow of information is the feature that has made peer-to-peer information sharing applications popular. However, this very feature holds back the acceptance of these applications by the corporate and scientific communities. In these communities it is important to provide confidentiality and integrity of communication and to enforce access control to shared resources. We present a number of security mechanisms that can be used to satisfy these security requirements. Our solutions are based on established and proven security techniques and we utilize existing technologies when possible. As a proof of concept, we have developed an information sharing system, called scishare, which integrates a number of these security mechanisms to provide a secure environment for information sharing. This system will allow a broader set of user communities to benefit from peer-to-peer information sharing.

  3. Secure videoconferencing equipment switching system and method

    DOE Patents [OSTI]

    Hansen, Michael E.

    2009-01-13

    A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

  4. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    SciTech Connect (OSTI)

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  5. Site Information | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    LLNL is also home to a broad range of national security work for the DoD, DHS, the ... testing, and training in support of NNSA, the DoD, DHS, and other federal agencies. ...

  6. Secure Information Exchange Gateway for Electric Grid Operations

    SciTech Connect (OSTI)

    Robertson, F. Russell; Carroll, J. Ritchie; Sanders, William; Yardley, Timothy; Heine, Erich; Hadley, Mark; McKinnon, David; Motteler, Barbara; Giri, Jay; Walker, William; McCartha, Esrick

    2014-09-30

    The major objectives of the SIEGate project were to improve the security posture and minimize the cyber-attack surface of electric utility control centers and to reduce the cost of maintaining control-room-to-control-room information exchange. Major project goals included the design, development, testing, and commercialization of a single security-hardened appliance that could meet industry needs for resisting cyber-attacks while protecting the confidentiality and integrity of a growing volume of real-time information needed to ensure the reliability of the bulk electric system and interoperating with existing data formats and networking technologies. The SIEGate project has achieved its goals and objectives. The SIEGate Design Document, issued in March 2012, presented SIEGate use cases, provided SIEGate requirements, established SIEGate design principles, and prescribed design functionality of SIEGate as well as the components that make up SIEGate. SIEGate Release Version 1.0 was posted in January 2014. Release Version 1.0.83, which was posted on March 28, 2014, fixed many issues discovered by early adopters and added several new features. Release Candidate 1.1, which added additional improvements and bug fixes, was posted in June 2014. SIEGate executables have been downloaded more than 300 times. SIEGate has been tested at PJM, Entergy, TVA, and Southern. Security testing and analysis of SIEGate has been conducted at PNNL and PJM. Alstom has provided a summary of recommended steps for commercialization of the SIEGate Appliance and identified two deployment models with immediate commercial application.

  7. Network Information System

    Energy Science and Technology Software Center (OSTI)

    1996-05-01

    The Network Information System (NWIS) was initially implemented in May 1996 as a system in which computing devices could be recorded so that unique names could be generated for each device. Since then the system has grown to be an enterprise wide information system which is integrated with other systems to provide the seamless flow of data through the enterprise. The system Iracks data for two main entities: people and computing devices. The following aremore¬†¬Ľ the type of functions performed by NWIS for these two entities: People Provides source information to the enterprise person data repository for select contractors and visitors Generates and tracks unique usernames and Unix user IDs for every individual granted cyber access Tracks accounts for centrally managed computing resources, and monitors and controls the reauthorization of the accounts in accordance with the DOE mandated interval Computing Devices Generates unique names for all computing devices registered in the system Tracks the following information for each computing device: manufacturer, make, model, Sandia property number, vendor serial number, operating system and operating system version, owner, device location, amount of memory, amount of disk space, and level of support provided for the machine Tracks the hardware address for network cards Tracks the P address registered to computing devices along with the canonical and alias names for each address Updates the Dynamic Domain Name Service (DDNS) for canonical and alias names Creates the configuration files for DHCP to control the DHCP ranges and allow access to only properly registered computers Tracks and monitors classified security plans for stand-alone computers Tracks the configuration requirements used to setup the machine Tracks the roles people have on machines (system administrator, administrative access, user, etc...) Allows systems administrators to track changes made on the machine (both hardware and software) Generates an

  8. Network Information System

    SciTech Connect (OSTI)

    1996-05-01

    The Network Information System (NWIS) was initially implemented in May 1996 as a system in which computing devices could be recorded so that unique names could be generated for each device. Since then the system has grown to be an enterprise wide information system which is integrated with other systems to provide the seamless flow of data through the enterprise. The system Iracks data for two main entities: people and computing devices. The following are the type of functions performed by NWIS for these two entities: People Provides source information to the enterprise person data repository for select contractors and visitors Generates and tracks unique usernames and Unix user IDs for every individual granted cyber access Tracks accounts for centrally managed computing resources, and monitors and controls the reauthorization of the accounts in accordance with the DOE mandated interval Computing Devices Generates unique names for all computing devices registered in the system Tracks the following information for each computing device: manufacturer, make, model, Sandia property number, vendor serial number, operating system and operating system version, owner, device location, amount of memory, amount of disk space, and level of support provided for the machine Tracks the hardware address for network cards Tracks the P address registered to computing devices along with the canonical and alias names for each address Updates the Dynamic Domain Name Service (DDNS) for canonical and alias names Creates the configuration files for DHCP to control the DHCP ranges and allow access to only properly registered computers Tracks and monitors classified security plans for stand-alone computers Tracks the configuration requirements used to setup the machine Tracks the roles people have on machines (system administrator, administrative access, user, etc...) Allows systems administrators to track changes made on the machine (both hardware and software) Generates an adjustment

  9. Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

    SciTech Connect (OSTI)

    Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo; Mili, Ali; Trien, Joseph P

    2006-01-01

    The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

  10. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    SciTech Connect (OSTI)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  11. Information System Owner (ISO) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Owner (ISO) Information System Owner (ISO) startup-849805_960_720.jpg The Information System Owner (ISO) is responsible for every stage in the lifecycle of an information system, including: procurement development integration modification operation maintenance retirement The ISO is a key contributor in: developing system design specifications testing implementation Information System Owner Core Competency Training Worksheet (209.1 KB) More Documents & Publications Information System Security

  12. GAO-06-811 Information Security: Coordination of Federal Cyber...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    secure, networked computer systems in the federal government and in the private sector. ... Chairman: Dramatic increases in computer interconnectivity, especially in the use of the ...

  13. Membership Information | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Our Locations Albuquerque Complex Federal Asian Pacific American Council - New Mexico Chapter Albuquerque, NM Membership Information Membership Information "Promoting...

  14. Recommended Practice for Securing Control System Modems

    SciTech Connect (OSTI)

    James R. Davidson; Jason L. Wright

    2008-01-01

    This paper addresses an often overlooked ďbackdoorĒ into critical infrastructure control systems created by modem connections. A modemís connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

  15. Situated Usability Testing for Security Systems

    SciTech Connect (OSTI)

    Greitzer, Frank L.

    2011-03-02

    While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused on matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.

  16. Secure videoconferencing equipment switching system and method

    DOE Patents [OSTI]

    Dirks, David H; Gomes, Diane; Stewart, Corbin J; Fischer, Robert A

    2013-04-30

    Examples of systems described herein include videoconferencing systems having audio/visual components coupled to a codec. The codec may be configured by a control system. Communication networks having different security levels may be alternately coupled to the codec following appropriate configuration by the control system. The control system may also be coupled to the communication networks.

  17. Secure and Efficient Routable Control Systems

    SciTech Connect (OSTI)

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  18. The Department of Energy's National Security Information Fundamental

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Classification Guidance Review | Department of Energy The Department of Energy's National Security Information Fundamental Classification Guidance Review The Department of Energy's National Security Information Fundamental Classification Guidance Review The goals of this review process was to evaluate the guidance content, determine if the guidance conforms to current operational and technical circumstances, determine if the guidance meets the standards for classification under section 1.4

  19. Control Systems Cyber Security: Defense in Depth Strategies ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Security: Defense in Depth Strategies Control Systems Cyber Security: Defense in ... strategies for organizations that use control system networks while maintaining a ...

  20. A Summary of Control System Security Standards Activities in...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) A Summary of Control System Security Standards Activities in the Energy Sector ...

  1. National SCADA Test Bed - Enhancing control systems security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    National SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) National SCADA Test Bed - Enhancing control systems security in the energy sector...

  2. National SCADA Test Bed - Enhancing control systems security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) National SCADA Test Bed - Enhancing control systems security in the energy sector ...

  3. Roadmap to Secure Control Systems in the Energy: Executive Summary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 This document, the Roadmap to...

  4. DOE and Industry Showcase New Control Systems Security Technologies...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    and Industry Showcase New Control Systems Security Technologies at DistribuTECH DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH March 25, 2010 - ...

  5. Roadmap to Secure Control Systems in the Energy: Executive Summary...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy: Executive Summary - 2006 Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 This document, the Roadmap to Secure Control Systems in the Energy ...

  6. Roadmap to Secure Control Systems in the Energy Sector - January...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    - January 2006 Roadmap to Secure Control Systems in the Energy Sector - January 2006 This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent ...

  7. Control Systems Security Standards: Accomplishments & Impacts

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    019 Unlimited Release November 2007 Control Systems Security Standards Accomplishments & Impacts Ronald Halbgewachs Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 and Livermore, California 94550 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000. Approved for public release; further dissemination unlimited.

  8. Control Systems Security Standards: Accomplishments & Impacts

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    7-7019 Unlimited Release November 2007 Control Systems Security Standards Accomplishments & Impacts Ronald Halbgewachs Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 and Livermore, California 94550 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000. Approved for public release; further dissemination

  9. Program Information | National Nuclear Security Administration...

    National Nuclear Security Administration (NNSA)

    Program Information FY 2015 Performance Evaluation Plan (PEP) FY 2013 Performance ... Description and Worker Safety and Health Program 2015 Small Business Program (FY 2009 - ...

  10. National Security Information Classification Guidance Fundamental...

    Broader source: Energy.gov (indexed) [DOE]

    ... Isotopes Separation by the Atomic Vapor Laser Isotope Separation Process (CG-UAV-2) . ... classification is based on an assessment of the damage done by releasing this information. ...

  11. Important Information | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Important Information Important Information From time to time, important information for subcontractors to Y-12 is posted on this web page. If you have a question that is not answered here, please contact Procurement at 865.576.8500. Taxes on sales to Y-12 are subject to the the provisions of the State of Tennessee Sales Tax Rule and Regulation Number 68. See the Y-12 Blanket Certificate of Resale (PDF), which includes the letter from the Tennessee Department of Revenue. Financial information,

  12. Design tools for complex dynamic security systems.

    SciTech Connect (OSTI)

    Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III; Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

    2007-01-01

    The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

  13. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  14. Pantex Occupational Health System (OHS), National Nuclear Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Administration Pantex Site Office | Department of Energy Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office Pantex Occupational Health System (OHS), National Nuclear Security Administration Pantex Site Office (337.13 KB) More Documents &

  15. Implementing Information Security and Its Technology: A LineManagement Perspective

    SciTech Connect (OSTI)

    Barletta, William A.

    2005-08-22

    Assuring the security and privacy of institutionalinformation assets is a complex task for the line manager responsible forinternational and multi-national transactions. In the face of an unsureand often conflicting international legal framework, the line managermust employ all available tools in an Integrated Security and PrivacyManagement framework that ranges from legal obligations, to policy, toprocedure, to cutting edge technology to counter the rapidly evolvingcyber threat to information assets and the physical systems thatinformation systems control.

  16. Mitigations for Security Vulnerabilities Found in Control System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Mitigations for Security Vulnerabilities Found in Control System Networks (425.98 KB) More Documents & Publications Cyber Assessment Methods for SCADA Security Introduction SCADA ...

  17. Security of Foreign Intelligence Information and Sensitive Compartmented Information Facilities

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1993-07-23

    The order establishes responsibilities and authorities for protecting Foreign Intelligence Information (FII) and Sensitive Compartmented Information Facilities (SCIFs) within DOE. Supersedes DOE 5639.8.

  18. A voice password system for access security

    SciTech Connect (OSTI)

    Birnbaum, M.; Cohen, L.A.; Welsh, F.X.

    1986-09-01

    A voice password system for access security using speaker verification technology has been designed for use over dial-up telephone lines. The voice password system (VPS) can provide secure access to telephone networks, computers, rooms, and buildings. It also has application in office automation systems, electric funds transfer, and ''smart cards'' (interactive computers embedded in credit-card-sized packages). As increasing attention is focused on access security in the public, private, and government sectors, the voice password system can provide a timely solution to the security dilemma. The VPS uses modes of communication available to almost everyone (the human voice and the telephone). A user calls the VPS, enters his or her identification number (ID) by touch-tone telephone, and then speaks a password. This is usually a phrase or a sentence of about seven syllables. On initial calls, the VPS creates a model of the user's voice, called a reference template, and labels it with the caller's unique user ID. To gain access later, the user calls the system, enters the proper user ID, and speaks the password phrase. The VPS compares the user's stored reference template with the spoken password and produces a distance score.

  19. Secure Data Transfer Guidance for Industrial Control and SCADA Systems

    SciTech Connect (OSTI)

    Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

    2011-09-01

    This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

  20. Comparison of Routable Control System Security Approaches

    SciTech Connect (OSTI)

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  1. ORO Office Safeguards and Security Clearance Tracking System and Visitor

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Control System PIA, Oak Ridge Operations Office | Department of Energy Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and Visitor Control System PIA, Oak Ridge Operations Office ORO Office Safeguards and Security Clearance Tracking System and

  2. The FELICIA bulletin board system and the IRBIS anonymous FTP server: Computer security information sources for the DOE community. CIAC-2302

    SciTech Connect (OSTI)

    Orvis, W.J.

    1993-11-03

    The Computer Incident Advisory Capability (CIAC) operates two information servers for the DOE community, FELICIA (formerly FELIX) and IRBIS. FELICIA is a computer Bulletin Board System (BBS) that can be accessed by telephone with a modem. IRBIS is an anonymous ftp server that can be accessed on the Internet. Both of these servers contain all of the publicly available CIAC, CERT, NIST, and DDN bulletins, virus descriptions, the VIRUS-L moderated virus bulletin board, copies of public domain and shareware virus- detection/protection software, and copies of useful public domain and shareware utility programs. This guide describes how to connect these systems and obtain files from them.

  3. Function allocation in distributed safeguards and security systems

    SciTech Connect (OSTI)

    Barlich, G.L. )

    1991-01-01

    Computerized distributed systems are being used to collect and manage data for activities such as nuclear materials accounting, process control, laboratory coordination, and security. Poor choices made in allocating functions to individual processors can make a system unusable by burdening machines with excessive network retrievals and updates. During system design phases, data allocation algorithms based on operation frequencies, field sizes, security information, and reliability requirements can be applied in sensitivity studies to mathematically ensure processor efficiency. The Los Alamos Network Design System (NDS) implements such an allocation algorithm. The authors analyzed a large, existing distributed system to test the cost functions and to compare actual network problems with NDS results. Several common configurations were also designed and studied using the software. From these studies, some basic principles for allocating functions emerged. In this paper recommendations for function allocation in generic systems and related design options are discussed.

  4. Security Profile Inspector for UNIX Systems

    Energy Science and Technology Software Center (OSTI)

    1995-04-01

    SPI/U3.2 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Authentication Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configurationmore¬†¬Ľ Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX system security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.¬ę¬†less

  5. System and method for key generation in security tokens

    SciTech Connect (OSTI)

    Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.; Pooser, Raphael C.; Prowell, Stacy J.

    2015-10-27

    Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

  6. System and method for key generation in security tokens

    DOE Patents [OSTI]

    Evans, Philip G; Humble, Travis S; Paul, Nathanael R; Pooser, Raphael C; Prowell, Stacy J

    2015-11-05

    Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

  7. Special nuclear material information, security classification guidance. Instruction

    SciTech Connect (OSTI)

    Flickinger, A.

    1982-12-03

    The Instruction reissues DoD Instruction 5210.67, July 5, 1979, and provides security classification guidance for information concerning significant quantities of special nuclear material, other than that contained in nuclear weapons and that used in the production of energy in the reactor plant of nuclear-powered ships. Security classification guidance for these data in the latter two applications is contained in Joint DoE/DoD Nuclear Weapons Classification Guide and Joint DoE/DoD Classification Guide for the Naval Nuclear Propulsion Program.

  8. Aerial Monitoring System | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Aerial Monitoring System NNSA to Conduct Aerial Radiation Monitoring Survey Over Philadelphia July 18-20 Philadelphia - On July 18 through July 20, the U.S. Department of Energy's National Nuclear Security Administration's (NNSA) will conduct low-altitude helicopter flights around Philadelphia to measure naturally occurring background radiation in support of the Democratic National... NNSA to Participate in Aerial Radiation Training Exercise in Philadelphia, Pennsylvania (WASHINGTON, D.C.) - On

  9. Ultra Safe And Secure Blasting System

    SciTech Connect (OSTI)

    Hart, M M

    2009-07-27

    The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

  10. Roadmap to Secure Control Systems in the Energy Sector 2006 ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation ...

  11. Control Systems Security News Archive | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ¬Ľ Control Systems Security News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu Announces Latest Efforts to Address Cybersecurity August 2010: - DOE 2010 Cybersecurity Peer Review Update March 2010 - DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH Feb. 2010 - DOE Issues National Energy Sector Cyber Organization Notice of Intent Nov. 2009 - New TCIPG Research Program Builds on Past Successes

  12. Control Systems Cyber Security:Defense in Depth Strategies

    SciTech Connect (OSTI)

    David Kuipers; Mark Fabro

    2006-05-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‚Äėdefense-in-depth‚Äô strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  13. Common Cyber Security Vulnerabilities Observed in Control System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Systems (September 2011) Vulnerability Analysis of Energy Delivery Control Systems - 2011 Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems

  14. NNSA's G2 Management Information System Wins Association for Enterprise

    National Nuclear Security Administration (NNSA)

    Information's (AFEI) "Excellence in Enterprise Information Award" | National Nuclear Security Administration | (NNSA) NNSA's G2 Management Information System Wins Association for Enterprise Information's (AFEI) "Excellence in Enterprise Information Award" February 17, 2016 The G2 team and the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information Award. (WASHINGTON, D.C) - The National Nuclear Security Administration (NNSA) has received

  15. Control Systems Security Test Center - FY 2004 Program Summary

    SciTech Connect (OSTI)

    Robert E. Polk; Alen M. Snyder

    2005-04-01

    In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nationís critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

  16. Photovoltaic Geographical Information System | Open Energy Information

    Open Energy Info (EERE)

    Information System Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Photovoltaic Geographical Information System Focus Area: Renewable Energy Topics: Opportunity...

  17. Information extraction system

    SciTech Connect (OSTI)

    Lemmond, Tracy D; Hanley, William G; Guensche, Joseph Wendell; Perry, Nathan C; Nitao, John J; Kidwell, Paul Brandon; Boakye, Kofi Agyeman; Glaser, Ron E; Prenger, Ryan James

    2014-05-13

    An information extraction system and methods of operating the system are provided. In particular, an information extraction system for performing meta-extraction of named entities of people, organizations, and locations as well as relationships and events from text documents are described herein.

  18. Roadmap to Secure Control Systems in the Energy Sector 2006 ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Roadmap to Secure Control Systems in the Energy Sector 2006 - Presentation to the 2008 ieRoadmap Workshop Presentation by Hank Kenchington on the 2006 roadmap to secure control ...

  19. Security

    Office of Energy Efficiency and Renewable Energy (EERE)

    Security refers to the security of the stream of principal and interest repayments and what happens in the event that a secured loan defaults.

  20. Secure quantum private information retrieval using phase-encoded queries

    SciTech Connect (OSTI)

    Olejnik, Lukasz

    2011-08-15

    We propose a quantum solution to the classical private information retrieval (PIR) problem, which allows one to query a database in a private manner. The protocol offers privacy thresholds and allows the user to obtain information from a database in a way that offers the potential adversary, in this model the database owner, no possibility of deterministically establishing the query contents. This protocol may also be viewed as a solution to the symmetrically private information retrieval problem in that it can offer database security (inability for a querying user to steal its contents). Compared to classical solutions, the protocol offers substantial improvement in terms of communication complexity. In comparison with the recent quantum private queries [Phys. Rev. Lett. 100, 230502 (2008)] protocol, it is more efficient in terms of communication complexity and the number of rounds, while offering a clear privacy parameter. We discuss the security of the protocol and analyze its strengths and conclude that using this technique makes it challenging to obtain the unconditional (in the information-theoretic sense) privacy degree; nevertheless, in addition to being simple, the protocol still offers a privacy level. The oracle used in the protocol is inspired both by the classical computational PIR solutions as well as the Deutsch-Jozsa oracle.

  1. Environmental geographic information system.

    SciTech Connect (OSTI)

    Peek, Dennis; Helfrich, Donald Alan; Gorman, Susan

    2010-08-01

    This document describes how the Environmental Geographic Information System (EGIS) was used, along with externally received data, to create maps for the Site-Wide Environmental Impact Statement (SWEIS) Source Document project. Data quality among the various classes of geographic information system (GIS) data is addressed. A complete listing of map layers used is provided.

