Powered by Deep Web Technologies
Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

Cyber Security  

Office of Environmental Management (EM)

Associate CIO for Cyber Security (IM-30) Rod Turk Deputy Associate CIO for Cyber Security (IM-30) Paul Cunningham Incident Management Division (IM-32) Rob Ciochon Director Policy,...

2

Cyber Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber Security Previous cybersecurity evaluations and designs were often dependent upon personal experience and limited empirical evidence. An LDRD project focused on cybersecurity...

3

Cyber Security & Smart Grid  

E-Print Network [OSTI]

Cyber Security & Smart Grid Jonathan Shapiro Texas Institute The Clean Air Through Energy Efficiency (CATEE) Conference Cyber Security & Smart Grid ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Cyber Security and The Smart... and communication protocols. ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Smart Grid Systems ?Current Cyber Security Issues ? Advanced Metering Infrastructure (AMI) Security ? The wireless devices are used in the smart meters located...

Shapiro, J.

2011-01-01T23:59:59.000Z

4

Information Security: Coordination of Federal Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that...

5

Cyber Security Evaluations - Reports  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber Security Reports Cyber Security Reports 2012 Review of the Classified Cyber Security Programs at the Lawrence Livermore National Laboratory, January 2012, (OUO) Independent Oversight Review of the Classified Cyber Security Programs at the Savannah River Site, March 2012, (OUO) Independent Oversight Review of the Unclassified and Classified Cyber Security Programs at the Office of Scientific and Technical Information, March 2012, (OUO) Independent Oversight 2011 Report on Security Vulnerabilities of National Laboratory Computers, April 13, 2012, (OUO) Technical Review of the Office of Health, Safety and Security Classified Local Area Network, May 2012, (OUO) 2011 (U) Unclassified Cyber Security Technical Review of the Bonneville Power Administration Transmission Services Control Center Network, (OUO), May 2011

6

Cyber Security Architecture Guidelines  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

2001-03-08T23:59:59.000Z

7

Chapter_14_Cyber_Security  

Office of Environmental Management (EM)

4 Cyber Security The DOE Cyber Security Program aims to protect the Department's diverse missions in a cost- effective manner; identify threats, risks, and mitigations; and remain...

8

Cyber Security | National Security | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

National Security Home | Science & Discovery | National Security | Initiatives | Cyber Security SHARE Cyber Security Through Science A Science-Based Approach image ORNL uses a science-based approach that combines experimentation, theory, modeling, and high performance computing to solve some of the nation's cyber security grand challenges. Significant, 'game-changing' transformation requires a science-based approach that combines fundamental understanding with experimentation, theory, and modeling. The most successful scientific programs use peer review to maximize intellectual capital and prioritize research needs. The Department of Energy has applied this approach through programs such as the Scientific Discovery through Advanced Computing (SciDAC) and ASCI,

9

Departmental Cyber Security Management Policy  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Departmental Cyber Security Management (DCSM) Policy was developed to further clarify and support the elements of the Integrated Safeguards and Security Management (ISSM) Policy regarding cyber security. Certified 9-23-10. No cancellation.

2001-05-08T23:59:59.000Z

10

Cyber Security Issues and Requirements  

Broader source: Energy.gov (indexed) [DOE]

Program Program (SGIG) Cyber Security Issues and Requirements Jeff Dagle November 19, 2009 Communication and Information Technology will be Central to Smart Grid Deployment Final Interim Smart Grid Roadmap, prepared by the Electric Power Research Institute (EPRI) for the National Institute of Standards and Technology (NIST) Cyber Security Requirements Associated with ARRA Projects Proposals were required to include:  Discussion of how cyber security risks will be mitigated  What criteria will be used for vendor and technology selection  Relevant cyber security standards that will be followed (or industry best practices)  How emerging smart grid cyber security standards that are currently being developed will be adopted Cyber Security Objectives for Smart

11

2014 Headquarters Facilities Master Security Plan- Chapter 14, Cyber Security  

Broader source: Energy.gov [DOE]

2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security Describes the DOE Headquarters Cyber Security Program.

12

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation.

2008-08-12T23:59:59.000Z

13

Chapter_14_Cyber_Security  

Broader source: Energy.gov (indexed) [DOE]

4 4 Cyber Security The DOE Cyber Security Program aims to protect the Department's diverse missions in a cost- effective manner; identify threats, risks, and mitigations; and remain flexible in a changing environment. Key Departmental directives, policies, and procedures governing the implementation of the Cyber Security Program at DOE HQ are: * DOE Order 205.1B, Department of Energy Cyber Security Management * DOE Policy 205.1, Department of Energy Cyber Security Management Policy * Headquarters Program Cyber Security Plan (HQ PCSP) HQ Implementation Procedures The head of each HQ element is responsible for implementing a cyber security program within his or her element that conforms to the policies and procedures set forth in the HQ PCSP. Each Head of Element must appoint, in writing, an

14

Using Operational Security (OPSEC) to Support a Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Using Operational Security (OPSEC) to Support a Cyber Security Culture in...

15

The Cyber Security Crisis  

SciTech Connect (OSTI)

Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'

Spafford, Eugene (Purdue University) [Purdue University

2006-05-10T23:59:59.000Z

16

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation. Admin Chg 1 dated 9-1-09.

2008-08-12T23:59:59.000Z

17

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

2009-01-08T23:59:59.000Z

18

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

2009-01-08T23:59:59.000Z

19

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS...  

Office of Environmental Management (EM)

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY...

20

INL@Work Cyber Security  

SciTech Connect (OSTI)

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

Chaffin, May

2010-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

INL@Work Cyber Security  

ScienceCinema (OSTI)

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

Chaffin, May

2013-05-28T23:59:59.000Z

22

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security management processes throughout the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B. No cancellations.

2008-08-12T23:59:59.000Z

23

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-08T23:59:59.000Z

24

DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS...  

Broader source: Energy.gov (indexed) [DOE]

CORE COMPETENCY TRAINING REQUIREMENTS: CA DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS. Key Cyber...

