Sample records for key cyber security

  1. Cyber Security

    Energy Savers [EERE]

    Associate CIO for Cyber Security (IM-30) Rod Turk Deputy Associate CIO for Cyber Security (IM-30) Michael Maraya Incident Management Division (IM-32) Rob Ciochon Director Policy,...

  2. Information Security: Coordination of Federal Cyber Security...

    Office of Environmental Management (EM)

    Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that...

  3. Enhance your Cyber Security Knowledge

    E-Print Network [OSTI]

    Enhance your Cyber Security Knowledge About NPS CS FUNDAMENTALS: Create a strong foundational by increasing the effectiveness of the armed forces of the United States and its allies. Cyber Security-4015 About CISR #12;Cyber Security Adversarial Techniques Cyber Security Defense Cyber Security Fundamentals

  4. Cyber Security Architecture Guidelines

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-03-08T23:59:59.000Z

    This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

  5. Sandia Energy - Cyber Security for Electric Infrastructure

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Security for Electric Infrastructure Home Stationary Power Grid Modernization Cyber Security for Electric Infrastructure Cyber Security for Electric Infrastructureashoter2015...

  6. Departmental Cyber Security Management Policy

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-05-08T23:59:59.000Z

    The Departmental Cyber Security Management (DCSM) Policy was developed to further clarify and support the elements of the Integrated Safeguards and Security Management (ISSM) Policy regarding cyber security. Certified 9-23-10. No cancellation.

  7. Metaphors for cyber security.

    SciTech Connect (OSTI)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01T23:59:59.000Z

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  8. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12T23:59:59.000Z

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation.

  9. INSTITUTE FOR CYBER SECURITY Security Models

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2010 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY 2 THE BIG

  10. INSTITUTE FOR CYBER SECURITY Security Models

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY 2 THE BIG

  11. Cyber Security | National Security | ORNL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOEThe Bonneville Power Administration would likeConstitution4Customer-Comments Sign In About |Cyber SecurityCyber

  12. Using Operational Security (OPSEC) to Support a Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in...

  13. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12T23:59:59.000Z

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation. Admin Chg 1 dated 9-1-09.

  14. Extension of DOE Directive on Cyber Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-06-04T23:59:59.000Z

    DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, is extended until 6/4/04.

  15. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08T23:59:59.000Z

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

  16. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08T23:59:59.000Z

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

  17. INL@Work Cyber Security

    SciTech Connect (OSTI)

    Chaffin, May

    2010-01-01T23:59:59.000Z

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  18. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12T23:59:59.000Z

    The Manual establishes minimum implementation standards for cyber security management processes throughout the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B. No cancellations.

  19. INL@Work Cyber Security

    ScienceCinema (OSTI)

    Chaffin, May

    2013-05-28T23:59:59.000Z

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  20. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08T23:59:59.000Z

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  1. Third Annual Cyber Security and Information

    E-Print Network [OSTI]

    Krings, Axel W.

    Third Annual Cyber Security and Information Infrastructure Research Workshop May 14-15, 2007 TOWARDS COMPREHENSIVE STRATEGIES THAT MEET THE CYBER SECURITY CHALLENGES OF THE 21ST CENTURY Frederick Sheldon, Axel Krings, Seong-Moo Yoo, and Ali Mili (Editors) #12;CSIIRW07: Cyber Security and Information

  2. Cyber Security Grand Challenges and Prognosis

    E-Print Network [OSTI]

    Sandhu, Ravi

    Cyber Security Grand Challenges and Prognosis Prof. Ravi Sandhu Executive Director and Institute for Cyber Security Executive Director and Endowed Chair ravi.sandhu@utsa.edu www.profsandhu.com www.ics.utsa.edu © Ravi Sandhu World-Leading Research with Real Cyber Security Grand Challenges and Prognosis Prof. Ravi

  3. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2008-05-01T23:59:59.000Z

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  4. Cyber Security and Resilient Systems

    SciTech Connect (OSTI)

    Robert S. Anderson

    2009-07-01T23:59:59.000Z

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

  5. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    cyber-security analysis of the SCADA system of the Gignac water distributioncyber security of SCADA systems managing other infrastructures (e.g. , oil and natural gas distribution

  6. INSTITUTE FOR CYBER SECURITY Application-Centric Security

    E-Print Network [OSTI]

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio

  7. Cyber Security & Smart Grid

    E-Print Network [OSTI]

    Shapiro, J.

    2011-01-01T23:59:59.000Z

    of the impacts of long-term power shortages from the destruction of critical electric infrastructure. ? A Hitachi factory north of Tokyo that makes 60% of the world?s supply of airflow sensors was shut down. This caused General Motors to shut a plant... at The University of Texas at Dallas ? Next Generation Control Systems ? Trustworthy Cyber Infrastructure for the Power Grid ? Active Defense Systems ? System Vulnerability Assessments ? Grid Test Bed ? Integrated Risk Analysis ? Modeling and Simulation...

  8. Department of Energy Cyber Security Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2006-12-04T23:59:59.000Z

    The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

  9. Department of Energy Cyber Security Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-21T23:59:59.000Z

    The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

  10. Cyber Security in Smart Grid Substations

    E-Print Network [OSTI]

    Utrecht, Universiteit

    Cyber Security in Smart Grid Substations Thijs Baars Lucas van den Bemd Michail Theuns Robin van.089 3508 TB Utrecht The Netherlands #12;CYBER SECURITY IN SMART GRID SUBSTATIONS Thijs Baars T.Brinkkemper@uu.nl Abstract. This report describes the state of smart grid security in Europe, specifically the Netherlands

  11. Microgrid cyber security reference architecture.

    SciTech Connect (OSTI)

    Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

    2013-07-01T23:59:59.000Z

    This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

  12. Common Cyber Security Vulnerabilities Observed in Control System...

    Energy Savers [EERE]

    Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

  13. NNSA Seeking Comments on Consolidated IT and Cyber Security Support...

    Broader source: Energy.gov (indexed) [DOE]

    NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013...

  14. Sandia National Laboratories: Cyber Security for Electric Infrastructu...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    SystemsCyber Security for Electric Infrastructure Cyber Security for Electric Infrastructure Electric power systems and power-system operators are more reliant on telemetry,...

  15. Mathematical and Statistical Opportunities in Cyber Security

    SciTech Connect (OSTI)

    Meza, Juan; Campbell, Scott; Bailey, David

    2009-03-23T23:59:59.000Z

    The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question 'What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics'? Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences.

  16. Cyber Security & Smart Grid 

    E-Print Network [OSTI]

    Shapiro, J.

    2011-01-01T23:59:59.000Z

    to complexity, proprietary nature and different management teams ? Ripe for exploitation ? Intel, Microsoft, Security vendors are not focused on this technology ? Many are NOT PC?s ? Many can be infected and the devices cannot be cleaned ESL-KT-11...-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Inherent Vulnerabilities ? Two-way communications ? Distributed connectivity ? Customer usage data ? Metering devices ? Weak authentication and access control ? Lack of adequate training ? Lack...

  17. Cyber Security | More Science | ORNL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOEThe Bonneville Power Administration would likeConstitution4Customer-Comments Sign In About |Cyber Security

  18. Cyber Security Major R&D Challenges Ram Krishnan

    E-Print Network [OSTI]

    Sandhu, Ravi

    1 Cyber Security Major R&D Challenges Ram Krishnan http://engineering.utsa.edu/~krishnan/ Cyber Security Research Institute (CSRI) Cyber Security R&D Workshop April 19-20, 2012 World-Leading Research with Real-World Impact! Institute for Cyber Security Prof. Ravi Sandhu conveys his regrets for inability

  19. Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2002-03-18T23:59:59.000Z

    To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

  20. Cyber Security Audit and Attack Detection Toolkit

    SciTech Connect (OSTI)

    Peterson, Dale

    2012-05-31T23:59:59.000Z

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  1. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect (OSTI)

    Daniel Noyes

    2012-03-01T23:59:59.000Z

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  2. INSTITUTE FOR CYBER SECURITY The PEI Framework for

    E-Print Network [OSTI]

    Sandhu, Ravi

    not the right decision for securing distributed systems © Ravi Sandhu 5 #12;INSTITUTE FOR CYBER SECURITY PostINSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio May

  3. Realizing Scientific Methods for Cyber Security

    SciTech Connect (OSTI)

    Carroll, Thomas E.; Manz, David O.; Edgar, Thomas W.; Greitzer, Frank L.

    2012-07-18T23:59:59.000Z

    There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber security science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.

  4. Embracing the Cloud for Better Cyber Security

    SciTech Connect (OSTI)

    Shue, Craig A [ORNL; Lagesse, Brent J [ORNL

    2011-01-01T23:59:59.000Z

    The future of cyber security is inextricably tied to the future of computing. Organizational needs and economic factors will drive computing outcomes. Cyber security researchers and practitioners must recognize the path of computing evolution and position themselves to influence the process to incorporate security as an inherent property. The best way to predict future computing trends is to look at recent developments and their motivations. Organizations are moving towards outsourcing their data storage, computation, and even user desktop environments. This trend toward cloud computing has a direct impact on cyber security: rather than securing user machines, preventing malware access, and managing removable media, a cloud-based security scheme must focus on enabling secure communication with remote systems. This change in approach will have profound implications for cyber security research efforts. In this work, we highlight existing and emerging technologies and the limitations of cloud computing systems. We then discuss the cyber security efforts that would support these applications. Finally, we discuss the implications of these computing architecture changes, in particular with respect to malware and social engineering.

  5. Control Systems Cyber Security Standards Support Activities

    SciTech Connect (OSTI)

    Robert Evans

    2009-01-01T23:59:59.000Z

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  6. INSTITUTE FOR CYBER SECURITY A Hybrid Enforcement Model for

    E-Print Network [OSTI]

    Sandhu, Ravi

    -leading research with real-world impact! #12;INSTITUTE FOR CYBER SECURITY Super vs Micro-distribution in g-SIS 8INSTITUTE FOR CYBER SECURITY A Hybrid Enforcement Model for Group-Centric Secure Information Executive Director and Endowed Professor Institute for Cyber Security University of Texas at San Antonio

  7. 7 Key Challenges for Visualization in Cyber Network Defense

    SciTech Connect (OSTI)

    Best, Daniel M.; Endert, Alexander; Kidwell, Dan

    2014-12-02T23:59:59.000Z

    In this paper we present seven challenges, informed by two user studies, to be considered when developing a visualization for cyber security purposes. Cyber security visualizations must go beyond isolated solutions and “pretty picture” visualizations in order to make impact to users. We provide an example prototype that addresses the challenges with a description of how they are met. Our aim is to assist in increasing utility and adoption rates for visualization capabilities in cyber security.

  8. SPIDERS JCTD Smart Cyber-Secure Microgrids

    Broader source: Energy.gov [DOE]

    The Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS) Joint Capability Technology Demonstration (JCTD) is a groundbreaking program to bolster the cyber security and energy efficiency of U.S. military installations and transfer the knowhow to non-military critical infrastructure.

  9. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2012-12-06T23:59:59.000Z

    Modifications correct changes to the composition of Senior DOE Management organizations, name change from DOE Cyber Incident Response Capability to Joint Cybersecurity Coordination Center and transfer of responsibility for communications security and TEMPEST to the Office of Health, Safety and Security.

  10. Mathematical and Statistical Opportunities in Cyber Security Scott Campbell

    E-Print Network [OSTI]

    Bailey, David H.

    Mathematical and Statistical Opportunities in Cyber Security Juan Meza Scott Campbell David Bailey problems exist within cyber security research that can be helped by advanced mathematics and statistics large and complex systems like the Internet. Our second assumption is that many proposed cyber security

  11. CyberPhysical System Security for the Electric Power Grid

    E-Print Network [OSTI]

    Manimaran, Govindarasu

    INVITED P A P E R Cyber­Physical System Security for the Electric Power Grid Control in power of cyber infrastructure security in conjunction with power application security to pre- vent, mitigate on its cyber infrastructure and its ability to tolerate potential failures. A further exploration

  12. Cyber Security Audit and Attack Detection Toolkit: Bandolier...

    Broader source: Energy.gov (indexed) [DOE]

    This project of the cyber security audit and attack detection toolkit will employ Bandolier Audit Files for optimizing security configurations and the Portaledge event detection...

  13. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16T23:59:59.000Z

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8

  14. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16T23:59:59.000Z

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, cancels Chg 2.

  15. Cyber Security Companies, governments, and consumers depend on secure and reliable

    E-Print Network [OSTI]

    Hill, Wendell T.

    Cyber Security Companies, governments, and consumers depend on secure and reliable computer-speed computers all introduce new cyber-security challenges. Cyber- security researchers at the University in the software development cycle. e also creates secure authentication protocols for vulnerable distributed

  16. Cyber Security Requirements for Risk Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19T23:59:59.000Z

    The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  17. Cyber Security Audit and Attack Detection Toolkit: National SCADA...

    Energy Savers [EERE]

    Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 This project of the cyber...

  18. Towards Efficient Collaboration in Cyber Security

    SciTech Connect (OSTI)

    Hui, Peter SY; Bruce, Joseph R.; Fink, Glenn A.; Gregory, Michelle L.; Best, Daniel M.; McGrath, Liam R.; Endert, Alexander

    2010-06-03T23:59:59.000Z

    Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independently— for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and as such, no such framework exists to support such efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.

  19. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01T23:59:59.000Z

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  20. Small-Scale Cyber Security Competitions Mike O'Leary

    E-Print Network [OSTI]

    O'Leary, Michael

    Small-Scale Cyber Security Competitions Mike O'Leary Towson University 16th Colloquium for Information Systems Security Education Orlando, FL June 11-13, 2012 M. O'Leary (Towson University) Small the Flag Competition M. O'Leary (Towson University) Small-Scale Cyber Security Competitions CISSE 2012 2

  1. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16T23:59:59.000Z

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012.

  2. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16T23:59:59.000Z

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012; Chg 2, dated 3-11-13.

  3. Lessons Learned from Cyber Security Assessments of SCADA and...

    Broader source: Energy.gov (indexed) [DOE]

    Department of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB September 2006 LESSONS LEARNED FROM CYBER...

  4. Obama's Call for Public-Private Cyber Security Collaboration...

    Office of Environmental Management (EM)

    companies, equipment vendors, and government agencies to create a Control Systems Roadmap to secure the sector's computer control systems against cyber attack. As a result of...

  5. Lessons Learned from Cyber Security Assessments of SCADA and...

    Energy Savers [EERE]

    Energy Management Systems Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems were reviewed to identify common...

  6. Security Informatics Research Challenges for Mitigating Cyber Friendly Fire

    SciTech Connect (OSTI)

    Carroll, Thomas E.; Greitzer, Frank L.; Roberts, Adam D.

    2014-09-30T23:59:59.000Z

    This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly re (FF). We dene cyber FF as intentional o*ensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission e*ectiveness of friendly or neutral forces. We describe examples of cyber FF and discuss how it ts within a general conceptual framework for cyber security failures. Because it involves human failure, cyber FF may be considered to belong to a sub-class of cyber security failures characterized as unintentional insider threats. Cyber FF is closely related to combat friendly re in that maintaining situation awareness (SA) is paramount to avoiding unintended consequences. Cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and o*ensive countermeasures that may be applied to thwart network attacks. We describe a test bed designed to support empirical research on factors a*ecting cyber FF. Finally, we discuss mitigation strategies to combat cyber FF, including both training concepts and suggestions for decision aids and visualization approaches.

  7. Critical Infrastructure and Cyber Security

    E-Print Network [OSTI]

    Doll, Abby; Pirrong, Renee; Jennings, Matthew; Stasny, George; Giblin, Andy; Shaffer, Steph; Anderson, Aimee

    2011-01-01T23:59:59.000Z

    that employ stealth methods such as steganography, allowing botmasters to exploit public forums and search engines #1; As U.S. national elections draw near, an increase in phishing, scams and malicious code targeting candidates, campaigns, etc.... Chemical Manufacturing The Chemical Manufacturing sector combines organic and inorganic materials to make chemicals used in everyday life and that contribute to the national security, public safety, and economic security. The components...

  8. Lecture 13: Control System Cyber Security

    E-Print Network [OSTI]

    CERN. Geneva

    2013-01-01T23:59:59.000Z

    Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

  9. Cyber Security Requirements for Wireless Devices and Information Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-11T23:59:59.000Z

    The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  10. On Cyber Security for Networked Control Systems Saurabh Amin

    E-Print Network [OSTI]

    random failures and secu- rity attacks. Cyber-security of Supervisory Control and Data Acquisition (SCADA, cyber-security assessment for SCADA systems is performed based on well-defined attacker and defender objectives. The mathematical model of SCADA systems considered in this work has two control levels

  11. October 2014 Mid-South Cyber Security Summit

    E-Print Network [OSTI]

    Dasgupta, Dipankar

    government, industry, and academia. *Source: FCW citation: http://fcw.com/articles/2011/11/10/cybersecurity-workforce-planOctober 2014 Mid-South Cyber Security Summit Achieving Cybersecurity Excellence Through Evolution of the Nation's Cyber Workforce Benjamin Scribner Department of Homeland Security (DHS) National Cybersecurity

  12. Cyber-security Research Ethics Dialogue & Strategy Erin Kenneally

    E-Print Network [OSTI]

    California at San Diego, University of

    Cyber-security Research Ethics Dialogue & Strategy Workshop Erin Kenneally CAIDA/UC, San Diego La The inaugural Cyber-security Research Ethics Dialogue & Strat- egy Workshop was held on May 23, 2013, in the wake of struggles to resolve the aforementioned mounting tensions, ethics has re-emerged as a crucial

  13. Cyber Security Through Science | More Science | ORNL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOEThe Bonneville Power Administration would likeConstitution4Customer-Comments Sign In About |Cyber Security SHARE

  14. Tom Harper receives cyber security award

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOE Office of ScienceandMesa del SolStrengthening a solidSynthesisAppliances Tips:Harper receives cyber security

  15. Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

    SciTech Connect (OSTI)

    Sheldon, Frederick T [ORNL; Krings, Axel [ORNL; Yoo, Seong-Moo [ORNL; Mili, Ali [ORNL; Trien, Joseph P [ORNL

    2006-01-01T23:59:59.000Z

    The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

  16. Cyber safety : a systems thinking and systems theory approach to managing cyber security risks

    E-Print Network [OSTI]

    Salim, Hamid M

    2014-01-01T23:59:59.000Z

    If we are to manage cyber security risks more effectively in today's complex and dynamic Web 2.0 environment, then a new way of thinking is needed to complement traditional approaches. According to Symantec's 2014 Internet ...

  17. Norwich University Applied Research Institutes Cyber Security Education/Training and Exercises

    E-Print Network [OSTI]

    Dasgupta, Dipankar

    Training Emergency Management for IT Professionals Cyber Security Exercise Development Tools ­ Cyber Smart for cybersecurity event response #12;Cyber Exercising · What is unique about cybersecurity? · More akin to Warfare

  18. Ninth Annual Cyber and Information Security Research Conference...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Ninth Annual Cyber and Information Security Research Conference Apr 08 2014 04-08-2014 08:30 AM - 04-10-2014 04:00 PM Multiple speakers, multiple disciplines, multiple affiliations...

  19. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans

    2006-05-01T23:59:59.000Z

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  20. Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

    E-Print Network [OSTI]

    Ragsdale, G.

    -25, 2010 Implementing TCG Standards Within Systems ? Trusted Platform Module (TPM) ? Provides root of trust ? Secure storage ? Signing & hashing functions ? Tamper detection ? Accelerates cryptography ? TPM software stack ? Implements TCG stack... Update Session Security (symmetric key) Code and Data Integrity (memory hash) ?Secure secret storage ?TPM chip root trust secret ?Owner root trust secret ?Memory hash signature ?Standard encryption algorithm ?Standard hashing algorithm ?Tamper detection...

  1. Cyber-Physical Systems Security for Smart Grid

    E-Print Network [OSTI]

    Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy as one of nine white papers in the project "The Future Grid to Enable Sustainable Energy Systems

  2. Cyber-Physical Systems Security for Smart Grid

    E-Print Network [OSTI]

    Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy Acknowledgements This white paper was developed as one of nine white papers in the project "The Future Grid

  3. Cyber Security via Minority Games with Epistatic Signaling (Extended Abstract)

    E-Print Network [OSTI]

    Mishra, Bud

    Cyber Security via Minority Games with Epistatic Signaling (Extended Abstract) W. Casey, L. Metcalf occurs when deceptions are employed in order to breach the security of the system, thus making the entire profiles (e.g., the distribution of players employing various kinds of vulnerability and threat predictions

  4. Cyber Security Challenges in Using Cloud Computing in the Electric Utility Industry

    SciTech Connect (OSTI)

    Akyol, Bora A.

    2012-09-01T23:59:59.000Z

    This document contains introductory material that discusses cyber security challenges in using cloud computing in the electric utility industry.

  5. Gamification for Measuring Cyber Security Situational Awareness

    SciTech Connect (OSTI)

    Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

    2013-03-01T23:59:59.000Z

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

  6. Cyber Security and Trust Research & DevelopmentCyber Security and Trust Research & Development http://www.ISTS.dartmouth.eduhttp://www.ISTS.dartmouth.edu

    E-Print Network [OSTI]

    Pellacini, Fabio

    Cyber Security and Trust Research & DevelopmentCyber Security and Trust Research & Development http of a discrete distribution: www.ISTS.dartmouth.edu Entropy reminder INSTITUTE FOR SECURITY TECHNOLOGY STUDIES to packets & provide a visual summary? www.ISTS.dartmouth.edu Motivation INSTITUTE FOR SECURITY

  7. Cyber-Physical Security via Geometric Control: Distributed Monitoring and Malicious Attacks

    E-Print Network [OSTI]

    Bullo, Francesco

    Cyber-Physical Security via Geometric Control: Distributed Monitoring and Malicious Attacks Fabio and extends our results on the security of cyber-physical systems based on geometric control theory: (i) we, and by various industrial security incidents [6], cyber-physical systems are prone to failures and attacks

  8. RT-Based Administrative Models for Community Cyber Security Information Sharing

    E-Print Network [OSTI]

    Sandhu, Ravi

    RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman Bijon, Xin Jin, and Ram Krishnan Institute for Cyber Security & Department of Computer Science Institute for Cyber Security & Department of Electrical and Computer Engineering University of Texas at San

  9. Towards Efficient Collaboration in Cyber Security Peter Hui Joe Bruce Glenn Fink

    E-Print Network [OSTI]

    . INTRODUCTION Although distributed geographically and often across different organizations, cyber-securityTowards Efficient Collaboration in Cyber Security Peter Hui Joe Bruce Glenn Fink Michelle Gregory University aendert@cs.vt.edu ABSTRACT Cyber security analysts in different geographical and organizational

  10. Sandia Energy - Cyber Security for Electric Infrastructure

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOE Office of Scienceand RequirementsCoatings Initiated at PNNL's SequimReactors To ReceiveCyber HomeCyberCyber

  11. Cyber Security Evaluation of II&C Technologies

    SciTech Connect (OSTI)

    Ken Thomas

    2014-11-01T23:59:59.000Z

    The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.

  12. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01T23:59:59.000Z

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  13. A Hierarchical Security Architecture for Cyber-Physical Systems

    SciTech Connect (OSTI)

    Quanyan Zhu; Tamer Basar

    2011-08-01T23:59:59.000Z

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  14. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    her students on security of process control systems. I amcyber-security tools for process control systems. In theon the security mechanisms of process control systems, few

  15. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    Analysis of Information Security Games, Proceedings of theon the Economics of Information Security WEIS’, Hanover, NH,on the Economics of Information Security’. Anderson, R. and

  16. A Cooperative Cyber Defense for Securing Critical Infrastructures

    E-Print Network [OSTI]

    Fulp, Errin W.

    .g., the numerous private companies that make up North America's electrical power grids) that share computationalA Cooperative Cyber Defense for Securing Critical Infrastructures Glenn A. Fink glenn networked relationships. At electrical substations, it is common to find equipment from several companies

  17. T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security

    SciTech Connect (OSTI)

    Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

    2009-07-20T23:59:59.000Z

    Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

  18. A Comparison of Cross-Sector Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2005-09-01T23:59:59.000Z

    This report presents a review and comparison (commonality and differences) of three cross-sector cyber security standards and an internationally recognized information technology standard. The comparison identifies the security areas covered by each standard and reveals where the standards differ in emphasis. By identifying differences in the standards, the user can evaluate which standard best meets their needs. For this report, only cross-sector standards were reviewed.

  19. MODELING SECURITY IN CYBER-PHYSICAL SYSTEMS

    E-Print Network [OSTI]

    Burmester, Mike

    network at the Davis-Besse nuclear power plant in Oak Harbor, Ohio, was infected [39]. There have been the behavior of the adversary is controlled by a threat model that captures both the cyber aspects (with-physical systems, threat models, protocols for treaty verification. 1. Introduction The rapid growth of information

  20. CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL

    SciTech Connect (OSTI)

    Kathleen A. Lee

    2008-01-01T23:59:59.000Z

    The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the system’s cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

  1. Automatic Labeling for Entity Extraction in Cyber Security

    SciTech Connect (OSTI)

    Bridges, Robert A [ORNL] [ORNL; Jones, Corinne L [ORNL] [ORNL; Iannacone, Michael D [ORNL] [ORNL; Testa, Kelly M [ORNL] [ORNL; Goodall, John R [ORNL] [ORNL

    2014-01-01T23:59:59.000Z

    Timely analysis of cyber-security information necessitates automated information extraction from unstructured text. While state-of-the-art extraction methods produce extremely accurate results, they require ample training data, which is generally unavailable for specialized applications, such as detecting security related entities; moreover, manual annotation of corpora is very costly and often not a viable solution. In response, we develop a very precise method to automatically label text from several data sources by leveraging related, domain-specific, structured data and provide public access to a corpus annotated with cyber-security entities. Next, we implement a Maximum Entropy Model trained with the average perceptron on a portion of our corpus (~750,000 words) and achieve near perfect precision, recall, and accuracy, with training times under 17 seconds.

  2. GridStat – Cyber Security and Regional Deployment Project Report

    SciTech Connect (OSTI)

    Clements, Samuel L.