  2. Secure Retrieval of FFTF Testing, Design, and Operating Information

    SciTech Connect (OSTI)

    Butner, R. Scott; Wootan, David W.; Omberg, Ronald P.; Makenas, Bruce J.; Nielsen, Deborah

    2009-10-01

    One of the goals of the Advanced Fuel Cycle Initiative (AFCI) is to preserve the knowledge that has been gained in the United States on Liquid Metal Reactors (LMR). In addition, preserving LMR information and knowledge is part of a larger international collaborative activity conducted under the auspices of the International Atomic Energy Agency (IAEA). A similar program is being conducted for EBR-II at the Idaho Nuclear Laboratory (INL) and international programs are also in progress. Knowledge preservation at the FFTF is focused on the areas of design, construction, startup, and operation of the reactor. As the primary function of the FFTF was testing, the focus is also on preserving information obtained from irradiation testing of fuels and materials. This information will be invaluable when, at a later date, international decisions are made to pursue new LMRs. In the interim, this information may be of potential use for international exchanges with other LMR programs around the world. At least as important in the United States, which is emphasizing large-scale computer simulation and modeling, this information provides the basis for creating benchmarks for validating and testing these large scale computer programs. Although the preservation activity with respect to FFTF information as discussed below is still underway, the team of authors above is currently retrieving and providing experimental and design information to the LMR modeling and simulation efforts for use in validating their computer models. On the Hanford Site, the FFTF reactor plant is one of the facilities intended for decontamination and decommissioning consistent with the cleanup mission on this site. The reactor facility has been deactivated and is being maintained in a cold and dark minimal surveillance and maintenance mode until final decommissioning is pursued. In order to ensure protection of information at risk, the program to date has focused on sequestering and secure retrieval

  3. Security Notice | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Notice Security Notice Security Information This website is part of a federal computer system used to accomplish federal functions. Y-12 uses software programs to monitor this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended

  4. emergency management systems | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    systems NNSA sites prepared for disasters using real-time response management system Pantex Emergency Services now uses the Emergency Management Information System, or EMInS. From left: Maribel Martinez, Brenda Graham and Greg Roddahl. One of NNSA's missions is emergency response, so it only makes sense that our sites and labs excel at emergency management on the local level. When... Building International Emergency Management Systems NNSA helps nations develop the core elements of an emergency

  5. NMMSS Information, Reports & Forms | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) NMMSS Information, Reports & Forms D-23 DOE Contractors Rev August 2016 D-24 NRC Licensees Rev August 2016 Change Request Forms Security Forms DOE/NRC Forms Sample Forms NMMSS Reports Code tables References NMMSS Users Guide (pdf) Frequently Asked Questions XML Schema v2 for Transactions (xsd) XML Schema v2 for Inventory (xsd) XML Schema v2 for Material Balance (xsd) NMMSS Contacts NMMSS Working Group (pdf) Newsletters DOE/NRC 741 Crosswalk to SAMS (pdf) NMMSS

  6. Security Metricsfor Process Control Systems | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Metricsfor Process Control Systems Security Metricsfor Process Control Systems This document describes the foundations of metrics, discusses application of these metrics to control system environments, introduces a metrics taxonomy, and suggests usage of metrics to achieve operational excellence. Security Metrics for Process Control Systems (1.9 MB) More Documents & Publications Report of the Cyber Security Research Needs for Open Science Workshop Visualization & Controls Program Peer

  7. MN Office of Energy Security | Open Energy Information

    Open Energy Info (EERE)

    MN Office of Energy Security Jump to: navigation, search Name: MN Office of Energy Security Place: St. Paul, MN Website: www.mnofficeofenergysecurity.c References: MN Office of...

  8. EcoSecurities India Ltd | Open Energy Information

    Open Energy Info (EERE)

    Indian subsidiary of UK CDM project developer EcoSecurities, to focus primarily on methane capture and destruction projects. References: EcoSecurities India Ltd.1 This...

  9. Contact Information Systems | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Contact Information Systems Questions about Ames Laboratory network issues, contact networks@ameslab.gov Questions about Ames Laboratory websites, contact webrequest@ameslab.gov To report spam and other suspicious email, contact abuse@ameslab.gov For questions about Ames Laboratory cyber security issues, or to report suspicious computer activity, contact cybersec@ameslab.gov For all other questions, contact the Information Systems Help Desk, During normal business hours, and for non-urgent

  10. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect (OSTI)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle‚Äôs National Security & Defense objective is, ‚Äúapplying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future‚ÄĚ. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory‚Äôs (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  11. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect (OSTI)

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  12. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  13. Process Control Systems in the Chemical Industry: Safety vs. Security

    SciTech Connect (OSTI)

    Jeffrey Hahn; Thomas Anderson

    2005-04-01

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nationís critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  14. Information systems definition architecture

    SciTech Connect (OSTI)

    Calapristi, A.J.

    1996-06-20

    The Tank Waste Remediation System (TWRS) Information Systems Definition architecture evaluated information Management (IM) processes in several key organizations. The intent of the study is to identify improvements in TWRS IM processes that will enable better support to the TWRS mission, and accommodate changes in TWRS business environment. The ultimate goals of the study are to reduce IM costs, Manage the configuration of TWRS IM elements, and improve IM-related process performance.

  15. Engineering Design Information System (EDIS)

    SciTech Connect (OSTI)

    Smith, P.S.; Short, R.D.; Schwarz, R.K.

    1990-11-01

    This manual is a guide to the use of the Engineering Design Information System (EDIS) Phase I. The system runs on the Martin Marietta Energy Systems, Inc., IBM 3081 unclassified computer. This is the first phase in the implementation of EDIS, which is an index, storage, and retrieval system for engineering documents produced at various plants and laboratories operated by Energy Systems for the Department of Energy. This manual presents on overview of EDIS, describing the system's purpose; the functions it performs; hardware, software, and security requirements; and help and error functions. This manual describes how to access EDIS and how to operate system functions using Database 2 (DB2), Time Sharing Option (TSO), Interactive System Productivity Facility (ISPF), and Soft Master viewing features employed by this system. Appendix A contains a description of the Soft Master viewing capabilities provided through the EDIS View function. Appendix B provides examples of the system error screens and help screens for valid codes used for screen entry. Appendix C contains a dictionary of data elements and descriptions.

  16. Security Framework for Control System Data Classification and Protection |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Framework for Control System Data Classification and Protection Security Framework for Control System Data Classification and Protection This document presents a data classification process that gives utility administrators, control engineers, and IT personnel a cohesive approach to deploying efficient and effective process control security. Security Framework for Control System Data Classification and Protection (230.98 KB) More Documents & Publications Essential

  17. SECURITY-CLEARENCE-TRACKING-SYSTEM.pdf

    Energy Savers [EERE]

    Department of Energy SECURING OIL AND NATURAL GAS INFRASTRUCTURES IN THE NEW ECONOMY SECURING OIL AND NATURAL GAS INFRASTRUCTURES IN THE NEW ECONOMY Based on the finding of a growing potential vulnerability, the President of the United States issued, in May 1998, a directive outlining the Administration's policy on critical infrastructure protection. SECURING OIL AND NATURAL GAS INFRASTRUCTURES IN THE NEW ECONOMY (1.55 MB) More Documents & Publications Energy Sector-Specific Plan: An

  18. Computer security plan development using an expert system

    SciTech Connect (OSTI)

    Hunteman, W.J. ); Evans, R.; Brownstein, M.; Chapman, L. )

    1990-01-01

    The Computer Security Plan Assistant (SPA) is an expert system for reviewing Department of Energy (DOE) Automated Data Processing (ADP) Security Plans. DOE computer security policies require ADP security plans to be periodically reviewed and updated by all DOE sites. SPA is written in XI-Plus, an expert system shell. SPA was developed by BDM International, Inc., under sponsorship by the DOE Center for Computer Security at Los Alamos National Laboratory. SPA runs on an IBM or compatible personal computer. It presents a series of questions about the ADP security plan being reviewed. The SPA user references the ADP Security Plan and answers the questions. The SPA user reviews each section of the security plan, in any order, until all sections have been reviewed. The SPA user can stop the review process after any section and restart later. A Security Plan Review Report is available after the review of each section of the Security Plan. The Security Plan Review Report gives the user a written assessment of the completeness of the ADP Security Plan. SPA is being tested at Los Alamos and will soon be available to the DOE community.

  19. Design of a physical security perimeter fencing system.

    SciTech Connect (OSTI)

    Mack, Thomas Kimball; Ross, Michael P.; Lin, Han Wei

    2010-10-01

    Design of a physical security perimeter fencing system requires that security designers provide effective detection, delay, and response functionalities with minimal nuisance alarms. In addition, the designers must take into considerations the security fence system life cycle cost (equipment and grounds maintenance), complexity of the terrain, safety, and environmental conditions (location of where the security fence will be installed). Often, these factors drive the security designers to design a perimeter intrusion detection and assessment system (PIDAS) that includes: (1) larger than desired footprint, (2) one or more animal control fences to minimize the nuisance alarm rate (NAR), and (3) clear zones and an isolation zone to facilitate intrusion detection and assessment by keeping the fence lines clear of vegetation, trash, and other objects that could impede the security system's performance. This paper presents a two-tier PIDAS design that focuses on effective performance specifically in high probability of detection and low NAR that minimizes cost and the footprint of the system.

  20. Initial CTBT international monitoring system security findings and recommendations

    SciTech Connect (OSTI)

    Craft, R.L.; Draelos, T.J.

    1996-08-01

    An initial security evaluation of the proposed International Monitoring System (IMS) suggests safeguards at various points in the IMS to provide reliable information to the user community. Modeling the IMS as a network of information processing nodes provides a suitable architecture for assessing data surety needs of the system. The recommendations in this paper include the use of public-key authentication for data from monitoring stations and for commands issued to monitoring stations. Other monitoring station safeguards include tamper protection of sensor subsystems, preservation of data (i.e. short-term archival), and limiting the station`s network services. The recommendations for NDCs focus on the need to provide a backup to the IDC for data archival and data routing. Safeguards suggested for the IDC center on issues of reliability. The production of event bulletins should employ {open_quotes}two-man{close_quotes} procedures. As long as the data maintains its integrity, event bulletins can be produced by NDCs as well. The effective use of data authentication requires a sound key management system. Key management systems must be developed for the authentication of data, commands, and event bulletins if necessary. It is recommended that the trust placed in key management be distributed among multiple parties. The recommendations found in this paper offer safeguards for identified vulnerabilities in the IMS with regard to data surety. However, several outstanding security issues still exist. These issues include the need to formalize and obtain a consensus on a threat model and a trust model for the IMS. The final outstanding security issue that requires in-depth analysis concerns the IDC as a potential single point of failure in the current IMS design.

  1. NREL Fills Key Leadership Role for Energy Systems Security and...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Fills Key Leadership Role for Energy Systems Security and Resilience April 6, 2015 Dr. ... a smart home, electricity storage, an electric vehicle charging station and solar panels. ...

  2. Container Security - part of the CORE system

    Energy Science and Technology Software Center (OSTI)

    2009-10-02

    A data integration system to support the US Customs and Border Protection Officers to supervise and make decisions for container inspections. CORE is designed to act as a framework to bridge the gaps between disparate data integration and delivery of disparate information visualization.

  3. 'Known Secure Sensor Measurements' for Critical Infrastructure Systems: Detecting Falsification of System State

    SciTech Connect (OSTI)

    Miles McQueen; Annarita Giani

    2011-09-01

    This paper describes a first investigation on a low cost and low false alarm, reliable mechanism for detecting manipulation of critical physical processes and falsification of system state. We call this novel mechanism Known Secure Sensor Measurements (KSSM). The method moves beyond analysis of network traffic and host based state information, in fact it uses physical measurements of the process being controlled to detect falsification of state. KSSM is intended to be incorporated into the design of new, resilient, cost effective critical infrastructure control systems. It can also be included in incremental upgrades of already in- stalled systems for enhanced resilience. KSSM is based on known secure physical measurements for assessing the likelihood of an attack and will demonstrate a practical approach to creating, transmitting, and using the known secure measurements for detection.

  4. Fact Sheet Preliminary Notice of Violation: Classified Information Security Event at LANL

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    LANL On May 27, 2015 the National Nuclear Security Administration (NNSA) issued a Preliminary Notice of Violation (PNOV) to Los Alamos National Security, LLC (LANS) for violations of Department of Energy (DOE) classified information security program requirements. LANS is the management and operating contractor for NNSA's Los Alamos National Laboratory (LANL), located in Los Alamos, New Mexico. The PNOV cites three violations of Departmental classified information security requirements related to

  5. Fact Sheet Preliminary Notice of Violation: Classified Information Security Event at SNL

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SNL On May 27, 2015, the National Nuclear Security Administration (NNSA) issued a Preliminary Notice of Violation (PNOV) to Sandia Corporation (Sandia) for violations of Department of Energy (DOE) classified information security program requirements. Sandia is the management and operating contractor for NNSA's Sandia National Laboratories (SNL), located in Albuquerque, New Mexico. The PNOV cites six violations of Departmental classified information security requirements related to a security

  6. Roadmap to Secure Control Systems in the Energy: Executive Summary

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Foreword T his document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision

  7. DOE and Industry Showcase New Control Systems Security Technologies at

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    DistribuTECH | Department of Energy and Industry Showcase New Control Systems Security Technologies at DistribuTECH DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH March 25, 2010 - 1:20pm Addthis DistribuTECH Conference Tuesday-Thursday, March 23-25, 2010 Tampa Convention Center Booth #231 Tampa, FL Join the Department of Energy and its industry partners as they showcase six new products and technologies designed to secure the nation's energy

  8. Open Energy Information Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    OpenEIS (energy information systems) Jessica Granderson Lawrence Berkeley National Laboratory JGranderson@lbl.gov, 510.486.6792 April 3, 2013 2 | Building Technologies Office eere.energy.gov Purpose & Objectives Problem Statement: Advanced algorithms and analyses can enable 5-40% savings, yet are rarely adopted; 3 relevant barriers include: 1. Lack of awareness that simple analytics can be used to generate valuable insights and actionable information, without further training 2. Risk

  9. Secure control systems with application to cyber-physical systems

    SciTech Connect (OSTI)

    Dong, Jin; Djouadi, Seddik M; Nutaro, James J; Kuruganti, Phani Teja

    2014-01-01

    Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

  10. Credit Leona Securities Asia CLSA UK | Open Energy Information

    Open Energy Info (EERE)

    Leona Securities Asia CLSA UK Jump to: navigation, search Name: Credit Leona Securities Asia - CLSA (UK) Place: London, United Kingdom Zip: EC3V 4QH Sector: Services Product: CLSA...

  11. Control Systems Cyber Security: Defense-in-Depth Strategies

    SciTech Connect (OSTI)

    Mark Fabro

    2007-10-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‚Äėdefense-in-depth‚Äô strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: ‚ÄĘ Maintenance of various field devices, telemetry collection, and/or industrial-level process systems ‚ÄĘ Access to facilities via remote data link or modem ‚ÄĘ Public facing services for customer or corporate operations ‚ÄĘ A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  12. Design of a decision fusion rule for power system security assessment

    SciTech Connect (OSTI)

    Chow, J.C.; Zhu, Q.; Fischl, R.; Kam, M. )

    1993-08-01

    An Integrated Decision Support system is designed via sensor fusion techniques, for assessing the security of power systems. The Integrated Decision Support system fuses information from various Approximated System Performance (ASP) models in order to minimize the risk of making the wrong decision under changing operating conditions. It uses the classification decisions provided by different ASP models together with information about their statistical performance (e.g. probabilities of misclassifications) to synthesize the globally optimal decision in the Bayesian risk sense. This global decision is often superior (and in no case inferior) to the one obtained using any single ASP model. The design of the integrated decision support system is illustrated for detecting static voltage collapse by fusing the security information from a set of existing security indices.

  13. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    SciTech Connect (OSTI)

    Not Available

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  14. Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy 4, Cyber Security Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security 2016 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security HQ cyber security activities are managed by the Cyber Support Division (IM-622) within the Office of Chief Information Officer (IM-1). This chapter only covers the requirement for each HQ program element to appoint an Information Systems Security Officer (ISSO) to act as the point of contact between the

  15. Department of Energy Cites Battelle Energy Alliance, LLC for Classified Information Security Violations

    Broader source: Energy.gov [DOE]

    Department of Energy issues a Preliminary Notice of Violation (PNOV) to Battelle Energy Alliance, LLC (BEA), for violations of DOE's classified information security program requirements

  16. Geographic Information System | Open Energy Information

    Open Energy Info (EERE)

    Exploration, Tracers Data Analysis, And Enhanced Data Distribution, Visualization, And Management Geographic Information System At Brady Hot Springs Area (Laney, 2005) Brady Hot...

  17. 3-Year Renewal Request of OMB 1910-1800, Security, Information Collections

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    | Department of Energy 3-Year Renewal Request of OMB 1910-1800, Security, Information Collections 3-Year Renewal Request of OMB 1910-1800, Security, Information Collections Following are the collection instruments for your viewing. DOE F 5631.34, Data Report on Spouse/Cohabitant Security Incident Notification Report and Report of Preliminary Security Incident/Infraction (DOE F 471.1 and DOE F 5639.3) DOE F 5631.20, Request for Visitor Access Approval DOE Form 5631.18, Security

  18. security

    National Nuclear Security Administration (NNSA)

    exan-Calvin-Nelson-secures-recognition-for-expertise.aspx">Pantex website.

    Apex Gold discussion fosters international cooperation in run-up to 2016 Nuclear Security Summit...

  19. Index of Energy Security Risk | Open Energy Information

    Open Energy Info (EERE)

    for 21st Century Energy Sector: Energy Focus Area: Non-renewable Energy, Renewable Energy Topics: Co-benefits assessment, - Energy Security Resource Type: Publications Website:...

  20. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  1. Applying New Network Security Technologies to SCADA Systems.

    SciTech Connect (OSTI)

    Hurd, Steven A.; Stamp, Jason E.; Duggan, David P.; Chavez, Adrian R.

    2006-11-01

    Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure %22traditional%22 IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators. 4This page intentionally left blank.

  2. Planning, electric systems and security of supply

    SciTech Connect (OSTI)

    Saullo, A.

    1998-07-01

    The move towards liberalization of electricity markets has raised different views on the answer to be given to the following question: will the new environment allow for enough resources to be conveyed to the power sector so as to preserve security of supply? There are two facets under which the ``security of supply'' issue can be considered. The first one relates to the availability of generating capacity, and of network infrastructures, adequate to meet the demand. The second aspect to be considered in dealing with security of supply is more a matter of energy policy. Electricity, as such, is basically an energy carrier able to convey to consumers virtually any kind of energy source; the ``switching'' capability from a source to a different one may offer a solution when reliability of energy supply is felt at risk. This flexibility is a premium, particularly for those countries/regions that have to rely strongly on energy imports. Preserving the contribution that the power sector offers to the ``external'' security of supply may represent a major objective of investment policies and energy sector regulation, depending on the level of risk as perceived by national/regional authorities. On the other hand, the volume of investments at stake is considerable. Enel, on the base of projections of electricity demand worldwide made by the EU Commission and of studies on investments developed by EURELECTRIC, estimates that the volume of investments conveyed to the power sector each year in the period 2000--2010 will be in the range of 300 billion of 1995 US$. Will this huge amount of resources provide for an adequate level of security of supply? This paper aims to introduce for discussion some views on the subject, considering separately the industrialized countries and those still undergoing industrialization.

  3. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect (OSTI)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  4. Security guide for subcontractors

    SciTech Connect (OSTI)

    Adams, R.C.

    1991-01-01

    This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

  5. Collaboration Topics - System Software | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    System Software This collaboration focuses on research and development of parallel file system interfaces and tools, system resource management capabilities, operating system ...

  6. Security Requirements for Classified Automatic Data Processing Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1985-07-10

    To establish and describe the computer security program for classified automatic data processing (ADP) systems at the Department of Energy (DOE) Headquarters. This directive does not cancel another directive. Canceled by DOE N 251.9.

  7. Information encoder/decoder using chaotic systems

    DOE Patents [OSTI]

    Miller, Samuel Lee; Miller, William Michael; McWhorter, Paul Jackson

    1997-01-01

    The present invention discloses a chaotic system-based information encoder and decoder that operates according to a relationship defining a chaotic system. Encoder input signals modify the dynamics of the chaotic system comprising the encoder. The modifications result in chaotic, encoder output signals that contain the encoder input signals encoded within them. The encoder output signals are then capable of secure transmissions using conventional transmission techniques. A decoder receives the encoder output signals (i.e., decoder input signals) and inverts the dynamics of the encoding system to directly reconstruct the original encoder input signals.

  8. Information encoder/decoder using chaotic systems

    DOE Patents [OSTI]

    Miller, S.L.; Miller, W.M.; McWhorter, P.J.

    1997-10-21

    The present invention discloses a chaotic system-based information encoder and decoder that operates according to a relationship defining a chaotic system. Encoder input signals modify the dynamics of the chaotic system comprising the encoder. The modifications result in chaotic, encoder output signals that contain the encoder input signals encoded within them. The encoder output signals are then capable of secure transmissions using conventional transmission techniques. A decoder receives the encoder output signals (i.e., decoder input signals) and inverts the dynamics of the encoding system to directly reconstruct the original encoder input signals. 32 figs.