25

Visualizing Cyber Security: Usable Workspaces  

SciTech Connect (OSTI)

An environment that supports cyber analytics work should enable multiple, simultaneous investigations, information foraging, and provide a solution space for organizing data. We describe our study of cyber security professionals and visualizations in a large, high-resolution display work environment. We discuss the tasks and needs of analysts that such an environment can support and present several prototypes designed to support these needs. We conclude with a usability evaluation of the prototypes and additional lessons learned.

Fink, Glenn A.; North, Christopher L.; Endert, Alexander; Rose, Stuart J.

2009-10-11T23:59:59.000Z

26

Cyber Security Standards.PDF  

Broader source: Energy.gov (indexed) [DOE]

1 1 I N S P E C T I O N R E P O R T U.S. DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL OFFICE OF INSPECTIONS INSPECTION OF CYBER SECURITY STANDARDS FOR SENSITIVE PERSONAL INFORMATION NOVEMBER 2001 . DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL U.S. DEPARTMENT OF ENERGY Washington, DC 20585 November 13, 2001 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman /s/ Inspector General SUBJECT: INFORMATION: Report on "Inspection of Cyber Security Standards for Sensitive Personal Information" BACKGROUND The Office of Inspector General (OIG), U.S. Department of Energy (DOE), identified a concern relating to the cyber security of unclassified sensitive personal information maintained by the Department under the Privacy Act of 1974, and other personal information exempt from

27

Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

ITD Home Cyber Security Links Cyber Security Home Network Access Antivirus Measures SSH Gateways Remote Access Computer Security Incidents Cyber Security Homepage Report a Security Incident Hotline: 631.344.8484 Email: security@bnl.gov Cyber Security Note: The links below supplement the Cyber Security, Unclassified SBMS subject area. Network Access Cyber Security image Network Access Registration - New connections to BNL's internal network must complete the registration process described in this link. Machines that are not registered will be denied access to the Laboratory's network. Proxy Configuration Virtual Private Network (VPN) RSA SecurID User Guide Desktop Security Locking Your Computer Disable Automatic Login (Mac OS X) Virus Protection Secure Shell (SSH) Resources

28

Cyber Security Reports | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Reports Cyber Security Reports Cyber Security Reports 2012 Review of the Classified Cyber Security Programs at the Lawrence Livermore National Laboratory, January 2012, (OUO) Independent Oversight Review of the Classified Cyber Security Programs at the Savannah River Site, March 2012, (OUO) Independent Oversight Review of the Unclassified and Classified Cyber Security Programs at the Office of Scientific and Technical Information, March 2012, (OUO) Independent Oversight 2011 Report on Security Vulnerabilities of National Laboratory Computers, April 13, 2012, (OUO) Technical Review of the Office of Health, Safety and Security Classified Local Area Network, May 2012, (OUO) 2011 (U) Unclassified Cyber Security Technical Review of the Bonneville Power Administration Transmission Services Control Center Network, (OUO),

29

THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders  

E-Print Network [OSTI]

THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security in Engineering, ACE-CS immerses students in the cyber-security discipline through a combination of intense in Engineering on Cyber Security (ACE-CS) [1] is to develop the next generation of cyber-security leaders

Older, Susan

30

Before the House Subcommittee on Emerging Threats, Cyber Security...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and...

31

Department of Energy Cyber Security Management Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

2003-03-21T23:59:59.000Z

32

Department of Energy Cyber Security Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

2006-12-04T23:59:59.000Z

33

Microgrid cyber security reference architecture.  

SciTech Connect (OSTI)

This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

2013-07-01T23:59:59.000Z

34

Strengthening Cyber Security  

Broader source: Energy.gov (indexed) [DOE]

E E n E rgyB i z November/December 2008 » TECHNOLOGY FRONTIER (Guest OpiniOn) remOte attaCks On systems that control power production and distribution are no longer hypothetical events. At least four utilities have been subjected to extortion demands by criminals who used the Internet to infect the utilities' computers and caused or threatened power outages. Cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. These are criminal acts, but nation-states are actively targeting utility computers, as well, so that in time of war they can turn off their adversary's power. While all this is happening, most executives in the

35

Security and Cyber Guidance | Department of Energy  

Office of Environmental Management (EM)

April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 Performance Testing Guidance & Information Composite Adversary Team Brochure - April 9, 2008...

36

Information Security: Coordination of Federal Cyber Security Research and  

Broader source: Energy.gov (indexed) [DOE]

Security: Coordination of Federal Cyber Security Security: Coordination of Federal Cyber Security Research and Development Information Security: Coordination of Federal Cyber Security Research and Development GAO recommends that the Office of Science and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to repositories. In commenting on a draft of this report, OMB stated that it would review the need for such guidance. Information Security: Coordination of Federal Cyber Security Research and Development More Documents & Publications Networking and Information Technology Research and Development Supplement to the President's Budget (February 2010)

37

Common Cyber Security Vulnerabilities Observed in Control System...  

Broader source: Energy.gov (indexed) [DOE]

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

38

INL Cyber Security Research (2008) | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

INL Cyber Security Research (2008) INL Cyber Security Research (2008) Cybersecurity research at INL will help protect critical infrastructure control system computers against worms...

39

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS...  

Broader source: Energy.gov (indexed) [DOE]

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA Cybersecurity Program Manager (CSPM...

40

Report of the Cyber Security Research Needs for Open Science...  

Energy Savers [EERE]

Report of the Cyber Security Research Needs for Open Science Workshop Report of the Cyber Security Research Needs for Open Science Workshop Protecting systems and users, while...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

Office of Electricity Delivery and Energy Reliability Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections On...

42

Cyber Security Audit and Attack Detection Toolkit: Bandolier...  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This...

43

THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders  

E-Print Network [OSTI]

THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security Advanced Course in Engineering, ACE-CS immerses students in the cyber-security discipline through for the program. Key words: Cyber-security education, technical leadership, learning community. 1. INTRODUCTION

44

Cyber-Security of Networked Control Systems Karl Henrik Johansson  

E-Print Network [OSTI]

7/3/12 1 Cyber-Security of Networked Control Systems Karl Henrik Johansson #12;7/3/12 2 Recent Cyber-ARacks on Control Systems Cyber-Security of Networked

Johansson, Karl Henrik

45

Computational Intelligence Algorithms Analysis for Smart Grid Cyber Security  

Science Journals Connector (OSTI)

The cyber attack risks are threatening the smart grid security. Malicious worm could spread from meter to ... ) has thus developed several iterations of cyber security standards. According to the NERC cyber stand...