    2009-02-18T23:59:59.000Z

    GridStat is a developing communication technology to provide real-time data delivery services to the electric power grid. It is being developed in a collaborative effort between the Electrical Power Engineering and Distributed Computing Science Departments at Washington State University. Improving the cyber security of GridStat was the principle focus of this project. A regional network was established to test GridStat’s cyber security mechanisms in a realistic environment. The network consists of nodes at Pacific Northwest National Laboratory, Idaho National Laboratory, and Washington State University. Idaho National Laboratory (INL) was tasked with performing the security assessment, the results of which detailed a number or easily resolvable and previously unknown issues, as well as a number of difficult and previously known issues. Going forward we recommend additional development prior to commercialization of GridStat. The development plan is structured into three domains: Core Development, Cyber Security and Pilot Projects. Each domain contains a number of phased subtasks that build upon each other to increase the robustness and maturity of GridStat.

  3. PowerCyber: A Cyber-Physical Security Testbed for Smart Grid PI: Manimaran Govindarasu (gmani@iastate.edu)

    E-Print Network [OSTI]

    Manimaran, Govindarasu

    /Opal-RT, provide ability to simulate large power systems with monitoring, protecIon, control modeling bulk power system for cyber security experimentaIons. powercyber power system wherein, vulnerability analysis, system impact studies, risk assessment

  4. Evaluation Report on "The Department's Unclassified Cyber Security Program"

    SciTech Connect (OSTI)

    None

    2009-10-01T23:59:59.000Z

    Industry experts report that security challenges and threats are continually evolving as malicious activity has become more web-based and attackers are able to rapidly adapt their attack methods. In addition, the number of data breaches continues to rise. In an effort to mitigate and address threats and protect valuable information, the Department of Energy anticipated spending about $275 million in Fiscal Year (FY) 2009 to implement cyber security measures necessary to protect its information technology resources. These systems and data are designed to support the Department's mission and business lines of energy security, nuclear security, scientific discovery and innovation, and environmental responsibility. The Federal Information Security Management Act of 2002 (FISMA) provides direction to agencies on the management and oversight of information security risks, including design and implementation of controls to protect Federal information and systems. As required by FISMA, the Office of Inspector General conducts an annual independent evaluation to determine whether the Department's unclassified cyber security program adequately protects its information systems and data. This memorandum and the attached report present the results of our evaluation for FY 2009. The Department continued to make incremental improvements in its unclassified cyber security program. Our evaluation disclosed that most sites had taken action to address weaknesses previously identified in our FY 2008 evaluation report. They improved certification and accreditation of systems; strengthened configuration management of networks and systems; performed independent assessments; and, developed and/or refined certain policies and procedures. In addition, the Department instituted a centralized incident response organization designed to eliminate duplicative efforts throughout the Department. As we have noted in previous reports, the Department continued to maintain strong network perimeter defenses against malicious intruders and other externals threats. These are positive accomplishments. However, in our judgment, additional action is required to further enhance the Department's unclassified cyber security program and help reduce risks to its systems and data. For example, our current review identified opportunities for improvements in areas such as security planning and testing, systems inventory, access controls, and configuration management. In particular, we issued a number of findings at sites managed by the National Nuclear Security Administration (NNSA). We also identified weaknesses across various Department program elements. Issues that warrant further attention include: (1) Weaknesses such as outdated security plans and not completing annual security control self-assessments were identified at several sites; (2) The Department had not yet resolved systems inventory issues and had yet to deploy a complex-wide automated asset management tool to help track information technology resources and identify interfaces between systems or networks; (3) Although certain improvements had been made to enhance access controls, we noted deficiencies such as a lack of periodic account reviews and inadequate password management at a number of sites; and (4) Previously identified weaknesses in configuration management had been corrected, however, we found problems related to weak administrator account settings and failure to install software patches, as well as incomplete implementation of the Federal Desktop Core Configuration. These internal control weaknesses existed, at least in part, because certain cyber security roles and responsibilities were not clearly delineated. Program officials also had not effectively performed monitoring and review activities essential for evaluating the adequacy of cyber security performance. In some cases, officials had not ensured that weaknesses discovered during audits and other evaluations were recorded and tracked to resolution in the organizations' Plans of Action and Milestones. Our testing disclosed that about 39 p

  5. Ideal Based Cyber Security Technical Metrics for Control Systems

    SciTech Connect (OSTI)

    W. F. Boyer; M. A. McQueen

    2007-10-01T23:59:59.000Z

    Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

  6. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    J. [2004], Low-latency cryptographic protection for SCADAlatency high-integrity security retrofit for lecacy SCADA

  7. Two-Tier Hierarchical Cyber-Physical Security Analysis Framework For Smart Grid

    E-Print Network [OSTI]

    Kundur, Deepa

    Two-Tier Hierarchical Cyber-Physical Security Analysis Framework For Smart Grid Jin Wei and Deepa consequence of cyber and/or physical disruption) using distributed control. In particular, we consider, USA Abstract--We propose a two-tier hierarchical cyber-physical framework for analyzing transient

  8. The Role of Signal Processing in meeting Cyber-Security and Privacy Challenges

    E-Print Network [OSTI]

    Paris-Sud XI, Université de

    1 The Role of Signal Processing in meeting Cyber-Security and Privacy Challenges Lalitha Sankar Spaces Image Classification/ Location Privacy Modify Control Messages Security Privacy Fig. 1. Illustration of several classes of cyber-security and privacy threats in networks and distributed data systems

  9. Lori Garver, NASA Deputy Administrator NASA Cyber Security Awareness Month Symposium

    E-Print Network [OSTI]

    us of the importance of constant vigilance to ensure on-line safety and security both at work the CIO community does everything they can to protect our cyber security ­ the power actually does restLori Garver, NASA Deputy Administrator NASA Cyber Security Awareness Month Symposium NASA

  10. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01T23:59:59.000Z

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  11. Cyber Assessment Methods for SCADA Security

    SciTech Connect (OSTI)

    Not Available

    2005-06-01T23:59:59.000Z

    The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national infrastructure, such as electric power, oil, and gas production and distribution. Since their incapacitation or destruction would have a debilitating impact on the defense or economic security of the United States, one of the main objectives of this program is to identify vulnerabilities and encourage the public and private sectors to work together to design secure control systems that resolve these weaknesses. This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure.

  12. Cyber Assessment Methods For SCADA Security

    SciTech Connect (OSTI)

    May Robin Permann; Kenneth Rohde

    2005-06-01T23:59:59.000Z

    The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national infrastructure, such as electric power, oil, and gas production and distribution. Since their incapacitation or destruction would have a debilitating impact on the defense or economic security of the United States, one of the main objectives of this program is to identify vulnerabilities and encourage the public and private sectors to work together to design secure control systems that resolve these weaknesses. This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure.

  13. Survey Paper Cyber security in the Smart Grid: Survey and challenges q

    E-Print Network [OSTI]

    Wang, Wenye

    importantly, with the integration of advanced computing and communication technologies, the Smart GridSurvey Paper Cyber security in the Smart Grid: Survey and challenges q Wenye Wang , Zhuo Lu Accepted 29 December 2012 Available online 17 January 2013 Keywords: Smart Grid Cyber security Attacks

  14. On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    terminal units (RTUs), SCADA systems measure data such as trans- mission line power flows, bus power1 On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem Kin Cheong Sou, Henrik Sandberg and Karl Henrik Johansson Abstract--This paper considers a smart grid cyber-security problem

  15. A quantitative man-machine model for cyber security efficiency analysis

    E-Print Network [OSTI]

    Jung, Sung-Oh

    2007-04-25T23:59:59.000Z

    The analysis of security defense processes is of utmost importance in the management of various cyber-security attacks, which are increasing in scope and rapidity. Organizations need to optimize their resources based on a sound understanding...

  16. On the Design and Execution of Cyber-Security User Studies: Methodology, Challenges, and

    E-Print Network [OSTI]

    Yang, Junfeng

    On the Design and Execution of Cyber-Security User Studies: Methodology, Challenges, and Lessons by the Computer Emergency Response Team (CERT), and which surveyed 523 security executives and law enforcement

  17. The Impact of Secure OSs on Internet Security: What Cyber-Insurers Need to Know

    E-Print Network [OSTI]

    Pal, Ranjan

    2012-01-01T23:59:59.000Z

    In recent years, researchers have proposed \\emph{cyber-insurance} as a suitable risk-management technique for enhancing security in Internet-like distributed systems. However, amongst other factors, information asymmetry between the insurer and the insured, and the inter-dependent and correlated nature of cyber risks have contributed in a big way to the failure of cyber-insurance markets. Security experts have argued in favor of operating system (OS) platform switching (ex., from Windows to Unix-based OSs) or secure OS adoption as being one of the techniques that can potentially mitigate the problems posing a challenge to successful cyber-insurance markets. In this regard we model OS platform switching dynamics using a \\emph{social gossip} mechanism and study three important questions related to the nature of the dynamics, for Internet-like distributed systems: (i) which type of networks should cyber-insurers target for insuring?, (ii) what are the bounds on the asymptotic performance level of a network, wher...

  18. Comparison of two methods to quantify cyber and physical security effectiveness.

    SciTech Connect (OSTI)

    Wyss, Gregory Dane; Gordon, Kristl A.

    2005-11-01T23:59:59.000Z

    With the increasing reliance on cyber technology to operate and control physical security system components, there is a need for methods to assess and model the interactions between the cyber system and the physical security system to understand the effects of cyber technology on overall security system effectiveness. This paper evaluates two methodologies for their applicability to the combined cyber and physical security problem. The comparison metrics include probabilities of detection (P{sub D}), interruption (P{sub I}), and neutralization (P{sub N}), which contribute to calculating the probability of system effectiveness (P{sub E}), the probability that the system can thwart an adversary attack. P{sub E} is well understood in practical applications of physical security but when the cyber security component is added, system behavior becomes more complex and difficult to model. This paper examines two approaches (Bounding Analysis Approach (BAA) and Expected Value Approach (EVA)) to determine their applicability to the combined physical and cyber security issue. These methods were assessed for a variety of security system characteristics to determine whether reasonable security decisions could be made based on their results. The assessments provided insight on an adversary's behavior depending on what part of the physical security system is cyber-controlled. Analysis showed that the BAA is more suited to facility analyses than the EVA because it has the ability to identify and model an adversary's most desirable attack path.

  19. Probabilistic Characterization of Adversary Behavior in Cyber Security

    SciTech Connect (OSTI)

    Meyers, C A; Powers, S S; Faissol, D M

    2009-10-08T23:59:59.000Z

    The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

  20. Secure control systems with application to cyber-physical systems

    SciTech Connect (OSTI)

    Dong, Jin [ORNL] [ORNL; Djouadi, Seddik M [ORNL] [ORNL; Nutaro, James J [ORNL] [ORNL; Kuruganti, Phani Teja [ORNL] [ORNL

    2014-01-01T23:59:59.000Z

    Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

  1. Towards an Experimental Testbed Facility for Cyber-Physical Security Research

    SciTech Connect (OSTI)

    Edgar, Thomas W.; Manz, David O.; Carroll, Thomas E.

    2012-01-07T23:59:59.000Z

    Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

  2. Control Systems Cyber Security: Defense-in-Depth Strategies

    SciTech Connect (OSTI)

    Mark Fabro

    2007-10-01T23:59:59.000Z

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  3. Control Systems Cyber Security:Defense in Depth Strategies

    SciTech Connect (OSTI)

    David Kuipers; Mark Fabro

    2006-05-01T23:59:59.000Z

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  4. Cyber-Security Considerations for the Smart Grid

    SciTech Connect (OSTI)

    Clements, Samuel L.; Kirkham, Harold

    2010-07-26T23:59:59.000Z

    The electrical power grid is evolving into the “smart grid”. The goal of the smart grid is to improve efficiency and availability of power by adding more monitoring and control capabilities. These new technologies and mechanisms are certain to introduce vulnerabilities into the power grid. In this paper we provide an overview of the cyber security state of the electrical power grid. We highlight some of the vulnerabilities that already exist in the power grid including limited capacity systems, implicit trust and the lack of authentication. We also address challenges of complexity, scale, added capabilities and the move to multipurpose hardware and software as the power grid is upgraded. These changes create vulnerabilities that did not exist before and bring increased risks. We conclude the paper by showing that there are a number mitigation strategies that can help keep the risk at an acceptable level.

  5. Strategic philanthropy for cyber security : an extended cost-benefit analysis framework to study cybersecurity

    E-Print Network [OSTI]

    Cho, Yiseul

    2012-01-01T23:59:59.000Z

    The international climate of cyber security is dramatically changing and thus unpredictable. As such, agile yet sustainable solutions are needed, along with an effective and a pragmatic evaluation framework to assess and ...

  6. Jack N. Summe Director, Navy Insider Threat to Cyber Security (ITCS)

    E-Print Network [OSTI]

    Jack N. Summe Director, Navy Insider Threat to Cyber Security (ITCS) Mr. Jack Summe currently Psychological Operations Group (Airborne) from 2003-2005. A native of Warsaw, Indiana, he holds a bachelor

  7. Cyber Friendly Fire: Research Challenges for Security Informatics

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2013-06-06T23:59:59.000Z

    This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a system’s topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF— including both training concepts and suggestions for decision aids and visualization approaches—are discussed.

  8. S3A: Secure System Simplex Architecture for Enhanced Security of Cyber-Physical Systems

    E-Print Network [OSTI]

    Mohan, Sibin; Betti, Emiliano; Yun, Heechul; Sha, Lui; Caccamo, Marco

    2012-01-01T23:59:59.000Z

    Until recently, cyber-physical systems, especially those with safety-critical properties that manage critical infrastructure (e.g. power generation plants, water treatment facilities, etc.) were considered to be invulnerable against software security breaches. The recently discovered 'W32.Stuxnet' worm has drastically changed this perception by demonstrating that such systems are susceptible to external attacks. Here we present an architecture that enhances the security of safety-critical cyber-physical systems despite the presence of such malware. Our architecture uses the property that control systems have deterministic execution behavior, to detect an intrusion within 0.6 {\\mu}s while still guaranteeing the safety of the plant. We also show that even if an attack is successful, the overall state of the physical system will still remain safe. Even if the operating system's administrative privileges have been compromised, our architecture will still be able to protect the physical system from coming to harm.

  9. Cyber Science and Security - An R&D Partnership at LLNL

    SciTech Connect (OSTI)

    Brase, J; Henson, V

    2011-03-11T23:59:59.000Z

    Lawrence Livermore National Laboratory has established a mechanism for partnership that integrates the high-performance computing capabilities of the National Labs, the network and cyber technology expertise of leading information technology companies, and the long-term research vision of leading academic cyber programs. The Cyber Science and Security Center is designed to be a working partnership among Laboratory, Industrial, and Academic institutions, and provides all three with a shared R&D environment, technical information sharing, sophisticated high-performance computing facilities, and data resources for the partner institutions and sponsors. The CSSC model is an institution where partner organizations can work singly or in groups on the most pressing problems of cyber security, where shared vision and mutual leveraging of expertise and facilities can produce results and tools at the cutting edge of cyber science.

  10. Three Tenets for Secure Cyber-Physical System Design and Jeff Hughesa

    E-Print Network [OSTI]

    Cybenko, George

    at designing systems that are "provably" secure according to some idealized formal model of security. In factThree Tenets for Secure Cyber-Physical System Design and Assessment Jeff Hughesa George Cybenkob a design and assessment. Called The Three Tenets, this originally empirical approach has been used

  11. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    SciTech Connect (OSTI)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01T23:59:59.000Z

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  12. Office of Electricity Delivery and Energy Reliability Cyber Security...

    Energy Savers [EERE]

    the Nation's Energy Infrastructure from Cyber Attacks Working to Achieve Cybersecurity in the Energy Sector Roadmap to Achieve Energy Delivery Systems Cybersecurity - 2011...

  13. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01T23:59:59.000Z

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  14. Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer

    E-Print Network [OSTI]

    Mueller, Frank

    systems. 1 Introduction The power grid in the US is one-century old and aging in terms of infrastructure methods to remove bugs as well as security vulnerabilities in soft- ware for intelligent power devicesCyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer Dept

  15. A Cyber Security Self-Assessment Method for Nuclear Power Plants

    SciTech Connect (OSTI)

    Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

    2004-11-01T23:59:59.000Z

    A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is a digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process.

  16. Cyber Security Indications and Warning System (SV): CRADA 1573.94 Project Accomplishments Summary

    SciTech Connect (OSTI)

    Hu, Tan Chang (PI, Sandia); Robinson, David G. (Technical PI)

    2011-09-08T23:59:59.000Z

    As the national focus on cyber security increases, there is an evolving need for a capability to provide for high-speed sensing of events, correlation of events, and decision-making based on the adverse events seen across multiple independent large-scale network environments. The purpose of this Shared Vision project, Cyber Security Indications and Warning System, was to combine both Sandia's and LMC's expertise to discover new solutions to the challenge of protecting our nation's infrastructure assets. The objectives and scope of the proposal was limited to algorithm and High Performance Computing (HPC) model assessment in the unclassified environment within funding and schedule constraints. The interest is the identification, scalability assessment, and applicability of current utilized cyber security algorithms as applied in an HPC environment.

  17. Modeling and simulation for cyber-physical system security research, development and applications.

    SciTech Connect (OSTI)

    Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

    2010-02-01T23:59:59.000Z

    This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

  18. On the Security of Public Key Protocols

    E-Print Network [OSTI]

    Danny Dolev; et al.

    1983-01-01T23:59:59.000Z

    Recently the use of public key encryption to provide secure network communication has received considerable attention. Such public key systems are usually effective against passive eavesdroppers, who merely tap the lines and try to decipher the message. It has been pointed out, however, that an improperly designed protocol could be vulnerable to an active saboteur, one who may impersonate another user or alter the message being transmitted. Several models are formulated in which the security of protocols can be discussed precisely. Algorithms and characteri-zations that can be used to determine protocol security in these models are given.

  19. Secure Cryptographic Key Management System (CKMS) Considerations for Smart Grid Devices

    SciTech Connect (OSTI)

    Abercrombie, Robert K [ORNL] [ORNL; Sheldon, Frederick T [ORNL] [ORNL; Aldridge, Hal [ORNL] [ORNL; Duren, Mike [Sypris Electronics, LLC] [Sypris Electronics, LLC; Ricci, Tracy [Sypris Electronics, LLC] [Sypris Electronics, LLC; Bertino, Elisa [ORNL] [ORNL; Kulatunga, Athula [Purdue University] [Purdue University; Navaratne, Uditha Sudheera [Purdue University] [Purdue University

    2011-01-01T23:59:59.000Z

    In this paper, we examine some unique challenges associated with key management in the Smart Grid and concomitant research initiatives: 1) effectively model security requirements and their implementations, and 2) manage keys and key distribution for very large scale deployments such as Smart Meters over a long period of performance. This will set the stage to: 3) develop innovative, low cost methods to protect keying material, and 4) provide high assurance authentication services. We will present our perspective on key management and will discuss some key issues within the life cycle of a cryptographic key designed to achieve the following: 1) control systems designed, installed, operated, and maintained to survive an intentional cyber assault with no loss of critical function, and 2) widespread implementation of methods for secure communication between remote access devices and control centers that are scalable and cost-effective to deploy.

  20. Public key infrastructure for DOE security research

    SciTech Connect (OSTI)

    Aiken, R.; Foster, I.; Johnston, W.E. [and others

    1997-06-01T23:59:59.000Z

    This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-key infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.

  1. Proceedings of Student-Faculty Research Day, CSIS, Pace University, May 3rd A Frame Problem Approach for Adaptive Cyber Security Design

    E-Print Network [OSTI]

    Tappert, Charles

    Problem Approach for Adaptive Cyber Security Design R. Shaikh, T. Bryla, and S. Ahmed Pace University entails the motivation and efforts to integrate the Frame Problem approach to the distributed cyber in the context of network security counteraction against cyber-attacks. A simple simulator is designed

  2. The 2011 Military Communications Conference -Track 3 -Cyber Security and Network Operations From Security to Vulnerability: Data Authentication

    E-Print Network [OSTI]

    Wang, Wenye

    lines and transform ers [5], to perform critical functions of energy transmission and distributionThe 2011 Military Communications Conference - Track 3 - Cyber Security and Network Operations From Wang· Zhuo Lu* Jianfeng Mat "Department of Electrical and Computer Engineering, NC State University

  3. Cyber-Security of Networked Control Systems Karl Henrik Johansson

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    to cyber-threats with many poten@al points of aRacks · How systems · ARack on power network state es@mator · Stealthy minimum-effort a) but no disclosure resources ·If the zero is unstable, then the plant state can be moved

  4. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Milos Manic

    2012-08-01T23:59:59.000Z

    The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

  5. A Secured Health Care Application Architecture for Cyber-Physical Systems

    E-Print Network [OSTI]

    Wang, Jin; Lee, Sungyoung; Shu, Lei; Xia, Feng

    2012-01-01T23:59:59.000Z

    Cyber-physical systems (CPS) can be viewed as a new generation of systems with integrated control, communication and computational capabilities. Like the internet transformed how humans interact with one another, cyber-physical systems will transform how people interact with the physical world. Currently, the study of CPS is still in its infancy and there exist many research issues and challenges ranging from electricity power, health care, transportation and smart building etc. In this paper, an introduction of CPeSC3 (cyber physical enhanced secured wireless sensor networks (WSNs) integrated cloud computing for u-life care) architecture and its application to the health care monitoring and decision support systems is given. The proposed CPeSC3 architecture is composed of three main components, namely 1) communication core, 2) computation core, and 3) resource scheduling and management core. Detailed analysis and explanation are given for relevant models such as cloud computing, real time scheduling and secu...

  6. Fact Sheet: Cyber Security Audit and Attack Detection Toolkit

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011AT&T,OfficeEnd ofEvaluations in Covered Facilities | DepartmentFactLead-acidofCyber

  7. Control Systems Cyber Security: Defense in Depth Strategies | Department of

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 111 1,613PortsmouthBartlesvilleAbout » Contact Us Contact UsEnergyOak7.2Energy Cyber

  8. Office of Cyber and Security Assessments | Department of Energy

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 111 1,613 122Commercial602 1,39732onMake YourDepartment ofC T O B EOff-GridCyber

  9. Comprehensive, Multi-Source Cyber-Security Data Set

    DOE Data Explorer [Office of Scientific and Technical Information (OSTI)]

    Kent, Alexander D. [Los Alamos National Laboratory

    This data set represents 58 consecutive days of de-identified event data collected from five sources within Los Alamos National Laboratory’s corporate, internal computer network. The data sources include Windows-based authentication events from both individual computers and centralized Active Directory domain controller servers; process start and stop events from individual Windows computers; Domain Name Service (DNS) lookups as collected on internal DNS servers; network flow data as collected on at several key router locations; and a set of well-defined red teaming events that present bad behavior within the 58 days. In total, the data set is approximately 12 gigabytes compressed across the five data elements and presents 1,648,275,307 events in total for 12,425 users, 17,684 computers, and 62,974 processes. Specific users that are well known system related (SYSTEM, Local Service) were not de-identified though any well-known administrators account were still de-identified. In the network flow data, well-known ports (e.g. 80, 443, etc) were not de-identified. All other users, computers, process, ports, times, and other details were de-identified as a unified set across all the data elements (e.g. U1 is the same U1 in all of the data). The specific timeframe used is not disclosed for security purposes. In addition, no data that allows association outside of LANL’s network is included. All data starts with a time epoch of 1 using a time resolution of 1 second. In the authentication data, failed authentication events are only included for users that had a successful authentication event somewhere within the data set.

  10. Evaluation Report on The Department's Unclassified Cyber Security...

    Office of Environmental Management (EM)

    users continues to increase. In response to increasing threats to the Government's computer networks and systems, Congress enacted the Government hformation Security Reform Act...

  11. Cyber Security Expert Jim Mellander Retires from NERSC

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    to enhance cybersecurity at Berkeley Lab and NERSC. He's also written several notable security software programs, including Update, a UNIX-based sniffer detector; Kazaa...

  12. LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS

    SciTech Connect (OSTI)

    Ray Fink

    2006-10-01T23:59:59.000Z

    The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

  13. CyberSafety: On the Interactions between CyberSecurity and the

    E-Print Network [OSTI]

    Johnson, Chris

    into the infrastructures that support safety-critical systems. These include network management tools, operating systems security concerns. Malware has been detected in power distribution, healthcare, military and transportation infrastructures. Most previous attacks do not seem to have deliberately targeted critical applications. However

  14. IEEE TRANSACTIONS ON SMART GRID, VOL. 4, NO. 2, JUNE 2013 847 Cyber-Physical Security Testbeds: Architecture,

    E-Print Network [OSTI]

    Manimaran, Govindarasu

    also incorporating simulation mechanisms to model power systems, cyber network dynamics, and security current issues and future ideas can be evaluated. This paper provides an overview of a smart grid security are then evaluated based on the physical system's voltage and rotor angle stability. Index Terms

  15. My RESEARCH INTERESTS concentrate on: Design and implementation of novel cyber-physical systems with an enhanced functionality, security and

    E-Print Network [OSTI]

    Reznik, Leon

    . Melton and L. Reznik GPU-Based Simulation of Spiking Neural Networks with Real-Time Performance and High with an enhanced functionality, security and reliability and built upon sensor and control network platforms and reliability to security and safety Example : Integral quality evaluation procedures in cyber-physical systems

  16. CYBER THREAT ANALYSIS A KEY ENABLING TECHNOLOGY FOR THE OBJECTIVE FORCE (A CASE STUDY IN NETWORK INTRUSION DETECTION)

    E-Print Network [OSTI]

    Kumar, Vipin

    60000 90 91 92 93 94 95 96 97 98 99 00 01 Today computers control power, oil and gas deliveryCYBER THREAT ANALYSIS ­ A KEY ENABLING TECHNOLOGY FOR THE OBJECTIVE FORCE (A CASE STUDY IN NETWORK-of-systems technologies will enable decisive maneuver, both horizon- tal and vertical, during day and night, and in all

  17. September 11, 2012 NIST Key Management Workshop 2012 Secure Key Storage

    E-Print Network [OSTI]

    September 11, 2012 NIST Key Management Workshop 2012 Secure Key Storage and True Random Number Storage via PUFs - Main Idea - Reliability - Randomness -- InstantiationsInstantiations 3. True Random, including side channel resistance ° Trusted security policy routines ° Secure and authentic key storage

  18. IEC 61850 and IEC 62351 Cyber Security Acceleration Workshop

    SciTech Connect (OSTI)

    Clements, Samuel L.; Edgar, Thomas W.; Manz, David O.