  9. Control Systems Security Publications Library | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Control Systems Security Publications Library Control Systems Security Publications Library Publications Library Repository of documents, listed by topic. (Some of the documents in this section require Adobe Acrobat Reader. You can download a free copy of the Reader by visiting Adobe.) VULNERABILITY REPORTS PERIODICAL ARTICLES ENERGY SECTOR ROADMAP AND ROADMAP IMPLEMENTATION DOE NSTB PROGRAM PLANNING AND RESOURCE DOCUMENTS PROJECT FACT SHEETS TRAINING MATERIALS AND RECOMMENDED PRACTICES

  10. Dynamic Information Architecture System

    Energy Science and Technology Software Center (OSTI)

    1997-02-12

    The Dynamic Information System (DIAS) is a flexible object-based software framework for concurrent, multidiscplinary modeling of arbitrary (but related) processes. These processes are modeled as interrelated actions caused by and affecting the collection of diverse real-world objects represented in a simulation. The DIAS architecture allows independent process models to work together harmoniously in the same frame of reference and provides a wide range of data ingestion and output capabilities, including Geographic Information System (GIS) typemore¬†¬Ľ map-based displays and photorealistic visualization of simulations in progress. In the DIAS implementation of the object-based approach, software objects carry within them not only the data which describe their static characteristics, but also the methods, or functions, which describe their dynamic behaviors. There are two categories of objects: (1) Entity objects which have real-world counterparts and are the actors in a simulation, and (2) Software infrastructure objects which make it possible to carry out the simulations. The Entity objects contain lists of Aspect objects, each of which addresses a single aspect of the Entity''s behavior. For example, a DIAS Stream Entity representing a section of a river can have many aspects correspondimg to its behavior in terms of hydrology (as a drainage system component), navigation (as a link in a waterborne transportation system), meteorology (in terms of moisture, heat, and momentum exchange with the atmospheric boundary layer), and visualization (for photorealistic visualization or map type displays), etc. This makes it possible for each real-world object to exhibit any or all of its unique behaviors within the context of a single simulation.¬ę¬†less

  11. Energy Independence and Security Act of 2007 | Open Energy Information

    Open Energy Info (EERE)

    Energy Independence and Security Act of 2007 Jump to: navigation, search This article is a stub. You can help OpenEI by expanding it. External Links Energy Independence and...

  12. Pressurized security barrier and alarm system

    DOE Patents [OSTI]

    Carver, D.W.

    1995-04-11

    A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder`s making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed. 7 figures.

  13. Pressurized security barrier and alarm system

    DOE Patents [OSTI]

    Carver, Don W.

    1995-01-01

    A security barrier for placement across a passageway is made up of interconnected pressurized tubing made up in a grid pattern with openings too small to allow passage. The tubing is connected to a pressure switch, located away from the barrier site, which activates an alarm upon occurrence of a pressure drop. A reinforcing bar is located inside and along the length of the tubing so as to cause the tubing to rupture and set off the alarm upon an intruder's making an attempt to crimp and seal off a portion of the tubing by application of a hydraulic tool. Radial and rectangular grid patterns are disclosed.

  14. Marine asset security and tracking (MAST) system

    DOE Patents [OSTI]

    Hanson, Gregory Richard; Smith, Stephen Fulton; Moore, Michael Roy; Dobson, Eric Lesley; Blair, Jeffrey Scott; Duncan, Christopher Allen; Lenarduzzi, Roberto

    2008-07-01

    Methods and apparatus are described for marine asset security and tracking (MAST). A method includes transmitting identification data, location data and environmental state sensor data from a radio frequency tag. An apparatus includes a radio frequency tag that transmits identification data, location data and environmental state sensor data. Another method includes transmitting identification data and location data from a radio frequency tag using hybrid spread-spectrum modulation. Another apparatus includes a radio frequency tag that transmits both identification data and location data using hybrid spread-spectrum modulation.

  15. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect (OSTI)

    Robert P. Evans

    2005-09-01

    standards are due, in part, to differences in the level and purpose of the standards. While the requirements in the Framework are fairly specific, many of the industry standard requirements are more general in nature. Additionally, the Framework requirements, derived from the ''Common Criteria for Information Technology Security Evaluation'', are component-based, while most of the industry standards are system-based. The findings of this study will allow the CSSC Framework Team and the standards organizations responsible for the reviewed standards to quickly grasp the relationship between their requirements and the Framework, as well as the relationship between their standard and other industry sectors. This will help identify areas for future work in developing improved security standards.

  16. Category:Geographic Information System | Open Energy Information

    Open Energy Info (EERE)

    Geographic Information System Jump to: navigation, search Geothermalpower.jpg Looking for the Geographic Information System page? For detailed information on Geographic Information...

  17. Access Rate Control System | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Access Rate Control System Access Rate Control System The mp4 video format is not supported by this browser. Download video Captions: On Time: 4:03 min Developed to support safeguards and security, the Access Rate Control System (ARCS) controls the speed of entry through full-height turnstiles

  18. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  19. Collaboration Topics - System Software | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) System Software This collaboration focuses on research and development of parallel file system interfaces and tools, system resource management capabilities, operating system evaluation, and software for high-performance interconnects. Current activities include the test and evaluation of technologies and tools associated with the Lustre parallel file system, the development and analysis of middleware to encapsulate application I/O requirements and abstract the

  20. Using Multiple Unmanned Systems for a Site Security Task

    SciTech Connect (OSTI)

    Matthew O. Anderson; Curtis W. Nielsen; Mark D. McKay; Derek C. Wadsworth; Ryan C. Hruska; John A. Koudelka

    2009-04-01

    Unmanned systems are often used to augment the ability of humans to perform challenging tasks. While the value of individual unmanned vehicles have been proven for a variety of tasks, it is less understood how multiple unmanned systems should be used together to accomplish larger missions such as site security. The purpose of this paper is to discuss efforts by researchers at the Idaho National Laboratory (INL) to explore the utility and practicality of operating multiple unmanned systems for a site security mission. This paper reviews the technology developed for a multi-agent mission and summarizes the lessons-learned from a technology demonstration.

  1. Cyber Security Procurement Language for Control Systems Version...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    power generators, subway systems, dams, telecommunication systems, natural gas pipelines, and many others. Simply stated, a control system gathers information and then...

  2. Nuclear safety information sharing agreement between NRC and DOE’s Office of Environment, Health, Safety and Security

    Broader source: Energy.gov [DOE]

    Nuclear safety information sharing agreement between NRC and DOE’s Office of Environment, Health, Safety and Security.

  3. Freedom of Information Act (FOIA) | National Nuclear Security...

    National Nuclear Security Administration (NNSA)

    Freedom of Information Act - Costs Public Reading Facilities Freedom of Information Act Related Sites FOIA Requester Service Centers, FOIA Public Liaisons and Web Pages Virtual ...

  4. Fact Sheet Preliminary Notice of Violation: Classified Information Security Event at Y-12

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Y-12 On January 28, 2016, the National Nuclear Security Administration (NNSA) issued a Preliminary Notice of Violation (PNOV) to Babcock and Wilcox Technical Services Y-12, LLC (B&W Y-12) for violations of Department of Energy (DOE) classified information security program requirements. B&W Y-12 was the management and operating contractor for NNSA's Y-12 National Security Complex (Y-12), located in Oak Ridge, Tennessee at the time of discovery of the security event. The PNOV cites three

  5. Aerial Measuring System | National Nuclear Security Administration...

    National Nuclear Security Administration (NNSA)

    AMS Logo NNSA's Aerial Measuring System (AMS) provides specialized airborne radiation ... The AMS mission is to provide a rapid survey of radiation and contamination following a ...

  6. DOE Releases Request for Information for Y-12 National Security Complex

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Water Treatment Facility Construction | Department of Energy Y-12 National Security Complex Water Treatment Facility Construction DOE Releases Request for Information for Y-12 National Security Complex Water Treatment Facility Construction June 30, 2016 - 4:00pm Addthis Media Contact: Lynette Chafin 513-246-0461 Lynette.Chafin@emcbc.doe.gov Cincinnati -- The U.S. Department of Energy (DOE) today issued a Request for Information (RFI) seeking to solicit input via capability statements from

  7. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  8. International Monitoring System | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    Monitoring System NNSA Contributes to International Efforts to Further Strengthen Detection of Nuclear Explosions Every day, thousands of patients worldwide undergo medical tests, diagnostics, and treatments that use radioactive materials. These vital materials, such as molybdeum-99 (Mo-99), must be produced continuously to keep up with demand. One consequence of some Mo-

  9. A learning-pattern recognition system for static-line-loading security assessment of power system

    SciTech Connect (OSTI)

    Prasad, N.R.

    1989-01-01

    The methodologies explored in this dissertation address the topic static-line-loading security using a learning pattern recognition approach. A basic issue in the pattern recognition approach is to determine if, indeed, the patterns of power system behavior are separable in terms of secure and insecure classes. Class separability is studied from the viewpoint of both intraset clustering and interset dispersion using feature extraction methodologies. While interset dispersion is examined only to the extent of whether or not it exists, no specific attempts are made to optimize the dispersion through feature selection methodologies. The properties of pattern vectors to exhibit intraset clustering and interset dispersion are explored using two different techniques. These techniques are the Karhunen-Loeve Expansion Method which does not assume any specific statistical distribution for the patterns, and the Minimum Entropy Method which assumes patterns that exhibit Gaussian distributions. Although both methods are fundamentally based on the concept of entropy minimization, the transformational properties that yield clustering are distinctly different. The differences are due to assumptions made regarding the statistical distributions of patterns representing system behavior. The application of patterns based on engineering heuristics and a priori knowledge of the system behavior is shown to provide enhanced classification power in the pattern recognition system. Results for several test systems are documented. The feasibility of utilizing mathematical pattern recognition techniques as a primary information processing system for security assessment and a means to subsequently induce learning is demonstrated. As such, a framework for the development of decision making tools with subsequent inputs to rule-based expert systems is speculated in a learning environment.

  10. Critical issues in process control system security : DHS spares project.

    SciTech Connect (OSTI)

    Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

    2010-10-01

    The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

  11. Secure Control Systems for the Energy Sector

    SciTech Connect (OSTI)

    Smith, Rhett; Stewart, John; Chavez, Adrian

    2014-10-22

    The Padlock Project is an alliance between Tennessee Valley Authority (TVA), Sandia National Laboratories (SNL), and Schweitzer Engineering Laboratories Inc. (SEL). SEL is the prime contractor on the Padlock project. Rhett Smith (SEL) is the project director and Adrian Chaves (SNL) and John Stewart (TVA) are principle investigators. SEL is the world’s leader in microprocessor-based electronic equipment for protecting electric power systems. The Tennessee Valley Authority, a corporation owned by the U.S. government, provides electricity for 9 million people in parts of seven southeastern states at prices below the national average. TVA, which receives no taxpayer money and makes no profits, also provides flood control, navigation and land management for the Tennessee River system and assists utilities, and state and local governments with economic development.

  12. Secure Video Surveillance System Acquisition Software

    Energy Science and Technology Software Center (OSTI)

    2009-12-04

    The SVSS Acquisition Software collects and displays video images from two cameras through a VPN, and store the images onto a collection controller. The software is configured to allow a user to enter a time window to display up to 2 1/2, hours of video review. The software collects images from the cameras at a rate of 1 image per second and automatically deletes images older than 3 hours. The software code operates in amore¬†¬Ľ linux environment and can be run in a virtual machine on Windows XP. The Sandia software integrates the different COTS software together to build the video review system.¬ę¬†less

  13. Condition Assessment Information System

    Energy Science and Technology Software Center (OSTI)

    2002-09-16

    CAIS2000 records, tracks and cost maintenance deficiencies associated with condition assessments of real property assets. Cost information is available for 39,000 items in the currenht RS Means, Facilities Construction Manual. These costs can, in turn, be rolled by by asset to produce the summary condition of an asset or site.

  14. T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security

    SciTech Connect (OSTI)

    Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

    2009-07-20

    Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

  15. Gasification Systems Project Information

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    of Syngas Chemical Looping for Hydrogen Production Ohio State University Research Foundation Gasification Systems FE0024068 Increasing the Rate and Extent of Microbial Coal to ...

  16. Secure communication of static information by electronic means

    DOE Patents [OSTI]

    Gritton, Dale G.

    1994-01-01

    A method and apparatus (10) for the secure transmission of static data (16) from a tag (11) to a remote reader (12). Each time the static data (16) is to be transmitted to the reader (12), the 10 bits of static data (16) are combined with 54 bits of binary data (21), which constantly change from one transmission to the next, into a 64-bit number (22). This number is then encrypted and transmitted to the remote reader (12) where it is decrypted (26) to produce the same 64 bit number that was encrypted in the tag (11). With a continual change in the value of the 64 bit number (22) in the tag, the encrypted numbers transmitted to the reader (12) will appear to be dynamic in character rather than being static.

  17. Project Records Information System (PRIS)

    SciTech Connect (OSTI)

    Smith, P.S.; Schwarz, R.K.

    1990-11-01

    The Project Records Information System (PRIS) is an interactive system developed for the Information Services Division (ISD) of Martin Marietta Energy Systems, Inc., to perform indexing, maintenance, and retrieval of information about Engineering project record documents for which they are responsible. This PRIS User's Manual provides instruction on the use of this system. This manual presents an overview of PRIS, describing the system's purpose; the data that it handles; functions it performs; hardware, software, and access; and help and error functions. This manual describes the interactive menu-driven operation of PRIS. Appendixes A, B, C, and D contain the data dictionary, help screens, report descriptions, and a primary menu structure diagram, respectively.

  18. Towards improving software security by using simulation to inform requirements and conceptual design

    SciTech Connect (OSTI)

    Nutaro, James J.; Allgood, Glenn O.; Kuruganti, Teja

    2015-06-17

    We illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation

  19. Monitoring and Benchmarking for Energy Information Systems |...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Monitoring and Benchmarking for Energy Information Systems Monitoring and Benchmarking for Energy Information Systems Figure 1: Features of a sample CBERD energy information system ...

  20. Information technology equipment cooling system

    DOE Patents [OSTI]

    Schultz, Mark D.

    2014-06-10

    According to one embodiment, a system for removing heat from a rack of information technology equipment may include a sidecar indoor air to liquid heat exchanger that cools warm air generated by the rack of information technology equipment. The system may also include a liquid to liquid heat exchanger and an outdoor heat exchanger. The system may further include configurable pathways to connect and control fluid flow through the sidecar heat exchanger, the liquid to liquid heat exchanger, the rack of information technology equipment, and the outdoor heat exchanger based upon ambient temperature and/or ambient humidity to remove heat from the rack of information technology equipment.

  1. Information Systems Engineering

    Broader source: Energy.gov [DOE]

    The OCIO is dedicated to supporting the development and maintenance of DOE Department wide and site-specific software and IT systems engineering initiatives.  This webpage contains resources,...

  2. CLASSIFICATION OF THE MGR SAFEGUARDS AND SECURITY SYSTEM

    SciTech Connect (OSTI)

    J.A. Ziegler

    1999-08-31

    The purpose of this analysis is to document the Quality Assurance (QA) classification of the Monitored Geologic Repository (MGR) safeguards and security system structures, systems and components (SSCs) performed by the MGR Safety Assurance Department. This analysis also provides the basis for revision of YMP/90-55Q, Q-List (YMP 1998). The Q-List identifies those MGR SSCs subject to the requirements of DOE/RW-0333P, ''Quality Assurance Requirements and Description'' (QARD) (DOE 1998).

  3. NEVADA NATIONAL SECURITY SITE (NNSS) DRIVERS ROUTE/SHIPMENT INFORMATION

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    (NNSS) DRIVERS ROUTE/SHIPMENT INFORMATION (12/2014 Log No. 2014-229) NOTE: THIS FORM IS TWO (2) PAGES - YOU MUST COMPLETE BOTH PAGES NNSS SHIPMENT NUMBER: CARRIER NAME: TRACTOR NO.: TRAILER NO.: AT ORIGIN AT NNSS Main Gate NNSS OFFICE USE ONLY DEPARTURE DATE: ARRIVAL DATE: DESTINATION AREA: Area 5 DEPARTURE TIME: ARRIVAL TIME: NNSS DEPARTURE TIME: LOCATION: HELD OVER? No Yes REASON: ROUTE INFORMATION REVIEWED BY: ONSITE SHIPMENT (MAP NOT APPLICABLE) DROP YARD; LEAVE THIS FORM WITH SHIPPING

  4. Freedom of Information Act Related Sites | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) Related Sites DOE Headquarters FOIA Page DOE Office of Hearings and Appeals Searchable index of FOIA and Privacy Act appeals A Citizen's Guide on Using the Freedom of Information Act and the Privacy Act of 1974 to Request Government Records Department of Justice (DOJ) Office of Information and Privacy Includes the DOJ Guide to the FOIA, Overview of the PA, Your Right to Federal Records, FOIA Updates, and FOIA Annual Reports Defense Nuclear Facilities Safety Board An

  5. AMI System Security Requirements - v1_01-1 | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AMI System Security Requirements - v1_01-1 AMI System Security Requirements - v1_01-1 This document provides the utility industry and vendors with a set of security requirements for Advanced Metering Infrastructure (AMI). These requirements are intended to be used in the procurement process, and represent a superset of requirements gathered from current cross industry accepted security standards and best practice guidance documents. AMI System Security Requirements - v1_01-1 (825.11 KB) More

  6. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  7. Tools and Methods for Hardening Communication Security of Energy Delivery Systems

    SciTech Connect (OSTI)

    Gadgil, Shrirang; Lin, Yow-Jian; Ghosh, Abhrajit; Samtani, Sunil; Kang, Jaewon; Siegell, Bruce; Kaul, Vikram; Unger, John; De Bruet, Andre; Martinez, Catherine; Vermeulen, Gerald; Rasche, Galen; Sternfeld, Scott; Berthier, Robin; Bobba, Rakesh; Campbell, Roy; Sanders, Williams; Lin, Yow-Jian

    2014-06-30

    of i. An online system with stateful model based checkers (SMBCs) that helps utilities monitor EDS protocol communication contexts and flag abnormal session behaviors; ii. An offline framework that security tool developers, operators, and auditors can use to verify security properties (leverages formal methods). The modular design of the ADEC-G online system enables its easy extension to cover added protocol features, to introduce new monitoring capabilities, and to apply to additional communication protocols. Its monitoring capabilities and user interface features also facilitate visibilities into ongoing communication patterns and quick grasps of suspicious communication activities. The offline framework provides a platform not only for rigorous validation of security coverage, but also for systematic refinement of checker design leveraging the counter traces generated by the model checking tool. The ADEC-G online monitoring/detection system and the offline validation framework are both operational and have been demonstrated in various settings. The ADEC-G online system has also been integrated into TTGS SecureSmart Managed Security Services offering and been employed to perform security assessment in a section of a utility’s operational network as well as in other Smart Grid security pilot project offerings. TTGS is also in discussions with several system integrators for incorporating the integrated SecureSmart Managed Security Services offering as the cyber security solution for the nce of Operations Technology (OT) and Information Technology (IT).

  8. Integrated risk information system (IRIS)

    SciTech Connect (OSTI)

    Tuxen, L.

    1990-12-31

    The Integrated Risk Information System (IRIS) is an electronic information system developed by the US Environmental Protection Agency (EPA) containing information related to health risk assessment. IRIS is the Agency`s primary vehicle for communication of chronic health hazard information that represents Agency consensus following comprehensive review by intra-Agency work groups. The original purpose for developing IRIS was to provide guidance to EPA personnel in making risk management decisions. This original purpose for developing IRIS was to guidance to EPA personnel in making risk management decisions. This role has expanded and evolved with wider access and use of the system. IRIS contains chemical-specific information in summary format for approximately 500 chemicals. IRIS is available to the general public on the National Library of Medicine`s Toxicology Data Network (TOXNET) and on diskettes through the National Technical Information Service (NTIS).

  9. Property Information System

    Energy Science and Technology Software Center (OSTI)

    1998-01-28

    Provides cradle to grave tracking of DOE property (capital, accountable, etc.). Major functional areas include Acquisitions, Management, Inventory, Accounting, Agreements, Excessing, Dispositions, and Reporting. The Accounting module is not used at this time and may not be operational. A major enhancement added here at Lockheed Martin Energy Systems is the Web-based portion of the system, which allows custodians of property to record location and custodial changes, and to provide inventory confirmations. PLEASE NOTE: Customer mustmore¬†¬Ľ contact Ben McMurry, (865) 576-5906, Lockheed Martin Energy Ssytems, for help with installation of package. The fee for this installation help will be coordinated by customer and Lockheed Martin and is in addition to the cost of the package from ESTSC. Customer should contact Cheri Cross, (865) 574-6046, for user help.¬ę¬†less

  10. System for Information Discovery

    Energy Science and Technology Software Center (OSTI)

    1998-09-25

    SID characterizes natural language based documents so that they may be related and retrieved based on content similarity. This technology processes textual documents, autonoumsly identifies the major topics of the document set, and constructs an interpretable, high dimensional representation of each document. SID also provides the ability to interactively reweight representations based on user need, so users may analyze the dataset from multiple points of view. The particular advantages SID offers are speed, data compression,more¬†¬Ľ flexibility in representation, and incremental processing. SPIRE consists of software for visual analysis of text-based information sources. This technology enables users to make discoveries about the content of very large sets of textual documents without requiring the user to read or presort the documents. It employs algorithms for text and word proximity analysis to identify the key themes within the documents. The results of this analysis are projected onto a visual spatial proximity display (Galaxies or Themescape) where document proximity represents the degree of relatedness of theme.¬ę¬†less

  11. TEPS/BPA Information | National Nuclear Security Administration...

    National Nuclear Security Administration (NNSA)

    ... BPA Section 6.8 Invoice Submission Procedures Submit invoice through Oak Ridge Financial Service Center's (ORFSC) Vendor Inquiry Payment Electronic Reporting System (VIPERS) or ...

  12. Western Renewable Energy Generation Information System | Open...

    Open Energy Info (EERE)

    Renewable Energy Generation Information System Jump to: navigation, search Name: Western Renewable Energy Generation Information System Place: Sacramento, California Zip:...