Yong Wang; Da Ruan; Jianping Xu; Mi Wen; Liwen Deng

2010-01-01T23:59:59.000Z

46

Definition: Cyber Security Incident | Open Energy Information  

Open Energy Info (EERE)

Security Incident Security Incident Jump to: navigation, search Dictionary.png Cyber Security Incident Any malicious act or suspicious event that: Compromises, or was an attempt to compromise, the Electronic Security Perimeter or Physical Security Perimeter of a Critical Cyber Asset, or, Disrupts, or was an attempt to disrupt, the operation of a Critical Cyber Asset.[1] Related Terms Electronic Security Perimeter References ↑ Glossary of Terms Used in Reliability Standards An LikeLike UnlikeLike You like this.Sign Up to see what your friends like. inline Glossary Definition Retrieved from "http://en.openei.org/w/index.php?title=Definition:Cyber_Security_Incident&oldid=480296" Categories: Definitions ISGAN Definitions What links here Related changes Special pages Printable version

47

Safeguards and Security and Cyber Security RM  

Broader source: Energy.gov (indexed) [DOE]

Safeguards and Security and Safeguards and Security and Cyber Security Review Module March 2010 CD- -0 OFFICE O S CD-1 OF ENVIRO Standard Safeguar and Cy Rev Critical D CD-2 M ONMENTA Review Pla rds and S yber Secu view Modul Decision (CD CD March 2010 AL MANAG an (SRP) Security urity le D) Applicabili D-3 GEMENT ity CD-4 Post Ope eration Standard Review Plan, 2 nd Edition, March 2010 i FOREWORD The Standard Review Plan (SRP) 1 provides a consistent, predictable corporate review framework to ensure that issues and risks that could challenge the success of Office of Environmental Management (EM) projects are identified early and addressed proactively. The internal EM project review process encompasses key milestones established by DOE O 413.3A, Change 1, Program and Project Management for the Acquisition of Capital Assets, DOE-STD-

48

A Two-Constraint Approach to Risky CyberSecurity  

E-Print Network [OSTI]

A Two-Constraint Approach to Risky CyberSecurity Experiment Management John Wroclawski, Jelena Mirkovic, Ted Faber, Stephen Schwab #12;Risky CyberSecurity Research CyberSecurity systems becoming more;Domains of interest Traditional risky experiment Virus dissection Modern risky CyberSecurity

Faber, Ted

49

The Science, Engineering, and Business of Cyber Security  

E-Print Network [OSTI]

's nuclear football © Ravi Sandhu 7 World-Leading Research with Real-World Impact! Cyber Security Goal ManyThe Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas at San

Sandhu, Ravi

50

Cyber Security Audit and Attack Detection Toolkit  

SciTech Connect (OSTI)

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Peterson, Dale

2012-05-31T23:59:59.000Z

51

Security and Cyber Evaluations | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Security and Cyber Evaluations Security and Cyber Evaluations Security and Cyber Evaluations Security and Cyber Evaluations within the Office of Enforcement and Oversight implements the independent security performance monitoring functions for DOE. The other half of the Independent Oversight Program is implemented by the Office of Safety and Emergency Management Evaluations for safety oversight. The independent oversight function performed by these two offices is delineated in DOE Order 227.1, Independent Oversight Program, issued on August 30, 2011. This recently revised Order reflects lessons learned in conducting inspections and incorporates earlier and more frequent line management involvement in the inspection planning process. We welcome an opportunity to discuss our inspection process and potential

52

DOE Cyber Security Role, Competency and Functional Matrix  

Broader source: Energy.gov (indexed) [DOE]

5/4/2011 5/4/2011 DOE Cyber Security Role, Competency and Functional Matrix DOE Cyber Security EBK: A Competency and Functional Framework for Cyber Security Workforce Development DOE Cyber Security Functional Roles Chief Information Officer (CIO) Information Owner/Steward Chief Information Security Officer (CISO) Authorizing Official (AO) AO Designated Representative (AODR) Common Control Provider Information System Owner Cyber Security Program Manager (CSPM) Information System Security Officer (ISSO) Information Security Architect Information System Security Engineer Security Control Assessor Core Competencies Data Security ● ● ● ● ● ● ● ● ● ● Enterprise Continuity ● ● ● ● ● ● ● ● ● ● ●

53

Chapter 20 - Cyber Security Countermeasures to Combat Cyber Terrorism  

Science Journals Connector (OSTI)

Abstracts: In this chapter we first consider what constitutes cyber terrorism, to distinguish such events from other forms of cybercrime, and to establish a rationale for that distinction. We discuss some of the characteristics of cyber terrorist events in comparison with cybercriminal events, and the changes that have occurred, socially and technologically, that make such events both more likely and more damaging. We then go on to consider three key aspects of cyber terrorist attacks, cyber attacks on physical systems, malware specifically developed for such attacks, and insider threats to enable or support such attacks. Next, we look at the countermeasures that can be adopted by organizations and individuals to address such threats, highlighting the significant human component of such systems through the need for standards-based policies and protocols, good security hygiene, and the training of system users at all levels. We also consider some issues of physical systems upgrade, and some software measures that can be used to identify and isolate cyber threats. Finally, we consider the future in terms of the likely further growth of cyber terrorist events, and the threat they pose to critical infrastructure and the systems on which, socially and technologically, we increasingly rely.

Lachlan MacKinnon; Liz Bacon; Diane Gan; Georgios Loukas; David Chadwick; Dimitrios Frangiskatos

2013-01-01T23:59:59.000Z

54

Cyber Security Evaluations Appraisal Process Guide - April 2008 |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 April 2008 Cyber Security Evaluations Appraisal Process Guide was developed for the purpose of documenting the appraisal approach and techniques specific to evaluations of classified and unclassified cyber security programs throughout DOE. Office of Cyber Security Evaluations Appraisal Process Guide provides additional insight into the Office of Cyber Security Evaluations (HS-62) evaluation approach and processes associated with assessing classified and unclassified cyber security programs. The objective of this document is to establish a standard approach and methodology for conducting cyber security reviews that is well understood by all inspection participants.