    2012-04-01T23:59:59.000Z

    The purpose of this workshop was to identify and discuss concerns with the use and adoption of IEC 62351 security standard for IEC 61850 compliant control system products. The industry participants discussed performance, interoperability, adoption, challenges, business cases, and future issues.

  19. NERSC Cyber Security Challenges That Require DOE Development and Support

    E-Print Network [OSTI]

    Geddes, Cameron Guy Robinson

    ) is to accelerate the pace of scientific discovery by providing high performance computing, information, data, and impacts the productivity of the DOE Science community. In particular, NERSC and other high performance computing (HPC) centers have special security challenges that are unlikely to be met unless DOE funds

  20. Energy Security: A Key Requirement forSustainable Development

    E-Print Network [OSTI]

    1 Energy Security: A Key Requirement forSustainable Development Perspective and Action Plan Robert Card Under Secretary US Department of Energy August 30, 2002 Session One: Maintaining Energy Security WSSD Side Event Energy for Sustainable Development IEA/UNEP/Eskom #12;2 Energy Security is a Key

  1. Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

    SciTech Connect (OSTI)

    Ondrej Linda; Milos Manic; Miles McQueen

    2012-09-01T23:59:59.000Z

    Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

  2. 2014 Headquarters Facilities Master Security Plan - Chapter 14...

    Office of Environmental Management (EM)

    4, Cyber Security 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security June 2014 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber...

  3. A Cyber Security Study of a SCADA Energy Management System: Stealthy Deception Attacks on the State Estimator

    E-Print Network [OSTI]

    Teixeira, André; Sandberg, Henrik; Johansson, Karl H

    2010-01-01T23:59:59.000Z

    The electrical power network is a critical infrastructure in today's society, so its safe and reliable operation is of major concern. State estimators are commonly used in power networks, for example, to detect faulty equipment and to optimally route power flows. The estimators are often located in control centers, to which large numbers of measurements are sent over unencrypted communication channels. Therefore cyber security for state estimators becomes an important issue. In this paper we analyze the cyber security of state estimators in supervisory control and data acquisition (SCADA) for energy management systems (EMS) operating the power network. Current EMS state estimation algorithms have bad data detection (BDD) schemes to detect outliers in the measurement data. Such schemes are based on high measurement redundancy. Although these methods may detect a set of basic cyber attacks, they may fail in the presence of an intelligent attacker. We explore the latter by considering scenarios where stealthy de...

  4. M&Ms4Graphs: Multi-scale, Multi-dimensional Graph Analytics Tools for Cyber-Security

    E-Print Network [OSTI]

    . "Statistical and Hierarchical Graph Analysis for Cyber Security." SIAM Conference on Discrete Mathematics effort is made possible by the Pacific Northwest National Laboratory through funding provided by the U.S. Department of Energy. For more information on the science you see here, please contact: Sutanay Choudhury

  5. Security of quantum key distribution with arbitrary individual imperfections

    E-Print Network [OSTI]

    Řystein Marřy; Lars Lydersen; Johannes Skaar

    2010-06-01T23:59:59.000Z

    We consider the security of the Bennett-Brassard 1984 (BB84) protocol for Quantum Key Distribution (QKD), with arbitrary individual imperfections simultaneously in the source and detectors. We provide the secure key generation rate, and show that only two parameters must be bounded to ensure security; the basis dependence of the source and a detector blinding parameter. The system may otherwise be completely uncharacterized and contain large losses.

  6. Quantum Public-Key Encryption with Information Theoretic Security

    E-Print Network [OSTI]

    Jiangyou Pan; Li Yang

    2012-02-20T23:59:59.000Z

    We propose a definition for the information theoretic security of a quantum public-key encryption scheme, and present bit-oriented and two-bit-oriented encryption schemes satisfying our security definition via the introduction of a new public-key algorithm structure. We extend the scheme to a multi-bitoriented one, and conjecture that it is also information theoretically secure, depending directly on the structure of our new algorithm.

  7. NERSC Cyber Security Challenges That Require DOE Development andSupport

    SciTech Connect (OSTI)

    Draney, Brent; Campbell, Scott; Walter, Howard

    2007-01-16T23:59:59.000Z

    Traditional security approaches do not adequately addressall the requirements of open, scientific computing facilities. Many ofthe methods used for more restricted environments, including almost allcorporate/commercial systems, do not meet the needs of today's science.Use of only the available "state of the practice" commercial methods willhave adverse impact on the ability of DOE to accomplish its sciencegoals, and impacts the productivity of the DOE Science community. Inparticular, NERSC and other high performance computing (HPC) centers havespecial security challenges that are unlikely to be met unless DOE fundsdevelopment and support of reliable and effective tools designed to meetthe cyber security needs of High Performance Science. The securitychallenges facing NERSC can be collected into three basic problem sets:network performance and dynamics, application complexity and diversity,and a complex user community that can have transient affiliations withactual institutions. To address these problems, NERSC proposes thefollowing four general solutions: auditing user and system activityacross sites; firewall port configuration in real time;cross-site/virtual organization identity management and access control;and detecting security issues in application middleware. Solutions arealsoproposed for three general long term issues: data volume,application complexity, and information integration.

  8. Cyber Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Strategic Programs Division IM-52 George Dudley Director Associate CIO for IT Policy & Governance (IM-20) LeAnn Oliver Porfolio & Analysis Division (IM-21) Robin Crisp Director...

  9. Cyber Security

    Energy Savers [EERE]

    Programs Division IM-52 Al Gallo (Acting) Director Associate CIO for IT Policy & Governance (IM-20) LeAnn Oliver Porfolio & Analysis Division (IM-21) Robin Crisp Director...

  10. Cyber Security

    Energy Savers [EERE]

    Enterprise Services Division (IM-33) Michael Maraya Director (Acting) Associate CIO for Technology & Innovation (IM-50) Peter Tseronis Emerging Technology Division IM-51 Frank...

  11. Cyber Security

    Energy Savers [EERE]

    Crisp Director Policy & Performance Management Division (IM-22) Denise Hill Director Records & Privacy Management Division (IM-23) Troy Manigault Director Associate CIO for IT...

  12. Cyber Security

    Energy Savers [EERE]

    Management Office (IM-62) VACANT Director IT Service Management Division (IM-621) Bryan Long Director Infrastructure Division (IM-622) Greg Doan Director Applications Support...

  13. Cyber Security

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 111 1,613PortsmouthBartlesvilleAbout » Contact UsDepartment of Energy Cut Gas CostsAssociate

  14. Cyber Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page onYouTube YouTube Note: Since the YouTube platformBuildingCoalComplex(GC-72)ColumbiaCurrentEnergyTroy Manigault

  15. Security proof of practical quantum key distribution schemes

    E-Print Network [OSTI]

    Yodai Watanabe

    2005-06-29T23:59:59.000Z

    This paper provides a security proof of the Bennett-Brassard (BB84) quantum key distribution protocol in practical implementation. To prove the security, it is not assumed that defects in the devices are absorbed into an adversary's attack. In fact, the only assumption in the proof is that the source is characterized. The proof is performed by lower-bounding adversary's Renyi entropy about the key before privacy amplification. The bound reveals the leading factors reducing the key generation rate.

  16. Quantifying Availability in SCADA Environments Using the Cyber Security Metric MFC

    SciTech Connect (OSTI)

    Aissa, Anis Ben [Université de Tunis El Manar, Tunisia; Rabai, Latifa Ben Arfa [Université de Tunis, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

    2014-01-01T23:59:59.000Z

    Supervisory Control and Data Acquisition (SCADA) systems are distributed networks dispersed over large geographic areas that aim to monitor and control industrial processes from remote areas and/or a centralized location. They are used in the management of critical infrastructures such as electric power generation, transmission and distribution, water and sewage, manufacturing/industrial manufacturing as well as oil and gas production. The availability of SCADA systems is tantamount to assuring safety, security and profitability. SCADA systems are the backbone of the national cyber-physical critical infrastructure. Herein, we explore the definition and quantification of an econometric measure of availability, as it applies to SCADA systems; our metric is a specialization of the generic measure of mean failure cost.

  17. Bioinformatics | Computer Engineering | Cyber Security | Electrical Engineering | Industrial Engineering | Manufacturing Engineering Organizational Behavior | Power Electronics and Systems | Telecommunication Networks | Wireless Innovation

    E-Print Network [OSTI]

    Aronov, Boris

    or in Westchester and Long Island. The degree earned and the body of knowledge is exactly the same as those receivedBioinformatics | Computer Engineering | Cyber Security | Electrical Engineering | Industrial Engineering | Manufacturing Engineering Organizational Behavior | Power Electronics and Systems

  18. Experiences and Challenges with Using Cert Data to Analyze International Cyber Security

    E-Print Network [OSTI]

    Madnick, Stuart

    With the increasing interconnection of computer networks and sophistication of cyber attacks, it is important to understand the dynamics of such situations, especially in regards to cyber international relations. The ...

  19. Security proof for quantum key distribution using qudit systems

    SciTech Connect (OSTI)

    Sheridan, Lana [Centre for Quantum Technologies, National University of Singapore (Singapore); Scarani, Valerio [Centre for Quantum Technologies, National University of Singapore (Singapore); Department of Physics, National University of Singapore (Singapore)

    2010-09-15T23:59:59.000Z

    We provide security bounds against coherent attacks for two families of quantum key distribution protocols that use d-dimensional quantum systems. In the asymptotic regime, both the secret key rate for fixed noise and the robustness to noise increase with d. The finite key corrections are found to be almost insensitive to d < or approx. 20.

  20. Secure Broadcasting of a Common Message with Independent Secret Keys

    E-Print Network [OSTI]

    Khisti, Ashish

    Secure Broadcasting of a Common Message with Independent Secret Keys Rafael F. Schaefer Department broadcasting with indepen- dent secret keys is studied. The particular scenario is analyzed where a common of it. The transmitter shares independent secret keys of arbitrary rates with both legitimate receivers

  1. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect (OSTI)

    Robert P. Evans

    2005-09-01T23:59:59.000Z

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was selected from the list of standards identified in the identification effort. The requirements in these seven standards were then compared against the requirements given in the Framework. This comparison identified gaps (requirements not covered) in both the individual industry standards and in the Framework. In addition to the sector-specific standards reviewed, the team compared the requirements in the cross-sector Instrumentation, Systems, and Automation Society (ISA) Technical Reports (TR) 99 -1 and -2 to the Framework requirements. The Framework defines a set of security classes separated into families as functional requirements for control system security. Each standard reviewed was compared to this template of requirements to determine if the standard requirements closely or partially matched these Framework requirements. An analysis of each class of requirements pertaining to each standard reviewed can be found in the comparison results section of this report. Refer to Appendix A, ''Synopsis of Comparison Results'', for a complete graphical representation of the study's findings at a glance. Some of the requirements listed in the Framework are covered by many of the standards, while other requirements are addressed by only a few of the standards. In some cases, the scope of the requirements listed in the standard for a particular industry greatly exceeds the requirements given in the Framework. These additional families of requirements, identified by the various standards bodies, could potentially be added to the Framework. These findings are, in part, due to the maturity both of the security standards themselves and of the different industries current focus on security. In addition, there are differences in how communication and control is used in different industries and the consequences of disruptions via security breaches to each particular industry that could affect how security requirements are prioritized. The differences in the requirements listed in the Framework and in the various industry standards are due, in part, to differences in the level and purpose of the standards. While the requir

  2. Security bounds for efficient decoy-state quantum key distribution

    E-Print Network [OSTI]

    Marco Lucamarini; James F. Dynes; Bernd Fröhlich; Zhiliang Yuan; Andrew J. Shields

    2015-03-25T23:59:59.000Z

    Information-theoretical security of quantum key distribution (QKD) has been convincingly proven in recent years and remarkable experiments have shown the potential of QKD for real world applications. Due to its unique capability of combining high key rate and security in a realistic finite-size scenario, the efficient version of the BB84 QKD protocol endowed with decoy states has been subject of intensive research. Its recent experimental implementation finally demonstrated a secure key rate beyond 1 Mbps over a 50 km optical fiber. However the achieved rate holds under the restrictive assumption that the eavesdropper performs collective attacks. Here, we review the protocol and generalize its security. We exploit a map by Ahrens to rigorously upper bound the Hypergeometric distribution resulting from a general eavesdropping. Despite the extended applicability of the new protocol, its key rate is only marginally smaller than its predecessor in all cases of practical interest.

  3. Secure key distribution by swapping quantum entanglement

    SciTech Connect (OSTI)

    Song, Daegene [National Institute of Standards and Technology, 100 Bureau Drive, MS 8910, Gaithersburg, Maryland 20899 (United States)

    2004-03-01T23:59:59.000Z

    We report two key distribution schemes achieved by swapping quantum entanglement. Using two Bell states, two bits of secret key can be shared between two distant parties that play symmetric and equal roles. We also address eavesdropping attacks against the schemes.

  4. arvutimnguritus world cyber: Topics by E-print Network

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    cyber-insurer, thereby making 74 SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems Fission and Nuclear Technologies Websites...

  5. alleged russian cyber: Topics by E-print Network

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    cyber-insurer, thereby making 69 SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems Fission and Nuclear Technologies Websites...

  6. Security Notions for Quantum Public-Key Cryptography

    E-Print Network [OSTI]

    Takeshi Koshiba

    2007-02-19T23:59:59.000Z

    It is well known that Shor's quantum algorithm for integer factorization can break down the RSA public-key cryptosystem, which is widely used in many cryptographic applications. Thus, public-key cryptosystems in the quantum computational setting are longed for cryptology. In order to define the security notions of public-key cryptosystems, we have to model the power of the sender, receiver, adversary and channel. While we may consider a setting where quantum computers are available only to adversaries, we generally discuss what are the right security notions for (quantum) public-key cryptosystems in the quantum computational setting. Moreover, we consider the security of quantum public-key cryptosystems known so far.

  7. Secure password-based authenticated key exchange for web services

    SciTech Connect (OSTI)

    Liang, Fang; Meder, Samuel; Chevassut, Olivier; Siebenlist, Frank

    2004-11-22T23:59:59.000Z

    This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options in the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.

  8. Overview of Key Roles and Responsibilities in Information Security Liaison Model Responsibilities Chief Information Security-Privacy

    E-Print Network [OSTI]

    Cantlon, Jessica F.

    Overview of Key Roles and Responsibilities in Information Security Liaison Model Responsibilities Chief Information Security-Privacy Officers Divisional Information Security-Privacy Liaison Departmental Information Security-Privacy Liaison Planning Plan and conduct annual risk assessment Develop a prioritized

  9. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Vollmer, Todd; Manic, Milos

    2014-05-01T23:59:59.000Z

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, anmore »established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.« less

  10. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    DOE Public Access Gateway for Energy & Science Beta (PAGES Beta)

    Vollmer, Todd; Manic, Milos

    2014-05-01T23:59:59.000Z

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.

  11. Cyber Security Analysis of State Estimators in Electric Power Systems Andre Teixeira, Saurabh Amin, Henrik Sandberg, Karl H. Johansson, and Shankar S. Sastry

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    Cyber Security Analysis of State Estimators in Electric Power Systems Andr´e Teixeira, Saurabh Amin security of state estimators in Supervisory Control and Data Acquisition (SCADA) systems operating in power random outliers in the measurement data. Such schemes are based on high measurement redundancy. Although

  12. Challenges for Cyber-Physical Systems: Security, Timing Analysis and Soft Error Protection

    E-Print Network [OSTI]

    Mueller, Frank

    from cyber attacks. While this assumption may not be sound, substations themselves are a more likely link at a substation) could allow attackers to affect power devices. Some protection could be provided to invest in research on the protection of the power grid, both from the perspective of cyber attacks

  13. W-like bound entangled states and secure key distillation

    E-Print Network [OSTI]

    Remigiusz Augusiak; Pawel Horodecki

    2009-09-09T23:59:59.000Z

    We construct multipartite entangled states with underlying W-type structure satisfying positive partial transpose (PPT) condition under any (N-1)|1 partition. Then we show how to distill N-partite secure key form the states using two different methods: direct application of local filtering and novel random key distillation scheme in which we adopt the idea form recent results on entanglement distillation. Open problems and possible implications are also discussed.

  14. Securing a Quantum Key Distribution Network Using Secret Sharing

    E-Print Network [OSTI]

    Barnett, Stephen M

    2012-01-01T23:59:59.000Z

    We present a simple new technique to secure quantum key distribution relay networks using secret sharing. Previous techniques have relied on creating distinct physical paths in order to create the shares. We show, however, how this can be achieved on a single physical path by creating distinct logical channels. The technique utilizes a random 'drop-out' scheme to ensure that an attacker must compromise all of the relays on the channel in order to access the key.

  15. ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber...

    Energy Savers [EERE]

    Utilities Form Consortium to Fund SCADAEMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADAEMS Cyber Security...

  16. Device calibration impacts security of quantum key distribution

    E-Print Network [OSTI]

    Nitin Jain; Christoffer Wittmann; Lars Lydersen; Carlos Wiechers; Dominique Elser; Christoph Marquardt; Vadim Makarov; Gerd Leuchs

    2011-09-16T23:59:59.000Z

    Characterizing the physical channel and calibrating the cryptosystem hardware are prerequisites for establishing a quantum channel for quantum key distribution (QKD). Moreover, an inappropriately implemented calibration routine can open a fatal security loophole. We propose and experimentally demonstrate a method to induce a large temporal detector efficiency mismatch in a commercial QKD system by deceiving a channel length calibration routine. We then devise an optimal and realistic strategy using faked states to break the security of the cryptosystem. A fix for this loophole is also suggested.

  17. Status Report on Protected Domains for Cyber Infrastructure Management

    E-Print Network [OSTI]

    Irvine, Cynthia E.

    through the use of distributed, highly secure, protected domains. Instead of creating a costly physically, Network Security, Information Assurance 1 Introduction Currently, our national cyber infrastructure to the President for Cyber Space Security and Chairman, President's Critical Infrastructure Protection Board

  18. A correct security evaluation of quantum key distribution

    E-Print Network [OSTI]

    Osamu Hirota

    2014-09-21T23:59:59.000Z

    There is no doubt that quantum key distribution is an excellent result as a science. However, this paper presents a view on quantum key distribution (QKD) wherein QKD may have a difficulty to provide a sufficient security and good communication performance in real world networks. In fact, a one-time pad forwarded by QKD model with $\\bar{\\epsilon}=10^{-6}$ may be easily decrypted by key estimation. Despite that researchers know several criticisms on the theoretical incompleteness on the security evaluation, Portmann and Rennner, and others still avert from the discussion on criticism, and experimental groups tend to make exaggerated claims about their own work by making it seems that QKD is applicable to commercial communication systems. All such claims are based on a misunderstanding of the meaning of criteria of information theoretic security in cryptography. A severe situation has arisen as a result, one that will impair a healthy development of quantum information science (QIS). Thus, the author hopes that this paper will help to stimulate discussions on developing a more detailed theory.

  19. Pacific Basin Nuclear Conference (PBNC 2012), BEXCO, Busan, Korea, March 18 ~ 23, 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS

    E-Print Network [OSTI]

    Kim, Kwangjo

    .kim@kustar.ac.ae Abstract Nuclear Power Plants (NPPs) become one of the most important infrastructures in providing improvement. 1. Introduction Nuclear Power Plants (NPPs) become one of the most important infrastructures PBNC 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS Kwangjo Kim KAIST, Daejeon, Korea

  20. Key-Insulated Signcryption (Science and Technology on Communication Security Laboratory,

    E-Print Network [OSTI]

    Zheng, Yuliang

    Key-Insulated Signcryption Jia Fan 1 (Science and Technology on Communication Security Laboratory addresses the issue of key exposure by proposing a key-insulated signcryption technique. We define a security model for key-insulated signcryption and prove that the key- insulated signcryption technique

  1. Toward a Cyber-Physical Topology Language: Applications to NERC CIP Audit

    E-Print Network [OSTI]

    Sanders, William H.

    . For example, the NISTIR Guidelines for Smart-Grid Cyber Security state that "increasing the complexity

  2. Developmental Integrative BiologyCyber Security UNT is recognized by the National Security Agency and the Department of

    E-Print Network [OSTI]

    Tarau, Paul

    security. Information and computer security, trust and information assurance, systems architecture to identify and address a range of changing information sources and security vulnerabilities. UNT brings experts to address next generation challenges. The UNT-based Center for Information and Computer Security

  3. Dartmouth Computer Science Technical Report TR2008-628 Key Management for Secure Power SCADA

    E-Print Network [OSTI]

    Dartmouth Computer Science Technical Report TR2008-628 Key Management for Secure Power SCADA Manya the views of the sponsors #12;1 Key Management for Secure Power SCADA By: Manya Sleeper Advisor: Sean Smith power SCADA systems that seeks to take advantage of the full security capacity of a given network

  4. All information-theoretically secure key establishing protocols are quantum protocols

    E-Print Network [OSTI]

    Mario Stipcevic

    2005-03-26T23:59:59.000Z

    A theorem is proved which states that no classical key generating protocol could ever be provably secure. Consequently, candidates for provably secure protocols must rely on some quantum effect. Theorem relies on the fact that BB84 Quantum key distribution protocol has been proven secure.

  5. Elisa Bertino Cyber Center

    E-Print Network [OSTI]

    Ginzel, Matthew

    on Information and System Security, ACM Transactions on Web, Acta Informatica, the Parallel and Distributed Society Tsutomu Kanai Award "For pioneering and innovative research contributions to secure distributed Elisa Bertino Director, Cyber Center bertino@purdue.edu 765-496-2399 Elisa Bertino is professor

  6. Security of Power Packet Dispatching Using Differential Chaos Shift Keying

    E-Print Network [OSTI]

    Yanzi Zhou; Ryo Takahashi; Takashi Hikihara

    2015-02-19T23:59:59.000Z

    This paper investigates and confirms one advantageous function of a power packet dispatching system, which has been proposed by authors' group with being apart from the conventional power distribution system. Here is focused on the function to establish the security of power packet dispatching for prohibiting not only information but also power of power packet from being stolen by attackers. For the purpose of protecting power packets, we introduce a simple encryption of power packets before sending them. Encryption scheme based on chaotic signal is one possibility for this purpose. This paper adopts the Differential Chaos Shift Keying (DCSK) scheme for the encryption, those are partial power packet encryption and whole power packet encryption.

  7. An inter-realm, cyber-security infrastructure for virtual supercomputing

    SciTech Connect (OSTI)

    Al-Muhtadi, J. (Jalal); Feng, W. C. (Wu-Chun); Fisk, M. E. (Mike E. )

    2001-01-01T23:59:59.000Z

    Virtual supercomputing, (ise ., high-performance grid computing), is poised to revolutionize the way we think about and use computing. However, the security of the links interconnecting the nodes within such an environment will be its Achilles heel, particularly when secure communication is required to tunnel through heterogeneous domains. In this paper we examine existing security mechanisms, show their inadequacy, and design a comprehensive cybersecurity infrastructure that meets the security requirements of virtual supercomputing. Keywords Security, virtual supercomputing, grid computing, high-performance computing, GSS-API, SSL, IPsec, component-based software, dynamic reconfiguration.

  8. Methodology for prioritizing cyber-vulnerable critical infrastructure equipment and mitigation strategies.

    SciTech Connect (OSTI)

    Dawson, Lon Andrew; Stinebaugh, Jennifer A.

    2010-04-01T23:59:59.000Z

    The Department of Homeland Security (DHS), National Cyber Security Division (NSCD), Control Systems Security Program (CSSP), contracted Sandia National Laboratories to develop a generic methodology for prioritizing cyber-vulnerable, critical infrastructure assets and the development of mitigation strategies for their loss or compromise. The initial project has been divided into three discrete deliverables: (1) A generic methodology report suitable to all Critical Infrastructure and Key Resource (CIKR) Sectors (this report); (2) a sector-specific report for Electrical Power Distribution; and (3) a sector-specific report for the water sector, including generation, water treatment, and wastewater systems. Specific reports for the water and electric sectors are available from Sandia National Laboratories.

  9. Office of Cyber Assessments | Department of Energy

    Energy Savers [EERE]

    program of announced and unannounced testing for DOE network vulnerabilities through scanning and penetration testing. Performs complex-wide reviews of cyber security topical...

  10. DOE Issues Energy Sector Cyber Organization NOI

    Office of Environmental Management (EM)

    cooperatively with DOE and other federal agencies to enhance cyber security of the bulk power electric grid and energy infrastructure. Approximately 8.5 million is expected to...

  11. CYBER SECURITY THREATS TO SAFETY-CRITICAL, SPACE-BASED INFRASTRUCTURES

    E-Print Network [OSTI]

    Johnson, Chris

    into advanced air-traffic management applications, rail signalling systems, energy distribution software etc of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios, the inclusion of a combined safety-security risk based methodology for the identification of attack scenarios

  12. Direct Proof of Security of Wegman-Carter Authentication with Partially Known Key

    E-Print Network [OSTI]

    Direct Proof of Security of Wegman-Carter Authentication with Partially Known Key Aysajan Abidin by Wegman and Carter [24], in the case of partially known key. The scheme is based on secretly selecting

  13. Unconditional Security of Time-Energy Entanglement Quantum Key Distribution Using Dual-Basis Interferometry

    E-Print Network [OSTI]

    Zhang, Zheshen

    High-dimensional quantum key distribution (HDQKD) offers the possibility of high secure-key rate with high photon-information efficiency. We consider HDQKD based on the time-energy entanglement produced by spontaneous ...

  14. Quantum public-key algorithms to encrypt and authenticate quantum messages with information-theoretic security

    E-Print Network [OSTI]

    Liang, Min

    2012-01-01T23:59:59.000Z

    Public-key cryptosystems for quantum messages are considered from two aspects: public-key encryption and public-key authentication. Firstly, we propose a general construction of quantum public-key encryption scheme, and then construct an information-theoretic secure instance. Then, we propose a quantum public-key authentication scheme, which can protect the integrity of quantum messages. This scheme can both encrypt and authenticate quantum messages. It is information-theoretic secure with regard to encryption, and the success probability of tampering decreases exponentially with the security parameter with regard to authentication. Compared with classical public-key cryptosystems, one private-key in our schemes corresponds to an exponential number of public-keys, and every quantum public-key used by the sender is an unknown quantum state to the sender.