  13. Emergency Public Information | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Administration | (NNSA) Response / Training Emergency Operations Training Academy Rotating image showing pictures of Classroom, Online and Hands on trainings The Office of Emergency Operations, NA-40-The Emergency Operations Training Academy (EOTA) EOTA provides training and education to enhance the readiness of personnel in the radiological-nuclear emergency operations community. For more information or to contact us, visit the EOTA website at: http://eota.energy.gov/ Vision The Emergency

  14. Sandia National Laboratories: National Security Missions: Defense Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and Assessments: Cybersecurity Programs Cybersecurity Delivering experience & expertise Training the next generation of cyber defenders Cybersecurity computing Defending national security Applying science and engineering to protect cyber systems from malicious attacks Cyber worker inspecting supercomputer Protecting cyberspace An expert team, passionate about defending the nation's critical infrastructure Computer Annex "The cyber threat to our nation is one of the most serious

  15. Cyberspace Security Econometrics System (CSES) - U.S. Copyright TXu 1-901-039

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T; Lantz, Margaret W; Hauser, Katie R

    2014-01-01

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. The Cyberspace Security Econometrics System (CSES) provides a measure (i.e., a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement. The basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings contained in this copyright.

  16. Computerized international geothermal information systems

    SciTech Connect (OSTI)

    Phillips, S.L.; Lawrence, J.D.; Lepman, S.R.

    1980-03-01

    The computerized international geothermal energy information system is reviewed. The review covers establishment of the Italy - United States linked data centers by the NATO Committee on Challenges of Modern Society, through a bilateral agreement, and up to the present time. The result of the information exchange project is given as the bibliographic and numerical data available from the data centers. Recommendations for the exchange of computerized geothermal information at the international level are discussed.

  17. Information Systems | Department of Energy

    Energy Savers [EERE]

    Assessment Information System (CAIS) is a web-based cost estimating application that ... (RevCom) RevCom is an online, real-time web application to manage and support the ...

  18. Information system revives materials management

    SciTech Connect (OSTI)

    Hansen, T.

    1995-12-01

    Through a change in philosophy and the development of a new, more efficient information management system, Arizona Public Service Co. (APSW) has, in less than two years, reduced material and service costs by 10 percent. The utility plans to cut these costs form 1993 figures by 25 percent before 2000. The utility is breaking new ground with ongoing implementation of new business processes and the new Materials Logistics Information System (MLIS), which has been co-developed with Texas Instruments Software Division (TISD).

  19. Intelligent Facial Recognition Systems: Technology advancements for security applications

    SciTech Connect (OSTI)

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  20. A Summary of Control System Security Standards Activities in the Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Sector (October 2005) | Department of Energy A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) A Summary of Control System Security Standards Activities in the Energy Sector (October 2005) This document is a compilation of the activities and initiatives concerning control system security that are influencing the standards process in the development of secure communication protocols and systems. Also contained in this report is a comparison of

  1. Capacity Utilization Study for Aviation Security Cargo Inspection Queuing System

    SciTech Connect (OSTI)

    Allgood, Glenn O; Olama, Mohammed M; Lake, Joe E; Brumback, Daryl L

    2010-01-01

    In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The queuing model employed in our study is based on discrete-event simulation and processes various types of cargo simultaneously. Onsite measurements are collected in an airport facility to validate the queuing model. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, throughput, capacity utilization, subscribed capacity utilization, resources capacity utilization, subscribed resources capacity utilization, and number of cargo pieces (or pallets) in the different queues. These metrics are performance indicators of the system s ability to service current needs and response capacity to additional requests. We studied and analyzed different scenarios by changing various model parameters such as number of pieces per pallet, number of TSA inspectors and ATS personnel, number of forklifts, number of explosives trace detection (ETD) and explosives detection system (EDS) inspection machines, inspection modality distribution, alarm rate, and cargo closeout time. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures should reduce the overall cost and shipping delays associated with new inspection requirements.

  2. Recommended Practice for Securing Control System Modems | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    KB) More Documents & Publications Intermediate SCADA Security Training Course Slides (September 2006) Introduction SCADA Security for Managers and Operators Mitigations for ...

  3. Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs for Phase 2 of the Secure Power Systems Professional project

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Assante, Michael; Tobey, D. H.; Conway, T. J.; Vanderhorst, Jr, T. J.; Januszewski, III, J.; leo, R.; Perman, K.

    2013-08-26

    This is the final report of Phase 2 of the Secure Power Systems Professional project, a 3 phase project. DOE will post to their website upon release.

  4. Project Management Information Systems (PMIS) | Department of...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Project Management Information Systems (PMIS) Project Management Information Systems (PMIS) Project Assessment & Reporting System (PARS IIe) Office of Project Management Oversight...

  5. PIA - Human Resources Information System (HRIS) | Department...

    Broader source: Energy.gov (indexed) [DOE]

    Information System (HRIS) PIA - Human Resources Information System (HRIS) (232.73 KB) More Documents & Publications PIA - INL PeopleSoft - Human Resource System PIA - Human ...

  6. PIA - Human Resources Management Information System (HRMIS) ...

    Broader source: Energy.gov (indexed) [DOE]

    Information System (HRMIS) PIA - Human Resources Management Information System (HRMIS) (490.32 KB) More Documents & Publications PIA - INL PeopleSoft - Human Resource System PIA - ...

  7. National SCADA Test Bed - Enhancing control systems security in the energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    sector (September 2009) | Department of Energy SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) National SCADA Test Bed - Enhancing control systems security in the energy sector (September 2009) Improving the security of energy control systems has become a national priority. Since the mid-1990's, security experts have become increasingly concerned about the threat of malicious cyber attacks on the vital supervisory control and data acquisition (SCADA)

  8. Evolution of toxicology information systems

    SciTech Connect (OSTI)

    Wassom, J.S.; Lu, P.Y.

    1990-12-31

    Society today is faced with new health risk situations that have been brought about by recent scientific and technical advances. Federal and state governments are required to assess the many potential health risks to exposed populations from the products (chemicals) and by-products (pollutants) of these advances. Because a sound analysis of any potential health risk should be based on the use of relevant information, it behooves those individuals responsible for making the risk assessments to know where to obtain needed information. This paper reviews the origins of toxicology information systems and explores the specialized information center concept that was proposed in 1963 as a means of providing ready access to scientific and technical information. As a means of illustrating this concept, the operation of one specialized information center (the Environmental Mutagen Information Center at Oak Ridge National Laboratory) will be discussed. Insights into how toxicological information resources came into being, their design and makeup, will be of value to those seeking to acquire information for risk assessment purposes. 7 refs., 1 fig., 4 tabs.

  9. Technical Services | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Technical Services Technical Services Technical services spans Y-12 disciplines that support manufacturing at Y-12. Information Systems (National Security Systems Development) Provide solutions for information security, including the protection of national security, proprietary and any other class of highly sensitive information. Develop highly integrated, enterprise level software applications for use within the federal space and adaptable to commercial application. Leverage the transformative

  10. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Milos Manic

    2012-08-01

    The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

  11. Secure Data Center (Fact Sheet)

    SciTech Connect (OSTI)

    Not Available

    2012-08-01

    This fact sheet describes the purpose, lab specifications, applications scenarios, and information on how to partner with NREL's Secure Data Center at the Energy Systems Integration Facility.

  12. Chapter_14_Cyber_Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    and procedures set forth in the HQ PCSP. Each Head of Element must appoint, in writing, an Information Systems Security Officer (ISSO) and as many Alternate ISSOs as ...

  13. Y-12 Deploys First Automated Security Weapons System in the DOE Nuclear

    National Nuclear Security Administration (NNSA)

    Weapons Complex | National Nuclear Security Administration | (NNSA) Deploys First Automated Security Weapons System in the DOE Nuclear Weapons Complex September 02, 2005 PDF icon NR09-05.pdf

  14. Roadmap to Secure Control Systems in the Energy Sector- January 2006

    Office of Energy Efficiency and Renewable Energy (EERE)

    This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

  15. Distributed Object Oriented Geographic Information System

    Energy Science and Technology Software Center (OSTI)

    1997-02-01

    This interactive, object-oriented, distributed Geographic Information System (GIS) uses the World Wibe Web (WWW) as application medium and distribution mechanism. The software provides distributed access to multiple geo-spatial databases and presents them as if they came from a single coherent database. DOOGIS distributed access comes not only in the form of multiple geo-spatial servers but can break down a single logical server into the constituent physical servers actually storing the data. The program provides formore¬†¬Ľ dynamic protocol resolution and content handling allowing unknown objects from a particular server to download their handling code. Security and access privileges are negotiated dynamically with each server contacted and each access attempt.¬ę¬†less

  16. Geographic Information Systems- Tools For Geotherm Exploration...

    Open Energy Info (EERE)

    Information Systems- Tools For Geotherm Exploration, Tracers Data Analysis, And Enhanced Data Distribution, Visualization, And Management Abstract Geographic information...

  17. Microsoft Word - AMI System Security Requirements - v1_01-1.doc

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    UCAIUG: AMI-SEC-ASAP AMI System Security Requirements V1.01 ASAP 12/17/2008 AMI System Security Specification v1.0 Page i Executive Summary 1 This document provides the utility industry and vendors with a set of security requirements for 2 Advanced Metering Infrastructure (AMI). These requirements are intended to be used in the 3 procurement process, and represent a superset of requirements gathered from current cross- 4 industry accepted security standards and best practice guidance documents.

  18. Cost/benefit analysis for video security systems

    SciTech Connect (OSTI)

    1997-01-01

    Dr. Don Hush and Scott Chapman, in conjunction with the Electrical and Computer Engineering Department of the University of New Mexico (UNM), have been contracted by Los Alamos National Laboratories to perform research in the area of high security video analysis. The first phase of this research, presented in this report, is a cost/benefit analysis of various approaches to the problem in question. This discussion begins with a description of three architectures that have been used as solutions to the problem of high security surveillance. An overview of the relative merits and weaknesses of each of the proposed systems is included. These descriptions are followed directly by a discussion of the criteria chosen in evaluating the systems and the techniques used to perform the comparisons. The results are then given in graphical and tabular form, and their implications discussed. The project to this point has involved assessing hardware and software issues in image acquisition, processing and change detection. Future work is to leave these questions behind to consider the issues of change analysis - particularly the detection of human motion - and alarm decision criteria. The criteria for analysis in this report include: cost; speed; tradeoff issues in moving primative operations from software to hardware; real time operation considerations; change image resolution; and computational requirements.

  19. Security Forms | National Nuclear Security Administration | (NNSA)

    National Nuclear Security Administration (NNSA)

    Security Forms U.S. Department of Energy / U.S. Nuclear Regulatory Commission Nuclear Materials Management & Safeguards System Security Forms Federal Information Processing Standards Publications (FIPS PUBS) FIPS-Associated Documents FIPS 140-2 Security Requirements for Cryptograhic Modules FIPS 185 Escrowed Encryption Standard (EES) FIPS 186-2 Digital Signature Standard (DSS) From Microsoft From VeriSign Managing Contacts' Digital Certificates with Netscape Communicator Managing Contacts'

  20. Facilities Information Management System (FIMS) | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Facilities Information Management System (FIMS) Facilities Information Management System (FIMS) FIMS is DOE's corporate database for real property as required by DOE Order 430.1B, ...

  1. The risk assessment information system

    SciTech Connect (OSTI)

    Kerr, S.B.; Bonczek, R.R.; McGinn, C.W.; Land, M.L.; Bloom, L.D.; Sample, B.E.; Dolislager, F.G.

    1998-06-01

    In an effort to provide service-oriented environmental risk assessment expertise, the Department of Energy (DOE) Center for Risk Excellence (CRE) and DOE Oak Ridge Operations Office (ORO) are sponsoring Oak Ridge National Laboratory (ORNL) to develop a web-based system for disseminating risk tools and information to its users. This system, the Risk Assessment Information System (RAIS), was initially developed to support the site-specific needs of the DOE-ORO Environmental Restoration Risk Assessment Program. With support from the CRE, the system is currently being expanded to benefit all DOE risk information users and can be tailored to meet site-specific needs. Taking advantage of searchable and executable databases, menu-driven queries, and data downloads, using the latest World Wide Web technologies, the RAIS offers essential tools that are used in the risk assessment process or anywhere from project scoping to implementation. The RAIS tools can be located directly at http://risk.lsd.ornl.gov/homepage/rap{_}tool.htm or through the CRE`s homepage at http://www.doe.gov/riskcenter/home.html.

  2. Appropriate Technology Management Information System

    SciTech Connect (OSTI)

    Not Available

    1984-02-01

    From 1978 to 1981, the Department of Energy (DOE) awarded more than 2200 small grants worth more than $25 million to individuals, organizations and small businesses across the nation for the purposes of researching, developing and demonstrating appropriate technologies. Grants were given in the full range of technology areas, including conservation, solar, biomass, wind, geothermal, and hydro power. The final report from each DOE grantee was reviewed in an effort to extract information about new ideas and proven concepts that could be of value to the public. To manage the growing wealth of information from the grant reports, and to monitor the report review process, the Appropriate Technology Management Information System (ATMIS), a computer data base, was developed. The ATMIS can classify data into numerous categories (technology area, geographic location, project status, etc.). This manual was generated directly from the data base.

  3. Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB September 2006 LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS Raymond K. Fink David F. Spencer Rita A. Wells NSTB INL/CON-06-11665 iii ABSTRACT Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems, or components of those systems, were reviewed to identify

  4. T-592: Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability

    Broader source: Energy.gov [DOE]

    Cisco Secure ACS operates as a centralized RADIUS and TACACS+ server, combining user authentication, user and administrator device access control, and policy control into a centralized identity networking solution.

  5. Large-Scale Information Systems

    SciTech Connect (OSTI)

    D. M. Nicol; H. R. Ammerlahn; M. E. Goldsby; M. M. Johnson; D. E. Rhodes; A. S. Yoshimura

    2000-12-01

    Large enterprises are ever more dependent on their Large-Scale Information Systems (LSLS), computer systems that are distinguished architecturally by distributed components--data sources, networks, computing engines, simulations, human-in-the-loop control and remote access stations. These systems provide such capabilities as workflow, data fusion and distributed database access. The Nuclear Weapons Complex (NWC) contains many examples of LSIS components, a fact that motivates this research. However, most LSIS in use grew up from collections of separate subsystems that were not designed to be components of an integrated system. For this reason, they are often difficult to analyze and control. The problem is made more difficult by the size of a typical system, its diversity of information sources, and the institutional complexities associated with its geographic distribution across the enterprise. Moreover, there is no integrated approach for analyzing or managing such systems. Indeed, integrated development of LSIS is an active area of academic research. This work developed such an approach by simulating the various components of the LSIS and allowing the simulated components to interact with real LSIS subsystems. This research demonstrated two benefits. First, applying it to a particular LSIS provided a thorough understanding of the interfaces between the system's components. Second, it demonstrated how more rapid and detailed answers could be obtained to questions significant to the enterprise by interacting with the relevant LSIS subsystems through simulated components designed with those questions in mind. In a final, added phase of the project, investigations were made on extending this research to wireless communication networks in support of telemetry applications.

  6. Modeling and simulation for cyber-physical system security research, development and applications.

    SciTech Connect (OSTI)

    Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

    2010-02-01

    This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

  7. MIS | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    MIS NNSA's G2 Management Information System Wins Association for Enterprise Information's (AFEI) "Excellence in Enterprise Information Award" The G2 team and the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information Award. (WASHINGTON, D.C) - The National Nuclear Security Administration (NNSA) has received the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information

  8. DOE and Industry Showcase New Control Systems Security Technologies...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    The Cyber Security Audit and Attack Detection Toolkit project developed two commercial solutions-Bandolier and Portaledge. The Bandolier Audit Files enable energy sector asset ...

  9. Peak Treatment Systems | Open Energy Information

    Open Energy Info (EERE)

    Treatment Systems Jump to: navigation, search Name: Peak Treatment Systems Place: Golden, CO Website: www.peaktreatmentsystems.com References: Peak Treatment Systems1 Information...

  10. Computer Science and Information Technology Student Pipeline

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    in the areas of Computer Science, Information Technology, Management Information Systems, Computer Security, Software Engineering, Computer Engineering, and Electrical Engineering. ...

  11. Safety and Security Enforcement Coordinator Handbook

    Broader source: Energy.gov (indexed) [DOE]

    & III-4) ......9 * Classified Information Security Noncompliance ... * Additional Guidance Unique to Classified Information Security Enforcement ...

  12. Background Information for the Nevada National Security Site Integrated Sampling Plan, Revision 0

    SciTech Connect (OSTI)

    Farnham, Irene; Marutzky, Sam

    2014-12-01

    This document describes the process followed to develop the Nevada National Security Site (NNSS) Integrated Sampling Plan (referred to herein as the Plan). It provides the Plan‚Äôs purpose and objectives, and briefly describes the Underground Test Area (UGTA) Activity, including the conceptual model and regulatory requirements as they pertain to groundwater sampling. Background information on other NNSS groundwater monitoring programs‚ÄĒthe Routine Radiological Environmental Monitoring Plan (RREMP) and Community Environmental Monitoring Program (CEMP)‚ÄĒand their integration with the Plan are presented. Descriptions of the evaluations, comments, and responses of two Sampling Plan topical committees are also included.

  13. SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals. Individual and Team Performance Guidelines

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Conway, T. J.; Tobey, D. H.; Greitzer, Frank L.; Dalton, Angela C.; Pusey, Portia K.

    2015-03-01

    The Secure Power Systems Professional Phase III final report was released last year which an appendix of Individual and Team Performance Guidelines. This new report is that appendix broken out as a standalone document to assist utilities in recruiting and developing Secure Power Systems Professionals at their site.

  14. SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals. Job Profiles

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Conway, T. J.; Tobey, D. H.; Greitzer, Frank L.; Dalton, Angela C.; Pusey, Portia K.

    2015-03-01

    The Secure Power Systems Professional Phase III final report was released last year which an appendix of Job Profiles. This new report is that appendix broken out as a standalone document to assist utilities in recruiting and developing Secure Power Systems Professionals at their site.

  15. Geographic Information System (Monaster And Coolbaugh, 2007)...

    Open Energy Info (EERE)

    navigation, search GEOTHERMAL ENERGYGeothermal Home Exploration Activity: Geographic Information System (Monaster And Coolbaugh, 2007) Exploration Activity Details Location...

  16. Geographic Information System At International Geothermal Area...

    Open Energy Info (EERE)

    search GEOTHERMAL ENERGYGeothermal Home Exploration Activity: Geographic Information System At International Geothermal Area, Indonesia (Nash, Et Al., 2002) Exploration Activity...

  17. Performance Systems Development | Open Energy Information

    Open Energy Info (EERE)

    Systems Development Jump to: navigation, search Name: Performance Systems Development Place: Ithaca, NY Information About Partnership with NREL Partnership with NREL Yes...

  18. Information System Owner | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    Information System Owner (also referred to as System Owner) is responsible for the procurement, development, integration, modification, operation, maintenance, and retirement of an...

  19. Department of Energy Cyber Security Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-21

    The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

  20. Department of Energy Cyber Security Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2006-12-04

    The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

  1. PRIVACY/SECURITY NOTICE

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    PRIVACY/SECURITY NOTICE By continuing to use this system you indicate your awareness of and consent to the following terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning. SECURITY NOTICE This Web site is part of a Federal computer system used to accomplish Federal functions. The Department of Energy monitors this Web site for security purposes to ensure it remains available to all users and to protect information in the system. The system

  2. Energistic Systems | Open Energy Information

    Open Energy Info (EERE)

    Energistic Systems Jump to: navigation, search Logo: Energistic Systems Name: Energistic Systems Address: 13551 W. 43rd Street Dr Place: Golden, Colorado Zip: 80403 Region: Rockies...

  3. Redwood Systems | Open Energy Information

    Open Energy Info (EERE)

    Redwood Systems Place: Fremont, California Zip: 94538 Product: Redwood Systems is a Fremont-based technology developer of lighting management systems. Coordinates: 44.2605,...

  4. Pipo Systems | Open Energy Information

    Open Energy Info (EERE)

    Pipo Systems Jump to: navigation, search Name: Pipo Systems Place: Spain Product: Spanish wave technology developer. References: Pipo Systems1 This article is a stub. You can...

  5. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

  6. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

  7. TWRS information locator database system design description

    SciTech Connect (OSTI)

    Knutson, B.J.

    1996-09-13

    This document gives an overview and description of the Tank Waste Remediation System (TWRS) Information Locator Database (ILD)system design. The TWRS ILD system is an inventory of information used in the TWRS Systems Engineering process to represent the TWRS Technical Baseline. The inventory is maintained in the form of a relational database developed in Paradox 4.5.

  8. Risk assessment of climate systems for national security.

    SciTech Connect (OSTI)

    Backus, George A.; Boslough, Mark Bruce Elrick; Brown, Theresa Jean; Cai, Ximing; Conrad, Stephen Hamilton; Constantine, Paul; Dalbey, Keith R.; Debusschere, Bert J.; Fields, Richard; Hart, David Blaine; Kalinina, Elena Arkadievna; Kerstein, Alan R.; Levy, Michael; Lowry, Thomas Stephen; Malczynski, Leonard A.; Najm, Habib N.; Overfelt, James Robert; Parks, Mancel Jordan; Peplinski, William J.; Safta, Cosmin; Sargsyan, Khachik; Stubblefield, William Anthony; Taylor, Mark A.; Tidwell, Vincent Carroll; Trucano, Timothy Guy; Villa, Daniel L.

    2012-10-01

    Climate change, through drought, flooding, storms, heat waves, and melting Arctic ice, affects the production and flow of resource within and among geographical regions. The interactions among governments, populations, and sectors of the economy require integrated assessment based on risk, through uncertainty quantification (UQ). This project evaluated the capabilities with Sandia National Laboratories to perform such integrated analyses, as they relate to (inter)national security. The combining of the UQ results from climate models with hydrological and economic/infrastructure impact modeling appears to offer the best capability for national security risk assessments.