55

Cyber Assessment Methods for SCADA Security  

Broader source: Energy.gov (indexed) [DOE]

5 by ISA - The Instrumentation, Systems and Automation Society. 5 by ISA - The Instrumentation, Systems and Automation Society. Presented at 15th Annual Joint ISA POWID/EPRI Controls and Instrumentation Conference http://www.isa.org Cyber Assessment Methods for SCADA Security May Robin Permann Kenneth Rohde Staff Computer Security Researcher Information & Communications Systems Cyber Security Technologies Idaho National Laboratory Idaho National Laboratory Idaho Falls, ID 83415 Idaho Falls, ID 83415 KEYWORDS Supervisory Control and Data Acquisition, SCADA, Cyber Security, Testing, Assessment ABSTRACT The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical

56

Cyber-security Research Ethics Dialogue & Strategy Erin Kenneally  

E-Print Network [OSTI]

Cyber-security Research Ethics Dialogue & Strategy Workshop Erin Kenneally CAIDA/UC, San Diego La The inaugural Cyber-security Research Ethics Dialogue & Strat- egy Workshop was held on May 23, 2013

California at San Diego, University of

57

First steps toward scientific cyber-security experimentation in wide-area cyber-physical systems  

Science Journals Connector (OSTI)

This extended abstract reports on steps towards an environment for repeatable and scalable experiments on wide-area cyber-physical systems. The cyber-physical systems that underlie the world's critical infrastructure are increasingly vulnerable to attack ... Keywords: cyber-physical, cyber-security, experimental research, overlay network, smart grid, testbed

Ryan Goodfellow; Robert Braden; Terry Benzel; David E. Bakken

2013-01-01T23:59:59.000Z

58

Formulating Cyber-Security as Convex Optimization Problems  

E-Print Network [OSTI]

Formulating Cyber-Security as Convex Optimization Problems Kyriakos G. Vamvoudakis, Jo~ao P. Mission-centric cyber-security analysts require a complete overview and understanding of the state. Keywords: Cyber-Security, Convex Optimization, System Identifica- tion, iCTF 1 Introduction Guaranteeing

Hespanha, João Pedro

59

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director cai@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Squicciarini, Anna Cinzia

60

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director pliu@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Giles, C. Lee

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

Formulating Cyber-Security as Convex Optimization Problems  

E-Print Network [OSTI]

Formulating Cyber-Security as Convex Optimization Problems? Kyriakos G. Vamvoudakis1 , Jo~ao P,vigna}@cs.ucsb.edu Abstract. Mission-centric cyber-security analysts require a complete overview and understanding The Flag (iCTF) hacking competition. Keywords: Cyber-Security, Convex Optimization, System Identifica- tion

Vigna, Giovanni

62

Cyber Security Guidelines, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

BNL Cyber Security Guidelines BNL Cyber Security Guidelines Appropriate Use Unauthorized and Malicious Access and Actions Blatant Disregard for Laboratory Computer Security Privacy of Electronic Files, and E-MAIL Publishing & Accessing Information on Electronic Networks The Laboratory's main concerns are protecting data and systems critical to operations in pursuit of its mission. The Laboratory's Computer Security Plan covers Laboratory systems, whether on-site and connected directly to the Laboratory network, or on- or off-site and connected to the Laboratory network by the telephone system or other means. The procedures and rules described here cover these systems no matter who is the owner or the method of connection to the network. Laboratory employees and registered users are responsible for their own actions under the computer security policy, as well as for the actions of any person who they permit to access a Laboratory system.

63

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8

2011-05-16T23:59:59.000Z

64

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, cancels Chg 2.

2011-05-16T23:59:59.000Z

65

The Department's Unclassified Cyber Security Program - 2012, IG-0877  

Broader source: Energy.gov (indexed) [DOE]

Evaluation Report Evaluation Report The Department's Unclassified Cyber Security Program - 2012 DOE/IG-0877 November 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 November 8, 2012 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Department's Unclassified Cyber Security Program - 2012" INTRODUCTION AND OBJECTIVE As the use of information technology resources continues to expand, the number of cyber security threats against Federal agencies has also increased. In fact, Federal cyber security officials have warned that the number of cyber attackers has increased and that the Nation's

66

Cyber Security Requirements for Risk Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-19T23:59:59.000Z

67

Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Brookhaven Cyber Security Requirements Brookhaven Cyber Security Requirements Backup Data Sensitivity Physical Protection Computer Security Incidents Software Copyright Laws Virus Protection Passwords Accounts Backup Data ALWAYS BACKUP YOUR DATA. Keep the backups in a protected area. The more critical the data the more often you should backup. REQUIREMENTS: Users ("data owners") are responsible for determining what data requires protection and how their data is to be recovered if the online copy is destroyed (either by accidental or malicious damage). Users may choose not to back up data, but if so they must make sure they know how to recreate the lost data if needed. If backup is necessary then the users must coordinate a backup plan. This may either be an individual backup done by the users themselves or coordinated with the system managers into a regular system backup plan.

68

Office of Security and Cyber Evaluations  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Welcome to the Office of Security and Cyber Evaluations The Office of Security and Cyber Evaluations within the Office of Enforcement and Oversight implements the independent security performance monitoring functions for DOE. The other half of the Independent Oversight Program is implemented by the Office of Safety and Emergency Management Evaluations for safety oversight. The independent oversight function performed by these two offices is delineated in DOE Order 227.1, Independent Oversight Program, issued on August 30, 2011. This recently revised Order reflects lessons learned in conducting inspections and incorporates earlier and more frequent line management involvement in the inspection planning process. We welcome an opportunity to discuss our inspection process and potential differences in approach since your last interaction with us.

69

Primer Control System Cyber Security Framework and Technical Metrics  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Wayne F. Boyer; Miles A. McQueen

2008-05-01T23:59:59.000Z

70

Before the House Subcommittee on Emerging Threats, Cyber Security and  

Broader source: Energy.gov (indexed) [DOE]

Emerging Threats, Cyber Security Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security By: Patricia Hoffman, Acting Assistant Secretary for Electricity Delivery and Energy Reliability 7-21-09_Final_Testimony_Hoffman.pdf More Documents & Publications Statement of Patricia Hoffman, Acting Assistant Secretary for Electricity Delivery and Energy Reliability Before the Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security U.S. House of Representatives, Before the House Science and Technology Subcommittee on Energy and

71

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012; Chg 2, dated 3-11-13.