  15. Quantum public-key algorithms to encrypt and authenticate quantum messages with information-theoretic security

    E-Print Network [OSTI]

    Min Liang; Li Yang

    2012-05-10T23:59:59.000Z

    Public-key cryptosystems for quantum messages are considered from two aspects: public-key encryption and public-key authentication. Firstly, we propose a general construction of quantum public-key encryption scheme, and then construct an information-theoretic secure instance. Then, we propose a quantum public-key authentication scheme, which can protect the integrity of quantum messages. This scheme can both encrypt and authenticate quantum messages. It is information-theoretic secure with regard to encryption, and the success probability of tampering decreases exponentially with the security parameter with regard to authentication. Compared with classical public-key cryptosystems, one private-key in our schemes corresponds to an exponential number of public-keys, and every quantum public-key used by the sender is an unknown quantum state to the sender.

  16. Security bound of continuous-variable quantum key distribution with noisy coherent states and channel

    E-Print Network [OSTI]

    Yong Shen; Jian Yang; Hong Guo

    2009-06-29T23:59:59.000Z

    Security of a continuous-variable quantum key distribution protocol based on noisy coherent states and channel is analyzed. Assuming the noise of coherent states is induced by Fred, a neutral party relative to others, we prove that the prepare and measurement scheme and entanglement-based scheme are equivalent. Then, we show that this protocol is secure against Gaussian collective attacks even if the channel is lossy and noisy, and further, a lower bound to the secure key rate is derived.

  17. Security of differential phase shift quantum key distribution against individual attacks

    E-Print Network [OSTI]

    Edo Waks; Hiroki Takesue; Yoshihisa Yamamoto

    2005-08-16T23:59:59.000Z

    We derive a proof of security for the Differential Phase Shift Quantum Key Distribution (DPSQKD) protocol under the assumption that Eve is restricted to individual attacks. The security proof is derived by bounding the average collision probability, which leads directly to a bound on Eve's mutual information on the final key. The security proof applies to realistic sources based on pulsed coherent light. We then compare individual attacks to sequential attacks and show that individual attacks are more powerful.

  18. ITL BULLETIN FOR OCTOBER 2010 CYBER SECURITY STRATEGIES FOR THE SMART GRID: PROTECTING THE

    E-Print Network [OSTI]

    DIGITAL INFRASTRUCTURE FOR ELECTRIC POWER Shirley Radack, Editor Computer Security Division Information effort is under way to transform the U.S. electric power infrastructure into an advanced digital and availability of the electric power infrastructure. These technologies must be designed and implemented early

  19. Secure multi-party communication with quantum key distribution managed by trusted authority

    DOE Patents [OSTI]

    Nordholt, Jane Elizabeth; Hughes, Richard John; Peterson, Charles Glen

    2013-07-09T23:59:59.000Z

    Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution ("QKD") are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD are extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.

  20. The Data and Application Security and Privacy (DASPY) Challenge

    E-Print Network [OSTI]

    Sandhu, Ravi

    Computer security Information security = Computer security + Communications security Information Computer security Information security = Computer security + Communications security Information Cyber security (defensive) goals have evolved Computer security Information security = Computer

  1. Concise and Tight Security Analysis of the Bennett-Brassard 1984 Protocol with Finite Key Lengths

    E-Print Network [OSTI]

    Masahito Hayashi; Toyohiro Tsurumaru

    2012-05-17T23:59:59.000Z

    We present a tight security analysis of the Bennett-Brassard 1984 protocol taking into account the finite size effect of key distillation, and achieving unconditional security. We begin by presenting a concise analysis utilizing the normal approximation of the hypergeometric function. Then next we show that a similarly tight bound can also be obtained by a rigorous argument without relying on any approximation. In particular, for the convenience of experimentalists who wish to evaluate the security of their QKD systems, we also give explicit procedures of our key distillation, and also show how to calculate the secret key rate and the security parameter from a given set of experimental parameters. Besides the exact values of key rates and security parameters, we also present how to obtain their rough estimates using the normal approximation.

  2. Key Management Challenges in Smart Grid

    SciTech Connect (OSTI)

    Sheldon, Frederick T [ORNL] [ORNL; Duren, Mike [Sypris Electronics, LLC] [Sypris Electronics, LLC

    2012-01-01T23:59:59.000Z

    Agenda Awarded in February 2011 Team of industry and research organizations Project Objectives Address difficult issues Complexity Diversity of systems Scale Longevity of solution Participate in standards efforts and working groups Develop innovative key management solutions Modeling and simulation ORNL Cyber Security Econometric Enterprise System Demonstrate effectiveness of solution Demonstrate scalability

  3. Unconditional Security of Time-energy Entanglement Quantum Key Distribution using Dual-basis Interferometry

    E-Print Network [OSTI]

    Zheshen Zhang; Jacob Mower; Dirk Englund; Franco N. C. Wong; Jeffrey H. Shapiro

    2014-01-23T23:59:59.000Z

    High-dimensional quantum key distribution (HDQKD) offers the possibility of high secure-key rate with high photon-information efficiency. We consider HDQKD based on the time-energy entanglement produced by spontaneous parametric downconversion, and show that it is secure against collective attacks. Its security rests upon visibility data -- obtained from Franson and conjugate-Franson interferometers -- that probe photon-pair frequency correlations and arrival-time correlations. From these measurements an upper bound can be established on the eavesdropper's Holevo information by translating the Gaussian-state security analysis for continuous-variable quantum key distribution so that it applies to our protocol. We show that visibility data from just the Franson interferometer provides a weaker, but nonetheless useful, secure-key rate lower bound. To handle multiple-pair emissions, we incorporate the decoy-state approach into our protocol. Our results show that over 200\\,km transmission distance in optical fiber, time-energy entanglement HDQKD could permit a 700 bit/sec secure-key rate, and a photon information efficiency of 2 secure-key bits per photon coincidence in the key-generation phase using receivers with 15% system efficiency.

  4. Summary of The 3rd Control System Cyber-Security (CS)2/HEP Workshop

    E-Print Network [OSTI]

    Lüders, S

    2011-01-01T23:59:59.000Z

    Over the last decade modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, programmable logic controllers (PLCs), supervisory control and data acquisition (SCADA) systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this (r)evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. The Stuxnet worm of 2010 against a particular Siemens PLC is a unique example for a sophisticated attack against control systems [1]. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data being ...

  5. Security of the Quantum Key Distribution with Blind Polarization Bases against Impersonation Attack

    E-Print Network [OSTI]

    Won-Ho Kye; M. S. Kim

    2006-02-24T23:59:59.000Z

    In this paper, we briefly show how the quantum key distribution with blind polarization bases [Kye et al., Phys. Rev. Lett. 95, 040501 (2005)] can be made secure against the impersonation attack.

  6. Security against the Invisible Photon Attack for the Quantum Key Distribution with Blind Polarization Bases

    E-Print Network [OSTI]

    Won-Ho Kye; M. S. Kim

    2005-08-03T23:59:59.000Z

    In this paper, we briefly show how the quantum key distribution with blind polarization bases [Kye et al., Phys. Rev. Lett. 95, 040501 (2005)] can be made secure against the invisible photon attack.

  7. Cryptographic security of the quantum key distribution from the triangle inequality

    E-Print Network [OSTI]

    Pawel Kurzynski; Marcin Markiewicz; Dagomir Kaszlikowski

    2014-09-22T23:59:59.000Z

    We show that the Csiszar-Korner sufficient condition for secure cryptographic key generation with the help of quantum theory can be easily derived using the triangle inequality for an information-theoretic distance.

  8. Human dimensions in cyber operations research and development priorities.

    SciTech Connect (OSTI)

    Forsythe, James Chris; Silva, Austin Ray; Stevens-Adams, Susan Marie; Bradshaw, Jeffrey [Institute for Human and Machine Cognition

    2012-11-01T23:59:59.000Z

    Within cyber security, the human element represents one of the greatest untapped opportunities for increasing the effectiveness of network defenses. However, there has been little research to understand the human dimension in cyber operations. To better understand the needs and priorities for research and development to address these issues, a workshop was conducted August 28-29, 2012 in Washington DC. A synthesis was developed that captured the key issues and associated research questions. Research and development needs were identified that fell into three parallel paths: (1) human factors analysis and scientific studies to establish foundational knowledge concerning factors underlying the performance of cyber defenders; (2) development of models that capture key processes that mediate interactions between defenders, users, adversaries and the public; and (3) development of a multi-purpose test environment for conducting controlled experiments that enables systems and human performance measurement. These research and development investments would transform cyber operations from an art to a science, enabling systems solutions to be engineered to address a range of situations. Organizations would be able to move beyond the current state where key decisions (e.g. personnel assignment) are made on a largely ad hoc basis to a state in which there exist institutionalized processes for assuring the right people are doing the right jobs in the right way. These developments lay the groundwork for emergence of a professional class of cyber defenders with defined roles and career progressions, with higher levels of personnel commitment and retention. Finally, the operational impact would be evident in improved performance, accompanied by a shift to a more proactive response in which defenders have the capacity to exert greater control over the cyber battlespace.

  9. Securely Managing Cryptographic Keys used within a Cloud Environment

    E-Print Network [OSTI]

    , Co-tenancy, Distributed Management Cryptography essential to secure cloud operations Use of sound;Page 3 Cloud Service Provider (CSP) - Models Cloud Service Models Software as a Service (Saa CSP know who I am? How is my connection to cloud components protected? Administration Who

  10. 100 km secure differential phase shift quantum key distribution with low jitter up-conversion detectors

    E-Print Network [OSTI]

    Eleni Diamanti; Hiroki Takesue; Carsten Langrock; M. M. Fejer; Yoshihisa Yamamoto

    2006-08-13T23:59:59.000Z

    We present a quantum key distribution experiment in which keys that were secure against all individual eavesdropping attacks allowed by quantum mechanics were distributed over 100 km of optical fiber. We implemented the differential phase shift quantum key distribution protocol and used low timing jitter 1.55 um single-photon detectors based on frequency up-conversion in periodically poled lithium niobate waveguides and silicon avalanche photodiodes. Based on the security analysis of the protocol against general individual attacks, we generated secure keys at a practical rate of 166 bit/s over 100 km of fiber. The use of the low jitter detectors also increased the sifted key generation rate to 2 Mbit/s over 10 km of fiber.

  11. Some Physics And System Issues In The Security Analysis Of Quantum Key Distribution Protocols

    E-Print Network [OSTI]

    Horace P. Yuen

    2014-05-07T23:59:59.000Z

    In this paper we review a number of issues on the security of quantum key distribution (QKD) protocols that bear directly on the relevant physics or mathematical representation of the QKD cryptosystem. It is shown that the cryptosystem representation itself may miss out many possible attacks which are not accounted for in the security analysis and proofs. Hence the final security claims drawn from such analysis are not reliable, apart from foundational issues about the security criteria that are discussed elsewhere. The cases of continuous-variable QKD and multi-photon sources are elaborated upon.

  12. Simulation of PKI-Enabled Communication for Identity Management Using CyberCIEGE

    E-Print Network [OSTI]

    , authentication, provenance, and access control. Keywords-network cyber security; identity management; information environment, players1 are guided through a series of scenarios that highlight various cyber security education colleges. CyberCIEGE was created by the Center for Information Systems Security Studies and Research (CISR

  13. Generalized decoding, effective channels, and simplified security proofs in quantum key distribution

    SciTech Connect (OSTI)

    Renes, Joseph M. [IAKS Prof. Beth, Arbeitsgruppe Quantum Computing, Universitaet Karlsruhe, Am Fasanengarten 5, D-76131 Karlsruhe (Germany); Quantum Information Theory Group, Institut fuer Theoretische Physik I, and Max-Planck-Forschungsgruppe, Institut fuer Optik, Information und Photonik, Universitaet Erlangen-Nuernberg, Staudtstrasse 7, D-91058 Erlangen (Germany); Grassl, Markus [IAKS Prof. Beth, Arbeitsgruppe Quantum Computing, Universitaet Karlsruhe, Am Fasanengarten 5, D-76131 Karlsruhe (Germany)

    2006-08-15T23:59:59.000Z

    Prepare and measure quantum key distribution protocols can be decomposed into two basic steps: delivery of the signals over a quantum channel and distillation of a secret key from the signal and measurement records by classical processing and public communication. Here we formalize the distillation process for a general protocol in a purely quantum-mechanical framework and demonstrate that it can be viewed as creating an 'effective' quantum channel between the legitimate users Alice and Bob. The process of secret key generation can then be viewed as entanglement distribution using this channel, which enables application of entanglement-based security proofs to essentially any prepare and measure protocol. To ensure secrecy of the key, Alice and Bob must be able to estimate the channel noise from errors in the key, and we further show how symmetries of the distillation process simplify this task. Applying this method, we prove the security of several key distribution protocols based on equiangular spherical codes.

  14. Developing a Power Measurement Framework for Cyber Defense

    E-Print Network [OSTI]

    Pouchard, Line

    substations and hydroelectric facilities is a normal part of guerilla warfare [3]. Cyber attack of EDS systems, they have become more vulnerable to cyber-attacks as well. As part of a systems health monitoring approach, Experimentation, Security. Keywords Energy Delivery Systems, malware, rootkits, cyber-attacks, Power Distribution

  15. Deception used for Cyber Defense of Control Systems

    SciTech Connect (OSTI)

    Wayne F. Boyer; Miles A. McQueen

    2009-05-01T23:59:59.000Z

    Control system cyber security defense mechanisms may employ deception to make it more difficult for attackers to plan and execute successful attacks. These deceptive defense mechanisms are organized and initially explored according to a specific deception taxonomy and the seven abstract dimensions of security previously proposed as a framework for the cyber security of control systems.

  16. Securing AODV for MANETs using Message Digest with Secret Key

    E-Print Network [OSTI]

    Lakhtaria, Mr Kamaljit; Prajapati, Mr Satish G; Jani, N N

    2010-01-01T23:59:59.000Z

    Due to lack of the infrastructure, open peer-to-peer architecture, shared wireless medium, limited resource constraints and highly dynamic topology, MANETs (Mobile Adhoc Networks) are frequently established in insecure environments, which make them more vulnerable to attacks. These attacks are initiated by sharing malicious nodes against different services of network. The binding force in these networks is routing protocol, which is a common target of malicious nodes. MANETs routing protocols are being developed without having security in mind. Ad-hoc On-Demand Distance Vector (AODV) is one such widely used routing protocol that is at present undergo extensive research and development. AODV is based on distance vector routing, but here the updates are shared not on a periodic basis but on an as per demand basis. The control packets contain a hop-count and sequence number field which recognizes the freshness of routing. These fields are editable, so it creates a possible susceptibility that is frequently abuse...

  17. Security Issues Associated With Error Correction And Privacy Amplification In Quantum Key Distribution

    E-Print Network [OSTI]

    Horace Yuen

    2014-11-10T23:59:59.000Z

    Privacy amplification is a necessary step in all quantum key distribution protocols, and error correction is needed in each except when signals of many photons are used in the key communication in quantum noise approach. No security analysis of error correcting code information leak to the attacker has ever been provided, while an ad hoc formula is currently employed to account for such leak in the key generation rate. It is also commonly believed that privacy amplification allows the users to at least establish a short key of arbitrarily close to perfect security. In this paper we show how the lack of rigorous error correction analysis makes the otherwise valid privacy amplification results invalid, and that there exists a limit on how close to perfect a generated key can be obtained from privacy amplification. In addition, there is a necessary tradeoff between key rate and security, and the best theoretical values from current theories would not generate enough near-uniform key bits to cover the message authentication key cost in disturbance-information tradeoff protocols of the BB84 variety.

  18. Strengthening Cyber Security

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33Frequently AskedEnergyIssues DOE's NuclearSpurringSteam SystemsStrategic Programs4 E n E rgyB

  19. Cyber Friendly Fire

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2011-09-01T23:59:59.000Z

    Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public. The network is essentially divided into a production component that hosts the web and network services, and a user component that hosts thirty employee workstations and other end devices. The organization's network is separated from the Internet by a Cisco ASA network security device that both firewalls and detects intrusions. Business sensitive information is stored in various servers. This includes data comprising thousands of internal documents, such as finance and technical designs, email messages for the organization's employees including the CEO, CFO, and CIO, the organization's source code, and Personally Identifiable client data. Release of any of this information to unauthorized parties would have a significant, detrimental impact on the organization's reputation, which would harm earnings. The valuable information stored in these servers pose obvious points of interest for an adversary. We constructed several scenarios around this environment to support studies in cyber SA and cyber FF that may be run in the test range. We describe mitigation strategies to combat cyber FF including both training concepts and suggestions for decision aids and visualization approaches. Finally, we discuss possible future research directions.

  20. Generalized Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchange system using arbitrary resistors

    E-Print Network [OSTI]

    Vadai, Gergely; Gingl, Zoltan

    2015-01-01T23:59:59.000Z

    The Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchange system has been introduced as a simple, very low cost and efficient classical physical alternative to quantum key distribution systems. The ideal system uses only a few electronic components - identical resistor pairs, switches and interconnecting wires - to guarantee perfectly protected data transmission. We show that a generalized KLJN system can provide unconditional security even if it is used with significantly less limitations. The more universal conditions ease practical realizations considerably and support more robust protection against attacks. Our theoretical results are confirmed by numerical simulations.

  1. Cyber Threats to Nuclear Infrastructures

    SciTech Connect (OSTI)

    Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

    2010-07-01T23:59:59.000Z

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  2. Secure key generation using an ultra-long fiber laser: transient analysis and experiment

    E-Print Network [OSTI]

    Zadok, Avinoam

    Secure key generation using an ultra-long fiber laser: transient analysis and experiment Avi Zadok-optic components. In our Ultra-long Fiber Laser (UFL) system, each user places a randomly chosen, spectrally, based on establishing laser oscillation between two parties, which is realized using standard fiber

  3. Direct Proof of Security of Wegman-Carter Authentication with Partially Known Key

    E-Print Network [OSTI]

    Aysajan Abidin; Jan-Ĺke Larsson

    2013-03-01T23:59:59.000Z

    Information-theoretically secure (ITS) authentication is needed in Quantum Key Distribution (QKD). In this paper, we study security of an ITS authentication scheme proposed by Wegman & Carter, in the case of partially known authentication key. This scheme uses a new authentication key in each authentication attempt, to select a hash function from an Almost Strongly Universal$_2$ hash function family. The partial knowledge of the attacker is measured as the trace distance between the authentication key distribution and the uniform distribution; this is the usual measure in QKD. We provide direct proofs of security of the scheme, when using partially known key, first in the information-theoretic setting and then in terms of witness indistinguishability as used in the Universal Composability (UC) framework. We find that if the authentication procedure has a failure probability $\\epsilon$ and the authentication key has an $\\epsilon'$ trace distance to the uniform, then under ITS, the adversary's success probability conditioned on an authentic message-tag pair is only bounded by $\\epsilon+|\\mT|\\epsilon'$, where $|\\mT|$ is the size of the set of tags. Furthermore, the trace distance between the authentication key distribution and the uniform increases to $|\\mT|\\epsilon'$ after having seen an authentic message-tag pair. Despite this, we are able to prove directly that the authenticated channel is indistinguishable from an (ideal) authentic channel (the desired functionality), except with probability less than $\\epsilon+\\epsilon'$. This proves that the scheme is ($\\epsilon+\\epsilon'$)-UC-secure, without using the composability theorem.

  4. Cyber Incidents Involving Control Systems

    SciTech Connect (OSTI)

    Robert J. Turk

    2005-10-01T23:59:59.000Z

    The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).

  5. Cyber-Physical Systems under Attack Models, Fundamental limitations, and Monitor Design

    E-Print Network [OSTI]

    Hu, Fei

    , FL, Dec 11, 2011 F. Pasqualetti, F. D¨orfler, F. Bullo Cyber-Physical Systems Under Attack Security are cyber-physical systems: power generation and distribution networks water networks and mass-efficient buildings (heat transfer) F. Pasqualetti, F. D¨orfler, F. Bullo Cyber-Physical Systems Under Attack Security

  6. Distributing Secret Keys with Quantum Continuous Variables: Principle, Security and Implementations

    E-Print Network [OSTI]

    Eleni Diamanti; Anthony Leverrier

    2015-06-09T23:59:59.000Z

    The ability to distribute secret keys between two parties with information-theoretic security, that is, regardless of the capacities of a malevolent eavesdropper, is one of the most celebrated results in the field of quantum information processing and communication. Indeed, quantum key distribution illustrates the power of encoding information on the quantum properties of light and has far reaching implications in high-security applications. Today, quantum key distribution systems operate in real-world conditions and are commercially available. As with most quantum information protocols, quantum key distribution was first designed for qubits, the individual quanta of information. However, the use of quantum continuous variables for this task presents important advantages with respect to qubit based protocols, in particular from a practical point of view, since it allows for simple implementations that require only standard telecommunication technology. In this review article, we describe the principle of continuous-variable quantum key distribution, focusing in particular on protocols based on coherent states. We discuss the security of these protocols and report on the state-of-the-art in experimental implementations, including the issue of side-channel attacks. We conclude with promising perspectives in this research field.

  7. Provably-Secure Authenticated Group Diffie-Hellman KeyExchange

    SciTech Connect (OSTI)

    Bresson, Emmanuel; Chevassut, Olivier; Pointcheval, David

    2007-01-01T23:59:59.000Z

    Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.

  8. Naval Postgraduate School Cyber Academic Group Graduation Checklist for MS Cyber Systems and Operations (CSO) Degree

    E-Print Network [OSTI]

    Environment (3-2) ________ ___CY4700 Cyber Wargame: Blue Force Operations (2-5) ________ ___CY4710 Cyber Planned Qtr ___NW3230 Strategy & Policy (4-2) ________ ___NW3275 Joint Maritime Operations Part 1 (4-0) ________ ___NW3276 Joint Maritime Operations Part 2 (2-2) ________ ___NW3285 National Security Decision Making (4

  9. Security of high-dimensional quantum key distribution protocols using Franson interferometers

    E-Print Network [OSTI]

    Thomas Brougham; Stephen M. Barnett; Kevin T. McCusker; Paul G. Kwiat; Daniel J. Gauthier

    2013-05-20T23:59:59.000Z

    Franson interferometers are increasingly being proposed as a means of securing high-dimensional energy-time entanglement-based quantum key distribution (QKD) systems. Heuristic arguments have been proposed that purport to demonstrate the security of these schemes. We show, however, that such systems are vulnerable to attacks that localize the photons to several temporally separate locations. This demonstrates that a single pair of Franson interferometers is not a practical approach to securing high-dimensional energy-time entanglement based QKD. This observations leads us to investigate the security of modified Franson-based-protocols, where Alice and Bob have two or more Franson interferometers. We show that such setups can improve the sensitivity against attacks that localize the photons to multiple temporal locations. While our results do not constituting a full security proof, they do show that a single pair of Franson interferometers is not secure and that multiple such interferometers could be a promising candidate for experimentally realizable high-dimensional QKD.

  10. Control Systems Security Test Center - FY 2004 Program Summary

    SciTech Connect (OSTI)

    Robert E. Polk; Alen M. Snyder

    2005-04-01T23:59:59.000Z

    In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nation’s critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

  11. Practical security bounds against the Trojan-horse attack in quantum key distribution

    E-Print Network [OSTI]

    Marco Lucamarini; Iris Choi; Martin B. Ward; James F. Dynes; Zhiliang Yuan; Andrew J. Shields

    2015-06-05T23:59:59.000Z

    In the quantum version of a Trojan-horse attack, photons are injected into the optical modules of a quantum key distribution system in an attempt to read information direct from the encoding devices. To stop the Trojan photons, the use of passive optical components has been suggested. However, to date, there is no quantitative bound that specifies such components in relation to the security of the system. Here, we turn the Trojan-horse attack into an information leakage problem. This allows us quantify the system security and relate it to the specification of the optical elements. The analysis is supported by the experimental characterization of reflectivity and transmission of the optical components most relevant to security.

  12. Security bound of two-basis quantum-key-distribution protocols using qudits

    SciTech Connect (OSTI)

    Nikolopoulos, Georgios M.; Alber, Gernot [Institut fuer Angewandte Physik, Technische Universitaet Darmstadt, 64289 Darmstadt (Germany)

    2005-09-15T23:59:59.000Z

    We investigate the security bounds of quantum-cryptographic protocols using d-level systems. In particular, we focus on schemes that use two mutually unbiased bases, thus extending the Bennett-Brassard 1984 quantum-key-distribution scheme to higher dimensions. Under the assumption of general coherent attacks, we derive an analytic expression for the ultimate upper security bound of such quantum-cryptography schemes. This bound is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions such an equivalence is generally no longer valid.

  13. Security and entanglement in differential-phase-shift quantum key distribution

    E-Print Network [OSTI]

    Adriana Marais; Thomas Konrad; Francesco Petruccione

    2010-02-04T23:59:59.000Z

    The differential-phase-shift quantum key distribution protocol is formalised as a prepare-and-measure scheme and translated into an equivalent entanglement-based protocol. A necessary condition for security is that Bob's measurement can detect the entanglement of the distributed state in the entanglement-based translation, which implies that his measurement is described by non-commuting POVM elements. This condition is shown to be met.

  14. Security analysis of the decoy method with the Bennett-Brassard 1984 protocol for finite key lengths

    E-Print Network [OSTI]

    Masahito Hayashi; Ryota Nakayama

    2013-11-19T23:59:59.000Z

    This paper provides a formula for the sacrifice bit-length for privacy amplification with the Bennett-Brassard 1984 protocol for finite key lengths when we employ the decoy method. Using the formula, we can guarantee the security parameter for realizable quantum key distribution system. The key generation rates with finite key lengths are numerically evaluated. The proposed method improves the existing key generation rate even in the asymptotic setting.