  9. Security | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Security The Y-12 National Security Complex places the highest priority on maintaining and improving its security posture. We employ security police officers, cyber security specialists, and other personnel to safeguard our security assets. Y-12 continuously monitors local and world events to prepare for potential risks to the site, our information and our employees. Security personnel also participate in numerous assessments each year to ensure readiness in protecting the site's vital

  10. Electronic DOE Information Security System (eDISS) PIA, Office...

    Energy Savers [EERE]

    Integrated Safety Management Workshop Registration, PIA, Idaho National Laboratory Occupational Medicine - Assistant PIA, Idaho National Laboratory Occupational Injury & Illness ...

  11. Electronic DOE Information Security System (eDISS) PIA

    Energy Savers [EERE]

    Effect of Sea Level Rise on Energy Infrastructure in Four Major Metropolitan Areas September 2014 U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Pilot Study on the Effect of Sea Level Rise on Energy Infrastructure in Four Major Metropolitan Areas August 2014 Effect of Sea Level Rise on Energy Infrastructure in Four Major Metropolitan Areas Office of Electricity Delivery and Energy Reliability U.S. Department of Energy September 2014 i Table of Contents 1.

  12. Crystal Systems | Open Energy Information

    Open Energy Info (EERE)

    is located in Salem, Massachusetts. Crystal Systems produces sapphire crystals for optics and electronics, and silicon for photovoltaics. References Crystal Systems...

  13. Neptune Systems | Open Energy Information

    Open Energy Info (EERE)

    Systems Jump to: navigation, search Name: Neptune Systems Address: PO Box 8719 Place: Breda Zip: 4820 BA Region: Netherlands Sector: Marine and Hydrokinetic Phone Number: +31 (0)...

  14. Megtec Systems | Open Energy Information

    Open Energy Info (EERE)

    "group":"","inlineLabel":"","visitedicon":"" Hide Map References: Megtec Systems1 Methane Capture2 Megtec Systems is a company headquartered in De Pere, Wisconsin. Megtec...

  15. Solar Systems | Open Energy Information

    Open Energy Info (EERE)

    Logo: Solar Systems Name: Solar Systems Address: 45 Grosvenor Street Place: Abbotsford, Australia Sector: Solar Product: Solar concentrators Phone Number: +61 3 9413 8000 Website:...

  16. NRG Systems | Open Energy Information

    Open Energy Info (EERE)

    Systems Jump to: navigation, search Name: NRG Systems Place: Hinesburg, Vermont Zip: 5461 Sector: Wind energy Product: A US-based manufacturer of wind measurement and turbine...

  17. Hydrothermal System | Open Energy Information

    Open Energy Info (EERE)

    Hydrothermal Systems: A hydrothermal system is one that included fluid, heat, and permeability in a naturally occurring geological formation for the production of electricity....

  18. Chorus Systems | Open Energy Information

    Open Energy Info (EERE)

    Chorus Systems Jump to: navigation, search Name: Chorus Systems Place: Sankt Augustin, Germany Zip: D-53757 Product: Plans and realises PV installations in Germany. References:...

  19. Socovoltaic Systems | Open Energy Information

    Open Energy Info (EERE)

    Name: Socovoltaic Systems Place: Vicenza, Italy Zip: 36100 Product: Socovoltaic is a joint venture between Socotherm and TSNergy. References: Socovoltaic Systems1 This...

  20. Environmental remediation and waste management information systems

    SciTech Connect (OSTI)

    Harrington, M.W.; Harlan, C.P.

    1993-12-31

    The purpose of this paper is to document a few of the many environmental information systems that currently exist worldwide. The paper is not meant to be a comprehensive list; merely a discussion of a few of the more technical environmental database systems that are available. Regulatory databases such as US Environmental Protection Agency`s (EPA`s) RODS (Records of Decision System) database [EPA, 1993] and cost databases such as EPA`s CORA (Cost of Remedial Action) database [EPA, 1993] are not included in this paper. Section 2 describes several US Department of Energy (DOE) Environmental Restoration and Waste Management (EM) information systems and databases. Section 3 discusses several US EPA information systems on waste sites and technologies. Section 4 summarizes a few of the European Community environmental information systems, networks, and clearinghouses. And finally, Section 5 provides a brief overview of Geographical Information Systems. Section 6 contains the references, and the Appendices contain supporting information.

  1. Altergy Systems | Open Energy Information

    Open Energy Info (EERE)

    95630 Product: Designs and manufactures proprietary proton exchange membrane (PEM) fuel cell systems. References: Altergy Systems1 This article is a stub. You can help OpenEI by...

  2. Drilling Systems | Open Energy Information

    Open Energy Info (EERE)

    Act: Enhanced Geothermal Systems Component Research and DevelopmentAnalysis Tulsa, OK 2,399,999 600,000 2,999,999 Stinger Enhanced Bits for Engineered Geothermal Systems...

  3. PV Systems | Open Energy Information

    Open Energy Info (EERE)

    PV Systems Place: Wales, United Kingdom Zip: CF15 7JD Product: Welsh building integrated PV (BIPV) company References: PV Systems1 This article is a stub. You can help OpenEI by...

  4. Trip Information Log Tracking System

    Energy Science and Technology Software Center (OSTI)

    1992-06-23

    The system is focused on the Employee Business Travel Event. The system must be able to CRUD (Create, Retrieve, Update, Delete) instances of the Travel Event as well as the ability to CRUD frequent flyer milage associated with airline travel. Additionally the system must provide for a compliance reporting system to monitor reductions in travel costs and lost opportunity costs (i.e., not taking advantage of business class or 7 day advance tickets).

  5. Information Concerning Reliability Impacts under Various System

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Configurations of the Mirant Potomac River Plant | Department of Energy Information Concerning Reliability Impacts under Various System Configurations of the Mirant Potomac River Plant Information Concerning Reliability Impacts under Various System Configurations of the Mirant Potomac River Plant Docket No. EO-05-01: PJM Interconnection, L.L.C. and PEPCO Holdings, Inc. is hereby providing you with additional information concerning reliability impacts under various system conditions

  6. Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs‚ÄĒSummary Report

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Assante, Michael; Tobey, D. H.; Conway, T. J.; Vanderhorst, Jr, T. J.; Januszewski, III, J.; Leo, R.; Perman, K.

    2013-07-01

    This document is a summarization of the report, Developing Secure Power Systems Professional Competence: Alignment and Gaps in Workforce Development Programs, the final report for phase 2 of the SPSP (DOE workforce study) project.

  7. OpenEIS (energy information system)

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    OpenEIS (energy information system) 2014 Building Technologies Office Peer Review Jessica ... 2014 Key Milestones: 1. Release of reference code for v1 algorithms, September 2013 ...

  8. Hydrothermal System | Open Energy Information

    Open Energy Info (EERE)

    of the underlying resource.1 Occurrence Models "To search efficiently for blind geothermal systems, general geographic regions must first be identified based upon...

  9. Vitex Systems | Open Energy Information

    Open Energy Info (EERE)

    to: navigation, search Name: Vitex Systems Place: San Jose, California Zip: CA 95131 USA Product: Production of OLEDs and commercialization of flat panel displays (FPDs)...

  10. Verno Systems | Open Energy Information

    Open Energy Info (EERE)

    search Name: Verno Systems Place: Redmond, Washington State Zip: 98052 Sector: Biofuels Product: California-based investment fund focused on biofuels. References: Verno...

  11. Passiv Systems | Open Energy Information

    Open Energy Info (EERE)

    Place: England, United Kingdom Zip: RG14 2PZ Product: UK based developer of a home energy management system, covering heating, hot water and electrical appliances....

  12. Paradyme Systems | Open Energy Information

    Open Energy Info (EERE)

    Jump to: navigation, search Name: Paradyme Systems Region: United States Sector: Marine and Hydrokinetic Website: http: This company is listed in the Marine and Hydrokinetic...

  13. KUKA Systems | Open Energy Information

    Open Energy Info (EERE)

    search Name: KUKA Systems Place: Augsburg, Germany Zip: D-86165 Sector: Solar, Wind energy Product: German manufacturer of assembly lines for solar and wind industries....

  14. Arisdyne Systems | Open Energy Information

    Open Energy Info (EERE)

    Cleveland, Ohio Zip: 44142 Product: Arisdyne Systems is a former subsidiary of Five Star Technologies that concentrates on development of biofuel processing technologies,...

  15. Energy Security and Restoration Exercise Program/Best Practices and Information Sharing

    SciTech Connect (OSTI)

    Barbara McCabe; John Kovach

    2009-03-30

    The first year of this cooperative agreement focused on the following elements: curriculum development and presentation, curriculum maintenance, enhancements, and effectiveness, and smart card initiative. During the second year of this grant, with redirection from DOE, the IUOE modified its mission statement under the cooperative agreement. It states: 'The mission of the IUOE is to provide expertise to provide best practices, information sharing, and develop scenarios and conduct exercises ranging in size and complexity from table top to national level to prepare all stakeholders to protect and restore energy infrastructure should an event, terrorist or natural, occur'. The Program developed a number of products under this Cooperative Agreement. These products include: FOSTER (Facility Operations Safety Training Event Response) Curriculum and Training Models, Alternative Energy Supply - Generators Training Module, Liquefied Natural Gas Training Module, Education Program - Distributed Generations, Compendium of Resources and References, Energy Security and Restoration Training Manual, Manual of Situations and Scenarios Developed for Emergency Exercises, Manual of Best Practices/Lessons Learned for Energy Load Management, Training Plan, Strategic Information and Exercise Plan, National Certification Plan Report, and a Smart Card Project Report.

  16. Sandia Explosive Inventory and Information System

    SciTech Connect (OSTI)

    Clements, D.A.

    1994-08-01

    The Explosive Inventory and Information System (EIS) is being developed and implemented by Sandia National Laboratories (SNL) to incorporate a cradle to grave structure for all explosives and explosive containing devices and assemblies at SNL from acquisition through use, storage, reapplication, transfer or disposal. The system does more than track all material inventories. It provides information on material composition, characteristics, shipping requirements; life cycle cost information, plan of use; and duration of ownership. The system also provides for following the processes of explosive development; storage review; justification for retention; Resource, Recovery and Disposition Account (RRDA); disassembly and assembly; and job description, hazard analysis and training requirements for all locations and employees involved with explosive operations. In addition, other information systems will be provided through the system such as the Department of Energy (DOE) and SNL Explosive Safety manuals, the Navy`s Department of Defense (DoD) Explosive information system, and the Lawrence Livermore National Laboratories (LLNL) Handbook of Explosives.

  17. Information Sharing in the Process Control Systems Forum Assessing Liability Issues

    SciTech Connect (OSTI)

    Ray Fink

    2005-10-01

    The Process Control Systems Forum (http://www.pcsforum.org) is an open, collaborative, voluntary forum established by the Department of Homeland Security. The purpose of the Forum is to accelerate the development of technology that will enhance the security, safety, and reliability of process control systems (PCS) and supervisory control and data acquisition (SCADA) systems. It is intended as a venue for technologists from user sectors, vendors, and academia. The Forum is not a standards body. Within the Forum, there is a variety of working groups and interest groups that are focused on specific subject areas. One such Interest Group is addressing how to create a ''safe zone'' for critical information sharing. This Interest Group is concerned with topics such as: trade-offs between maintaining security and sharing best practices; secure mechanisms for sharing of critical information; legal issues associated with sharing information; institutional impediments to sharing best practices and relevant incidents; finding a meaningful manner of exchange for sharing process control security events, incidents, audit logs, etc.; and creating a database of relevant industrial cyber events. The purpose of this white paper is to address liability issues that might arise from sharing of critical information such as recommended ''best practices''. There is a concern that by publishing ''best practices'' or similar information, the Forum or its members might be inadvertently assuming some liability. The following scenarios illustrate the concerns about potential liability.

  18. Composite Data Products (CDPs) from the Hydrogen Secure Data Center (HSDC) at the Energy Systems Integration Facility (ESIF), NREL

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    The Hydrogen Secure Data Center (HSDC) at NREL's Energy Systems Integration Facility (ESIF) plays a crucial role in NREL's independent, third-party analysis of hydrogen fuel cell technologies in real-world operation. NREL partners submit operational, maintenance, safety, and cost data to the HSDC on a regular basis. NREL's Technology Validation Team uses an internal network of servers, storage, computers, backup systems, and software to efficiently process raw data, complete quarterly analysis, and digest large amounts of time series data for data visualization. While the raw data are secured by NREL to protect commercially sensitive and proprietary information, individualized data analysis results are provided as detailed data products (DDPs) to the partners who supplied the data. Individual system, fleet, and site analysis results are aggregated into public results called composite data products (CDPs) that show the status and progress of the technology without identifying individual companies or revealing proprietary information. These CDPs are available from this NREL website: 1) Hydrogen Fuel Cell Vehicle and Infrastructure Learning Demonstration; 2) Early Fuel Cell Market Demonstrations; 3) Fuel Cell Technology Status [Edited from http://www.nrel.gov/hydrogen/facilities_secure_data_center.html].

  19. Wind energy systems information user study

    SciTech Connect (OSTI)

    Belew, W.W.; Wood, B.L.; Marle, T.L.; Reinhardt, C.L.

    1981-01-01

    This report describes the results of a series of telephone interviews with potential users of information on wind energy conversion. These interviews, part of a larger study covering nine different solar technologies, attempted to identify: the type of information each distinctive group of information users needed, and the best way of getting information to that group. Groups studied include: wind energy conversion system researchers; wind energy conversion system manufacturer representatives; wind energy conversion system distributors; wind turbine engineers; utility representatives; educators; county agents and extension service agents; and wind turbine owners.

  20. Cyber Security Procurement Language for Control Systems Version 1.8 |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Supervisory Control and Data Acquisition (SCADA), Process Control System (PCS), Distributed Control System (DCS), etc. generally refer to the systems which control, monitor, and manage the nation's critical infrastructures such as electric power generators, subway systems, dams, telecommunication systems, natural gas pipelines, and many others. Simply

  1. Policy enabled information sharing system

    DOE Patents [OSTI]

    Jorgensen, Craig R.; Nelson, Brian D.; Ratheal, Steve W.

    2014-09-02

    A technique for dynamically sharing information includes executing a sharing policy indicating when to share a data object responsive to the occurrence of an event. The data object is created by formatting a data file to be shared with a receiving entity. The data object includes a file data portion and a sharing metadata portion. The data object is encrypted and then automatically transmitted to the receiving entity upon occurrence of the event. The sharing metadata portion includes metadata characterizing the data file and referenced in connection with the sharing policy to determine when to automatically transmit the data object to the receiving entity.

  2. An expert system for automating security incident assessment using OPS5 in an Ada environment

    SciTech Connect (OSTI)

    Canales, T.W.; Smart, J.C.

    1988-01-29

    An expert system that automatically assesses security incidents is being developed at Lawrence Livermore National Laboratory. The expert system associates, classifies, and prioritizes monitored sensor events. The outcome of these processes is a dynamic representation of the state of Laboratory security in the form of security ''incidents''. A graphical representation of the incidents is integrated into a map-oriented console monitor that provides the operator with a comprehensive view of incidents and their locations. A prototype expert system has been developed using the OPS5 rule-based language. A large Ada-based program provides control of the map display system and interfaces to the various monitoring and access-control devices. In addition to the expert system operation, the issues and methods involved in integrating the OPS5-based incident-assessment system to the large Ada-based control program are discussed. 7 refs., 7 figs.

  3. PIA - Security Clearance Work Tracking and Budget System | Department...

    Energy Savers [EERE]

    Documents & Publications Freedom of Information and Privacy Act Database PIA, Idaho Operations Office Occupational Medicine - Assistant PIA, Idaho National Laboratory TRAIN-PIA.pdf...

  4. G2 | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    G2 NNSA's G2 Management Information System Wins Association for Enterprise Information's (AFEI) "Excellence in Enterprise Information Award" The G2 team and the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information Award. (WASHINGTON, D.C) - The National Nuclear Security Administration (NNSA) has received the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information

  5. Sensorpedia: Information Sharing Across Autonomous Sensor Systems

    SciTech Connect (OSTI)

    Gorman, Bryan L; Resseguie, David R; Tomkins-Tinch, Christopher H

    2009-01-01

    The concept of adapting social media technologies is introduced as a means of achieving information sharing across autonomous sensor systems. Historical examples of interoperability as an underlying principle in loosely-coupled systems is compared and contrasted with corresponding tightly-coupled, integrated systems. Examples of ad hoc information sharing solutions based on Web 2.0 social networks, mashups, blogs, wikis, and data tags are presented and discussed. The underlying technologies of these solutions are isolated and defined, and Sensorpedia is presented as a formalized application for implementing sensor information sharing across large-scale enterprises with incompatible autonomous sensor systems.

  6. A review of video security training and assessment-systems and their applications

    SciTech Connect (OSTI)

    Cellucci, J.; Hall, R.J. )

    1991-01-01

    This paper reports that during the last 10 years computer-aided video data collection and playback systems have been used as nuclear facility security training and assessment tools with varying degrees of success. These mobile systems have been used by trained security personnel for response force training, vulnerability assessment, force-on-force exercises and crisis management. Typically, synchronous recordings from multiple video cameras, communications audio, and digital sensor inputs; are played back to the exercise participants and then edited for training and briefing. Factors that have influence user acceptance include: frequency of use, the demands placed on security personnel, fear of punishment, user training requirements and equipment cost. The introduction of S-VHS video and new software for scenario planning, video editing and data reduction; should bring about a wider range of security applications and supply the opportunity for significant cost sharing with other user groups.

  7. LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS

    SciTech Connect (OSTI)

    Ray Fink

    2006-10-01

    The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

  8. River Protection Project information systems assessment

    SciTech Connect (OSTI)

    JOHNSON, A.L.

    1999-07-28

    The Information Systems Assessment Report documents the results from assessing the Project Hanford Management Contract (PHMC) Hanford Data Integrator 2000 (HANDI 2000) system, Business Management System (BMS) and Work Management System phases (WMS), with respect to the System Engineering Capability Assessment Model (CAM). The assessment was performed in accordance with the expectations stated in the fiscal year (FY) 1999 Performance Agreement 7.1.1, item (2) which reads, ''Provide an assessment report on the selected Integrated Information System by July 31, 1999.'' This report assesses the BMS and WMS as implemented and planned for the River Protection Project (RPP). The systems implementation is being performed under the PHMC HANDI 2000 information system project. The project began in FY 1998 with the BMS, proceeded in FY 1999 with the Master Equipment List portion of the WMS, and will continue the WMS implementation as funding provides. This report constitutes an interim quality assessment providing information necessary for planning RPP's information systems activities. To avoid confusion, HANDI 2000 will be used when referring to the entire system, encompassing both the BMS and WMS. A graphical depiction of the system is shown in Figure 2-1 of this report.

  9. OSIO | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    OSIO NNSA's G2 Management Information System Wins Association for Enterprise Information's (AFEI) "Excellence in Enterprise Information Award" The G2 team and the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information Award. (WASHINGTON, D.C) - The National Nuclear Security Administration (NNSA) has received the 2015 Association for Enterprise Information's (AFEI) Excellence in Enterprise Information... NNSA's Asset Management Program Completes First

  10. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, anmore¬†¬Ľ established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.¬ę¬†less

  11. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    SciTech Connect (OSTI)

    Vollmer, Todd; Manic, Milos

    2014-05-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.

  12. Application of artificial neural networks in power system security and vulnerability assessment

    SciTech Connect (OSTI)

    Qin Zhou; Davidson, J.; Fouad, A.A.

    1994-02-01

    In a companion paper the concept of system vulnerability is introduced as a new framework for power system dynamic security assessment. Using the TEF method of transient stability analysis, the energy margin [Delta]V is used as an indicator of the level of security, and its sensitivity to a changing system parameter p ([partial derivative][Delta]V/[partial derivative]p) as indicator of its trend with changing system conditions. These two indicators are combined to determine the degree of system vulnerability to contingent disturbances in a stability-limited power system. Thresholds for acceptable levels of the security indicator and its trend are related to the stability limits of a critical system parameter (plant generation limits). Operating practices and policies are used to determine these thresholds. In this paper the artificial neural networks (ANNs) technique is applied to the concept of system vulnerability within the recently developed framework, for fast pattern recognition and classification of system dynamic security status. A suitable topology for the neural network is developed, and the appropriate training method and input and output signals are selected. The procedure developed is successfully applied to the IEEE 50-generator test system. Data previously obtained by heuristic techniques are used for training the ANN.

  13. Privacy Act System Notices | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    System Notices When an agency establishes a new, or makes changes to, an existing system ... 30 days prior to the implementation of the new routine use to allow for public comment

  14. The renewable electric plant information system

    SciTech Connect (OSTI)

    Sinclair, K.

    1995-12-01

    This report explains the procedures used for creating the Renewable Electric Plant Information System (REPiS) database, describes the database fields, and summarizes the data. The REPiS database contains comprehensive information on grid-connected renewable electric generation plants in the United States. Originally designed in 1987 and updated in 1990, the database includes information through 1994. The report also illustrates ways of using the data for analysis is and describes how researchers validated the data.

  15. Western Renewable Energy Generation Information System ACCOUNT...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Western Renewable Energy Generation Information System ACCOUNT HOLDER REGISTRATION AGREEMENT (Also referred to as the "TERMS OF USE") June 22,2007 Revised May 1,2008 JUL 3 1 REC'D...

  16. physical security

    National Nuclear Security Administration (NNSA)

    5%2A en Physical Security Systems http:nnsa.energy.govaboutusourprogramsnuclearsecurityphysicalsecuritysystems

  17. Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2002-03-18

    To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

  18. Aerial Measuring System | National Nuclear Security Administration | (NNSA)

    National Nuclear Security Administration (NNSA)

    Management Aerial Measuring System AMS Logo NNSA's Aerial Measuring System (AMS) provides specialized airborne radiation detection systems to provide real-time measurements of low levels of air and ground contamination. The AMS team consists of scientists, technicians, pilots, and ground support personnel. These trained experts are in charge of maintaining a state of readiness to respond to a radiological emergency at any time. The team is based out of Nellis Air Force Base in Las Vegas, Nevada,

  19. ORO Office Safeguards and Security Clearance Tracking System...

    Office of Environmental Management (EM)

    More Documents & Publications Occupational Medicine - Assistant PIA, Idaho National Laboratory ORO Verification of Employment Tracking System(VETS) PIA, Oak ridge Operations Office ...