2011-05-16T23:59:59.000Z

72

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012.

2011-05-16T23:59:59.000Z

73

CyberPhysical System Security for the Electric Power Grid  

E-Print Network [OSTI]

INVITED P A P E R Cyber­Physical System Security for the Electric Power Grid Control in power research efforts aimed at enhancing the smart grid's application and infrastructure security. Finally­physical systems (CPS); cyber security; electric grid; smart grid; supervisory control and data acquisi- tion

Manimaran, Govindarasu

74

Sandia National Laboratories: Cyber Security for Electric Infrastructu...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

advancements in phasor measurement units (PMUs), distributed energy resources (DER), smart-grid technologies, and cloud computing services represent significant cyber security...

75

Control Systems Cyber Security: Defense in Depth Strategies ...  

Broader source: Energy.gov (indexed) [DOE]

that use control system networks while maintaining a multi-tier information architecture. Control Systems Cyber Security: Defense in Depth Strategies More Documents &...

76

Help for the Developers of Control System Cyber Security Standards  

SciTech Connect (OSTI)

A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

Robert P. Evans

2008-05-01T23:59:59.000Z

77

Cyber Security Audit and Attack Detection Toolkit: Bandolier and  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Audit and Attack Detection Toolkit: Bandolier and Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 Cyber Security Audit and Attack Detection Toolkit: Bandolier and Portaledge, March 2010 This project of the cyber security audit and attack detection toolkit will employ Bandolier Audit Files for optimizing security configurations and the Portaledge event detection capability for energy control systems. By building configuration audit and attack detection capabilities into tools already used by the energy sector, Bandolier and Portaledge offer energy asset owners low-cost and easily integrable control systems security solutions. Energy system operators can optimize the security of their control system configuration using Bandolier Security Audit Files, which assess the current configuration against an optimal security configuration.

78

Cyber Security Requirements for Wireless Devices and Information Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-11T23:59:59.000Z

79

Cyber security best practices for the nuclear industry  

SciTech Connect (OSTI)

When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

Badr, I. [Rational IBM Software Group, IBM Corporation, Evanston, IL 60201 (United States)

2012-07-01T23:59:59.000Z

80

CYBER SECURITY OF SUBSTATION AUTOMATION SYSTEMS .  

E-Print Network [OSTI]

??Cyber intrusions into substations of a power grid are a source of vulnerability since most substations are unmanned and with limited protection of the cyber (more)

[No author

2014-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

Cyber security analysis testbed : combining real, emulation, and simulation.  

SciTech Connect (OSTI)

Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems of computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed novel methods to combine these evaluation platforms into a hybrid testbed that combines real, emulated, and simulated components. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a system of interest, it is critical to realistically represent the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single, unified computing platform. This provides an 'experiment-in-a-box' capability. The result is rapidly-produced, large-scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

Villamarin, Charles H.; Eldridge, John M.; Van Leeuwen, Brian P.; Urias, Vincent E.

2010-07-01T23:59:59.000Z

82

Ant-Based Cyber Security  

SciTech Connect (OSTI)

We describe a swarming-agent-based, mixed-initiative approach to infrastructure defense where teams of humans and software agents defend cooperating organizations in tandem by sharing insights and solutions without violating proprietary boundaries. The system places human administrators at the appropriate level where they provide system guidance while lower-level agents carry out tasks humans are unable to perform quickly enough to mitigate todays security threats. Cooperative Infrastructure Defense (CID) uses our ant-based approach to enable dialogue between humans and agents to foster a collaborative problem-solving environment, increase human situational awareness and influence using visualization and shared control. We discuss theoretical implementation characteristics along with results from recent proof-of-concept implementations.

Haack, Jereme N.; Fink, Glenn A.; Maiden, Wendy M.; McKinnon, Archibald D.; Templeton, Steven J.; Fulp, Errin W.

2011-07-12T23:59:59.000Z

83

Office of Cyber Security Evaluations Appraisal Process Guide, April 2008  

Broader source: Energy.gov (indexed) [DOE]

CYBER SECURITY EVALUATIONS CYBER SECURITY EVALUATIONS APPRAISAL PROCESS GUIDE April 2008 Office of Health, Safety and Security U.S. Department of Energy Office of Cyber Security Evaluations Appraisal Process Guide Preface April 2008 i Preface Department of Energy (DOE) Order 470.2B, Independent Oversight and Performance Assurance Program, and Office of Health, Safety and Security (HSS) Standard Operating Procedure, SOP-10-01, Independent Oversight Appraisal Process Protocols, February 2008, provide direction for the Office of Independent Oversight (HS-60) to establish the requirements, responsibilities, and processes for the development and maintenance of Appraisal Process Protocols that describe the activities for evaluating the effectiveness of DOE safeguards and security; cyber security; emergency management; and

84

The Department's Cyber Security Incident Management Program, IG-0787 |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Incident Management Program, Cyber Security Incident Management Program, IG-0787 The Department's Cyber Security Incident Management Program, IG-0787 The Department of Energy operates numerous interconnected computer networks and systems to help accon~plishit s strategic missions in the areas of energy, defense, science, and the environment. These systems are frequently subjected to sophisticated cyber attacks that could potentially affect the Department's ability to carry out its mission. During Fiscal Year 2006, the Department experienced 132 incidents of sufficient severity to require reporting to law enforcement, an increase of 22 percent over the prior year. These statistics, troubling as they may be, are not unique to the Department; they are, in fact, reflective of a trend in cyber attacks throughout the government.