  15. Lemnos Interoperable Security Program

    SciTech Connect (OSTI)

    John Stewart; Ron Halbgewachs; Adrian Chavez; Rhett Smith; David Teumim

    2012-01-31T23:59:59.000Z

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or â?? tunnelsâ?ť, to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems Lemnos is built on the successes of Open PCS Security Architecture for Interoperable Design (OPSAID), a previous DOE National SCADA Test Bed (NSTB) project. It enhances security interoperability by identifying basic cyber security functions based on utility requirements and then selecting open source solutions, namely Internet Engineering Task Force (IETF) RFCs, to support these functions. Once identified, specific configuration parameters for each RFC suitable for the electric utility control system environment are identified and documented. These configuration parameters are referred to as Interoperable Configuration Profiles (ICP) and their effectiveness within the utility control systems environment is verified with comprehensive testing as the final step in the process. The project focused on development of ICPs for four security protocols (IPsec, SSH, LDAP, and Syslog) which represent fundamental building blocks which can be utilized for securing utility control systems. These ICPs are product agnostic and can be applied modularly to any device (router, substation gateway, intelligent electronic device, etc.) within the utility control system as the end user deems necessary for their unique system architecture. The Lemnos Interoperable Security Program is a public-private partnership under the U.S. Department of Energy (DOE) Office of Electricity Delivery and Energy Reliability's Cybersecurity for Energy Delivery Systems (CEDS) program and supports The Roadmap to Secure Energy Delivery Systems. In addition to EnerNex, the core team supporting the effort includes Tennessee Valley Authority, Sandia National Laboratories, and Schweitzer Engineering Laboratories. Adding to the core team effort is collaboration from additional industry participants in the project including the Electric Power Research Institute (EPRI), Alien Vault, Cisco, Encore Networks, GarrettCom, Industrial Defender, N-Dimension Solutions, Phoenix Contact, RuggedCom, and Siemens.

  16. Sandia Energy - The Center for SCADA Security Assets

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    The Center for SCADA Security Assets Home Stationary Power Safety, Security & Resilience of Energy Infrastructure Grid Modernization Cyber Security for Electric Infrastructure...

  17. Robust protocols for securely expanding randomness and distributing keys using untrusted quantum devices

    E-Print Network [OSTI]

    Carl A. Miller; Yaoyun Shi

    2015-04-10T23:59:59.000Z

    Randomness is a vital resource for modern day information processing, especially for cryptography. A wide range of applications critically rely on abundant, high quality random numbers generated securely. Here we show how to expand a random seed at an exponential rate without trusting the underlying quantum devices. Our approach is secure against the most general adversaries, and has the following new features: cryptographic quality output security, tolerating a constant level of implementation imprecision, requiring only a constant size quantum memory for the honest implementation, and allowing a large natural class of constructions. In conjunct with a recent work by Chung, Shi and Wu (QIP 2014), it also leads to robust unbounded expansion using just 2 multi-part devices. When adapted for distributing cryptographic keys, our method achieves, for the first time, exponential expansion combined with cryptographic security and noise tolerance. The proof proceeds by showing that the Renyi divergence of the outputs of the protocol (for a specific bounding operator) decreases linearly as the protocol iterates. At the heart of the proof are a new uncertainty principle on quantum measurements, and a method for simulating trusted measurements with untrusted devices.

  18. rtino is prof of Cyber Ce

    E-Print Network [OSTI]

    Holland, Jeffrey

    Program Technolo Worksho Bertino is Compute systems Compute to secure rtino is prof of Cyber Ce internatio Database Indexing Intelligen Services the Very on the e Security& on Web, Program VLDB, A Data Eng distributed fessor of Co enter and R nce and Se mputer Scien EC laborator maden) in S ers Universi arch

  19. IEEE Communications Magazine August 2012 530163-6804/12/$25.00 2012 IEEE CYBER SECURITY FOR SMART GRID COMMUNICATIONS

    E-Print Network [OSTI]

    Zhang, Yan

    FOR SMART GRID COMMUNICATIONS Daojing He, Chun Chen, and Jiajun Bu, Zhejiang University Sammy Chan, City University Secure Service Provision in Smart Grid Communications INTRODUCTION An increasing demand grids. As the world's largest engineered system, the smart grid will expand the current capabilities

  20. Unconditional security of the Bennett 1992 quantum key-distribution scheme with strong reference pulse

    E-Print Network [OSTI]

    Kiyoshi Tamaki; Norbert Lütkenhaus; Masato Koashi; Jamie Batuwantudawe

    2009-09-03T23:59:59.000Z

    We prove the unconditional security of the original Bennett 1992 protocol with strong reference pulse. We show that we may place a projection onto suitably defined qubit spaces before the receiver, which makes the analysis as simple as qubit-based protocols. Unlike the single-photon-based qubits, the qubits identified in this scheme are almost surely detected by the receiver even after a lossy channel. This leads to the key generation rate that is proportional to the channel transmission rate for proper choices of experimental parameters.

  1. Information-theoretic security proof for quantum-key-distribution protocols

    SciTech Connect (OSTI)

    Renner, Renato [Computer Science Department, ETH Zuerich, CH-8092 Zurich (Switzerland); Gisin, Nicolas; Kraus, Barbara [Group of Applied Physics, University of Geneva, CH-1211 Geneva 4 (Switzerland)

    2005-07-15T23:59:59.000Z

    We present a technique for proving the security of quantum-key-distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found. Using this technique, we investigate a general class of QKD protocols with one-way classical post-processing. We show that, in order to analyze the full security of these protocols, it suffices to consider collective attacks. Indeed, we give new lower and upper bounds on the secret-key rate which only involve entropies of two-qubit density operators and which are thus easy to compute. As an illustration of our results, we analyze the Bennett-Brassard 1984, the six-state, and the Bennett 1992 protocols with one-way error correction and privacy amplification. Surprisingly, the performance of these protocols is increased if one of the parties adds noise to the measurement data before the error correction. In particular, this additional noise makes the protocols more robust against noise in the quantum channel.

  2. attacks security mechanisms: Topics by E-print Network

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Catherine 2009-05-15 232 SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems Fission and Nuclear Technologies Websites...

  3. Transforming CyberSecurity R&D within the Department of Energy: Getting Ahead of The Threat

    SciTech Connect (OSTI)

    Frincke, Deborah A.; Catlett, Charlie; Siebenlist, Frank; Strelitz, Richard; Talbot, Ed; Worley, Brian

    2008-01-01T23:59:59.000Z

    This report outlines a preliminary response from DOE researchers to the following three questions: a) what are the key priorities w.r.t. cybersecurity R&D over the next decade? b) what would we recommend, in terms of a program, to address those priorities c) how would a DOE Office of Science program in this area complement other cybersecurity R&D initiatives such as NSF's or other agency programs?

  4. Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

    2005-12-01T23:59:59.000Z

    Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

  5. A Game Theoretic Approach to Cyber Attack Prediction

    SciTech Connect (OSTI)

    Peng Liu

    2005-11-28T23:59:59.000Z

    The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

  6. Reducing Cyber Risk to Critical Infrastructure: NIST Framework...

    Energy Savers [EERE]

    of Control Systems (650 KB PDF) The Vulnerability Analysis of Energy Delivery Control Systems Report Guidelines for Smart Grid Cyber Security (3.4 MB PDF) A Guide to...

  7. PSERC Webinar Series: Issues in Designing the Future Grid - Cyber...

    Office of Environmental Management (EM)

    Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 PSERC is offering a free, public webinar series from January to May 2012 entitled "Issues in Designing the...

  8. Coupling Lemma and Its Application to The Security Analysis of Quantum Key Distribution

    E-Print Network [OSTI]

    Kentaro Kato

    2015-05-23T23:59:59.000Z

    It is known that the coupling lemma provides a useful tool in the study of probability theory and its related areas. It describes the relation between the variational distance of two probability distributions and the probability that outcomes from the two random experiments associated with each distribution are not identical. In this paper, the failure probability interpretation problem that has been presented by Yuen and Hirota is discussed from the viewpoint of the application of the coupling lemma. First, we introduce the coupling lemma, and investigate properties of it. Next, it is shown that the claims for this problem in the literatures are justified by using the coupling lemma. Consequently, we see that the failure probability interpretation is not adequate in the security analysis of quantum key distribution.

  9. Sandia National Laboratories: Energy Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    States. I&C systems monitor the safe, reliable and secure generation and delivery of electricity and could have potential cyber vulnerabilities. At Sandia National Laboratories,...

  10. Data Intensive Architecture for Scalable Cyber Analytics

    SciTech Connect (OSTI)

    Olsen, Bryan K.; Johnson, John R.; Critchlow, Terence J.

    2011-12-19T23:59:59.000Z

    Cyber analysts are tasked with the identification and mitigation of network exploits and threats. These compromises are difficult to identify due to the characteristics of cyber communication, the volume of traffic, and the duration of possible attack. In this paper, we describe a prototype implementation designed to provide cyber analysts an environment where they can interactively explore a month’s worth of cyber security data. This prototype utilized On-Line Analytical Processing (OLAP) techniques to present a data cube to the analysts. The cube provides a summary of the data, allowing trends to be easily identified as well as the ability to easily pull up the original records comprising an event of interest. The cube was built using SQL Server Analysis Services (SSAS), with the interface to the cube provided by Tableau. This software infrastructure was supported by a novel hardware architecture comprising a Netezza TwinFin® for the underlying data warehouse and a cube server with a FusionIO drive hosting the data cube. We evaluated this environment on a month’s worth of artificial, but realistic, data using multiple queries provided by our cyber analysts. As our results indicate, OLAP technology has progressed to the point where it is in a unique position to provide novel insights to cyber analysts, as long as it is supported by an appropriate data intensive architecture.

  11. Shor-Preskill Type Security-Proofs for Concatenated Bennett-Brassard 1984 Quantum Key Distribution Protocol

    E-Print Network [OSTI]

    W. -Y. Hwang; K. Matsumoto; H. Imai; J. Kim; H. -W. Lee

    2002-10-31T23:59:59.000Z

    We discuss long code problems in the Bennett-Brassard 1984 (BB84) quantum key distribution protocol and describe how they can be overcome by concatenation of the protocol. Observing that concatenated modified Lo-Chau protocol finally reduces to the concatenated BB84 protocol, we give the unconditional security of the concatenated BB84 protocol.

  12. Implementation of Quantum Key Distribution with Composable Security Against Coherent Attacks using Einstein-Podolsky-Rosen Entanglement

    E-Print Network [OSTI]

    Tobias Gehring; Vitus Händchen; Jörg Duhme; Fabian Furrer; Torsten Franz; Christoph Pacher; Reinhard F. Werner; Roman Schnabel

    2015-02-10T23:59:59.000Z

    Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution (QKD) this is achieved without relying on the hardness of mathematical problems which might be compromised by improved algorithms or by future quantum computers. State-of-the-art QKD requires composable security against coherent attacks for a finite number of samples. Here, we present the first implementation of QKD satisfying this requirement and additionally achieving security which is independent of any possible flaws in the implementation of the receiver. By distributing strongly Einstein-Podolsky-Rosen entangled continuous variable (CV) light in a table-top arrangement, we generated secret keys using a highly efficient error reconciliation algorithm. Since CV encoding is compatible with conventional optical communication technology, we consider our work to be a major promotion for commercialized QKD providing composable security against the most general channel attacks.

  13. Senior Advisor for Cyber Security

    Broader source: Energy.gov [DOE]

    The mission of the Office of Electricity and Delivery and Energy Reliability (OE) is to lead national efforts to modernize the electric grid; increase grid capacity and reliability; improve energy...

  14. Mission Assurance and Cyber Security

    E-Print Network [OSTI]

    Memphis, University of

    , IPSes, TLS ZigBee X10 Wifi Smart Meter SubstationDistribution FAN/AMI Field Area Network SAN Substation assets Take action by remapping our business processes What is your attack surface look like? What threats ride on the ubiquitous attack surfaces of our infrastructure) #12;mccuskero@sonalysts.com 16 What

  15. Chapter_14_Cyber_Security

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011AT&T, Inc.'sEnergyTexas1. Feedstock & ProductionChapter 6 --30 QERQER-2636124

  16. Cyber Security Standards.PDF

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011AT&T,Office of Policy, OAPM | Department of Energy Current5 by ISA -Department of1

  17. cyber | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742EnergyOn AprilA Approved: 5-13-14Russian NuclearNational5/%2A en Office ofcontractingcyber |

  18. Key distributionKey distribution Key distribution, symmetric encryption

    E-Print Network [OSTI]

    Fisher, Michael

    COMP 522 Key distributionKey distribution COMP 522 Key distribution, symmetric encryption From in a secure way and must keep the key secure" · Important issue: how to distribute secret keys? COMP 522 Key distribution, manual delivery For two parties A and B: · A key could be created by A and delivered physically

  19. Secure Pairing of Constrained Wireless Devices: Challenges and Pitfalls

    E-Print Network [OSTI]

    Carver, Jeffrey C.

    and Privacy in Emerging Systems (SPIES) lab. He works in the broad areas of computer and network security.S. Program in Cyber-Security. Saxena is serving as an Associate Editor for flagship security journals, IEEE

  20. The Economic Consequences of Sharing Security Information Esther Gal-Or1

    E-Print Network [OSTI]

    Camp, L. Jean

    Information technology (IT) security has emerged as an important issue in the last decade. To promote the disclosure and sharing of cyber-security information amongst firms, the US federal government has encouraged-commerce con- tinues to grow, so does cyber crime. According to Jupiter Media Metrix, cyber-security issues

  1. Computer Security Incident Handling Guide

    E-Print Network [OSTI]

    States Computer Emergency Readiness Team National Cyber Security Division Department of Homeland Security of Standards and Technology Gaithersburg, MD Karen Scarfone Scarfone Cybersecurity C O M P U T E R S E C U R I

  2. A cognitive and economic decision theory for examining cyber defense strategies.

    SciTech Connect (OSTI)

    Bier, Asmeret Brooke

    2014-01-01T23:59:59.000Z

    Cyber attacks pose a major threat to modern organizations. Little is known about the social aspects of decision making among organizations that face cyber threats, nor do we have empirically-grounded models of the dynamics of cooperative behavior among vulnerable organizations. The effectiveness of cyber defense can likely be enhanced if information and resources are shared among organizations that face similar threats. Three models were created to begin to understand the cognitive and social aspects of cyber cooperation. The first simulated a cooperative cyber security program between two organizations. The second focused on a cyber security training program in which participants interact (and potentially cooperate) to solve problems. The third built upon the first two models and simulates cooperation between organizations in an information-sharing program.

  3. Safeguards and Security and Cyber Security RM

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011 Strategic2 OPAM615_CostNSARDevelopmental AssignmentAprilAND POWERADVANCEDSafeguards and

  4. A Method for Estimating the Financial Impact of Cyber Information Security Breaches Utilizing the Common Vulnerability Scoring System and Annual Loss Expectancy

    E-Print Network [OSTI]

    Lindsey, Michael B.

    2010-05-14T23:59:59.000Z

    Information security is relatively new field that is experiencing rapid growth in terms of malicious attack frequency and the amount of capital that firms must spend on attack defense. This rise in security expenditures has prompted corporate...

  5. On the security of some password-based key agreement schemes

    E-Print Network [OSTI]

    on Jablon's scheme, namely the first password- based key agreement mechanism in ISO/IEC FCD 11770 further show that other password-based key agreement mechanisms, including those in ISO/IEC FCD 11770 a session key, they first compute g = pw2 mod p. Note that in the first mechanism of ISO/IEC FCD 11770-4 [19

  6. Wayne Meitzler PNNL Component Security R&D Program Manager

    E-Print Network [OSTI]

    Perkins, Richard A.

    Wayne Meitzler PNNL Component Security R&D Program Manager Wayne Meitzler, as Pacific Northwest National Laboratory (PNNL) Component Security R&D Program Manager, has over 15 years of cyber security R systems. In the 90s, Wayne was one of the early cyber security R&D leaders at PNNL, and his research

  7. The double-padlock problem: is secure classical information transmission possible without key exchange?

    E-Print Network [OSTI]

    James M. Chappell; Derek Abbott

    2012-12-31T23:59:59.000Z

    The idealized Kish-Sethuraman (KS) cipher is theoretically known to offer perfect security through a classical information channel. However, realization of the protocol is hitherto an open problem, as the required mathematical operators have not been identified in the previous literature. A mechanical analogy of this protocol can be seen as sending a message in a box using two padlocks; one locked by the Sender and the other locked by the Receiver, so that theoretically the message remains secure at all times. We seek a mathematical representation of this process, considering that it would be very unusual if there was a physical process with no mathematical description and indeed we find a solution within a four dimensional Clifford algebra. The significance of finding a mathematical description that describes the protocol, is that it is a possible step toward a physical realization having benefits in increased security with reduced complexity.

  8. The double-padlock problem: is secure classical information transmission possible without key exchange?

    E-Print Network [OSTI]

    Chappell, James M

    2012-01-01T23:59:59.000Z

    The idealized Kish-Sethuraman (KS) cipher is known to offer perfect information theoretical security with classical physical means. However, realization of the protocol is hitherto an open problem, as the required mathematical operators have not been identified in the previous literature. A mechanical analogy of this protocol can be seen as sending a message in a box using two padlocks; one locked by the Sender and the other locked by the Receiver, so that theoretically the message remains secure at all times. We seek a mathematical representation of this process, considering that it would be very unusual if there was a physical process with no mathematical description and indeed we find a solution within a three and four dimensional Clifford algebra. The significance of finding a mathematical description that describes the protocol, is that it is a possible step toward a classical physical realization having benefits in increased security with reduced complexity.

  9. Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack1

    E-Print Network [OSTI]

    Krings, Axel W.

    : Security, Vulnerabilities, Cyber Attack, Critical Infrastructure Protection, Electric Power Management present a model developed for Electric Power Management Systems (EPMS) and Supervisory Control and Data vulnerable to cyber attack. We use graph theory to model electric power control and protection devices

  10. Impact Analysis of Transient Stability Due to Cyber Attack on FACTS Devices

    E-Print Network [OSTI]

    Kundur, Deepa

    vulnerabilities that threat- en the security of cyber-physical power system span across generation, transmission that the losses caused by cyber attack on power grid infrastructure will increase significantly, if no proper. Butler-Purry Electrical and Computer Engineering Department Texas A&M University College Station, TX, USA

  11. Security of the Bennett 1992 quantum-key distribution protocol against individual attack over a realistic channel

    SciTech Connect (OSTI)

    Tamaki, Kiyoshi; Koashi, Masato; Imoto, Nobuyuki [CREST Research Team for Interacting Carrier Electronics, School of Advanced Sciences, Graduate University for Advanced Studies (SOKENDAI), Hayama, Kanagawa 240-0193 (Japan)

    2003-03-01T23:59:59.000Z

    The security of two-state quantum-key distribution against individual attack is estimated when the channel has losses and noises. We assume that Alice and Bob use two nonorthogonal single-photon polarization states. To make our analysis simple, we propose a modified B92 protocol in which Alice and Bob make use of inconclusive results, and Bob performs a kind of symmetrization of received states. Using this protocol, Alice and Bob can estimate Eve's information gain as a function of a few parameters that reflect the imperfections of devices, or Eve's disturbance. In some parameter regions, Eve's maximum information gain shows counterintuitive behavior, namely, it decreases as the amount of disturbances increases. For a small noise rate, Eve can extract perfect information in the case where the angle between Alice's two states is small or large, while she cannot extract perfect information for intermediate angles. We also estimate the secret key gain, which is the net growth of the secret key per pulse. We show the region where the modified B92 protocol over a realistic channel is secure against individual attack.

  12. Unconditional Security of the Bennett 1992 quantum key-distribution over lossy and noisy channel

    E-Print Network [OSTI]

    Kiyoshi Tamaki; Norbert Lütkenhaus

    2003-08-11T23:59:59.000Z

    We show that the security proof of the Bennett 1992 protocol over loss-free channel in (K. Tamaki, M. Koashi, and N. Imoto, Phys. Rev. Lett. 90, 167904 (2003)) can be adapted to accommodate loss. We assumed that Bob's detectors discriminate between single photon states on one hand and vacuum state or multi-photon states on the other hand.

  13. V-159: RSA SecurID Agent Discloses Node Secret Encryption Key...

    Broader source: Energy.gov (indexed) [DOE]

    Key to Local Users PLATFORM: RSA Authentication API versions prior to 8.1 SP1 RSA Web Agent for Apache Web Server versions prior to 5.3.5 RSA Web Agent for IIS versions...

  14. Secure coherent-state quantum key distribution protocols with efficient reconciliation

    SciTech Connect (OSTI)

    Assche, G. van; Cerf, N.J. [QuIC, Ecole Polytechnique, Universite Libre de Bruxelles, CP 165/59, 1050 Brussels (Belgium); Iblisdir, S. [QuIC, Ecole Polytechnique, Universite Libre de Bruxelles, CP 165/59, 1050 Brussels (Belgium); GAP-Optique, University of Geneva, 20 rue de l'Ecole-de-Medecine, CH-1211 Geneva (Switzerland)

    2005-05-15T23:59:59.000Z

    We study the equivalence of a realistic quantum key distribution protocol using coherent states and homodyne detection with a formal entanglement purification protocol. Maximally entangled qubit pairs that one can extract in the formal protocol correspond to secret key bits in the realistic protocol. More specifically, we define a qubit encoding scheme that allows the formal protocol to produce more than one entangled qubit pair per entangled oscillator pair or, equivalently for the realistic protocol, more than one secret key bit per coherent state. The entanglement parameters are estimated using quantum tomography. We analyze the properties of the encoding scheme and investigate the resulting secret key rate in the important case of the attenuation channel.

  15. Taxonomies of Cyber Adversaries and Attacks: A Survey of Incidents and Approaches

    SciTech Connect (OSTI)

    Meyers, C A; Powers, S S; Faissol, D M

    2009-10-08T23:59:59.000Z

    In this paper we construct taxonomies of cyber adversaries and methods of attack, drawing from a survey of the literature in the area of cyber crime. We begin by addressing the scope of cyber crime, noting its prevalence and effects on the US economy. We then survey the literature on cyber adversaries, presenting a taxonomy of the different types of adversaries and their corresponding methods, motivations, maliciousness, and skill levels. Subsequently we survey the literature on cyber attacks, giving a taxonomy of the different classes of attacks, subtypes, and threat descriptions. The goal of this paper is to inform future studies of cyber security on the shape and characteristics of the risk space and its associated adversaries.

  16. Centralized Cryptographic Key Management and Critical Risk Assessment - CRADA Final Report For CRADA Number NFE-11-03562

    SciTech Connect (OSTI)

    Abercrombie, R. K. [ORNL] [ORNL; Peters, Scott [Sypris Electronics, LLC] [Sypris Electronics, LLC

    2014-05-28T23:59:59.000Z

    The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) Cyber Security for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing Cyber Security for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modified and used as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system operation. To further address probabilities of threats, information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain from NESCOR WG1. From these five selected scenarios, we characterized them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrated how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.

  17. SECURE SEMANTIC COMPUTING KEVIN W. HAMLEN and BHAVANI THURAISINGHAM

    E-Print Network [OSTI]

    Hamlen, Kevin W.

    and development of secure semantic computing technologies is therefore an important emerging category of security specifications with semantic web technologies. Second, we examine data mining technologies for cyber-security

  18. September 27 29, 2010, Baltimore Convention Center Focusing on Emerging Automation Specifications and Use Cases, Software Assurance, Healthcare IT, Cyber Security, and Regulatory Compliance

    E-Print Network [OSTI]

    September 27 ­ 29, 2010, Baltimore Convention Center Focusing on Emerging Automation Specifications Annual IT Security Automation Conference, hosted by the National Institute of Standards and Technology Systems Agency, will focus on the breadth and depth of automation principles and technologies designed

  19. Cyber Physical Systems: Design Challenges Edward A. Lee

    E-Print Network [OSTI]

    , such as distributed micro power generation coupled into the power grid, where tim- ing precision and security issuesCyber Physical Systems: Design Challenges Edward A. Lee Electrical Engineering and Computer is granted without fee provided that copies are not made or distributed for profit or commercial advantage

  20. Cyber threat metrics.

    SciTech Connect (OSTI)

    Frye, Jason Neal; Veitch, Cynthia K.; Mateski, Mark Elliot; Michalski, John T.; Harris, James Mark; Trevino, Cassandra M.; Maruoka, Scott

    2012-03-01T23:59:59.000Z

    Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.

  1. Modern Quantum Technologies of Information Security

    E-Print Network [OSTI]

    Korchenko, Oleksandr; Gnatyuk, Sergiy

    2010-01-01T23:59:59.000Z

    In the paper systematization and classification of modern quantum technologies of the information security against cyber-terrorist attack are carried out. The characteristic of the basic directions of quantum cryptography from the viewpoint of used quantum technologies is given. The qualitative analysis of advantages and disadvantages of concrete quantum protocols is made. The current status of a problem of practical quantum cryptography using in telecommunication networks is considered. In particular, the short review of existing commercial systems of quantum key distribution is given.

  2. Computer Security Incident Handling Guide

    E-Print Network [OSTI]

    Gaithersburg, MD Tom Millar United States Computer Emergency Readiness Team National Cyber Security Division National Institute of Standards and Technology Gaithersburg, MD Karen Scarfone Scarfone Cybersecurity C O M

  3. Risk assessment for physical and cyber attacks on critical infrastructures.

    SciTech Connect (OSTI)

    Smith, Bryan J.; Sholander, Peter E.; Phelan, James M.; Wyss, Gregory Dane; Varnado, G. Bruce; Depoy, Jennifer Mae

    2005-08-01T23:59:59.000Z

    Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies. Existing risk assessment methodologies consider physical security and cyber security separately. As such, they do not accurately model attacks that involve defeating both physical protection and cyber protection elements (e.g., hackers turning off alarm systems prior to forced entry). This paper presents a risk assessment methodology that accounts for both physical and cyber security. It also preserves the traditional security paradigm of detect, delay and respond, while accounting for the possibility that a facility may be able to recover from or mitigate the results of a successful attack before serious consequences occur. The methodology provides a means for ranking those assets most at risk from malevolent attacks. Because the methodology is automated the analyst can also play 'what if with mitigation measures to gain a better understanding of how to best expend resources towards securing the facilities. It is simple enough to be applied to large infrastructure facilities without developing highly complicated models. Finally, it is applicable to facilities with extensive security as well as those that are less well-protected.

  4. PACIFIC NORTHWEST CYBER SUMMIT

    SciTech Connect (OSTI)

    Lesperance, Ann M.; Matlock, Gordon W.; Becker-Dippmann, Angela S.; Smith, Karen S.