  20. ORO Office Safeguards and Security Clearance Tracking System...

    Energy Savers [EERE]

    System PIA, Oak Ridge Operations Office More Documents & Publications Occupational Medicine - Assistant PIA, Idaho National Laboratory ORO Verification of Employment Tracking...

  1. FTCP Site Specific Information ‚Äď Office of Environment, Health, Safety & Security

    Broader source: Energy.gov [DOE]

    Site Specific Information including Contact Information, and Annual Workforce Analysis & Staffing Plan Reports.

  2. Project Records Information System (PRIS) user's manual

    SciTech Connect (OSTI)

    Smith, P.S.; Nations, J.A.; Short, R.D.

    1991-08-01

    The Projects Record Information System (PRIS) is an interactive system developed for the Information Services Division (ISD) of Martin Marietta Energy Systems, Inc., to perform indexing, maintenance, and retrieval of information about Engineering project record documents for which they are responsible. This PRIS User's Manual provides instruction on the use of this system. Section 2.0 of this manual presents an overview of PRIS, describing the system's purpose; the data that it handles, functions it performs; hardware, software, and access; and help and error functions. Section 3.0 describes the interactive menu-driven operation of PRIS. Appendixes A, B,C, and D contain the data dictionary, help screens, report descriptions, and a primary menu structure diagram, respectively.

  3. Preliminary Notice of Violation, National Security Technologies...

    Office of Environmental Management (EM)

    violations of Department of Energy's classified information security program ... Sheet, Preliminary Notice of Violation: Classified Information Security Event at NNSS ...

  4. Information survey for microcomputer systems integration

    SciTech Connect (OSTI)

    Hake, K.A.

    1991-12-01

    One goal of the PM-AIM is to provide US Army Project Managers (PMs) and Project Executive Officers (PEOs) with a fundamental microcomputing resource to help perform acquisition information management and its concomitant reporting requirements. Providing key application software represents one means of accomplishing this goal. This workstation would furnish a broad range of capabilities needed in the PM and PEO office settings as well as software tools for specific project management and acquisition information. Although still in the conceptual phase, the practical result of this exercise in systems integration will likely be a system called the Project Manager's Information System (PMIS) or the AIM workstation. It would include such software as, Project Manager's System Software (PMSS), Defense Acquisition Executive Summary (DAES), and Consolidated Acquisition Reporting System (CARS) and would conform to open systems architecture as accepted by the Department of Defense. ORNL has assisted PM-AIM in the development of technology ideas for the PMIS workstation concept. This paper represents the compilation of information gained during this process. This information is presented as a body of knowledge (or knowledge domain) defining the complex technology of microcomputing. The concept of systems integration or tying together all hardware and software components reflects the nature of PM-AIM's task in attempting to field a PMIS or AIM workstation.

  5. Information survey for microcomputer systems integration

    SciTech Connect (OSTI)

    Hake, K.A.

    1991-12-01

    One goal of the PM-AIM is to provide US Army Project Managers (PMs) and Project Executive Officers (PEOs) with a fundamental microcomputing resource to help perform acquisition information management and its concomitant reporting requirements. Providing key application software represents one means of accomplishing this goal. This workstation would furnish a broad range of capabilities needed in the PM and PEO office settings as well as software tools for specific project management and acquisition information. Although still in the conceptual phase, the practical result of this exercise in systems integration will likely be a system called the Project Manager`s Information System (PMIS) or the AIM workstation. It would include such software as, Project Manager`s System Software (PMSS), Defense Acquisition Executive Summary (DAES), and Consolidated Acquisition Reporting System (CARS) and would conform to open systems architecture as accepted by the Department of Defense. ORNL has assisted PM-AIM in the development of technology ideas for the PMIS workstation concept. This paper represents the compilation of information gained during this process. This information is presented as a body of knowledge (or knowledge domain) defining the complex technology of microcomputing. The concept of systems integration or tying together all hardware and software components reflects the nature of PM-AIM`s task in attempting to field a PMIS or AIM workstation.

  6. Defense Nuclear Security | National Nuclear Security Administration...

    National Nuclear Security Administration (NNSA)

    This responsibility includes the physical, materials control and accounting, classified and sensitive information protection, personnel, technical, and cyber security programs. ...

  7. Homeland Security Presidential Directive (HSPD)-12 | National Nuclear

    National Nuclear Security Administration (NNSA)

    Security Administration | (NNSA) Homeland Security Presidential Directive (HSPD)-12 HSPD-12 mandates a common identification standard for all Federal employees and contractors who have a need to access government facilities and information systems. The NNSA goal is to develop a common solution for effective and secure logical and physical access for longer than six months. Individuals who have a valid need to access NNSA-owned security areas, facilities and information systems will be issued

  8. Implementation of Unclassified Controlled Nuclear Information guidelines for fixed-site safeguards and security (FSSS) at Los Alamos National Laboratory

    SciTech Connect (OSTI)

    Rood, P.L.

    1995-02-01

    Unclassified Controlled Nuclear Information (UCNI) is one type of sensitive information that DOE employees, including computer users, must now identify and protect. Guidelines to identify information as UCNI are gradually being put in place. The publication of Unclassified Controlled Nuclear Information Topical Guideline for Fixed-Site Safeguards and Security, TG-FSSS-1, is a major step in the development of UCNI guidelines. This DOE published guide cuts across and addresses many different programmatic areas including automated data processing. Our local guideline, Los Alamos National Laboratory Unclassified Controlled Nuclear Information Guideline for Fixed-Site Safeguards and Security, IG-LAFSSS-1, is based on TG-FSSS-1. In this paper, I plan to discuss the background of UCNI, the definition of UCNI, information that qualifies as UCNI, the consequences of information being UCNI, the development of UCNI guidelines, TG-FSSS-1 and IG-LAFSSS-1, the relationship of UCNI to classification, and the implementation of the IG-LAFSSS-1 at Los Alamos.

  9. GAO Challenges and Efforts to Secure Control Systems (March 2004)

    Broader source: Energy.gov [DOE]

    Computerized control systems perform vital functions across many of our nation’s critical infrastructures. For example, in natural gas distribution, they can monitor and control the pressure and...

  10. Sandia National Laboratories: National Security Missions: Defense Systems

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and Assessments Programs Defense Systems & Assessments Accelerating Innovation for the Warfighter Accelerating Innovation into the Hands of the Warfighter Supporting Ballistic Missile Defense Supporting Ballistic Missile Defense Launching GPS Satellites Launch of GPS satellite About Defense Systems & Assessments Our engineering, science, and technology expertise supports soldiers on the battlefield. About Us Program Areas Our multi-faceted research detects and defends against threats

  11. Computational Systems & Software Environment | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) Computational Systems & Software Environment The mission of this national sub-program is to build integrated, balanced, and scalable computational capabilities to meet the predictive simulation requirements of NNSA. This sub-program strives to provide users of ASC computing resources a stable and seamless computing environment for all ASC-deployed platforms. Along with these powerful systems that ASC will maintain and field the supporting software infrastructure

  12. NNSA Policy System | National Nuclear Security Administration | (NNSA)

    National Nuclear Security Administration (NNSA)

    Budget NNSA Policy System The NNSA's Policy System is established under the authority of Section 3212(d) of Public Law 106-65, the National Defense Authorization Act for Fiscal Year 2000, as amended. This law gives the NNSA Administrator authority to establish Administration-specific policies. Department of Energy Directives DOE Directives are the primary means to establish, communicate, and institutionalize policies, requirements, responsibilities, and procedures for multiple Departmental

  13. Chemical Biological Emergency Management Information System

    Energy Science and Technology Software Center (OSTI)

    2004-06-15

    CB-EMIS is designed to provide information and analysis to transit system operators and emergency responders in the event of a chemical attack on a subway system. The software inforporates detector data, video images, train data, meteorological data, and above- and below-ground plume dispersion models, hight of the liquid level.

  14. CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Systems Are Under Way, but Challenges Remain | Department of Energy CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain CRITICAL INFRASTRUCTURE PROTECTION Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain GAO is making recommendations to the Department of Homeland Security (DHS) to develop a strategy for coordinating control systems security efforts and to enhance information sharing with relevant

  15. Fast transient security evaluation of power systems by using pattern recognition techniques

    SciTech Connect (OSTI)

    Mokhtari, S.

    1983-01-01

    A power system is a dynamic system. The reaction of a power network to the same set of disturbances is different for various initial equilibrium states. For a given set of contingencies, some of the initial equilibrium states are stable and some of them are unstable. The purpose of this dissertation is to identify if a given operating conditions of the system is stable (secure) or unstable (insecure) for certain disturbances by using real time data. The time required for on-line security analysis can be reduced if pattern recognition techniques are employed. The use of a pattern recognition technique in on-line transient security analysis of power systems is examined. Load magnitudes are treated as random variables with an assumed statistical distribution having a standard deviation of 10%. The simulation technique is applied, off-line, to check system security for the defined set of contingencies. For each initial system condition, the potentially good variables are identified. The number of variables is reduced and variables with the highest discriminatory power are identified. Two decision rules are then developed by using Generalized Square Distance and K-Nearest Neighbor classification techniques. Next, the performance of each classifier is evaluated by using two risk estimating techniques, Jackknife Risk Estimation and Independent Test Risk estimation. The best classifier is identified. Finally, using this classifier, a computer program is developed. This program is capable of predicting, on-line, the security and insecurity of the given power system for any initial system condition within the range defined for the training set. The important features of this program are its accuracy, speed, adaptability and up-dating scheme.

  16. LANL installs high-performance computer system | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) LANL installs high-performance computer system Friday, June 20, 2014 - 10:29am Los Alamos National Laboratory recently installed a new high-performance computer system, called Wolf, which will be used for unclassified research. Wolf will help modernize mid-tier resources available to the lab and can be used to advance many fields of science. Wolf, manufactured by Cray Inc., has 616 compute nodes, each with two 8-core 2.6 GHz Intel "Sandybridge" processors,

  17. Rapid Deployment Shelter System | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Rapid Deployment Shelter ... Rapid Deployment Shelter System The mp4 video format is not supported by this browser. Download video Captions: On Time: 5:03 min. Originally designed as a mobile surgical suite, the RDSS can also be converted and used for a command, control, logisitics, or operations center

  18. Rapid Deployment Shelter System, Application | Y-12 National Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Complex Rapid Deployment Shelter ... Rapid Deployment Shelter System, Application The mp4 video format is not supported by this browser. Download video Captions: On Time: 3:30 min. The RDSS provides humanitarian and disaster relief first responders with a versatile portable shelter that is rapidly deployed under adverse conditions

  19. Disclaimer | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Disclaimer Disclaimer Security Notice This website is part of a Federal computer system used to accomplish Federal functions. The Department of Energy uses software programs to monitor this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features, to use the system for other than intended

  20. INFORMATION: Audit Report on The Office of Secure Transportation DC-9 Aircraft Refurbishment

    SciTech Connect (OSTI)

    2009-05-01

    The National Nuclear Security Administration's (NNSA) Office of Secure Transportation (OST) maintains a fleet of seven aircraft to transport sensitive items, equipment and security personnel. Based on increasing requirements for transporting components and security personnel, OST decided to add a heavy transport aircraft to meet the Department's weapons surety and emergency response missions. In 2004, as a replacement following the sale of a portion of its fleet, OST acquired a DC-9 cargo aircraft that had been excessed by the U.S. military. Prior to integrating the DC-9 into its fleet, NNSA ordered a refurbishment of the aircraft. This refurbishment project was to permit the aircraft to be certified to civil air standards so that it could transport passengers for site visits, training and other travel. The NNSA Service Center (Service Center) awarded a contract for the refurbishment of the aircraft in December 2004. In recent years, the Office of Inspector General has addressed a number of issues relating to the Department's aircraft management activities and services. As part of our ongoing review process and because of the national security importance of its fleet of aircraft, we conducted this review to determine whether OST had an effective and efficient aviation management program.

  1. Information systems to enhance technology exchange

    SciTech Connect (OSTI)

    Hunter, T.; Harrington, M.; Harlan, C.; Drozhko, E.

    1994-03-01

    A fundamental part of international technology exchange is the compilation and dissemination of information. Worldwide environmental problems and technology development activities form the basis for important opportunities across the world and especially for those in the former Soviet Union. Recently, important agreements have been reached among Russian institutes engaged in environmental work and the US Department of Energy (DOE) and its national laboratories. These agreements will allow a systematic compilation of information on environmental contamination problems in Russia that can be included in DOE`s environmental information systems. A computer hardware and software system has been loaned to Russian scientists by the DOE for the sharing of environmental software and data, while establishing standards for future information networks.

  2. NERSC Computer Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security NERSC Computer Security NERSC computer security efforts are aimed at protecting NERSC systems and its users' intellectual property from unauthorized access or modification. Among NERSC's security goal are: 1. To protect NERSC systems from unauthorized access. 2. To prevent the interruption of services to its users. 3. To prevent misuse or abuse of NERSC resources. Security Incidents If you think there has been a computer security incident you should contact NERSC Security as soon as

  3. Project Management and Systems Support | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) Project Management and Systems Support Goal NNSA strives to ensure that its projects are well managed, and receive appropriate visibility and support within its headquarters programs. Additionally, it works to improve project management policies and practices throughout NNSA. Means and Strategies NNSA will accomplish this goal by providing its federal project directors, federal and contractor program managers, and other key project management personnel with: 1)

  4. Information Sciences and Technology

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    file systems Bioinformatics Infectious disease surveillance Climate change and energy security Smart grids Learn more about our Information Science and Technology capabilities

  5. Computer Security Risk Assessment

    Energy Science and Technology Software Center (OSTI)

    1992-02-11

    LAVA/CS (LAVA for Computer Security) is an application of the Los Alamos Vulnerability Assessment (LAVA) methodology specific to computer and information security. The software serves as a generic tool for identifying vulnerabilities in computer and information security safeguards systems. Although it does not perform a full risk assessment, the results from its analysis may provide valuable insights into security problems. LAVA/CS assumes that the system is exposed to both natural and environmental hazards and tomore¬†¬Ľ deliberate malevolent actions by either insiders or outsiders. The user in the process of answering the LAVA/CS questionnaire identifies missing safeguards in 34 areas ranging from password management to personnel security and internal audit practices. Specific safeguards protecting a generic set of assets (or targets) from a generic set of threats (or adversaries) are considered. There are four generic assets: the facility, the organization''s environment; the hardware, all computer-related hardware; the software, the information in machine-readable form stored both on-line or on transportable media; and the documents and displays, the information in human-readable form stored as hard-copy materials (manuals, reports, listings in full-size or microform), film, and screen displays. Two generic threats are considered: natural and environmental hazards, storms, fires, power abnormalities, water and accidental maintenance damage; and on-site human threats, both intentional and accidental acts attributable to a perpetrator on the facility''s premises.¬ę¬†less

  6. of Western Area Power Administration's Cyber Security Program

    Broader source: Energy.gov (indexed) [DOE]

    ... could be exploited by both an insider and a remote attacker. ... Technology, such as NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems and ...

  7. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  8. MODELING AND PERFORMANCE EVALUATION FOR AVIATION SECURITY CARGO INSPECTION QUEUING SYSTEM

    SciTech Connect (OSTI)

    Allgood, Glenn O; Olama, Mohammed M; Rose, Terri A; Brumback, Daryl L

    2009-01-01

    Beginning in 2010, the U.S. will require that all cargo loaded in passenger aircraft be inspected. This will require more efficient processing of cargo and will have a significant impact on the inspection protocols and business practices of government agencies and the airlines. In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, and throughput. These metrics are performance indicators of the system s ability to service current needs and response capacity to additional requests. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures will reduce the overall cost and shipping delays associated with the new inspection requirements.

  9. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    SciTech Connect (OSTI)

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01

    Abstract‚ÄĒThis paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  10. Closure Report for Corrective Action Unit 562: Waste Systems, Nevada National Security Site, Nevada

    SciTech Connect (OSTI)

    NSTec Environmental Restoration

    2012-08-15

    This Closure Report (CR) presents information supporting closure of Corrective Action Unit (CAU) 562, Waste Systems, and provides documentation supporting the completed corrective actions and confirmation that closure objectives for CAU 562 were met. This CR complies with the requirements of the Federal Facility Agreement and Consent Order (FFACO) that was agreed to by the State of Nevada; the U.S. Department of Energy (DOE), Environmental Management; the U.S. Department of Defense; and DOE, Legacy Management (FFACO, 1996 as amended). CAU 562 consists of the following 13 Corrective Action Sites (CASs), located in Areas 2, 23, and 25 of the Nevada National Security Site: · CAS 02-26-11, Lead Shot · CAS 02-44-02, Paint Spills and French Drain · CAS 02-59-01, Septic System · CAS 02-60-01, Concrete Drain · CAS 02-60-02, French Drain · CAS 02-60-03, Steam Cleaning Drain · CAS 02-60-04, French Drain · CAS 02-60-05, French Drain · CAS 02-60-06, French Drain · CAS 02-60-07, French Drain · CAS 23-60-01, Mud Trap Drain and Outfall · CAS 23-99-06, Grease Trap · CAS 25-60-04, Building 3123 Outfalls Closure activities began in October 2011 and were completed in April 2012. Activities were conducted according to the Corrective Action Plan for CAU 562 (U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office [NNSA/NSO], 2011). The corrective actions included No Further Action and Clean Closure. Closure activities generated sanitary waste and hazardous waste. Some wastes exceeded land disposal limits and required offsite treatment prior to disposal. Other wastes met land disposal restrictions and were disposed in appropriate onsite or offsite landfills. NNSA/NSO requests the following: · A Notice of Completion from the Nevada Division of Environmental Protection to NNSA/NSO for closure of CAU 562 · The transfer of CAU 562 from Appendix III to Appendix IV, Closed Corrective Action Units, of the FFACO

  11. Cyber Security Indications and Warning System (SV): CRADA 1573.94 Project Accomplishments Summary

    SciTech Connect (OSTI)

    Hu, Tan Chang; Robinson, David G.

    2011-09-08

    As the national focus on cyber security increases, there is an evolving need for a capability to provide for high-speed sensing of events, correlation of events, and decision-making based on the adverse events seen across multiple independent large-scale network environments. The purpose of this Shared Vision project, Cyber Security Indications and Warning System, was to combine both Sandia's and LMC's expertise to discover new solutions to the challenge of protecting our nation's infrastructure assets. The objectives and scope of the proposal was limited to algorithm and High Performance Computing (HPC) model assessment in the unclassified environment within funding and schedule constraints. The interest is the identification, scalability assessment, and applicability of current utilized cyber security algorithms as applied in an HPC environment.

  12. Request for Investigation or Inspection of Safety or Classified Information Security Violations

    Broader source: Energy.gov [DOE]

    Form allows for any DOE contractor employee or employee representative to submit a request to the Department of Energy’s Office of Enforcement, within the Office of Health, Safety, and Security, to initiate an enforcement investigation or inspection into a potential violation of DOE regulatory requirements.

  13. Function analysis for waste information systems

    SciTech Connect (OSTI)

    Sexton, J.L.; Neal, C.T.; Heath, T.C.; Starling, C.D.

    1996-04-01

    This study has a two-fold purpose. It seeks to identify the functional requirements of a waste tracking information system and to find feasible alternatives for meeting those requirements on the Oak Ridge Reservation (ORR) and the Portsmouth (PORTS) and Paducah (PGDP) facilities; identify options that offer potential cost savings to the US government and also show opportunities for improved efficiency and effectiveness in managing waste information; and, finally, to recommend a practical course of action that can be immediately initiated. In addition to identifying relevant requirements, it also identifies any existing requirements that are currently not being completely met. Another aim of this study is to carry out preliminary benchmarking by contacting representative companies about their strategic directions in waste information. The information obtained from representatives of these organizations is contained in an appendix to the document; a full benchmarking effort, however, is beyond the intended scope of this study.

  14. SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Behavioral Interview Guidelines by Job Roles

    SciTech Connect (OSTI)

    O'Neil, Lori Ross; Conway, T. J.; Tobey, D. H.; Greitzer, Frank L.; Dalton, Angela C.; Pusey, Portia K.

    2015-03-01

    The Secure Power Systems Professional Phase III final report was released last year which an appendix of Behavioral Interview Guidelines by Job Roles. This new report is that appendix broken out as a standalone document to assist utilities in recruiting and developing Secure Power Systems Professionals at their site.

  15. Cyber Assessment Methods for SCADA Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    5 by ISA - The Instrumentation, Systems and Automation Society. Presented at 15th Annual Joint ISA POWID/EPRI Controls and Instrumentation Conference http://www.isa.org Cyber Assessment Methods for SCADA Security May Robin Permann Kenneth Rohde Staff Computer Security Researcher Information & Communications Systems Cyber Security Technologies Idaho National Laboratory Idaho National Laboratory Idaho Falls, ID 83415 Idaho Falls, ID 83415 KEYWORDS Supervisory Control and Data Acquisition,

  16. Guidance for FY2014 Facilities Information Management System...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    FY2014 Facilities Information Management System Data Validations Guidance for FY2014 Facilities Information Management System Data Validations FY 2014 FIMS Data Validation Guidance ...