85

NNSA Seeking Comments on Consolidated IT and Cyber Security Support  

Broader source: Energy.gov (indexed) [DOE]

Seeking Comments on Consolidated IT and Cyber Security Support Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013 - 9:10am Addthis John Hale III John Hale III Director, Office of Small and Disadvantaged Business Utilization The National Nuclear Security Administration (NNSA) is currently seeking comments, now through July 29, on an opportunity for Consolidated IT and Cyber Security Support Services. Comments are sought from interested vendors holding active GSA Schedule 70 contracts (General Purpose Commercial Information Technology Equipment, Software, and Services) covering SIN 132-51 (Information Technology Professional Services) on draft performance-based scopes of work. The anticipated NAICS code is 541513 - Computer Facilities Management Services,

86

NNSA Seeking Comments on Consolidated IT and Cyber Security Support  

Broader source: Energy.gov (indexed) [DOE]

NNSA Seeking Comments on Consolidated IT and Cyber Security Support NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013 - 9:10am Addthis John Hale III John Hale III Director, Office of Small and Disadvantaged Business Utilization The National Nuclear Security Administration (NNSA) is currently seeking comments, now through July 29, on an opportunity for Consolidated IT and Cyber Security Support Services. Comments are sought from interested vendors holding active GSA Schedule 70 contracts (General Purpose Commercial Information Technology Equipment, Software, and Services) covering SIN 132-51 (Information Technology Professional Services) on draft performance-based scopes of work. The anticipated NAICS code is 541513 - Computer Facilities Management Services,

87

NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |  

Broader source: Energy.gov (indexed) [DOE]

NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines September 2, 2010 - 3:15pm Addthis WASHINGTON, D.C. - The National Institute of Standards and Technology (NIST) issued today its first Guidelines for Smart Grid Cyber Security, which includes high-level security requirements, a framework for assessing risks, an evaluation of privacy issues at personal residences, and additional information for businesses and organizations to use as they craft strategies to protect the modernizing power grid from attacks, malicious code, cascading errors, and other threats. The product of two formal public reviews and the focus of numerous workshops and teleconferences over the past 17 months, the three-volume set

88

CYBER SECURITY Software firm identifies hacking program against chemical makers  

Science Journals Connector (OSTI)

A cyber-attack campaign emanating from China targeted private companies involved in the research, development, and manufacture of chemicals and advanced materials between July and September of this year, according to a report from the computer security ...

RICK MULLIN

2011-11-07T23:59:59.000Z

89

The Department's Unclassified Cyber Security Program 2002, IG-0567  

Broader source: Energy.gov (indexed) [DOE]

DEPARTMENT'S UNCLASSIFIED DEPARTMENT'S UNCLASSIFIED CYBER SECURITY PROGRAM 2002 SEPTEMBER 2002 Department of Energy Washington, DC 20585 September 9, 2002 MEMORANDUM FOR FROM: Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Department's Unclassified Cyber Security Program 2002" As agencies strive to meet the President's goal of significantly increasing electronic government, the potential for disruption or damage to critical systems by malicious users continues to increase. In response to increasing threats to the Government's computer networks and systems, Congress enacted the Government hformation Security Reform Act (GISRA) in October 2000. GISRA focuses on program management, implementation, and evaluation of the security of unclassified and national security

90

Evaluation Report on The Department's Unclassified Cyber Security Program  

Broader source: Energy.gov (indexed) [DOE]

Report on The Department's Unclassified Cyber Security Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 Evaluation Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 As agencies strive to meet the President's goal of significantly increasing electronic government, the potential for disruption or damage to critical systems by malicious users continues to increase. In response to increasing threats to the Government's computer networks and systems, Congress enacted the Government hformation Security Reform Act (GISRA) in October 2000. GISRA focuses on program management, implementation, and evaluation of the security of unclassified and national security information. It requires agencies to conduct annual reviews and evaluations of unclassified and

91

Gamification for Measuring Cyber Security Situational Awareness  

SciTech Connect (OSTI)

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

2013-03-01T23:59:59.000Z

92

Management of Naval Reactors' Cyber Security Program, OIG-0884  

Broader source: Energy.gov (indexed) [DOE]

Naval Reactors' Naval Reactors' Cyber Security Program DOE/IG-0884 April 2013 U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Department of Energy Washington, DC 20585 April 12, 2013 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Naval Reactors' Cyber Security Program" INTRODUCTION AND OBJECTIVE The Naval Reactors Program (Naval Reactors), an organization within the National Nuclear Security Administration, provides the military with safe and reliable nuclear propulsion plants to power warships and submarines. Naval Reactors maintains responsibility for activities supporting the United States Naval fleet nuclear propulsion systems, including research and

93

Cyber Security Vulnerability Impact on I&C Reliability  

SciTech Connect (OSTI)

We present a discussion of the cyber security vulnerability impact on instrument and control reliability. In the discussion we demonstrate the likely vector of attack and vulnerabilities associated with commodity hardware, protocols and communication media. The current fleet of nuclear power plants in the United States utilizes aging analog instrument and control systems which are more frequently suffering from obsolescence and failure. The commodity equipment available now and in the near future incorporates features from information technology systems which compound cyber vulnerabilities.

Hadley, Mark D.; McBride, Justin B.

2006-11-01T23:59:59.000Z

94

Workshop on Scalable Cyber-Security Challenges in Large-Scale Networks: Deployment Obstacles  

E-Print Network [OSTI]

Workshop on Scalable Cyber-Security Challenges in Large-Scale Networks: Deployment Obstacles Large, and Definitions of Cybersecurity.... 8 Conventional Wisdom is Inadequate....................................... 9 Directions in Scalable Cyber-Security in Large-Scale Networks: Deployment Obstacles." The workshop

Feigenbaum, Joan

95

On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem  

E-Print Network [OSTI]

1 On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem Kin Cheong Sou, Henrik Sandberg and Karl Henrik Johansson Abstract--This paper considers a smart grid cyber-security problem

Johansson, Karl Henrik

96

Overcoming performance collapse for 100Gbps cyber security  

Science Journals Connector (OSTI)

In this paper, we present a series of performance tests carried out on R-Scope Dominate-T (RDT), a 1U network security appliance configured with four Tilera Gx-36 processors and with an aggregated network IO capacity of 160Gbps. RDT is optimized with ... Keywords: cyber-security

Jordi Ros-Giralt; Bob Rotsted; Alan Commike

2013-06-01T23:59:59.000Z

97

Secure control systems with application to cyber-physical systems  

Science Journals Connector (OSTI)

Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power ... Keywords: SCADA systems, cyber-physical systems, secure control, security