    2013-08-07T23:59:59.000Z

    On March 26, 2013, the Snohomish County Public Utility District (PUD) and the U.S. Department of Energy’s (DOE’s) Pacific Northwest National Laboratory (PNNL) jointly hosted the Pacific Northwest Cyber Summit with the DOE’s Office of Electricity Delivery and Energy Reliability, the White House, Washington State congressional delegation, Washington State National Guard, and regional energy companies.

  5. Integrating Neuromuscular and Cyber Systems for Neural Control of Artificial Legs

    E-Print Network [OSTI]

    Yang, Qing "Ken"

    and computer system is essential. This integration leads to a cyber- physical system (CPS), in which a complex (CPS) for neurally controlled artificial legs. The key to the new CPS system is the neural

  6. PRIVACY IMPACT ASSESSMENT: SPRO Physical Security Major Application

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Deanna Harvey, Program Analyst Allen Rome, Cyber Security Program Manger Chris Shipp, Information System Security Manager (504) 734-4339 Rick.Shutt@spr.doe.gov (504) 734-4316...

  7. Rethinking the Cyber Threat A Framework and Path Forward

    E-Print Network [OSTI]

    Bernstein, Phil

    Rethinking the Cyber Threat A Framework and Path Forward SCOTT CHARNEY Corporate Vice President ..................................................................................................................................................5 Understanding the Cyber Threat .................................................................................................................5 Rethinking the Cyber Threat

  8. Abstract--Distribution factors play a key role in many system security analysis and market applications. The injection shift

    E-Print Network [OSTI]

    for and the computationally efficient evaluation of LODFs under multiple- line outages. Index Terms--power transfer distribution factors, line outage distribution factors, multiple-line outages, system security. I. INTRODUCTION. Given the usefulness of LODFs in the study of security with many outaged lines, such as in blackouts

  9. Recommended Practice: Creating Cyber Forensics Plans for Control Systems

    SciTech Connect (OSTI)

    Eric Cornelius; Mark Fabro

    2008-08-01T23:59:59.000Z

    Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are not comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.

  10. Sandia Energy - Cyber

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOE Office of Scienceand RequirementsCoatings Initiated at PNNL's SequimReactors To ReceiveCyber Home

  11. Cyber and physical infrastructure interdependencies.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

    2008-09-01T23:59:59.000Z

    The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

  12. Exhibit G (Rev 10, 10/24/12) Security Requirements Subcontract No. 241314 Page 1 of 32

    E-Print Network [OSTI]

    ) .........................................................................................6 3.1 Work site, Security Area, Badge and Data Information ....................................... 6/A..................................................................21 G6.0 Information Security (Feb 2012..........................................................................................24 G7.0 Cyber Information Security (Feb 2012

  13. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    buildings and smart structures portend immense datavehicles and buildings equipped with smart meters). Thebuilding’s occupants). The operating systems of upcoming infrastructures such as smart

  14. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    optimal control and stabilization for linear systems with bounded controloptimal switching control for abstract linear systems onoptimal control for discrete-time, linear dynamical systems in which control

  15. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    Attacks Against Water SCADA Systems . . . . . . . . . .2 d (bottom) [simulated results]. . Gignac SCADA supervisoryGignac canal network and SCADA system . . . . . . . . .

  16. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    Studi Di Milano, Italy. Saberi, A. , Stoorvogel, A. A. andand Michel [1995]; Saberi et al. [1999]; Toivonen [1983];

  17. On Cyber Security for Networked Control Systems

    E-Print Network [OSTI]

    Amin, Saurabh

    2011-01-01T23:59:59.000Z

    critical infrastructure systems, such as electric powerinfrastructures, for e.g. , the next generation electric power

  18. Cyber Assessment Methods for SCADA Security

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011AT&T,Office of Policy, OAPM | Department of Energy Current5 by ISA - The

  19. Cyber and Security Assessments | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE: Alternative FuelsNovember 13, 2014Contributing DataDepartment of Energy CurrentCurrent

  20. Security and Cyber Guidance | Department of Energy

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are being directed offOCHCO Overview OCHCO OverviewRepository |Complex"DepartmentProgram under ARRAServices »

  1. OpenEI Community - cyber security

    Open Energy Info (EERE)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are beingZealand Jump to: navigation, searchOfRoseConcernsCompany Oil and GasOff thedrivingGivenGhost"overview/0

  2. Strengthening Cyber Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page onYouTube YouTube Note: Since the.pdfBreakingMayDepartment of StaffingStorage Water HeatersYears 2003

  3. Strengthening Cyber Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn'tOriginEducationVideoStrategic Safety Goals Strategic Safety Goals JulyIntegratedDepartmentE n

  4. Information Technology Security for Small Business

    E-Print Network [OSTI]

    Magee, Joseph W.

    Information Technology Security for Small Business (video script) Descriptive Text for the Visually symbolic of information technology security and cyber crime. Narration: "No matter how well you protect, "Information Technology Security for Small Business" and "It's not just good business. It's essential business

  5. Guide to Critical Infrastructure Protection Cyber Vulnerability...

    Office of Environmental Management (EM)

    Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection...

  6. Gone Rogue: An Analysis of Rogue Security Software Campaigns (Invited Paper)

    E-Print Network [OSTI]

    Yang, Junfeng

    victims. A troubling, recent example of this trend is cyber- criminals distributing rogue security or no protection. While the technical and economical aspects of rogue security software (e.g., its distribution programs are distributed by cyber- criminals to generate a financial profit. In fact, after the initial

  7. BROOKHAVEN NATIONAL LABORATORYS CAPABILITIES FOR ADVANCED ANALYSES OF CYBER THREATS

    SciTech Connect (OSTI)

    DePhillips M. P.

    2014-06-06T23:59:59.000Z

    BNL has several ongoing, mature, and successful programs and areas of core scientific expertise that readily could be modified to address problems facing national security and efforts by the IC related to securing our nation’s computer networks. In supporting these programs, BNL houses an expansive, scalable infrastructure built exclusively for transporting, storing, and analyzing large disparate data-sets. Our ongoing research projects on various infrastructural issues in computer science undoubtedly would be relevant to national security. Furthermore, BNL frequently partners with researchers in academia and industry worldwide to foster unique and innovative ideas for expanding research opportunities and extending our insights. Because the basic science conducted at BNL is unique, such projects have led to advanced techniques, unlike any others, to support our mission of discovery. Many of them are modular techniques, thus making them ideal for abstraction and retrofitting to other uses including those facing national security, specifically the safety of the nation’s cyber space.

  8. The Center for Information Systems Security Studies and

    E-Print Network [OSTI]

    The Center for Information Systems Security Studies and Research (CISR) has created the ISSE) and the Department of Homeland Security (DHS) have designated NPS as a Center of Academic Excellence in Information developments where cyber security is a concern. Information Systems Security Engineering (ISSE) Certificate

  9. Roadmap to Secure Control Systems in the Energy Sector- January 2006

    Broader source: Energy.gov [DOE]

    This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

  10. Cyberspace security system

    DOE Patents [OSTI]

    Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

    2014-06-24T23:59:59.000Z

    A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

  11. Minimax Control For Cyber-Physical Systems under Network Packet Scheduling Attacks

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    Minimax Control For Cyber-Physical Systems under Network Packet Scheduling Attacks Yasser Shoukry. Unfortunately, this re- liance on networks also brings new security vulnerabilities for con- trol systems. We and distribute reprints for Governmental purposes notwith- standing any copyright notation thereon. The views

  12. Towards a Framework for Cyber Attack Impact Analysis of the Electric Smart Grid

    E-Print Network [OSTI]

    Kundur, Deepa

    ? Is the information available through advanced cyber infrastructure worth the increased security risk? Vulnerability analysis for electric power utilities has begun to aid in answering these questions [11]­[13]. However influenced by the needs of electric power utilities. Section II introduces and motivates the problem of smart

  13. Emergent Behavior in Cybersecurity Example 2: Program VerificationExample 1: Cyber Epidemics

    E-Print Network [OSTI]

    Xu, Shouhuai

    Emergent Behavior in Cybersecurity Example 2: Program VerificationExample 1: Cyber Epidemics Informal Definition and Implication Abstract We argue that emergent behavior is inherent to cybersecurity: Cryptographic properties exhibit emergent behavior because there are functions that can be securely computed

  14. Safeguards and Security and Cyber Security RM | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn'tOrigin ofEnergy atLLC - FE DKT. 10-160-LNG - ORDERSTATE0-1 CHAPTER1the1-2009 May

  15. Information Security: Coordination of Federal Cyber Security Research and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page onYouTube YouTube Note: Since the.pdfBreaking of BlytheDepartment of EnergyTreatmentInformationPlanDevelopment |

  16. Information Security: Coordination of Federal Cyber Security Research and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't YourTransport(Fact Sheet),EnergyImprovementINDIANManagement Governance

  17. DOE and Industry Showcase New Control Systems Security Technologies...

    Broader source: Energy.gov (indexed) [DOE]

    and technologies designed to secure the nation's energy infrastructure from cyber attack on Tuesday through Thursday, March 23-25. Visit Booth 231 at the DistribuTECH 2010...

  18. A Scalable Framework for Cyber Attack Discovery and Situational...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Scalable Framework for Cyber Attack Discovery and Situational Understanding (SITU) May 15, 2013 Problem Statement: Cyber attacks cost commercial and governmental organizations vast...

  19. Protecting Intelligent Distributed Power Grids Against Cyber...

    Broader source: Energy.gov (indexed) [DOE]

    will help protect intelligent distributed power grids from cyber attacks. Intelligent power grids are interdependent energy management systems-encompassing generation,...

  20. Assessment of current cybersecurity practices in the public domain : cyber indications and warnings domain.

    SciTech Connect (OSTI)

    Hamlet, Jason R.; Keliiaa, Curtis M.

    2010-09-01T23:59:59.000Z

    This report assesses current public domain cyber security practices with respect to cyber indications and warnings. It describes cybersecurity industry and government activities, including cybersecurity tools, methods, practices, and international and government-wide initiatives known to be impacting current practice. Of particular note are the U.S. Government's Trusted Internet Connection (TIC) and 'Einstein' programs, which are serving to consolidate the Government's internet access points and to provide some capability to monitor and mitigate cyber attacks. Next, this report catalogs activities undertaken by various industry and government entities. In addition, it assesses the benchmarks of HPC capability and other HPC attributes that may lend themselves to assist in the solution of this problem. This report draws few conclusions, as it is intended to assess current practice in preparation for future work, however, no explicit references to HPC usage for the purpose of analyzing cyber infrastructure in near-real-time were found in the current practice. This report and a related SAND2010-4766 National Cyber Defense High Performance Computing and Analysis: Concepts, Planning and Roadmap report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

  1. Graph anomalies in cyber communications

    SciTech Connect (OSTI)

    Vander Wiel, Scott A [Los Alamos National Laboratory; Storlie, Curtis B [Los Alamos National Laboratory; Sandine, Gary [Los Alamos National Laboratory; Hagberg, Aric A [Los Alamos National Laboratory; Fisk, Michael [Los Alamos National Laboratory

    2011-01-11T23:59:59.000Z

    Enterprises monitor cyber traffic for viruses, intruders and stolen information. Detection methods look for known signatures of malicious traffic or search for anomalies with respect to a nominal reference model. Traditional anomaly detection focuses on aggregate traffic at central nodes or on user-level monitoring. More recently, however, traffic is being viewed more holistically as a dynamic communication graph. Attention to the graph nature of the traffic has expanded the types of anomalies that are being sought. We give an overview of several cyber data streams collected at Los Alamos National Laboratory and discuss current work in modeling the graph dynamics of traffic over the network. We consider global properties and local properties within the communication graph. A method for monitoring relative entropy on multiple correlated properties is discussed in detail.

  2. August 2012 CIP Report Focuses on Smart Grid Security

    Broader source: Energy.gov [DOE]

    The August 2012 issue of The CIP Report from George Mason University's Center for Infrastructure Protection and Homeland Security highlights the significance and challenges to securing the smart grid. The report includes an overview of smart grid security by Deputy Assistant Secretary Hank Kenchington and the findings for reducing cyber risks from the Workshop on Securing the Smart Grid: Best Practices in Supply Chain Security, Integrity, and Resilience.

  3. Engineering Energy Systems of the Future as Cyber-Physical Ecosystems

    E-Print Network [OSTI]

    Ilic, Marija D.

    · Examples of existing and evolving energy industry architectures as particular cases of cyber- physical architectures · The key role of liquid transparent information exchange and processing for arriving at desired solutions (Dynamic Energy Control Protocols ­DECPs) [2-6] · Major R&D questions - The challenge of posing

  4. Integrating Neuromuscular and Cyber Systems for Neural Control of Artificial Legs

    E-Print Network [OSTI]

    Sun, Yan Lindsay

    Integrating Neuromuscular and Cyber Systems for Neural Control of Artificial Legs He Huang, Yan (CPS) for neurally controlled artificial legs. The key to the new CPS system is the neural resulted in a highly accurate and reliable software system for neural control of artificial legs

  5. Accumulating Automata and Cascaded Equations Automata for Communicationless Information Theoretically Secure Multi-Party Computation

    E-Print Network [OSTI]

    number 428/11), Cabarnit Cyber Security MAGNET Consortium, Grant from the Institute for Future Defense;1 Introduction Secure multi-party computation (MPC) is a powerful concept in secure distributed computing Theoretically Secure Multi-Party Computation (Preliminary Report) Shlomi Dolev1 and Niv Gilboa2 and Ximing Li1 1

  6. Engineering Resilient Cyber-Physical Systems

    E-Print Network [OSTI]

    Engineering Resilient Cyber-Physical Systems Future Grid Thrust Area 6 White Paper Power Systems Engineering Research Center Empowering Minds to Engineer the Future Electric Energy System #12;Thrust Area 6 White Paper Engineering Resilient Cyber-Physical Systems Project Team Thomas J. Overbye University

  7. Cyber-Physical System Verification Embedded Systems Group

    E-Print Network [OSTI]

    Berns, Karsten

    (Felipe Bichued) 21 Introducing Simulation of Hybrid Systems with the Modelica Tool 32 #12;Cyber Physical

  8. AC 2010-2361: REU PROGRAM IN TELEMATICS AND CYBER PHYSICAL SYSTEMS: SHARING STRATEGIES, EXPERIENCE AND LESSONS LEARNED

    E-Print Network [OSTI]

    Mahmud, Syed Masud

    AC 2010-2361: REU PROGRAM IN TELEMATICS AND CYBER PHYSICAL SYSTEMS: SHARING STRATEGIES, EXPERIENCE processing, embedded systems, in-vehicle networking, performance analysis of networking protocols, secure of Electrical and Computer Engineer of Wayne State University. His research interests lie in distributed

  9. A Framework for Modeling Cyber-Physical Switching Attacks in Smart Grid

    E-Print Network [OSTI]

    Liu, Shan; Mashayekh, Salman; Kundur, Deepa; Zourntos, Takis; Butler-Purry, Karen

    2014-01-02T23:59:59.000Z

    and demonstrate how existence of the switching vulnerability is dependent on the local structure of the power grid. We identify and demonstrate how through successful cyber intrusion and local knowledge of the grid an opponent can compute and apply a coordinated... providing opponent(s) opportunities for remotely controlling physical power system components such as modern circuit breakers possibly via illicit security breaches and intrusion. Thus, our vulnerability is applicable to a smart grid system with remotely...

  10. Quantum Key Distribution with Qubit Pairs

    E-Print Network [OSTI]

    Mohd Asad Siddiqui; Tabish Qureshi

    2014-07-17T23:59:59.000Z

    We propose a new Quantum Key Distribution method in which Alice sends pairs of qubits to Bob, each in one of four possible states. Bob uses one qubit to generate a secure key and the other to generate an auxiliary key. For each pair he randomly decides which qubit to use for which key. The auxiliary key has to be added to Bob's secure key in order to match Alice's secure key. This scheme provides an additional layer of security over the standard BB84 protocol.

  11. Running Amok in Labyrinthine Systems: The Cyber-Behaviorist Origins of Soft Torture

    E-Print Network [OSTI]

    Lemov, Rebecca

    2011-01-01T23:59:59.000Z

    Labyrinthine Systems: The Cyber-Behaviorist Origins of SoftLabyrinthine Systems: The Cyber-Behaviorist Origins of Soft

  12. Protecting Intelligent Distributed Power Grids against Cyber Attacks

    SciTech Connect (OSTI)

    Dong Wei; Yan Lu; Mohsen Jafari; Paul Skare; Kenneth Rohde

    2010-12-31T23:59:59.000Z

    Like other industrial sectors, the electrical power industry is facing challenges involved with the increasing demand for interconnected operations and control. The electrical industry has largely been restructured due to deregulation of the electrical market and the trend of the Smart Grid. This moves new automation systems from being proprietary and closed to the current state of Information Technology (IT) being highly interconnected and open. However, while gaining all of the scale and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications for the power grid were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: (1) integration with existing, legacy systems in a non-intrusive fashion; (2) desirable performance in terms of modularity, scalability, extendibility, and manageability; (3) alignment to the 'Roadmap to Secure Control Systems in the Energy Sector' and the future smart grid. The on-site system test of the developed prototype security system is briefly presented as well.

  13. Quantum dense key distribution

    SciTech Connect (OSTI)

    Degiovanni, I.P.; Ruo Berchera, I.; Castelletto, S.; Rastello, M.L.; Bovino, F.A.; Colla, A.M.; Castagnoli, G. [Istituto Elettrotecnico Nazionale G. Ferraris, Strada delle Cacce 91, 10135 Torino (Italy); ELSAG SpA, Via Puccini 2, 16154, Genova (Italy)

    2004-03-01T23:59:59.000Z

    This paper proposes a protocol for quantum dense key distribution. This protocol embeds the benefits of a quantum dense coding and a quantum key distribution and is able to generate shared secret keys four times more efficiently than the Bennet-Brassard 1984 protocol. We hereinafter prove the security of this scheme against individual eavesdropping attacks, and we present preliminary experimental results, showing its feasibility.

  14. Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems

    SciTech Connect (OSTI)

    Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Melin, Alexander M [ORNL; Czejdo, Bogdan [ORNL

    2013-01-01T23:59:59.000Z

    The consolidation of cyber communications networks and physical control systems within the energy smart grid introduces a number of new risks. Unfortunately, these risks are largely unknown and poorly understood, yet include very high impact losses from attack and component failures. One important aspect of risk management is the detection of anomalies and changes. However, anomaly detection within cyber security remains a difficult, open problem, with special challenges in dealing with false alert rates and heterogeneous data. Furthermore, the integration of cyber and physical dynamics is often intractable. And, because of their broad scope, energy grid cyber-physical systems must be analyzed at multiple scales, from individual components, up to network level dynamics. We describe an improved approach to anomaly detection that combines three important aspects. First, system dynamics are modeled using a reduced order model for greater computational tractability. Second, a probabilistic and principled approach to anomaly detection is adopted that allows for regulation of false alerts and comparison of anomalies across heterogeneous data sources. Third, a hierarchy of aggregations are constructed to support interactive and automated analyses of anomalies at multiple scales.

  15. Approaches for scalable modeling and emulation of cyber systems : LDRD final report.

    SciTech Connect (OSTI)

    Mayo, Jackson R.; Minnich, Ronald G.; Armstrong, Robert C.; Rudish, Don W.

    2009-09-01T23:59:59.000Z

    The goal of this research was to combine theoretical and computational approaches to better understand the potential emergent behaviors of large-scale cyber systems, such as networks of {approx} 10{sup 6} computers. The scale and sophistication of modern computer software, hardware, and deployed networked systems have significantly exceeded the computational research community's ability to understand, model, and predict current and future behaviors. This predictive understanding, however, is critical to the development of new approaches for proactively designing new systems or enhancing existing systems with robustness to current and future cyber threats, including distributed malware such as botnets. We have developed preliminary theoretical and modeling capabilities that can ultimately answer questions such as: How would we reboot the Internet if it were taken down? Can we change network protocols to make them more secure without disrupting existing Internet connectivity and traffic flow? We have begun to address these issues by developing new capabilities for understanding and modeling Internet systems at scale. Specifically, we have addressed the need for scalable network simulation by carrying out emulations of a network with {approx} 10{sup 6} virtualized operating system instances on a high-performance computing cluster - a 'virtual Internet'. We have also explored mappings between previously studied emergent behaviors of complex systems and their potential cyber counterparts. Our results provide foundational capabilities for further research toward understanding the effects of complexity in cyber systems, to allow anticipating and thwarting hackers.

  16. US public perspectives on security :

    SciTech Connect (OSTI)

    Herron, Kerry Gale; Jenkins-Smith, Hank C.; Silva, Carol L.

    2012-02-01T23:59:59.000Z

    We report findings from a national Internet survey and a subset of questions administered by telephone in mid-2011 on public assessments of contemporary and emerging interstate nuclear threats, support for strategic arms control, and preferences for responding to limited nuclear attacks on the United States. Additionally, we analyze public views of the threat of terrorism, including cyber attacks, assessments of progress in the struggle against terrorism, and preferences for responding to an act of radiological terrorism against the United States. Also, we report findings from an Internet survey and a subset of questions administered by telephone among the American public in mid-2011 on US energy and environmental security. Key areas of investigation include public views on energy requirements, preferences for energy sources, energy conservation versus development, energy independence, implications of events at Fukushima, Japan, for US public support of nuclear generation, preferences for managing used nuclear fuel, and trust in nuclear risk assessments from government and other public sources. Where possible, findings from each survey are compared with previous surveys in this series for analyses of trends.

  17. Running head: A Systematic Approach to Secure System Design 1 Towards a More Systematic Approach to Secure Systems

    E-Print Network [OSTI]

    Aickelin, Uwe

    advice given to software system designers. A set of thirty nine cyber-security experts took part ratings of their components. We show that when aggregated, a coherent consensus view of security emerges of this is that the cybersecurity of information systems has become an increasing concern. Assessing the level of risk posed

  18. Naval Postgraduate School Cyber Academic Group Graduation Checklist for MS Cyber Systems and Operations (CSO) Degree

    E-Print Network [OSTI]

    Environment (3-2) ________ ___CY4700 Cyber Wargame: Blue Force Operations (2-5) ________ ___CY4710 Cyber Strategy & Policy (4-2) ________ ___NW3275 Joint Maritime Operations Part 1 (4-0) ________ ___NW3276 Joint and Operations (CSO) Degree 6208P Subspecialty Code (Effective for students commencing Fall AY11 to Winter AY13

  19. Exascale for Energy: The Role of Exascale Computing in Energy Security

    E-Print Network [OSTI]

    Authors, Various

    2010-01-01T23:59:59.000Z

    of exascale computing in energy security How will the Unitedand engineering. Energy security has two key dimensions:In today’s world, energy security, economic security,

  20. 240 IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 5, NO. 2, JUNE 2010 Information-Theoretically Secret Key Generation for

    E-Print Network [OSTI]

    Mandayam, Narayan

    -Theoretically Secret Key Generation for Fading Wireless Channels Chunxuan Ye, Suhas Mathur, Alex Reznik, Yogendra Shah as the basis for building practical secret key gener- ation protocols between two entities. We begin boundaries and a heuristic log likelihood ratio estimate to achieve an improved secret key generation rate

  1. Investigating the effectiveness of many-core network processors for high performance cyber protection systems. Part I, FY2011.

    SciTech Connect (OSTI)

    Wheeler, Kyle Bruce; Naegle, John Hunt; Wright, Brian J.; Benner, Robert E., Jr.; Shelburg, Jeffrey Scott; Pearson, David Benjamin; Johnson, Joshua Alan; Onunkwo, Uzoma A.; Zage, David John; Patel, Jay S.

    2011-09-01T23:59:59.000Z

    This report documents our first year efforts to address the use of many-core processors for high performance cyber protection. As the demands grow for higher bandwidth (beyond 1 Gbits/sec) on network connections, the need to provide faster and more efficient solution to cyber security grows. Fortunately, in recent years, the development of many-core network processors have seen increased interest. Prior working experiences with many-core processors have led us to investigate its effectiveness for cyber protection tools, with particular emphasis on high performance firewalls. Although advanced algorithms for smarter cyber protection of high-speed network traffic are being developed, these advanced analysis techniques require significantly more computational capabilities than static techniques. Moreover, many locations where cyber protections are deployed have limited power, space and cooling resources. This makes the use of traditionally large computing systems impractical for the front-end systems that process large network streams; hence, the drive for this study which could potentially yield a highly reconfigurable and rapidly scalable solution.

  2. SMB Information Security Seminar (2013) Exercise 4 Actions taken to maintain awareness of

    E-Print Network [OSTI]

    Magee, Joseph W.

    2013-01-01T23:59:59.000Z

    SMB Information Security Seminar (2013) Exercise 4 Actions taken to maintain awareness of threats note of the data security issues covered in these publications. Ask yourself "Is my business vulnerable network with your peers, talk about cyber security issues. Give and get advice, hints, tips, etc. 4. Make

  3. Long Response to Scheuer-Yariv: "A Classical Key-Distribution System based on Johnson (like) noise - How Secure?", physics/0601022

    E-Print Network [OSTI]

    Laszlo B. Kish

    2006-07-28T23:59:59.000Z

    This is the longer (partially unpublished) version of response; the shorter version (http://arxiv.org/abs/physics/0605013) is published in Physics Letters A. We point out that the claims in the comment-paper of Scheuer and Yariv are either irrelevant or incorrect. We first clarify what the security of a physically secure layer means. The idealized Kirchoff-loop-Johnson-like-noise (KLJN) scheme is totally secure therefore it is more secure than idealized quantum communication schemes which can never be totally secure because of the inherent noise processes in those communication schemes and the statistical nature of eavesdropper detection based on error statistics. On the other hand, with sufficient resources, a practical/non-ideal realization of the KLJN cipher can arbitrarily approach the idealized limit and outperform even the idealized quantum communicator schemes because the non-ideality-effects are determined and controlled by the design. The cable resistance issue analyzed by Scheuer and Yariv is a good example for that because the eavesdropper has insufficient time window to build a sufficient statistics and the actual information leak can be designed. We show that Scheuer's and Yariv's numerical result of 1% voltage drop supports higher security than that of quantum communicators. Moreover, choosing thicker or shorter wires can arbitrarily reduce this voltage drop further; the same conclusion holds even according to the equations of Scheuer and Yariv.