  17. Energy Management and Information Systems Study - 2014 BTO Peer...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    and Information Systems Study - 2014 BTO Peer Review Energy Management and Information Systems Study - 2014 BTO Peer Review Presenter: Jessica Granderson, Lawrence Berkeley ...

  18. ADP computer security classification program

    SciTech Connect (OSTI)

    Augustson, S.J.

    1984-01-01

    CG-ADP-1, the Automatic Data Processing Security Classification Guide, provides for classification guidance (for security information) concerning the protection of Department of Energy (DOE) and DOE contractor Automatic Data Processing (ADP) systems which handle classified information. Within the DOE, ADP facilities that process classified information provide potentially lucrative targets for compromise. In conjunction with the security measures required by DOE regulations, necessary precautions must be taken to protect details of those ADP security measures which could aid in their own subversion. Accordingly, the basic principle underlying ADP security classification policy is to protect information which could be of significant assistance in gaining unauthorized access to classified information being processed at an ADP facility. Given this policy, classification topics and guidelines are approved for implementation. The basic program guide, CG-ADP-1 is broad in scope and based upon it, more detailed local guides are sometimes developed and approved for specific sites. Classification topics are provided for system features, system and security management, and passwords. Site-specific topics can be addressed in local guides if needed.

  19. An efficient wireless power transfer system with security considerations for electric vehicle applications

    SciTech Connect (OSTI)

    Zhang, Zhen; Chau, K. T. Liu, Chunhua; Qiu, Chun; Lin, Fei

    2014-05-07

    This paper presents a secure inductive wireless power transfer (WPT) system for electric vehicle (EV) applications, such as charging the electric devices inside EVs and performing energy exchange between EVs. The key is to employ chaos theory to encrypt the wirelessly transferred energy which can then be decrypted by specific receptors in the multi-objective system. In this paper, the principle of encrypted WPT is first revealed. Then, computer simulation is conducted to validate the feasibility of the proposed system. Moreover, by comparing the WPT systems with and without encryption, the proposed energy encryption scheme does not involve noticeable power consumption.

  20. Clean Air Act: Confidential business information security manual (revised). Procedures manual

    SciTech Connect (OSTI)

    Toomer, M.W.

    1998-08-01

    The procedures in this manual provide Federal, contractor, and subcontractor employees with the information necessary to utilize Confidential Business Information to perform their assigned duties without violating applicable Federal regulations protecting the rights of its owners.

  1. Cyber Security Requirements for Risk Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  2. Energy, information science, and systems science

    SciTech Connect (OSTI)

    Wallace, Terry C; Mercer - Smith, Janet A

    2011-02-01

    This presentation will discuss global trends in population, energy consumption, temperature changes, carbon dioxide emissions, and energy security programs at Los Alamos National Laboratory. LANL's capabilities support vital national security missions and plans for the future. LANL science supports the energy security focus areas of impacts of Energy Demand Growth, Sustainable Nuclear Energy, and Concepts and Materials for Clean Energy. The innovation pipeline at LANL spans discovery research through technology maturation and deployment. The Lab's climate science capabilities address major issues. Examples of modeling and simulation for the Coupled Ocean and Sea Ice Model (COSIM) and interactions of turbine wind blades and turbulence will be given.

  3. CNS securing success across both sites | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    securing success across ... CNS securing success across both sites Posted: April 13, 2016 - 12:31pm Pantex Emergency Services members (from left) Maribel Martinez, Brenda Graham and Greg Roddahl learn how to use the Emergency Management Information System, or EMInS. Safeguards, Security and Emergency Services integrated, consolidated and standardized processes at Pantex and Y-12 in 2015. According to Gary Wisdom, SS&ES senior director at Pantex, "The exchange of information has been our

  4. Waste Information Management System-2012 - 12114

    SciTech Connect (OSTI)

    Upadhyay, H.; Quintero, W.; Shoffner, P.; Lagos, L.; Roelant, D.

    2012-07-01

    The Waste Information Management System (WIMS) -2012 was updated to support the Department of Energy (DOE) accelerated cleanup program. The schedule compression required close coordination and a comprehensive review and prioritization of the barriers that impeded treatment and disposition of the waste streams at each site. Many issues related to waste treatment and disposal were potential critical path issues under the accelerated schedule. In order to facilitate accelerated cleanup initiatives, waste managers at DOE field sites and at DOE Headquarters in Washington, D.C., needed timely waste forecast and transportation information regarding the volumes and types of radioactive waste that would be generated by DOE sites over the next 40 years. Each local DOE site historically collected, organized, and displayed waste forecast information in separate and unique systems. In order for interested parties to understand and view the complete DOE complex-wide picture, the radioactive waste and shipment information of each DOE site needed to be entered into a common application. The WIMS application was therefore created to serve as a common application to improve stakeholder comprehension and improve DOE radioactive waste treatment and disposal planning and scheduling. WIMS allows identification of total forecasted waste volumes, material classes, disposition sites, choke points, technological or regulatory barriers to treatment and disposal, along with forecasted waste transportation information by rail, truck and inter-modal shipments. The Applied Research Center (ARC) at Florida International University (FIU) in Miami, Florida, developed and deployed the web-based forecast and transportation system and is responsible for updating the radioactive waste forecast and transportation data on a regular basis to ensure the long-term viability and value of this system. WIMS continues to successfully accomplish the goals and objectives set forth by DOE for this project. It has

  5. Radiation Exposure Monitoring and Information Transmittal System.

    Energy Science and Technology Software Center (OSTI)

    2005-06-23

    Version 01 The Radiation Exposure Monitoring and Information Transmittal (REMIT) system is designed to assist U.S. Nuclear Regulatory Commission (NRC) licensees in meeting the reporting requirements of the Revised 10 CFR Parts 20.1001 through 20.2401 as outlined in Regulatory Guide 8.7, Rev.1, Instructions for Recording and Reporting Occupational Exposure Data. REMIT is a PC‚ÄĎbased menu driven system that facilitates the manipulation of data base files to record and report radiation exposure information. REMIT is designedmore¬†¬Ľ to be user‚ÄĎfriendly and contains the full text of Regulatory Guide 8.7, Rev.1, on‚ÄĎline as well as context‚ÄĎsensitive help throughout the program. The user can enter data directly from NRC Forms 4 or 5. REMIT allows the user to view the individual's exposure in relation to regulatory or administrative limits and will alert the user to exposures in excess of these limits. The system also provides for the calculation and summation of dose from intakes and the determination of the dose to the maximally exposed extremity for the monitoring year. REMIT can produce NRC Forms 4 and 5 in paper and electronic format and can import/export data from ASCII and data base files. Additional information is available from the web page www.reirs.com.¬ę¬†less

  6. Advanced Information Systems Laboratory Crypto Library

    Energy Science and Technology Software Center (OSTI)

    2012-09-12

    AISL-CRYPTO is a library of cryptography functions supporting other AISL software. It provides various crypto functions for Common Lisp, including Digital Signature Algorithm, Data Encryption Standard, Secure Hash Algorithm, and public-key cryptography.

  7. Personnel Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-07-27

    The Order establishes requirements for a successful, efficient and cost-effective personnel security program to ensure accurate, timely and equitable determinations of individualsí eligibility for access to classified information and fitness for placement or retention in national security positions. Cancels DOE M 470.4-5, DOE N 470.4 and DOE N 470.5. Admin Chg 1, 10-8-13.

  8. Recommendation 171: Commendation for Waste Information Management System

    Office of Energy Efficiency and Renewable Energy (EERE)

    The ORSSAB commends DOE and Florida International University for development of the Waste Information Management System.

  9. MOX Services Unclassified Information System PIA, National Nuclear Services

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Administration | Department of Energy MOX Services Unclassified Information System PIA, National Nuclear Services Administration MOX Services Unclassified Information System PIA, National Nuclear Services Administration MOX Services Unclassified Information System PIA, National Nuclear Services Administration MOX Services Unclassified Information System PIA, National Nuclear Services Administration (378.48 KB) More Documents & Publications TRAIN-PIA.pdf Occupational Medicine - Assistant

  10. National Security Education Center

    SciTech Connect (OSTI)

    Hurd, Alan J.

    2015-04-22

    Information about the National Security Education Center is given. Information about the Center’s history and current practices, including its facilities and its practicality are outlined.

  11. Information processing systems, reasoning modules, and reasoning system design methods

    DOE Patents [OSTI]

    Hohimer, Ryan E.; Greitzer, Frank L.; Hampton, Shawn D.

    2015-08-18

    Information processing systems, reasoning modules, and reasoning system design methods are described. According to one aspect, an information processing system includes working memory comprising a semantic graph which comprises a plurality of abstractions, wherein the abstractions individually include an individual which is defined according to an ontology and a reasoning system comprising a plurality of reasoning modules which are configured to process different abstractions of the semantic graph, wherein a first of the reasoning modules is configured to process a plurality of abstractions which include individuals of a first classification type of the ontology and a second of the reasoning modules is configured to process a plurality of abstractions which include individuals of a second classification type of the ontology, wherein the first and second classification types are different.

  12. Information processing systems, reasoning modules, and reasoning system design methods

    DOE Patents [OSTI]

    Hohimer, Ryan E; Greitzer, Frank L; Hampton, Shawn D

    2014-03-04

    Information processing systems, reasoning modules, and reasoning system design methods are described. According to one aspect, an information processing system includes working memory comprising a semantic graph which comprises a plurality of abstractions, wherein the abstractions individually include an individual which is defined according to an ontology and a reasoning system comprising a plurality of reasoning modules which are configured to process different abstractions of the semantic graph, wherein a first of the reasoning modules is configured to process a plurality of abstractions which include individuals of a first classification type of the ontology and a second of the reasoning modules is configured to process a plurality of abstractions which include individuals of a second classification type of the ontology, wherein the first and second classification types are different.

  13. Building Energy Information Systems: User Case Studies

    SciTech Connect (OSTI)

    Granderson, Jessica; Piette, Mary Ann; Ghatikar, Girish

    2010-03-22

    Measured energy performance data are essential to national efforts to improve building efficiency, as evidenced in recent benchmarking mandates, and in a growing body of work that indicates the value of permanent monitoring and energy information feedback. This paper presents case studies of energy information systems (EIS) at four enterprises and university campuses, focusing on the attained energy savings, and successes and challenges in technology use and integration. EIS are broadly defined as performance monitoring software, data acquisition hardware, and communication systems to store, analyze and display building energy information. Case investigations showed that the most common energy savings and instances of waste concerned scheduling errors, measurement and verification, and inefficient operations. Data quality is critical to effective EIS use, and is most challenging at the subsystem or component level, and with non-electric energy sources. Sophisticated prediction algorithms may not be well understood but can be applied quite effectively, and sites with custom benchmark models or metrics are more likely to perform analyses external to the EIS. Finally, resources and staffing were identified as a universal challenge, indicating a need to identify additional models of EIS use that extend beyond exclusive in-house use, to analysis services.

  14. Security Policy, Guidance & Reports

    Broader source: Energy.gov [DOE]

    The Office of Headquarters Security Operations strengthens national security by protecting personnel, facilities, property, classified information, and sensitive unclassified information for DOE Headquarters facilities in the National Capital Area under normal and abnormal (i.e., emergency) conditions; managing access authorization functions for Headquarters; ensuring that executives and dignitaries are fully protected, and supporting efforts to ensure the continuity of government in all circumstances as mandated by Presidential Decision Directive. The Office is responsible for the principal personnel security information processing activities of the Department and personnel security administrative review process. The Office of Headquarters Security Operations provides oversight and direction support to all Headquarters security operations to include physical protection, information security, personnel security, and guidance to the Headquarters Security Officers (HSO).

  15. System requirements specification for waste information and control system

    SciTech Connect (OSTI)

    Harris, R.R.

    1994-09-01

    This document defines the requirements for the Waste Information and Control System (WICS). The document defines the functions, constraints, and objectives that pertain to WICS. This shall serve as the baseline document to ensure the needs of the Hazardous Material Control group (HMC) at 222-S Laboratory are met with regard to assurance of accuracy and quality of data taken with WICS.

  16. Secure Cryptographic Key Management System (CKMS) Considerations for Smart Grid Devices

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Aldridge, Hal; Duren, Mike; Ricci, Tracy; Bertino, Elisa; Kulatunga, Athula; Navaratne, Uditha Sudheera

    2011-01-01

    In this paper, we examine some unique challenges associated with key management in the Smart Grid and concomitant research initiatives: 1) effectively model security requirements and their implementations, and 2) manage keys and key distribution for very large scale deployments such as Smart Meters over a long period of performance. This will set the stage to: 3) develop innovative, low cost methods to protect keying material, and 4) provide high assurance authentication services. We will present our perspective on key management and will discuss some key issues within the life cycle of a cryptographic key designed to achieve the following: 1) control systems designed, installed, operated, and maintained to survive an intentional cyber assault with no loss of critical function, and 2) widespread implementation of methods for secure communication between remote access devices and control centers that are scalable and cost-effective to deploy.

  17. International Nuclear Security | National Nuclear Security Administration |

    National Nuclear Security Administration (NNSA)

    (NNSA) International Nuclear Security The International Nuclear Security program collaborates with partners world-wide to improve the security of proliferation-sensitive materials, particularly weapons-usable nuclear material in both civilian and non-civilian use in key countries. As part of these efforts, INS works with partner countries to: Upgrade and sustain physical security and material control and accounting systems; Develop national-level nuclear security infrastructure in areas such

  18. Waste Isolation Pilot Plant Transportation Security

    Office of Environmental Management (EM)

    WIPP Transportation Security Gregory M. Sahd Security Manager Carlsbad Field Office U.S. Department of Energy Contact Information Gregory M. Sahd Security Operations Carlsbad Field Office * U.S. Department of Energy 575.234.8117 * Greg.Sahd@wipp.ws WIPP Transportation "...The (WIPP transportation) system is safer than that employed for any other hazardous material in the U.S...." - National Academy of Sciences, WIPP Panel Hanford Idaho National Engineering and Environmental Laboratory

  19. Secure Manufacturing | Y-12 National Security Complex

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Secure Manufacturing Secure Manufacturing The depth and breadth of Y-12's manufacturing capabilities and expertise enable Y-12 to address current and emerging national security challenges by providing leadership and direction to perform the following activities: solving unique, high-risk manufacturing problems; eliminating the most difficult manufacturability and development obstacles; protecting classified and proprietary materials, components, and information; developing unique technologies to

  20. Roadmap to Secure Control Systems in the Energy Sector 2006- Presentation to the 2008 ieRoadmap Workshop

    Broader source: Energy.gov [DOE]

    Presentation by Hank Kenchington on the 2006 roadmap to secure control systems in the energy sector at the ieRoadmap Workshop in Chicago, May 28-29, 2008.  

  1. Lawrence Livermore National Laboratory Safeguards and Security quarterly progress report ending March 31, 1996

    SciTech Connect (OSTI)

    Davis, B.; Davis, G.; Johnson, D.; Mansur, D.L.; Ruhter, W.D.; Strait, R.S.

    1996-04-01

    LLNL carries out safeguards and security activities for DOE Office of Safeguards and Security (OSS) and other organizations within and outside DOE. LLNL is supporting OSS in 6 areas: safeguards technology, safeguards and materials accountability, computer security--distributed systems, complex-wide access control, standardization of security systems, and information technology and security center. This report describes the activities in each of these areas.

  2. Energy Procurement Information Center (EPiC) - Deb Bouslog, Systems...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Procurement Information Center (EPiC) - Deb Bouslog, Systems Division, OAPM Energy Procurement ... dedicated to provide information to DOE's project management community. ...

  3. What is the Freedom of Information Act (FOIA)? | National Nuclear Security

    National Nuclear Security Administration (NNSA)

    Administration | (NNSA) What is the Freedom of Information Act (FOIA)? The FOIA, Title 5, United States Code, Section 552, was signed into law on July 4, 1966, by President Lyndon Johnson. Since then, the FOIA has been amended in 1974, 1986, and, most recently, with the enactment of the Electronic Freedom of Information Act Amendments of 1996 (E-FOIA). The U. S. Department of Energy (DOE) implements the FOIA pursuant to regulation in 10 Code of Federal Regulations, Part 1004 (10 CFR, Part

  4. Security Conditions

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-07-08

    This Notice ensures that DOE uniformly meets the requirements of the Homeland Security Advisory System outlined in Homeland Security Presidential Directive-3, Threat Conditions and Associated Protective Measures, dated 3-11-02, and provides responses specified in Presidential Decision Directive 39, U.S. Policy on Counterterrorism (U), dated 6-21-95. It cancels DOE N 473.8, Security Conditions, dated 8-7-02. Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels DOE N 473.8

  5. T-642: RSA SecurID update to Customers

    Broader source: Energy.gov [DOE]

    RSA investigation has revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is related to RSA's SecurID two-factor authentication products

  6. System-area operating margin assessment and security enhancement against voltage collapse

    SciTech Connect (OSTI)

    Berizzi, A.; Bresesti, P.; Marannino, P.; Granelli, G.P.; Montagna, M.

    1996-08-01

    The (very) short term reactive power scheduling function, to be adopted by ENEL Spa, takes into account the voltage stability requirements in a preventive application of the security function. In this environment the procedure determines the voltage collapse distance of the global system and of the areas controlled by the Secondary Voltage Regulation (SVR) both in short (24 hours ahead) and in a very short term (few hours or fractions of hour ahead). The procedure also schedules the control actions to be taken in emergency states in a preventive way. Area or system-wise indicators, based on nodal sensitivities and/or eigen (singular) value analysis, provide effective measures of the margins of the system with respect to the risk of voltage collapse and the related corrective actions. Applications of the procedure to the EHV network and to a subtransmission area of the ENEL system are presented in the paper.

  7. Renovated Korean nuclear safety and security system: A review and suggestions to successful settlement

    SciTech Connect (OSTI)

    Chung, W. S.; Yun, S. W.; Lee, D. S.; Go, D. Y.

    2012-07-01

    Questions of whether past nuclear regulatory body of Korea is not a proper system to monitor and check the country's nuclear energy policy and utilization have been raised. Moreover, a feeling of insecurity regarding nuclear safety after the nuclear accident in Japan has spread across the public. This has stimulated a renovation of the nuclear safety regime in Korea. The Nuclear Safety and Security Commission (NSSC) was launched on October 26, 2011 as a regulatory body directly under the President in charge of strengthening independence and nuclear safety. This was a meaningful event as the NSSC it is a much more independent regulatory system for Korea. However, the NSSC itself does not guarantee an enhanced public acceptance of the nuclear policy and stable use nuclear energy. This study introduces the new NSSC system and its details in terms of organization structure, appropriateness of specialty, budget stability, and management system. (authors)

  8. Open Energy Information Systems - 2013 Peer Review | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Open Energy Information Systems - 2013 Peer Review Open Energy Information Systems - 2013 Peer Review Emerging Technologies Project for the 2013 Building Technologies Office's Program Peer Review emrgtech04_granderson_040213.pdf (907.44 KB) More Documents & Publications Open Energy Information Systems (OpenEIS) - 2014 Peer Review Buildings Performance Database - 2013 BTO Peer Review Energy Management Systems Package for Small Commercial Buildings

  9. Object-oriented Geographic Information System Framework

    Energy Science and Technology Software Center (OSTI)

    2003-03-01

    JeoViewer is an intelligent object-oriented geographic information system (GIS) framework written in Java that provides transparent linkage to any object¬ís data, behaviors, and optimized spatial geometry representation. Tools are provided for typical GIS functionality, data ingestion, data export, and integration with other frameworks. The primary difference between Jeo Viewer and traditional GIS systems is that traditional GIS systems offer static views of geo-spatial data while JeoViewer can be dynamically coupled to models and live datamore¬†¬Ľ streams which dynamically change the state of the object which can be immediately represented in JeoViewer. Additionally, JeoViewer¬ís object-oriented paradigm provides a more natural representation of spatial data. A rich layer hierarchy allows arbitrary grouping of objects based on any relationship as well as the traditional GIS vertical ordering of objects. JeoViewer can run as a standalone product, extended with additional analysis functionality, or embedded in another framework.¬ę¬†less

  10. Infrastructure Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    to enhance the nation's security and prosperity through sustainable, transformative approaches to our most challenging energy, climate, and infrastructure problems. vision the capability set needed to address safe and secure management of these radioactive materials includes a broad set of engineering and scientific disciplines such as physics; nuclear, mechanical, civil, and systems engineering; and chemistry. In addition, Sandia has a tool set that enhances the ability to perform high level

  11. Office of Security Policy

    Office of Energy Efficiency and Renewable Energy (EERE)

    The Office of Security Policy is the central source within the Department of Energy for the development and analysis of safeguards and security policies and standards affecting facilities, nuclear materials, personnel, and classified information.

  12. IT | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    IT NNSA Demonstrates its Commitment to Small Business The National Nuclear Security Administration (NNSA) recently selected three small businesses for its new Information Technology (IT) Infrastructure and Cyber Security Support Blanket Purchase Agreement. The contract covers a wide spectrum of IT and Cyber Security support for NNSA's Office of... Information Security Information security deals with requirements for the protection and control of information and matter required to be classified

  13. Cyber security analysis testbed : combining real, emulation, and simulation.

    SciTech Connect (OSTI)

    Villamarin, Charles H.; Eldridge, John M.; Van Leeuwen, Brian P.; Urias, Vincent E.