Jin Dong; Seddik. M. Djouadi; James J. Nutaro; Teja Kuruganti

2014-04-01T23:59:59.000Z

98

CYSEP --A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao  

E-Print Network [OSTI]

1 of 9 CYSEP -- A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao.2Interface Memory Controller Cyber-Security Processor SPI4.2Interface To PCI Bus To Memory ToFramer To NP or End Sy stem Figure 1. Cyber-Security Processor (CYSEP) architecture The Firewall and Intrusion

Chao, Jonathan

99

of Western Area Power Administration's Cyber Security Program  

Broader source: Energy.gov (indexed) [DOE]

Western Area Power Western Area Power Administration's Cyber Security Program DOE/IG-0873 October 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 October 22, 2012 MEMORANDUM FOR THE UNDER SECRETARY OF ENERGY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Western Area Power Administration's Cyber Security Program" INTRODUCTION AND OBJECTIVE The Department of Energy's Western Area Power Administration (Western) markets and delivers hydroelectric power and related services to 15 states within the central and western United States. As the largest U.S. Power Marketing Administration, millions of households and

100

Cyber Security Evaluation of II&C Technologies  

SciTech Connect (OSTI)

The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industrys template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.

Ken Thomas

2014-11-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

A Hierarchical Security Architecture for Cyber-Physical Systems  

SciTech Connect (OSTI)

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Quanyan Zhu; Tamer Basar

2011-08-01T23:59:59.000Z

102

A Comparison of Cross-Sector Cyber Security Standards  

SciTech Connect (OSTI)

This report presents a review and comparison (commonality and differences) of three cross-sector cyber security standards and an internationally recognized information technology standard. The comparison identifies the security areas covered by each standard and reveals where the standards differ in emphasis. By identifying differences in the standards, the user can evaluate which standard best meets their needs. For this report, only cross-sector standards were reviewed.

Robert P. Evans

2005-09-01T23:59:59.000Z

103

Cyber Security Summer School: Lessons for the Modern Grid | Department of  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Summer School: Lessons for the Modern Grid Cyber Security Summer School: Lessons for the Modern Grid Cyber Security Summer School: Lessons for the Modern Grid June 20, 2011 - 4:34pm Addthis Carol Hawk Program Manager, Cyber Security for Energy Delivery Systems What does this mean for me? Computer systems do more than store and share information. They help control our traffic lights, trains and specifically, our electric grid -- tasks for which continuous function is the primary concern. Protecting control systems on the grid from cyber attack requires a completely different approach to cyber security than information technology systems. The Cyber Summer School gave aspiring attendees a practical understanding of the connection between power systems and computer science required to secure a clean, reliable energy future.

104

CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the systems cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

Kathleen A. Lee

2008-01-01T23:59:59.000Z

105

Wireless Policy, Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Brookhaven Wireless Access Policy Brookhaven Wireless Access Policy Title: Deployment and Management of 802.11 and Related Wireless Standards Applicability: All Employees, Guests, System Administrators, and Management General Approved Technology Authentication Setting the Service Set Identifier (SSID) Exceptions Responsibilities of Requestor Responsibilities of the ITD WAP System Administrator Responsibility of Chief of Cyber Security Wireless Policy Definitions Standards-Based Management System (SBMS) Subject Area: Cyber Security, Unclassified Using Computing Resources (Steps 7-11 apply to BNL's wireless networks) General The purpose of the wireless policy and related standards and guidelines is to assure that Brookhaven National Laboratory's (BNL's) employees, guests, and contractors have access to a reliable, robust, and integrated wireless network, and to increase the security of the campus wireless network to the extent possible.

106

GAO-06-811 Information Security: Coordination of Federal Cyber Security Research and Development  

Broader source: Energy.gov (indexed) [DOE]

the Chairman, Committee on the Chairman, Committee on Government Reform, House of Representatives INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development September 2006 GAO-06-811 What GAO Found United States Government Accountability Office Why GAO Did This Study Highlights Accountability Integrity Reliability September 2006 INFORMATION SECURITY Coordination of Federal Cyber Security Research and Development Highlights of GAO-06-811, a report to Chairman, Committee on Government Reform, House of Representatives Research and development (R&D) of cyber security technology is essential to creating a broader range of choices and more robust tools for building secure, networked computer systems in the federal government and in the private sector. The National

107

GridStat Cyber Security and Regional Deployment Project Report  

SciTech Connect (OSTI)

GridStat is a developing communication technology to provide real-time data delivery services to the electric power grid. It is being developed in a collaborative effort between the Electrical Power Engineering and Distributed Computing Science Departments at Washington State University. Improving the cyber security of GridStat was the principle focus of this project. A regional network was established to test GridStats cyber security mechanisms in a realistic environment. The network consists of nodes at Pacific Northwest National Laboratory, Idaho National Laboratory, and Washington State University. Idaho National Laboratory (INL) was tasked with performing the security assessment, the results of which detailed a number or easily resolvable and previously unknown issues, as well as a number of difficult and previously known issues. Going forward we recommend additional development prior to commercialization of GridStat. The development plan is structured into three domains: Core Development, Cyber Security and Pilot Projects. Each domain contains a number of phased subtasks that build upon each other to increase the robustness and maturity of GridStat.

Clements, Samuel L.

2009-02-18T23:59:59.000Z

108

Cyber Assessment Methods for SCADA Security | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Assessment Methods for SCADA Security Assessment Methods for SCADA Security Cyber Assessment Methods for SCADA Security This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure. The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national

109

Cyber Security Incidents, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Reporting Computing Security Incidents Reporting Computing Security Incidents Incident Reporting Hotline: 631-344-8484 Security Incidents A computer security incident can range from a simple virus to the disclosure of sensitive information. Incidents can be minor, important, or significant. Incidents that must be reported include computer or network related activity, internal or external to the Laboratory, that may impact the Laboratory's mission. Examples of such activities include: the possibility of: loss of data; denial of services; compromise of computer security; unauthorized access to data that the Laboratory is required to control by law, regulation, or DOE orders; investigative activity by legal, law enforcement, bureaucratic, or political authorities; or a public relations embarrassment.