  4. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05T23:59:59.000Z

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09. Canceled by DOE O 205.1B.

  5. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05T23:59:59.000Z

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  6. Security Controls for Unclassified Information Systems Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-05T23:59:59.000Z

    The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Does not cancel other directives. Canceled by DOE O 205.1B

  7. cyber

    National Nuclear Security Administration (NNSA)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742EnergyOn AprilA Approved:AdministrationAnalysisDarby Dietrich5 |0/%2A en6/%2A en2/%2A en8/%2A

  8. A Mathematical Framework for the Analysis of Cyber-Resilient Control Systems

    SciTech Connect (OSTI)

    Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Fugate, David L [ORNL; Kisner, Roger [ORNL

    2013-01-01T23:59:59.000Z

    The increasingly recognized vulnerability of industrial control systems to cyber-attacks has inspired a considerable amount of research into techniques for cyber-resilient control systems. The majority of this effort involves the application of well known information security (IT) techniques to control system networks. While these efforts are important to protect the control systems that operate critical infrastructure, they are never perfectly effective. Little research has focused on the design of closed-loop dynamics that are resilient to cyber-attack. The majority of control system protection measures are concerned with how to prevent unauthorized access and protect data integrity. We believe that the ability to analyze how an attacker can effect the closed loop dynamics of a control system configuration once they have access is just as important to the overall security of a control system. To begin to analyze this problem, consistent mathematical definitions of concepts within resilient control need to be established so that a mathematical analysis of the vulnerabilities and resiliencies of a particular control system design methodology and configuration can be made. In this paper, we propose rigorous definitions for state awareness, operational normalcy, and resiliency as they relate to control systems. We will also discuss some mathematical consequences that arise from the proposed definitions. The goal is to begin to develop a mathematical framework and testable conditions for resiliency that can be used to build a sound theoretical foundation for resilient control research.

  9. Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design

    E-Print Network [OSTI]

    Pasqualetti, Fabio; Bullo, Francesco

    2012-01-01T23:59:59.000Z

    Cyber-physical systems integrate computation, communication, and physical capabilities to interact with the physical world and humans. Besides failures of components, cyber-physical systems are prone to malicious attacks so that specific analysis tools and monitoring mechanisms need to be developed to enforce system security and reliability. This paper builds upon the results presented in our companion paper [1] and proposes centralized and distributed monitors for attack detection and identification. First, we design optimal centralized attack detection and identification monitors. Optimality refers to the ability of detecting (respectively identifying) every detectable (respectively identifiable) attack. Second, we design an optimal distributed attack detection filter based upon a waveform relaxation technique. Third, we show that the attack identification problem is computationally hard, and we design a sub-optimal distributed attack identification procedure with performance guarantees. Finally, we illustr...

  10. National Security Initiatives | ORNL

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOE Office of Science (SC)Integrated CodesTransparency VisitSilver Toyota1Resource forNational Cyber Security

  11. Sandia Energy - Cyber Engineering Research Laboratory (CERL)

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOE Office of Scienceand RequirementsCoatings Initiated at PNNL's SequimReactors To ReceiveCyber HomeCyber

  12. Information Security Guide

    E-Print Network [OSTI]

    Information Security Guide For Government Executives Pauline Bowen Elizabeth Chew Joan Hash #12; Table of Contents Introduction 1 Why do I need to invest in information security? 2 Where do I need to focus my attention in accomplishing critical information security goals? 4 What are the key activities

  13. Practical quantum key distribution over 60 hours at an optical fiber distance of 20km using weak and vacuum decoy pulses for enhanced security

    E-Print Network [OSTI]

    J. F. Dynes; Z. L. Yuan; A. W. Sharpe; A. J. Shields

    2011-04-15T23:59:59.000Z

    Experimental one-way decoy pulse quantum key distribution running continuously for 60 hours is demonstrated over a fiber distance of 20km. We employ a decoy protocol which involves one weak decoy pulse and a vacuum pulse. The obtained secret key rate is on average over 10kbps. This is the highest rate reported using this decoy protocol over this fiber distance and duration.

  14. Abstract--Network security against possible attacks involves making decisions under uncertainty. Not only may one be

    E-Print Network [OSTI]

    ], security in wireless networks [12], [13] and cyber-security [14], [15], [16]. In [17] the readers can find1 Abstract--Network security against possible attacks involves making decisions under uncertainty for a further DDoS (Distributed Denial of Service) botnet attack on servers). Due to limited defense

  15. authenticated key agreement: Topics by E-print Network

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    desirable attributes. Index Terms--Mutual Authentication; Key Management; SRP; Security; Smart Meter; Smart Leung, Victor C.M. 53 On the security of some password-based key...

  16. authenticated key exchange: Topics by E-print Network

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    desirable attributes. Index Terms--Mutual Authentication; Key Management; SRP; Security; Smart Meter; Smart Leung, Victor C.M. 56 Authentication and Key Agreement via Memorable...

  17. Foreign National Access to DOE Cyber Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1999-11-01T23:59:59.000Z

    DOE N 205.16, dated 9-15-05, extends this Notice until 9-30-06, unless sooner rescinded. To ensure foreign national access to DOE cyber systems continues to advance DOE program objectives while enforcing information access restrictions.

  18. Safety and Security What do Safety/Security work with?

    E-Print Network [OSTI]

    Safety and Security on campus #12;Agenda · What do Safety/Security work with? · If something happens · Opening hours · Remember · Website · How to find us #12;The Section for Safety and Security work with; · Security revolving work environment · Handle locks, keys, alarms, surveillance · Responsible

  19. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect (OSTI)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01T23:59:59.000Z

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  20. Cyber-T web server: differential analysis of high-throughput data

    E-Print Network [OSTI]

    Kayala, M. A; Baldi, P.

    2012-01-01T23:59:59.000Z

    10.1093/nar/gks420 Cyber-T web server: differential analysisin the Cyber-T web server, is one of the most widelyan update to the Cyber-T web server, incorporating several

  1. SuperIdentity: Fusion of Identity across Real and Cyber Domains

    SciTech Connect (OSTI)

    Black, Sue; Creese, Sadie; Guest, Richard; Pike, William A.; Saxby, Steven; Stanton Fraser, Danae; Stevenage, Sarah; Whitty, Monica

    2012-04-23T23:59:59.000Z

    Under both benign and malign circumstances, people now manage a spectrum of identities across both real-world and cyber domains. Our belief, however, is that all these instances ultimately track back for an individual to reflect a single 'SuperIdentity'. This paper outlines the assumptions underpinning the SuperIdentity Project, describing the innovative use of data fusion to incorporate novel real-world and cyber cues into a rich framework appropriate for modern identity. The proposed combinatorial model will support a robust identification or authentication decision, with confidence indexed both by the level of trust in data provenance, and the diagnosticity of the identity factors being used. Additionally, the exploration of correlations between factors may underpin the more intelligent use of identity information so that known information may be used to predict previously hidden information. With modern living supporting the 'distribution of identity' across real and cyber domains, and with criminal elements operating in increasingly sophisticated ways in the hinterland between the two, this approach is suggested as a way forwards, and is discussed in terms of its impact on privacy, security, and the detection of threat.

  2. National cyber defense high performance computing and analysis : concepts, planning and roadmap.

    SciTech Connect (OSTI)

    Hamlet, Jason R.; Keliiaa, Curtis M.

    2010-09-01T23:59:59.000Z

    There is a national cyber dilemma that threatens the very fabric of government, commercial and private use operations worldwide. Much is written about 'what' the problem is, and though the basis for this paper is an assessment of the problem space, we target the 'how' solution space of the wide-area national information infrastructure through the advancement of science, technology, evaluation and analysis with actionable results intended to produce a more secure national information infrastructure and a comprehensive national cyber defense capability. This cybersecurity High Performance Computing (HPC) analysis concepts, planning and roadmap activity was conducted as an assessment of cybersecurity analysis as a fertile area of research and investment for high value cybersecurity wide-area solutions. This report and a related SAND2010-4765 Assessment of Current Cybersecurity Practices in the Public Domain: Cyber Indications and Warnings Domain report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

  3. OIA: Office of Contract Assurance: Assurance Systems: Cyber Security...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    (QA) It is the policy of the Ernest Orlando Lawrence Berkeley National Laboratory (LBNL) to carry out all activities in a reliable, safe and quality manner. To help fulfill...

  4. DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS...

    Broader source: Energy.gov (indexed) [DOE]

    incident characterization (i.e., Type 1 or Type 2) and categorization (i.e., low, medium, high, or very high). * Respond to and report incidents within mandated timeframes...

  5. Implementation of a Cyber Secure Control System, Critical Elements...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    - For SPIDERS II - Collaborative Intelligence - Fail safe operation Auto-optimization - Meets user needs (cost, efficiency, emissions) Inherent Resiliency - Multiple...

  6. Cyber Security Audit and Attack Detection Toolkit: Bandolier and

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011AT&T,Office of Policy, OAPM | Department of Energy Current5 by ISA -

  7. Cyber Security Evaluations Appraisal Process Guide - April 2008 |

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011AT&T,Office of Policy, OAPM | Department of Energy Current5 by ISA -Department of

  8. DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS |

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011AT&T,Office of Policy, OAPM | DepartmentIOffshoreDepartmentBegins Demoltion

  9. Office of Electricity Delivery and Energy Reliability Cyber Security

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are being directed offOCHCO2:Introduction toManagementOPAM PolicyOf Environmental Management MajorElectricity

  10. Before the House Subcommittee on Emerging Threats, Cyber Security and

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't Your Destiny: The FutureComments fromofBatteries fromEnvironment |Energy Henry

  11. Cyber Security Expert Jim Mellander Retires from NERSC

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625govInstrumentstdmadapInactiveVisitingContract Management Fermi Site OfficeCoursePublicCurrentCurtis C.

  12. Common Cyber Security Vulnerabilities Observed in Control System

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 111 1,613PortsmouthBartlesville EnergyDepartment. CashDay-JuneOffice of

  13. Cyber Assessment Methods for SCADA Security | Department of Energy

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 111 1,613PortsmouthBartlesvilleAbout » Contact UsDepartment of Energy Cut Gas Costs

  14. Lessons Learned from Cyber Security Assessments of SCADA and Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't YourTransport(FactDepartment ofLetter Report:40PMDepartment ofs o u t h e22

  15. INL Cyber Security Research (2008) | Department of Energy

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742Energy ChinaofSchaefer To:Department ofOral TestimonyEnergyFindingINFORMATION ON THE

  16. Strategy for Improvements in Cyber Security | Department of Energy

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are being directed offOCHCO Overview OCHCO OverviewRepositoryManagementFacility inStatementDepartmentPrograms

  17. 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are being directed off Energy.gov. Are you0 ARRA Newsletters 2010 ARRA Newsletters American20122Awareness

  18. The Department's Unclassified Cyber Security Program 2002, IG-0567

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33Frequently AskedEnergyIssuesEnergy Solar Decathlon2001 PowerofUse of U.S.

  19. Evaluation Report on The Department's Unclassified Cyber Security Program

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are being directed offOCHCO2: Final EnvironmentalCounties,United Statesof6Research &andUniversityEnergy2002,

  20. Lab hosts multi-lab cyber security games

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOE Office of Science (SC)Integrated Codes |Is Your Home asLCLS ExperimentalFive R&D awards formuonLab hosts

  1. The Department's Cyber Security Incident Management Program, IG-0787 |

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are being directedAnnual Siteof Energy 2, 2015 - JanuaryTank 48HPublic Dissemination of U.S. Department

  2. Continuous Monitoring And Cyber Security For High Performance Computing |

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOEThe Bonneville Power Administration would likeConstitution And Bylaws |ContactFlow Diffusion ChamberSciTech

  3. Control Systems Cyber Security: Defense in Depth Strategies | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't Your Destiny: Theof"Wave theJuly 30, 2013 Sanyo:March 2013) 1Department ofReserveEnergy

  4. Cyber Assessment Methods for SCADA Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't Your Destiny: Theof"Wave theJuly 30,Crafty Gifts forHeavy-Duty| DepartmentAir

  5. Lessons Learned from Cyber Security Assessments of SCADA and Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page onYouTube YouTube Note: Since the.pdfBreaking ofOil & Gas »of EnergyLearningMarch 2015 Lessons LearnedManagement

  6. Common Cyber Security Vulnerabilities Observed in Control System

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't Your Destiny: Theof"Wave the WhiteNational| Department ofCommittee Report for

  7. of Western Area Power Administration's Cyber Security Program

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33Frequently20,000 Russian Nuclearand Characterization ofC u r r e n t I s s u e s C u r r

  8. Department of Energy's July 2013 Cyber Security Breach

    Energy Savers [EERE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page onYou are now leaving Energy.gov You are now leaving Energy.gov You are being directed off Energy.gov. Are you0andEnergyGlobal Nuclearof aDepartment oftheAL 2010-5Department ofSpecial

  9. INL Cyber Security Research (2008) | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page onYouTube YouTube Note: Since the.pdfBreaking of Blythe SolarContaminationCurrentHydronic71INFOGRAPHIC: Wind EnergyINL

  10. NNSA Seeking Comments on Consolidated IT and Cyber Security Support

    Broader source: Energy.gov (indexed) [DOE]

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742Energy China 2015of 2005 attheMohammed Khan - TechnologyJanuary 29,guidanceDepartment

  11. The Department's Unclassified Cyber Security Program - 2012, IG-0877

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page onYouTube YouTube Note: Since the.pdfBreakingMayDepartmentTest for Pumping SystemDepartmentDepartment ofEvaluation Report

  12. Management of Naval Reactors' Cyber Security Program, OIG-0884

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't YourTransport(FactDepartment ofLetterEconomyDr.Energy University ofOverviewManagement of

  13. NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33Frequently Asked QuestionsDepartment of Energy 3ServicesNEET FYNETLAwardNIF

  14. NNSA Seeking Comments on Consolidated IT and Cyber Security Support

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33Frequently Asked QuestionsDepartment of Energy 3ServicesNEETfor Acquisition andServices Draft

  15. Quantum key distribution with key extracted from basis information

    E-Print Network [OSTI]

    Xiongfeng Ma

    2014-10-20T23:59:59.000Z

    In conventional quantum key distribution protocols, the secure key is normally extracted from the measurement outcomes of the system. Here, a different approach is proposed, where the secure key is extracted from the measurement bases, rather than outcomes. Compared to the original Bennett-Brassard-1984 protocol, the proposed protocol involves no hardware change but modifications in data postprocessing. We show that this protocol is more robust against detector efficiency attacks and photon-number-splitting attacks when practical detectors and photon sources are used.

  16. Supervisory Control Strategies for Enhancing System Security and Privacy Christoforos N. Hadjicostis

    E-Print Network [OSTI]

    Hadjicostis, Christoforos

    cyber-infrastructures (ranging from defense and banking to health care and power distribution sys- temsSupervisory Control Strategies for Enhancing System Security and Privacy Christoforos N. Hadjicostis Abstract-- Enhancing the security and reliability of auto- mated systems that control vital

  17. Towards a Secure Email Service for The Future Muhammad Shoaib Saleem and Eric Renault

    E-Print Network [OSTI]

    Paris-Sud XI, Université de

    content distribution, user privacy and security, naming and addressing, routing and name resolutionTowards a Secure Email Service for The Future Internet Muhammad Shoaib Saleem and ´Eric Renault.renault}@it-sudparis.eu Abstract--Email is one of the most used application over the Internet and it is vulnerable to cyber attacks

  18. Assessing Power Substation Network Security and Survivability: A Work in Progress Report1

    E-Print Network [OSTI]

    Krings, Axel W.

    critical infrastructure systems identified was the electric power grid since this system supports all other: Cyber security, electric power security, assessment techniques 1. Introduction The on-going problem non-military infrastructures. Power grid vulnerabilities and mitigations were documented in the PCCIP

  19. SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems

    E-Print Network [OSTI]

    Johansson, Karl Henrik

    . I. INTRODUCTION THE electric power transmission system is probably the most vital infrastructure] proposed a framework in order to clarify the interaction between the power system and the IT infrastructure are with the Power Systems Laboratory, Department of Electrical Engineering, Swiss Federal Institute of Technology

  20. Microsoft Word - Cyber Effects Analysis Using VCSE 09.doc

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Unlimited Release Printed September 2008 Cyber Effects Analysis Using VCSE Promoting Control System Reliability Michael J. McDonald, Gregory N. Conrad, Travis C. Service, Regis...

  1. The NIAC Convergence of Physical and Cyber Technbologies and...

    Energy Savers [EERE]

    and cyber technologies for Supervisory Control and Data Acquisition (SCADA) and process control systems and their consolidated network management. The Working Group convened a...

  2. Security Policies as the Foundation for Cryptographic

    E-Print Network [OSTI]

    Security Policies as the Foundation for Cryptographic Key Management Elaine Barker, CKMS Project to Layered Security Policies ­ From Information Management to Key Mngt. ­ From Dept. of Com. To NIST Employees · Security Domains ­ Simple to Complex · Key Management ­ Static to Configurable to Dynamic

  3. Quantitative Cyber Risk Reduction Estimation Methodology for a Small Scada Control System

    SciTech Connect (OSTI)

    Miles A. McQueen; Wayne F. Boyer; Mark A. Flynn; George A. Beitel

    2006-01-01T23:59:59.000Z

    We propose a new methodology for obtaining a quick quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.

  4. Agent-based Cyber Control Strategy Design for Resilient Control Systems: Concepts, Architecture and Methodologies

    SciTech Connect (OSTI)

    Craig Rieger; Milos Manic; Miles McQueen

    2012-08-01T23:59:59.000Z

    The implementation of automated regulatory control has been around since the middle of the last century through analog means. It has allowed engineers to operate the plant more consistently by focusing on overall operations and settings instead of individual monitoring of local instruments (inside and outside of a control room). A similar approach is proposed for cyber security, where current border-protection designs have been inherited from information technology developments that lack consideration of the high-reliability, high consequence nature of industrial control systems. Instead of an independent development, however, an integrated approach is taken to develop a holistic understanding of performance. This performance takes shape inside a multiagent design, which provides a notional context to model highly decentralized and complex industrial process control systems, the nervous system of critical infrastructure. The resulting strategy will provide a framework for researching solutions to security and unrecognized interdependency concerns with industrial control systems.

  5. COST FUNCTIONS FOR SCHEDULING TASKS IN CYBER-PHYSICAL SYSTEMS

    E-Print Network [OSTI]

    Massachusetts at Amherst, University of

    COST FUNCTIONS FOR SCHEDULING TASKS IN CYBER-PHYSICAL SYSTEMS Abhinna Jain, C.M. Krishna, Israel, cost functions, controlled plant dynamics Abstract: In Cyber Physical Systems (CPS), computational response times are different. In this paper, we consider using cost functions of task response time

  6. Cyber Threat Trees for Large System Threat Cataloging and Analysis*

    E-Print Network [OSTI]

    Thornton, Mitchell

    Cyber Threat Trees for Large System Threat Cataloging and Analysis* P. Ongsakorn, K. Turney, M, kturney, mitch, nair, szygenda, manikas}@lyle.smu.edu Abstract--The implementation of cyber threat. Because large systems have many possible threats that may be interdependent, it is crucial

  7. Attack Detection and Identification in Cyber-Physical Systems

    E-Print Network [OSTI]

    Bullo, Francesco

    Attack Detection and Identification in Cyber-Physical Systems Fabio Pasqualetti, Florian D of unforeseen failures and external malicious attacks. In this paper (i) we propose a mathematical framework for cyber- physical systems, attacks, and monitors; (ii) we characterize fundamental monitoring limitations

  8. Open Cyber-Architecture for Electrical Energy Markets

    E-Print Network [OSTI]

    Gunes, Mehmet Hadi

    and robust power grid, which is less vulnerable to blackouts due to cascaded events, this paper discusses-owner infrastructure systems are many, we focus on the power grid in this paper. We propose an "Open CyberOpen Cyber-Architecture for Electrical Energy Markets M. Yuksel, K. Bekris, C. Y. Evrenosoglu, M. H

  9. Utility Security & Resiliency: Working Together

    Broader source: Energy.gov [DOE]

    Presentation—given at the Federal Utility Partnership Working Group (FUPWG) Fall 2008 meeting—discusses Edison Electric Institute (EEI), including its key security objectives, key activities, cybersecurity activities, and spare transformer equipment program (STEP).

  10. Cryptographic Key Management System

    SciTech Connect (OSTI)

    No, author

    2014-02-21T23:59:59.000Z

    This report summarizes the outcome of U.S. Department of Energy (DOE) contract DE-OE0000543, requesting the design of a Cryptographic Key Management System (CKMS) for the secure management of cryptographic keys for the energy sector infrastructure. Prime contractor Sypris Electronics, in collaboration with Oak Ridge National Laboratories (ORNL), Electric Power Research Institute (EPRI), Valicore Technologies, and Purdue University's Center for Education and Research in Information Assurance and Security (CERIAS) and Smart Meter Integration Laboratory (SMIL), has designed, developed and evaluated the CKMS solution. We provide an overview of the project in Section 3, review the core contributions of all contractors in Section 4, and discuss bene#12;ts to the DOE in Section 5. In Section 6 we describe the technical construction of the CKMS solution, and review its key contributions in Section 6.9. Section 7 describes the evaluation and demonstration of the CKMS solution in different environments. We summarize the key project objectives in Section 8, list publications resulting from the project in Section 9, and conclude with a discussion on commercialization in Section 10 and future work in Section 11.

  11. Development and Demonstration of a Security Core Component

    SciTech Connect (OSTI)

    Turke, Andy

    2014-02-28T23:59:59.000Z

    In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more data about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from “normal,” CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSM’s built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that “real world” training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipient’s SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.

  12. Engineering secure software 

    E-Print Network [OSTI]

    Jetly, Prateek

    2001-01-01T23:59:59.000Z

    breaches in the operating environment. Security breaches resulting from misuse or tnisconfiguration of the program should not be blamed on the software. T'his is a debatable position. A security breach that results from an unintentional enor... units with public key algorithms, private keys, and certificates. Any attempt to access or modify the data in these devices will render them unusable. The device contains software tools. These devices use the computer they reside on as a general...

  13. Certification and Accreditation Process for Information Systems Including National Security Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19T23:59:59.000Z

    The Notice ensures the effectiveness of security controls on DOE Federal information systems including national security systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. No cancellations. DOE N 205.15, dated 3-18-05, extends this directive until 3-18-06.

  14. Cyber Train Videos | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625govInstrumentstdmadapInactiveVisitingContract Management Fermi Site OfficeCoursePublicCurrentCurtis C.Cyber Train

  15. Office of Cyber Assessments | Department of Energy

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 111 1,613 122Commercial602 1,39732onMake YourDepartment ofC T O B EOff-GridCyber Assessments

  16. Sandia Energy - Cyber-Based Vulnerability Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOE Office of Scienceand RequirementsCoatings Initiated at PNNL's SequimReactors To ReceiveCyber

  17. Cyber Train Complete Training | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOEThe Bonneville Power Administration would likeConstitution4Customer-Comments Sign In About |Cyber

  18. Cyber Train Overview | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645U.S. DOEThe Bonneville Power Administration would likeConstitution4Customer-Comments Sign In About |Cyber

  19. Quantum Key Distribution with Screening and Analyzing

    E-Print Network [OSTI]

    Won-Ho Kye

    2006-10-04T23:59:59.000Z

    We propose a quantum key distribution scheme by using screening angles and analyzing detectors which enable to notice the presence of Eve who eavesdrops the quantum channel, as the revised protocol of the recent quantum key distribution [Phys. Rev. Lett. 95, 040501 (2005)]. We discuss the security of the proposed quantum key distribution against various attacks including impersonation attack and Trojan Horse attack.

  20. Terry Benzel, Bob Braden, Dongho Kim, Cliford Neuman. Anthony Joseph and Keith Sklower Ron Ostrenga and Stephen Schwab, Experience with DETER: A Testbed for Security Research. 2nd IEEE Conference on testbeds and Research Infrastructures for the

    E-Print Network [OSTI]

    Joseph, Anthony D.

    network attacks such as distributed denial of service, worms, and viruses. These cyber-security problems and Stephen Schwab, Experience with DETER: A Testbed for Security Research. 2nd IEEE Conference on testbeds 2006 IEEE EXPERIENCE WITH DETER: A TESTBED FOR SECURITY RESEARCH Terry Benzel, Robert Braden, Dongho

  1. SWOON: A Testbed for Secure Wireless Overlay Networks Y. L. Huang, J. D. Tygar, H. Y. Lin, L. Y. Yeh, H. Y. Tsai, K. Sklower, S. P. Shieh, C. C. Wu,

    E-Print Network [OSTI]

    Tygar, Doug

    SWOON: A Testbed for Secure Wireless Overlay Networks Y. L. Huang, J. D. Tygar, H. Y. Lin, L. Y There is strong demand for solutions to security problems in various wireless networks, such as WiFi, WiMAX, 3GPP heterogeneous wireless networks, such as WSN, WiMAX or 3GPP. 1 Introduction Cyber-security problems need special

  2. Modeling Cyber Conflicts Using an Extended Petri Net Formalism

    SciTech Connect (OSTI)

    Zakrzewska, Anita N [ORNL; Ferragut, Erik M [ORNL

    2011-01-01T23:59:59.000Z

    When threatened by automated attacks, critical systems that require human-controlled responses have difficulty making optimal responses and adapting protections in real- time and may therefore be overwhelmed. Consequently, experts have called for the development of automatic real-time reaction capabilities. However, a technical gap exists in the modeling and analysis of cyber conflicts to automatically understand the repercussions of responses. There is a need for modeling cyber assets that accounts for concurrent behavior, incomplete information, and payoff functions. Furthermore, we address this need by extending the Petri net formalism to allow real-time cyber conflicts to be modeled in a way that is expressive and concise. This formalism includes transitions controlled by players as well as firing rates attached to transitions. This allows us to model both player actions and factors that are beyond the control of players in real-time. We show that our formalism is able to represent situational aware- ness, concurrent actions, incomplete information and objective functions. These factors make it well-suited to modeling cyber conflicts in a way that allows for useful analysis. MITRE has compiled the Common Attack Pattern Enumera- tion and Classification (CAPEC), an extensive list of cyber attacks at various levels of abstraction. CAPEC includes factors such as attack prerequisites, possible countermeasures, and attack goals. These elements are vital to understanding cyber attacks and to generating the corresponding real-time responses. We demonstrate that the formalism can be used to extract precise models of cyber attacks from CAPEC. Several case studies show that our Petri net formalism is more expressive than other models, such as attack graphs, for modeling cyber conflicts and that it is amenable to exploring cyber strategies.