    2010-07-01

    Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems of computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed novel methods to combine these evaluation platforms into a hybrid testbed that combines real, emulated, and simulated components. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a system of interest, it is critical to realistically represent the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single, unified computing platform. This provides an 'experiment-in-a-box' capability. The result is rapidly-produced, large-scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

  14. Site Information--Updates 2-3-15 | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    | (NNSA) Site Information--Updates 2-3-15 KCFO ES&H Surveillance Plan NSC Emergency Plan (Available through request to SEB4@nnsa.doe.gov) Bannister Federal Complex Emergency Plan (Available through request to SEB4@nnsa.doe.gov) NSC Spill Control Plan KCP Annual Site Environmental Study KCP Final Environmental Assessment KCP Environmental Assessment FONSI EPA Hazardous and Solid Waste Amendments Permit Kansas City MO Wastewater Discharge Permit for KCP Air Pollution Control Program New

  15. Value Added Energy Information Systems VAEIS | Open Energy Information

    Open Energy Info (EERE)

    Solar, Wind energy Product: Provides turn-key monitoring systems for the performance of solar, wind, fuel cell and other distributed generation installations. Coordinates:...

  16. Personnel Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-07-21

    The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individualsí eligibility for access to classified information and Special Nuclear Material (SNM). Admin Chg 1, 10-8-13.

  17. OLADE-Geo-Information System Referenced Renewable Energy | Open...

    Open Energy Info (EERE)

    Website Website: www.hidroinformatica.orgsigerhomeesindex.html Cost: Free Language: Spanish; Castilian OLADE-Geo-Information System Referenced Renewable Energy...

  18. Geographic Information System At Lightning Dock Geothermal Area...

    Open Energy Info (EERE)

    navigation, search GEOTHERMAL ENERGYGeothermal Home Exploration Activity: Geographic Information System At Lightning Dock Geothermal Area (Getman, 2014) Exploration Activity...

  19. Geographic Information System (Nash, Et Al., 2002) | Open Energy...

    Open Energy Info (EERE)

    search GEOTHERMAL ENERGYGeothermal Home Exploration Activity: Geographic Information System (Nash, Et Al., 2002) Exploration Activity Details Location Unspecified Exploration...

  20. W.E.T. Automotive Systems | Open Energy Information

    Open Energy Info (EERE)

    E.T. Automotive Systems Jump to: navigation, search Name: W.E.T. Automotive Systems Place: Odelzhausen, Germany Information About Partnership with NREL Partnership with NREL Yes...

  1. Montana Ground Water Pollution Control System Information Webpage...

    Open Energy Info (EERE)

    Ground Water Pollution Control System Information Webpage Jump to: navigation, search OpenEI Reference LibraryAdd to library Web Site: Montana Ground Water Pollution Control System...

  2. Method and system of integrating information from multiple sources

    DOE Patents [OSTI]

    Alford, Francine A.; Brinkerhoff, David L.

    2006-08-15

    A system and method of integrating information from multiple sources in a document centric application system. A plurality of application systems are connected through an object request broker to a central repository. The information may then be posted on a webpage. An example of an implementation of the method and system is an online procurement system.

  3. Challenges in Securing the Interface Between the Cloud and Pervasive Systems

    SciTech Connect (OSTI)

    Lagesse, Brent J

    2011-01-01

    Cloud computing presents an opportunity for pervasive systems to leverage computational and storage resources to accomplish tasks that would not normally be possible on such resource-constrained devices. Cloud computing can enable hardware designers to build lighter systems that last longer and are more mobile. Despite the advantages cloud computing offers to the designers of pervasive systems, there are some limitations of leveraging cloud computing that must be addressed. We take the position that cloud-based pervasive system must be secured holistically and discuss ways this might be accomplished. In this paper, we discuss a pervasive system utilizing cloud computing resources and issues that must be addressed in such a system. In this system, the user's mobile device cannot always have network access to leverage resources from the cloud, so it must make intelligent decisions about what data should be stored locally and what processes should be run locally. As a result of these decisions, the user becomes vulnerable to attacks while interfacing with the pervasive system.

  4. 3D Imaging with Structured Illumination for Advanced Security Applications

    SciTech Connect (OSTI)

    Birch, Gabriel Carisle; Dagel, Amber Lynn; Kast, Brian A.; Smith, Collin S.

    2015-09-01

    Three-dimensional (3D) information in a physical security system is a highly useful dis- criminator. The two-dimensional data from an imaging systems fails to provide target dis- tance and three-dimensional motion vector, which can be used to reduce nuisance alarm rates and increase system effectiveness. However, 3D imaging devices designed primarily for use in physical security systems are uncommon. This report discusses an architecture favorable to physical security systems; an inexpensive snapshot 3D imaging system utilizing a simple illumination system. The method of acquiring 3D data, tests to understand illumination de- sign, and software modifications possible to maximize information gathering capability are discussed.

  5. PIA - Industrial Hygiene Analytical System (IHAS) | Department...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    PIA - INL SECURITY INFORMATION MANAGEMENT SYSTEM BUSINESS ENCLAVE PIA - INL PeopleSoft - Human Resource System PIA - Human Resources - Personal Information Change Request - Idaho ...

  6. Security's (DHS) Domestic Nuclear

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    and mobile detection systems), and the ... Homeland Security Technology Program. "With its remote location, highly ... Infrastructure Resilience Conference and Expo. ...

  7. Security Notice | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Security Notice This computer system is operated on a U.S. Federal Government network (unclassified information only). This system is for the use of authorized users only. Unauthorized access is prohibited and makes you liable to civil and criminal penalties. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities monitored and recorded by system personnel. In the course of monitoring individuals improperly using

  8. Communications and control for electric power systems: Power flow classification for static security assessment

    SciTech Connect (OSTI)

    Niebur, D.; Germond, A.

    1993-02-01

    This report investigates the classification of power system states using an artificial neural network model, Kohonen's self-organizing feature map. The ultimate goal of this classification is to assess power system static security in real-time. Kohonen's self-organizing feature map is an unsupervised neural network which maps N-dimensional input vectors to an array of M neurons. After learning, the synaptic weight vectors exhibit a topological organization which represents the relationship between the vectors of the training set. This learning is unsupervised, which means that the number and size of the classes are not specified beforehand. In the application developed in the paper, the input vectors used as the training set are generated by off-line load-flow simulations. The learning algorithm and the results of the organization are discussed.

  9. Communications and control for electric power systems: Power flow classification for static security assessment

    SciTech Connect (OSTI)

    Niebur, D.; Germond, A.

    1993-02-01

    This report investigates the classification of power system states using an artificial neural network model, Kohonen`s self-organizing feature map. The ultimate goal of this classification is to assess power system static security in real-time. Kohonen`s self-organizing feature map is an unsupervised neural network which maps N-dimensional input vectors to an array of M neurons. After learning, the synaptic weight vectors exhibit a topological organization which represents the relationship between the vectors of the training set. This learning is unsupervised, which means that the number and size of the classes are not specified beforehand. In the application developed in the paper, the input vectors used as the training set are generated by off-line load-flow simulations. The learning algorithm and the results of the organization are discussed.

  10. Security Enforcement Reporting Criteria | Department of Energy

    Office of Environmental Management (EM)

    Mandatory Security Incident Reporting This document provides information and criteria for reporting classified information security incidents and noncompliances to the Department ...

  11. System for gathering and summarizing internet information

    DOE Patents [OSTI]

    Potok, Thomas E.; Elmore, Mark Thomas; Reed, Joel Wesley; Treadwell, Jim N.; Samatova, Nagiza Faridovna

    2006-07-04

    A computer method of gathering and summarizing large amounts of information comprises collecting information from a plurality of information sources (14, 51) according to respective maps (52) of the information sources (14), converting the collected information from a storage format to XML-language documents (26, 53) and storing the XML-language documents in a storage medium, searching for documents (55) according to a search query (13) having at least one term and identifying the documents (26) found in the search, and displaying the documents as nodes (33) of a tree structure (32) having links (34) and nodes (33) so as to indicate similarity of the documents to each other.

  12. Orion Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    Systems Jump to: navigation, search Name: Orion Energy Systems Place: Plymouth, Wisconsin Zip: 53073 Product: Designs and manufactures application specific lighting systems and...

  13. Gas Recovery Systems | Open Energy Information

    Open Energy Info (EERE)

    Systems Jump to: navigation, search Name: Gas Recovery Systems Place: California Zip: 94550 Product: Turnkey landfill gas (LFG) energy extraction systems. References: Gas Recovery...

  14. Energy Conservation Systems Inc | Open Energy Information

    Open Energy Info (EERE)

    Systems Inc Jump to: navigation, search Name: Energy Conservation Systems Inc Place: Prostpect, Kentucky Zip: 40059 Product: Smart solutionspower control system provider...

  15. Biodiesel Systems LLC | Open Energy Information

    Open Energy Info (EERE)

    Systems LLC Jump to: navigation, search Name: Biodiesel Systems, LLC Place: Madison, Wisconsin Zip: WI 53704 Product: The core business of Biodiesel Systems is plan, design,...

  16. Wind to Power Systems | Open Energy Information

    Open Energy Info (EERE)

    Power Systems Jump to: navigation, search Name: Wind to Power Systems Place: Madrid, Spain Zip: 28108 Sector: Wind energy Product: Wind to Power Systems designs, supplies and...

  17. Koyo Thermo Systems | Open Energy Information

    Open Energy Info (EERE)

    Koyo Thermo Systems Jump to: navigation, search Name: Koyo Thermo Systems Place: Nara, Japan Zip: 632-0084 Product: Koyo Thermo Systems is a Japanese crystalline silicon...

  18. Trinity Thermal Systems | Open Energy Information

    Open Energy Info (EERE)

    Systems Place: Texas Zip: 75028 Product: Trinity Thermal Systems provides power storage products aimed a shifting energy use from air conditioning systems to off-peak times....

  19. Mirasol Solar Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    Mirasol Solar Energy Systems Jump to: navigation, search Logo: Mirasol Solar Energy Systems Name: Mirasol Solar Energy Systems Address: 101 Spring Road NE Place: Rio Rancho, New...

  20. Expert Solar Systems | Open Energy Information

    Open Energy Info (EERE)

    Solar Systems Jump to: navigation, search Logo: Expert Solar Systems Name: Expert Solar Systems Address: 11700 E. Sneller Vista Place: Tucson, Arizona Zip: 85749 Sector: Solar...

  1. Landfill Energy Systems LES | Open Energy Information

    Open Energy Info (EERE)

    Energy Systems LES Jump to: navigation, search Name: Landfill Energy Systems (LES) Place: Michigan Zip: 48393 Product: Landfill gas to energy systems project developer, gas...

  2. Aperion Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    system controls, and fuel options with various stack technologies to supply optimized fuel cell systems. References: Aperion Energy Systems1 This article is a stub. You can...

  3. Ambient Control Systems | Open Energy Information

    Open Energy Info (EERE)

    Control Systems Jump to: navigation, search Logo: Ambient Control Systems Name: Ambient Control Systems Address: 1810 Gillespie Way Place: El Cajon, California Zip: 92020 Region:...

  4. Blind Geothermal System | Open Energy Information

    Open Energy Info (EERE)

    Blind Geothermal System Jump to: navigation, search GEOTHERMAL ENERGYGeothermal Home Print PDF Blind Geothermal System Dictionary.png Blind Geothermal System: An area with a...

  5. Bio Fuel Systems BFS | Open Energy Information

    Open Energy Info (EERE)

    Fuel Systems BFS Jump to: navigation, search Name: Bio Fuel Systems (BFS) Place: Alicante, Spain Sector: Biomass Product: Bio Fuel Systems focuses on the development of biofuel...

  6. BPD Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security BPD Security Information related to the Building Performance Database (BPD) security and software controls. Building Performance Database (BPD) Security (140.29 KB) More Documents & Publications Buildings Performance Database - 2013 BTO Peer Review BPD Webinar: Analyze Building Energy Data, Understand Market Trends, Inform Decisions Buildings Performance Database (BPD) - 2014

  7. TWRS information locator database system administrator`s manual

    SciTech Connect (OSTI)

    Knutson, B.J., Westinghouse Hanford

    1996-09-13

    This document is a guide for use by the Tank Waste Remediation System (TWRS) Information Locator Database (ILD) System Administrator. The TWRS ILD System is an inventory of information used in the TWRS Systems Engineering process to represent the TWRS Technical Baseline. The inventory is maintained in the form of a relational database developed in Paradox 4.5.

  8. Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

    2005-12-01

    Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

  9. Lemnos Interoperable Security Program

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lemnos Interoperable Security Program Creating common language and metrics for describing functions of network security tools and testing for interoperability As energy control systems employ more Internet-based features and routable communication methods, the need grows for enhanced security functions, such as frewalls, virtual private networks (VPNs), and intrusion detection systems. When purchasing network security products, today's control systems users cannot adequately compare products

  10. Decontamination Systems Information and Reseach Program

    SciTech Connect (OSTI)

    Echol E. Cook

    1998-04-01

    The following paragraphs comprise the research efforts during the first quarter of 1998 (January 1 - March 31). These tasks have been granted a continuation from the 1997 work and will all end in June 1998. This report represents the last technical quarterly report deliverable for the WVU Cooperative Agreement - Decontamination Systems Information and Research Program. Final reports for all of the 1997 projects will be submitted afterwards as one document. During this period, groundwater extraction operations were completed on Task 1.6 - Pilot Scale Demonstration of TCE Flushing Through PVDs at the DOE/RMI Extrusion Plant. The data have been evaluated and graphs are presented. The plot of TCE Concentration versus Time shows that the up-gradient groundwater monitoring well produced consistent levels of TCE contamination. A similar trend was observed for the down-gradient wells via grab samples tested. Groundwater samples from the PVD test pad Zone of Influence showed consistent reductions in TCE concentrations with respect to time. In addition, a natural pulse frequency is evident which will have a significant impact on the efficiency of the contaminant removal under natural groundwater advection/diffusion processes. The relationships between the PVD Extraction Flow Rate versus Cumulative Time shows a clear trend in flow rate. Consistent values between 20 to 30 g.p.m. at the beginning of the extraction duration, to less than 10 g.p.m. by the end of the extraction cycle are observed. As evidenced by the aquiferÔŅĹs diminishing recharge levels, the PVD extraction is affecting the response of the aquiferÔŅĹs natural attenuation capability. Progress was also marked on the Injection and Circulation of Potable Water Through PVDs task. Data reduction from this sequence of testing is ongoing. Work planned for next quarter includes completing the Injection / Extraction of potable water task and beginning the Surfactant Injection and removal task.

  11. Cyber Security Architecture Guidelines

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-03-08

    This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

  12. InPower Systems | Open Energy Information

    Open Energy Info (EERE)

    Name: InPower Systems Place: Carbondale, Colorado Zip: 81623 Sector: Geothermal energy, Solar Product: InPower Systems designs, installs and maintains turn-key solar, solar...

  13. Solimpeks Solar Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    Solimpeks Solar Energy Systems Jump to: navigation, search Name: Solimpeks Solar Energy Systems Place: Karatay - KONYA, Turkey Zip: 42300 Sector: Solar Product: Turkish...

  14. Rand Solar Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    Rand Solar Energy Systems Jump to: navigation, search Name: Rand Solar Energy Systems Place: Petach Tikva, Israel Zip: 49130 Sector: Solar Product: Israel-based manufacturer and...

  15. Hydraulic Hybrid Systems | Open Energy Information

    Open Energy Info (EERE)

    Hydraulic Hybrid Systems Retrieved from "http:en.openei.orgwindex.php?titleHydraulicHybridSystems&oldid768560" Categories: Organizations Companies Energy...

  16. Advanced Fuel Cell Systems | Open Energy Information

    Open Energy Info (EERE)

    Fuel Cell Systems Jump to: navigation, search Name: Advanced Fuel Cell Systems Place: Amherst, New York Zip: 14228 Product: Collaboration of three companies (ATSI Engineering,...

  17. Kawasaki Plant Systems Ltd | Open Energy Information

    Open Energy Info (EERE)

    Systems Ltd Jump to: navigation, search Name: Kawasaki Plant Systems Ltd Place: Kobe, Japan Zip: 650-8670 Sector: Biomass, Services, Solar Product: Engineers, manufactures, and...

  18. Alstom Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    Alstom Energy Systems Jump to: navigation, search Name: Alstom Energy Systems Address: 3 avenue Andr Malraux Place: Levallois-Perret Cedex, France Website: www.alstom.com...

  19. Saft Power Systems | Open Energy Information

    Open Energy Info (EERE)

    and systems, servicing the telecom and coal industries; in particular, manufacturers inverters and balance of systems for solar industry. Coordinates: 48.88811, 2.194915 Show...

  20. WebGen Systems | Open Energy Information

    Open Energy Info (EERE)

    search Logo: WebGen Systems Name: WebGen Systems Address: 41 Linksey Way Place: Cambridge, Massachusetts Zip: 02142 Region: Greater Boston Area Sector: Efficiency Product:...

  1. Promethean Power Systems | Open Energy Information

    Open Energy Info (EERE)

    Power Systems Jump to: navigation, search Name: Promethean Power Systems Place: Cambridge, Massachusetts Zip: 2138 Product: US-based developer of a solar-powered...

  2. Distributed Energy Systems Corp | Open Energy Information

    Open Energy Info (EERE)

    Distributed Energy Systems Corp Jump to: navigation, search Name: Distributed Energy Systems Corp Place: Wallingford, Connecticut Zip: CT 06492 Product: The former holding company...

  3. Corporate Systems Engineering | Open Energy Information

    Open Energy Info (EERE)

    Systems Engineering Jump to: navigation, search Name: Corporate Systems Engineering Place: Indianapolis, Indiana Product: Indiana-based energy management company. Coordinates:...

  4. Optimal Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    Energy Systems Place: Torrance, California Zip: 90505 Product: Manufacturer of flywheel power system, specialising in aerospace and defence sector. Coordinates: 40.417285,...

  5. Naps Systems Oy | Open Energy Information

    Open Energy Info (EERE)

    Naps Systems Oy Jump to: navigation, search Name: Naps Systems Oy Place: Vantaa, Finland Zip: 1510 Sector: Solar Product: Naps provides solar electricity solutions that range from...

  6. Flywheel Energy Systems Inc | Open Energy Information

    Open Energy Info (EERE)

    K2H 8S1 Product: Focuses on design, fabrication, assembling and distributing flywheel energy storage systems and related components. References: Flywheel Energy Systems Inc1...

  7. Biomass Combustion Systems Inc | Open Energy Information

    Open Energy Info (EERE)

    Biomass Combustion Systems Inc Retrieved from "http:en.openei.orgwindex.php?titleBiomassCombustionSystemsInc&oldid768602" Feedback Contact needs updating Image...

  8. Husk Power Systems | Open Energy Information

    Open Energy Info (EERE)

    Power Systems Jump to: navigation, search Name: Husk Power Systems Place: Patna, Bihar, India Zip: 800023 Sector: Biomass Product: India-based developer of mini biomass plants....

  9. Greasecar Vegetable Fuel Systems | Open Energy Information

    Open Energy Info (EERE)

    Greasecar Vegetable Fuel Systems Jump to: navigation, search Name: Greasecar Vegetable Fuel Systems Place: Florence, Massachusetts Zip: 1062 Product: Manufacturer of vegetable fuel...

  10. Renewable Power Systems | Open Energy Information

    Open Energy Info (EERE)

    Renewable Power Systems Place: Bedford, England, United Kingdom Zip: MK42 9TW Sector: Renewable Energy Product: Bedford, UK based developer of renewable power systems. References:...

  11. West Point Utility System | Open Energy Information

    Open Energy Info (EERE)

    Utility System Jump to: navigation, search Name: West Point Utility System Place: Iowa Phone Number: (319) 837-6313 Website: www.westpointiowa.comwp-utili Facebook: https:...

  12. Directional Drilling Systems | Open Energy Information

    Open Energy Info (EERE)

    Directional Drilling Systems Jump to: navigation, search Geothermal ARRA Funded Projects for Directional Drilling Systems Loading map... "format":"googlemaps3","type":"ROADMAP","t...

  13. Nighthawk Systems Inc | Open Energy Information

    Open Energy Info (EERE)

    Nighthawk Systems Inc Jump to: navigation, search Name: Nighthawk Systems Inc Place: San Antonio, Texas Zip: 78216 Product: Texas-based, provider of intelligent wireless power...

  14. American Alternative Energy Systems | Open Energy Information

    Open Energy Info (EERE)

    Alternative Energy Systems Jump to: navigation, search Name: American Alternative Energy Systems Place: Denton, Texas Zip: 76209 Product: An American company involved in project...

  15. Green Design Systems | Open Energy Information

    Open Energy Info (EERE)

    Systems Jump to: navigation, search Name: Green Design Systems Address: PO Box 1229 Place: Healdsburg, California Zip: 95448 Region: Bay Area Sector: Buildings Product: Refuse...

  16. Green Systems UK | Open Energy Information

    Open Energy Info (EERE)

    Systems UK Jump to: navigation, search Name: Green Systems UK Place: Cambridge, United Kingdom Sector: Solar Product: Design and installation of vacuum tube & flat plate solar hot...

  17. Enova Systems Inc | Open Energy Information

    Open Energy Info (EERE)

    search Name: Enova Systems Inc Place: Torrance, California Zip: CA 90502 Product: Enova Systems develops and manufactures power management and power conversion products with a...

  18. California Wind Systems | Open Energy Information

    Open Energy Info (EERE)

    Systems Jump to: navigation, search Name: California Wind Systems Address: 3411 Camino Corte Place: Carlsbad, California Zip: 92008 Region: Southern CA Area Sector: Wind energy...

  19. Invensys Building System | Open Energy Information

    Open Energy Info (EERE)

    Zip: 61132 Product: Invensys was a supplier of integrated systems for building automation, and is now merged with TAC. References: Invensys Building System1 This article is...

  20. Tahoe Water Systems | Open Energy Information

    Open Energy Info (EERE)

    Tahoe Water Systems Jump to: navigation, search Name: Tahoe Water Systems Sector: Solar, Wind energy Product: Develops a self-contained solarwind based water pumping technology....