  3. Dynamic Key Ring Update Mechanism for Mobile Wireless Sensor Networks

    E-Print Network [OSTI]

    Yanikoglu, Berrin

    @sabanciuniv.edu Abstract--Key distribution is an important issue to provide security in Wireless Sensor Networks (WSNs. For the performance evaluation basis, we used our mechanism together with a location based key pre-distribution scheme Terms--mobile wireless sensor networks, key ring update, security, resiliency, connectivity I

  4. Security Policy

    Broader source: Energy.gov [DOE]

    The Office of Security Policy analyzes, develops and interprets safeguards and security policy governing national security functions and the protection of related critical assets entrusted to the...

  5. Real-Time SCADA Cyber Protection Using Compression Techniques

    SciTech Connect (OSTI)

    Lyle G. Roybal; Gordon H Rueff

    2013-11-01T23:59:59.000Z

    The Department of Energy’s Office of Electricity Delivery and Energy Reliability (DOE-OE) has a critical mission to secure the energy infrastructure from cyber attack. Through DOE-OE’s Cybersecurity for Energy Delivery Systems (CEDS) program, the Idaho National Laboratory (INL) has developed a method to detect malicious traffic on Supervisory, Control, and Data Acquisition (SCADA) network using a data compression technique. SCADA network traffic is often repetitive with only minor differences between packets. Research performed at the INL showed that SCADA network traffic has traits desirable for using compression analysis to identify abnormal network traffic. An open source implementation of a Lempel-Ziv-Welch (LZW) lossless data compression algorithm was used to compress and analyze surrogate SCADA traffic. Infected SCADA traffic was found to have statistically significant differences in compression when compared against normal SCADA traffic at the packet level. The initial analyses and results are clearly able to identify malicious network traffic from normal traffic at the packet level with a very high confidence level across multiple ports and traffic streams. Statistical differentiation between infected and normal traffic level was possible using a modified data compression technique at the 99% probability level for all data analyzed. However, the conditions tested were rather limited in scope and need to be expanded into more realistic simulations of hacking events using techniques and approaches that are better representative of a real-world attack on a SCADA system. Nonetheless, the use of compression techniques to identify malicious traffic on SCADA networks in real time appears to have significant merit for infrastructure protection.

  6. Ruminati : modeling the detection of textual cyber-bullying

    E-Print Network [OSTI]

    Dinakar, Karthik

    2012-01-01T23:59:59.000Z

    The scourge of cyber-bullying has received widespread attention at all levels of society including parents, educators, adolescents, social scientists, psychiatrists and policy makers at the highest echelons of power. ...

  7. Cyber Vulnerability Disclosure Policies for the Department of Electrical and

    E-Print Network [OSTI]

    Manimaran, Govindarasu

    Cyber Vulnerability Disclosure Policies for the Smart Grid Adam Hahn Department of Electrical ATTRIBUTES The "Vulnerability Disclosure Framework" developed by the National Infrastructure Advisory Council Department of Electrical and Computer Engineering Iowa State University Ames, IA 50011 Email: gmani

  8. Integration of wireless sensor networks in environmental monitoring cyber infrastructure

    E-Print Network [OSTI]

    Huang, Yan

    Integration of wireless sensor networks in environmental monitoring cyber infrastructure Jue Yang Ă? to revolutionize many science and engineering domains. We present a novel environmental monitoring system collection, management, visualization, dissemination, and exchange, conforming to the new Sensor Web

  9. An Immune-Inspired Approach to Anomaly Detection Jamie Twycross, University of Nottingham, UK

    E-Print Network [OSTI]

    Aickelin, Uwe

    that provides a large distributed computer network with a high degree of survivability. He proposes that a cyber-security. The short position paper of Morel (2002) discusses the general design of cyber-security systems the adaptive immune system. An effective cyber-security system should emulate key features, most importantly

  10. Pantex Plant Achieves Key Safety Milestone Ahead of Schedule...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Achieves Key Safety Milestone Ahead of Schedule | National Nuclear Security Administration Facebook Twitter Youtube Flickr RSS People Mission Managing the Stockpile Preventing...

  11. Key recycling in authentication

    E-Print Network [OSTI]

    Christopher Portmann

    2014-09-29T23:59:59.000Z

    In their seminal work on authentication, Wegman and Carter propose that to authenticate multiple messages, it is sufficient to reuse the same hash function as long as each tag is encrypted with a one-time pad. They argue that because the one-time pad is perfectly hiding, the hash function used remains completely unknown to the adversary. Since their proof is not composable, we revisit it using a composable security framework. It turns out that the above argument is insufficient: if the adversary learns whether a corrupted message was accepted or rejected, information about the hash function is leaked, and after a bounded finite amount of rounds it is completely known. We show however that this leak is very small: Wegman and Carter's protocol is still $\\epsilon$-secure, if $\\epsilon$-almost strongly universal$_2$ hash functions are used. This implies that the secret key corresponding to the choice of hash function can be reused in the next round of authentication without any additional error than this $\\epsilon$. We also show that if the players have a mild form of synchronization, namely that the receiver knows when a message should be received, the key can be recycled for any arbitrary task, not only new rounds of authentication.

  12. IBM Internet Security Systems Threat Insight Monthly

    E-Print Network [OSTI]

    the Report 01 Keylogging, by the numbers 02 Securing the Secure Shell ­ Advanced user authentication and key Page 1 #12;Keylogging, by the numbers Introduction During the course of malware analysis, especially

  13. Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks

    SciTech Connect (OSTI)

    Hartman, Steven M [ORNL] [ORNL

    2012-01-01T23:59:59.000Z

    Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both of these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.

  14. Anthem Cyber Attack: Information and Call-in Phone Number | Jefferson...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Anthem Cyber Attack: Information and Call-in Phone Number Colleagues, As you may have heard by now, Anthem was the latest victim of a cyber attack. Anthem reports that they were...

  15. Process Control Systems in the Chemical Industry: Safety vs. Security

    SciTech Connect (OSTI)

    Jeffrey Hahn; Thomas Anderson

    2005-04-01T23:59:59.000Z

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  16. Quantum Key Distribution by Utilizing Four-Level Particles

    E-Print Network [OSTI]

    Tao Yan; Fengli Yan

    2010-02-09T23:59:59.000Z

    We present a quantum key distribution protocol based on four-level particles entanglement. Furthermore, a controlled quantum key distribution protocol is proposed by utilizing three four-level particles. We show that the two protocols are secure.

  17. actual key success: Topics by E-print Network

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    key exchange over an insecure channel. The security of the proposed algorithm grows as NPm, where M, P are the size of the key and the computational commplexity fo the linear...

  18. access technologies key: Topics by E-print Network

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    key exchange over an insecure channel. The security of the proposed algorithm grows as NPm, where M, P are the size of the key and the computational commplexity fo the linear...

  19. GAO-06-811 Information Security: Coordination of Federal Cyber Security Research and Development

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your Density Isn't YourTransport inEnergy0.pdfTechnologies ProgramOutfittedof6ExecutiveOfficethe Chairman,

  20. Using Operational Security (OPSEC) to Support a Cyber Security Culture in

    Office of Environmental Management (EM)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level: National5Sales for4,645 3,625 1,006 492 742 33 1112011 Strategic2Uranium TransferonUS-India EnergyUnlockingDepartment ofOwners |UsingControl

  1. Using Operational Security (OPSEC) to Support a Cyber Security Culture in

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels DataDepartment of Energy Your DensityEnergy U.S.-China Electric Vehicle and03/02 TUE 08:59 FAXFact SheetConditionsOwners

  2. Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu

    E-Print Network [OSTI]

    Smith, Sean W.

    Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu side of the picture--the computers which we train students, young and old, to be effective cyber-citizens; and the media coverage or produce more effective tailors. S.W. SMITH Dartmouth College T oalargeextent,computingsystemsareu

  3. Scalable, Secure Energy Information Management for Demand-Response Analysis Yogesh Simmhan1,2

    E-Print Network [OSTI]

    Prasanna, Viktor K.

    is expanding at a rapid rate to enable communication using emerging standards, the software architecture. A medical emergency or disaster preparedness agency imposes relaxed privacy requirements during emergency by the smart grid in the context of cyber-security ­ the real time nature of data and the large scale at which

  4. COSC 472 Network Security Annie Lu 1 COSC 472 Network Security

    E-Print Network [OSTI]

    Lu, Enyue "Annie"

    COSC 472 Network Security Annie Lu 1 COSC 472 Network Security · Instructor: Dr. Enyue (Annie) Lu Network Security Annie Lu 2 Course overview · Chapter 1: Introduction · Part I: Cryptography · Chapter 2 · Part II ­III: Network Security · Chapter 4: key Distribution & User Authentication · Chapter 5: Network

  5. Distributed Detection of Cyber-Physical Attacks in Power Networks: A Waveform Relaxation Approach

    E-Print Network [OSTI]

    Bullo, Francesco

    Distributed Detection of Cyber-Physical Attacks in Power Networks: A Waveform Relaxation Approach to operate safely and reliably against cyber-physical attacks. The large dimensionality and the difficulty system and cyber- physical attacks as unknown inputs. This modeling framework captures, for instance

  6. Switched System Models for Coordinated Cyber-Physical Attack Construction and Simulation

    E-Print Network [OSTI]

    Kundur, Deepa

    Switched System Models for Coordinated Cyber-Physical Attack Construction and Simulation Shan Liu the need to develop intelligent models of cyber-physical attacks that produce salient disruptions. In this paper, we present a foundation for the development of a class of intelligent cyber-physical attacks

  7. Critical issues in process control system security : DHS spares project.

    SciTech Connect (OSTI)

    Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

    2010-10-01T23:59:59.000Z

    The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

  8. Counterfactual quantum key distribution with high efficiency

    SciTech Connect (OSTI)

    Sun Ying [State Key Laboratory of Networking and SwitchingTechnology, Beijing University of Posts and Telecommunications, Beijing 100876 (China); Beijing Electronic Science and Technology Institute, Beijing 100070 (China); Wen Qiaoyan [State Key Laboratory of Networking and SwitchingTechnology, Beijing University of Posts and Telecommunications, Beijing 100876 (China)

    2010-11-15T23:59:59.000Z

    In a counterfactual quantum key distribution scheme, a secret key can be generated merely by transmitting the split vacuum pulses of single particles. We improve the efficiency of the first quantum key distribution scheme based on the counterfactual phenomenon. This scheme not only achieves the same security level as the original one but also has higher efficiency. We also analyze how to achieve the optimal efficiency under various conditions.

  9. Securing non-volatile memory regions

    DOE Patents [OSTI]

    Faraboschi, Paolo; Ranganathan, Parthasarathy; Muralimanohar, Naveen

    2013-08-20T23:59:59.000Z

    Methods, apparatus and articles of manufacture to secure non-volatile memory regions are disclosed. An example method disclosed herein comprises associating a first key pair and a second key pair different than the first key pair with a process, using the first key pair to secure a first region of a non-volatile memory for the process, and using the second key pair to secure a second region of the non-volatile memory for the same process, the second region being different than the first region.

  10. information security

    E-Print Network [OSTI]

    Faculty listing for "information security" ... 1167; Phone: +1 765 49-46022; Email: wagstaff@purdue.edu; Research Interests: number theory, information security.

  11. Building Smart Communities with Cyber-Physical Systems

    E-Print Network [OSTI]

    Xia, Feng

    2012-01-01T23:59:59.000Z

    There is a growing trend towards the convergence of cyber-physical systems (CPS) and social computing, which will lead to the emergence of smart communities composed of various objects (including both human individuals and physical things) that interact and cooperate with each other. These smart communities promise to enable a number of innovative applications and services that will improve the quality of life. This position paper addresses some opportunities and challenges of building smart communities characterized by cyber-physical and social intelligence.

  12. Computationally Efficient Neural Network Intrusion Security Awareness

    SciTech Connect (OSTI)

    Todd Vollmer; Milos Manic

    2009-08-01T23:59:59.000Z

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  13. A Software Engineering Perspective for Services Security

    E-Print Network [OSTI]

    Han, Jun

    A Software Engineering Perspective for Services Security Jun Han School of Information Technology. We have seen much work in the traditional area of information and network security, focusing such as encryption algo- rithms and key exchange protocols has been the main topic of the information security

  14. Cyber-Physical Energy Systems: Focus on Smart Buildings

    E-Print Network [OSTI]

    Gupta, Rajesh

    of a deeply coupled system of energy usage, comfort and work derived. At a macroscale, buildings use approxi computers and laptops in offices and homes will exceed over 3x the energy use by all data centers combinedCyber-Physical Energy Systems: Focus on Smart Buildings Jan Kleissl Dept. of Mechanical

  15. A Deception Framework for Survivability Against Next Generation Cyber Attacks

    E-Print Network [OSTI]

    Upadhyaya, Shambhu

    to the electronic business domain. According to the asymmetric warfare theory, attack- ers have the advantage- rity, survivability 1. Introduction This is the era of cyber-warfare and it is no longer limited to military domain. Knapp and Boulton [12] have reviewed information warfare literature from 1990 to mid-2005

  16. Embedded Cyber-Physical Anomaly Detection in Smart Meters

    E-Print Network [OSTI]

    vulnerabilities that arise from deployment of local cyber-physical attacks at a smart metering location and physical domains. 1 Introduction Limitations of today's power networks, combined with the need we address the risk of manipula- tions at the end-user level, even when a trusted infrastructure

  17. Cyber-Vulnerability of Power Grid Monitoring and Control Systems

    E-Print Network [OSTI]

    Manimaran, Govindarasu

    Cyber-Vulnerability of Power Grid Monitoring and Control Systems Chee-Wooi Ten Iowa State, and power infrastructures due to the complexity of required compliances [5]. Although the complex outages. Three modes of malicious attacks on the power infrastructure are (i) attack upon the system, (ii

  18. Fake state attack on practically decoy state quantum key distribution

    E-Print Network [OSTI]

    Yong-gang Tan

    2012-02-15T23:59:59.000Z

    In this paper, security of practically decoy state quantum key distribution under fake state attack is considered. If quantum key distribution is insecure under this type of attack, decoy sources can not also provide it with enough security. Strictly analysis shows that Eve should eavesdrop with the aid of photon-number-resolving instruments. In practical implementation of decoy state quantum key distribution where statistical fluctuation is considered, however, Eve can attack it successfully with threshold detectors.

  19. Entropic security in Quantum Cryptography

    E-Print Network [OSTI]

    Simon Pierre Desrosiers

    2007-11-16T23:59:59.000Z

    We present two new definitions of security for quantum ciphers which are inspired by the definition of entropic security and entropic indistinguishability defined by Dodis and Smith. We prove the equivalence of these two new definitions. We also propose a generalization of a cipher described by Dodis and Smith and show that it can actually encrypt n qubits using less than n bits of key under reasonable conditions and yet be secure in an information theoretic setting. This cipher also totally closes the gap between the key requirement of quantum ciphers and classical ciphers.

  20. Security of counterfactual quantum cryptography

    SciTech Connect (OSTI)

    Yin Zhenqiang; Li Hongwei; Chen Wei; Han Zhengfu; Guo Guangcan [Key Laboratory of Quantum Information, University of Science and Technology of China, Hefei 230026 (China)

    2010-10-15T23:59:59.000Z

    Recently, a 'counterfactual' quantum-key-distribution scheme was proposed by T.-G. Noh [Phys. Rev. Lett. 103, 230501 (2009)]. In this scheme, two legitimate distant peers may share secret keys even when the information carriers are not traveled in the quantum channel. We find that this protocol is equivalent to an entanglement distillation protocol. According to this equivalence, a strict security proof and the asymptotic key bit rate are both obtained when a perfect single-photon source is applied and a Trojan horse attack can be detected. We also find that the security of this scheme is strongly related to not only the bit error rate but also the yields of photons. And our security proof may shed light on the security of other two-way protocols.

  1. Unconditional security at a low cost

    E-Print Network [OSTI]

    Xiongfeng Ma

    2006-07-31T23:59:59.000Z

    By simulating four quantum key distribution (QKD) experiments and analyzing one decoy-state QKD experiment, we compare two data post-processing schemes based on security against individual attack by L\\"{u}tkenhaus, and unconditional security analysis by Gottesman-Lo-L\\"{u}tkenhaus-Preskill. Our results show that these two schemes yield close performances. Since the Holy Grail of QKD is its unconditional security, we conclude that one is better off considering unconditional security, rather than restricting to individual attacks.

  2. Practical issues in quantum-key-distribution postprocessing

    SciTech Connect (OSTI)

    Fung, C.-H. Fred; Chau, H. F. [Department of Physics and Center of Theoretical and Computational Physics, University of Hong Kong, Pokfulam Road (Hong Kong); Ma Xiongfeng [Institute for Quantum Computing and Department of Physics and Astronomy, University of Waterloo, 200 University Ave W., Waterloo, Ontario, Canada N2L 3G1 (Canada)

    2010-01-15T23:59:59.000Z

    Quantum key distribution (QKD) is a secure key generation method between two distant parties by wisely exploiting properties of quantum mechanics. In QKD, experimental measurement outcomes on quantum states are transformed by the two parties to a secret key. This transformation is composed of many logical steps (as guided by security proofs), which together will ultimately determine the length of the final secret key and its security. We detail the procedure for performing such classical postprocessing taking into account practical concerns (including the finite-size effect and authentication and encryption for classical communications). This procedure is directly applicable to realistic QKD experiments and thus serves as a recipe that specifies what postprocessing operations are needed and what the security level is for certain lengths of the keys. Our result is applicable to the BB84 protocol with a single or entangled photon source.

  3. Secret-Key Generation from Channel Reciprocity: A Separation Approach

    E-Print Network [OSTI]

    Khisti, Ashish

    Secret-Key Generation from Channel Reciprocity: A Separation Approach Ashish Khisti Department: Secret-Key Generation Secure Message Transmission Physical Layer Authentication Jamming Resistance Feb 11, 2013 2/ 20 #12;Motivation Secret-Key Generation in Wireless Fading Channels A B KA KB Forward

  4. Secure Information Sharing and Dissemination in the Context of Public Security

    E-Print Network [OSTI]

    Secure Information Sharing and Dissemination in the Context of Public Security Professor Nabil R. Adam Director, The Center for Information Management Integration & Connectivity (CIMIC) Executive://cimic.rutgers.edu/~adam/ Abstract In the context of homeland security, one of the key challenges in such environment is achieving

  5. Breaking into a computer : attack techniques and tools used by cyber-criminals

    ScienceCinema (OSTI)

    None

    2011-10-06T23:59:59.000Z

    Oral presentation in English, slides in English. We will show you how and why cyber-criminals attack your computers: their motives, methods and tools.

  6. Breaking into a computer : attack techniques and tools used by cyber-criminals

    SciTech Connect (OSTI)

    None

    2010-06-24T23:59:59.000Z

    Oral presentation in English, slides in English. We will show you how and why cyber-criminals attack your computers: their motives, methods and tools.

  7. Microsoft Word - OE Cyber Release 10 18 07.doc

    Broader source: Energy.gov (indexed) [DOE]

    for security interoperability through the Lemnos Interoperable Security Program. * Siemens Corporate Research, Inc. of Princeton, NJ - selected for an award of up to 1.3...

  8. Private Key Recovery Combination Attacks: On Extreme Fragility of Popular Bitcoin

    E-Print Network [OSTI]

    Private Key Recovery Combination Attacks: On Extreme Fragility of Popular Bitcoin Key Management and practical operational security in bitcoin digital currency storage systems. We study the security two most used bitcoin HD Wallet key management solutions (e.g. in BIP032 and in earlier systems). These systems

  9. Towards a Standard for Highly Secure SCADA Systems

    SciTech Connect (OSTI)

    Carlson, R.

    1998-09-25T23:59:59.000Z

    The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied to automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.

  10. Cryptanalysis and Improvement of an Efficient CCA Secure PKE Scheme

    E-Print Network [OSTI]

    that it is more efficient in the public/private keys than the famous CS98 and BMW05 CCA secure public key-time signature based on the BMW05 paradigm [2]. The third way owns to the concept of lossy trapdoor function than the famous CS98 and BMW05 CCA secure public key encryption scheme. However we will show

  11. Network QoS Management in Cyber-Physical Systems

    E-Print Network [OSTI]

    Xia, Feng; Dong, Jinxiang; Sun, Youxian

    2008-01-01T23:59:59.000Z

    Technical advances in ubiquitous sensing, embedded computing, and wireless communication are leading to a new generation of engineered systems called cyber-physical systems (CPS). CPS promises to transform the way we interact with the physical world just as the Internet transformed how we interact with one another. Before this vision becomes a reality, however, a large number of challenges have to be addressed. Network quality of service (QoS) management in this new realm is among those issues that deserve extensive research efforts. It is envisioned that wireless sensor/actuator networks (WSANs) will play an essential role in CPS. This paper examines the main characteristics of WSANs and the requirements of QoS provisioning in the context of cyber-physical computing. Several research topics and challenges are identified. As a sample solution, a feedback scheduling framework is proposed to tackle some of the identified challenges. A simple example is also presented that illustrates the effectiveness of the pr...

  12. Defense on the Move: Ant-Based Cyber Defense

    SciTech Connect (OSTI)

    Fink, Glenn A.; Haack, Jereme N.; McKinnon, Archibald D.; Fulp, Errin W.

    2014-04-15T23:59:59.000Z

    Many common cyber defenses (like firewalls and IDS) are as static as trench warfare allowing the attacker freedom to probe them at will. The concept of Moving Target Defense (MTD) adds dynamism to the defender side, but puts the systems to be defended themselves in motion, potentially at great cost to the defender. An alternative approach is a mobile resilient defense that removes attackers’ ability to rely on prior experience without requiring motion in the protected infrastructure itself. The defensive technology absorbs most of the cost of motion, is resilient to attack, and is unpredictable to attackers. The Ant-Based Cyber Defense (ABCD) is a mobile resilient defense providing a set of roaming, bio-inspired, digital-ant agents working with stationary agents in a hierarchy headed by a human supervisor. The ABCD approach provides a resilient, extensible, and flexible defense that can scale to large, multi-enterprise infrastructures like the smart electric grid.

  13. Sandia Energy » Cyber Engineering Research Laboratory (CERL)

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative1 First Use of Energy for All Purposes (Fuel and Nonfuel), 2002; Level:Energy: Grid Integration Redefining What's PossibleRadiationImplementingnpitche Home About npitche This author has notExpansionSandiaCyber

  14. Measurable Control System Security through Ideal Driven Technical Metrics

    SciTech Connect (OSTI)

    Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

    2008-01-01T23:59:59.000Z

    The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based on the two case studies and evaluation of the seven assessments, the security ideals demonstrated their value in guiding security thinking. Further, the final set of core technical metrics has been demonstrated to be both usable in the control system environment and provide significant coverage of standard security issues.

  15. The key to fully tapping the promise of the smart grid in the electric utility industry is highly secure and reliable communications--without that the data is, essentially, meaning-

    E-Print Network [OSTI]

    Fisher, Kathleen

    of solely in terms of meter solutions. However, the smart grid encompasses the entire grid--it must be used's environmental footprint.While the smart grid is starting with meter reads and outage information, it will soonThe key to fully tapping the promise of the smart grid in the electric utility industry is highly

  16. NAPS 2003, 35th North American Power Symposium, University of Missouri-Rolla in Rolla, Missouri, October 20-21, 2003. pp. 559-566. Abstract--Security of supply has been always a key factor

    E-Print Network [OSTI]

    Catholic University of Chile (Universidad Católica de Chile)

    as a terrorist attack to some key power plants or transmission lines. Since September 11, 2001 the threat three kinds of threats over society: a) Attacks upon the power system. Here the target is the electricNAPS 2003, 35th North American Power Symposium, University of Missouri-Rolla in Rolla, Missouri

  17. A Taxonomy of Cyber Attacks on 3G Networks Kameswari Kotapati, Peng Liu, Yan Sun, Thomas F. LaPorta

    E-Print Network [OSTI]

    Yener, Aylin

    1 A Taxonomy of Cyber Attacks on 3G Networks Kameswari Kotapati, Peng Liu, Yan Sun, Thomas F. La Infrastructure Cyber Attack. This paper is the first to propose attack taxonomy for 3G networks. The uniqueness of this taxonomy is the inclusion of Cross Infrastructure Cyber Attacks in addition to the standard Single

  18. Intrusion detection using secure signatures

    DOE Patents [OSTI]

    Nelson, Trent Darnel; Haile, Jedediah

    2014-09-30T23:59:59.000Z

    A method and device for intrusion detection using secure signatures comprising capturing network data. A search hash value, value employing at least one one-way function, is generated from the captured network data using a first hash function. The presence of a search hash value match in a secure signature table comprising search hash values and an encrypted rule is determined. After determining a search hash value match, a decryption key is generated from the captured network data using a second hash function, a hash function different form the first hash function. One or more of the encrypted rules of the secure signatures table having a hash value equal to the generated search hash value are then decrypted using the generated decryption key. The one or more decrypted secure signature rules are then processed for a match and one or more user notifications are deployed if a match is identified.

  19. Architecture of the Secoqc Quantum Key Distribution network

    E-Print Network [OSTI]

    Mehrdad Dianati; Romain Alleaume

    2006-10-25T23:59:59.000Z

    The European projet Secoqc (Secure Communication based on Quantum Cryptography) aims at developing a global network for unconditionally secure key distribution. This paper specifies the requirements and presents the principles guiding the design of this network, and relevant to its architecture and protocols.

  20. EL Program: Smart Grid Program Manager: David Wollman, Smart Grid and Cyber-Physical Systems

    E-Print Network [OSTI]

    EL Program: Smart Grid Program Manager: David Wollman, Smart Grid and Cyber-Physical Systems Program Office, Associate Program Manager: Dean Prochaska, Smart Grid and Cyber- Physical Systems Program [updated August 23, 2013] Summary: This program develops and demonstrates smart grid measurement science