110

Department of Energy's July 2013 Cyber Security Breach  

Broader source: Energy.gov (indexed) [DOE]

The Department of Energy's July The Department of Energy's July 2013 Cyber Security Breach DOE/IG-0900 December 2013 U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Department of Energy Washington, DC 20585 December 6, 2013 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Special Review of the "Department of Energy's July 2013 Cyber Security Breach" BACKGROUND To facilitate its administrative and operational needs, the Department of Energy maintains a substantial amount of personally identifiable information (PII). The Department's Management Information System (MIS) provides a gateway for users to access a system known as the DOE Employee Data Repository (DOEInfo) database. That system was implemented in 1994, and

111

cyber security | OpenEI Community  

Open Energy Info (EERE)

and discussion of smart grid technologies, tools, and techniques. The Smart Grid Investment Grant (SGIG) program is authorized by the Energy Independence and Security Act of...

112

Cyber security in the Smart Grid: Survey and challenges  

Science Journals Connector (OSTI)

The Smart Grid, generally referred to as the next-generation power system, is considered as a revolutionary and evolutionary regime of existing power grids. More importantly, with the integration of advanced computing and communication technologies, the Smart Grid is expected to greatly enhance efficiency and reliability of future power systems with renewable energy resources, as well as distributed intelligence and demand response. Along with the silent features of the Smart Grid, cyber security emerges to be a critical issue because millions of electronic devices are inter-connected via communication networks throughout critical power facilities, which has an immediate impact on reliability of such a widespread infrastructure. In this paper, we present a comprehensive survey of cyber security issues for the Smart Grid. Specifically, we focus on reviewing and discussing security requirements, network vulnerabilities, attack countermeasures, secure communication protocols and architectures in the Smart Grid. We aim to provide a deep understanding of security vulnerabilities and solutions in the Smart Grid and shed light on future research directions for Smart Grid security.

Wenye Wang; Zhuo Lu

2013-01-01T23:59:59.000Z

113

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

114

Obama's Call for Public-Private Cyber Security Collaboration Reflected in  

Broader source: Energy.gov (indexed) [DOE]

Obama's Call for Public-Private Cyber Security Collaboration Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities May 29, 2009 - 4:08pm Addthis In releasing the results of his Administration's 60-day cyber security review, President Barack Obama today emphasized that partnering with the private sector will be paramount for agencies working to secure the power grid and other critical infrastructures from cyber attack. Securing the computer-based systems that monitor and control the nation's electric grid and oil and gas pipelines remains a shared challenge for the Department of Energy. As the industry quickly works to develop and demonstrate Smart Grid technologies to build a more reliable and resilient

115

A quantitative man-machine model for cyber security efficiency analysis  

E-Print Network [OSTI]

of the level of their security defense processes' efficiency and the impact of their investment. Modeling and characterization of the dynamics of cyber security management are essential to risk prediction, damage assessment, and resource allocations...

Jung, Sung-Oh

2007-04-25T23:59:59.000Z

116

Comparison of two methods to quantify cyber and physical security effectiveness.  

SciTech Connect (OSTI)

With the increasing reliance on cyber technology to operate and control physical security system components, there is a need for methods to assess and model the interactions between the cyber system and the physical security system to understand the effects of cyber technology on overall security system effectiveness. This paper evaluates two methodologies for their applicability to the combined cyber and physical security problem. The comparison metrics include probabilities of detection (P{sub D}), interruption (P{sub I}), and neutralization (P{sub N}), which contribute to calculating the probability of system effectiveness (P{sub E}), the probability that the system can thwart an adversary attack. P{sub E} is well understood in practical applications of physical security but when the cyber security component is added, system behavior becomes more complex and difficult to model. This paper examines two approaches (Bounding Analysis Approach (BAA) and Expected Value Approach (EVA)) to determine their applicability to the combined physical and cyber security issue. These methods were assessed for a variety of security system characteristics to determine whether reasonable security decisions could be made based on their results. The assessments provided insight on an adversary's behavior depending on what part of the physical security system is cyber-controlled. Analysis showed that the BAA is more suited to facility analyses than the EVA because it has the ability to identify and model an adversary's most desirable attack path.

Wyss, Gregory Dane; Gordon, Kristl A.

2005-11-01T23:59:59.000Z

117

21 Steps to Improve Cyber Security of SCADA Networks | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

1 Steps to Improve Cyber Security of SCADA Networks 1 Steps to Improve Cyber Security of SCADA Networks 21 Steps to Improve Cyber Security of SCADA Networks Supervisory control and data acquisition (SCADA) networks contain computers and applications that perform key functions in providing essential services and commodities (e.g., electricity, natural gas, gasoline, water, waste treatment, transportation) to all Americans. As such, they are part of the nation's critical infrastructure and require protection from a variety of threats that exist in cyber space today. By allowing the collection and analysis of data and control of equipment such as pumps and valves from remote locations, SCADA networks provide great efficiency and are widely used. However, they also present a security risk. 21 Steps to Improve Cyber Security of SCADA Networks

118

Probabilistic Characterization of Adversary Behavior in Cyber Security  

SciTech Connect (OSTI)

The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

Meyers, C A; Powers, S S; Faissol, D M

2009-10-08T23:59:59.000Z

119

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability  

E-Print Network [OSTI]

of Smart Grid devices ? Describe progress made in Smart Grid security ? Propose a more robust approach to SG security ? Describe needs for further research and development ESL-HH-10-08-09 Proceedings of the 17th Symposium for Improving Building Systems...? ? Advanced security methods ? Power analysis for key discovery ? Hardware attacks such as ?decapping? chips ? Developing vulnerability exploits ? Security analysis of smart grid systems & communications ? Reverse engineering ? Penetration testing ? Threat...

Ragsdale, G.

120

Secure control systems with application to cyber-physical systems  

SciTech Connect (OSTI)

Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

Dong, Jin [ORNL] [ORNL; Djouadi, Seddik M [ORNL] [ORNL; Nutaro, James J [ORNL] [ORNL; Kuruganti, Phani Teja [ORNL] [ORNL

2014-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

Cyber Security Procurement Language for Control Systems Version 1.8 |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Cyber Security Procurement Language for Control Systems Version 1.8 Supervisory Control and Data Acquisition (SCADA), Process Control System (PCS), Distributed Control System (DCS), etc. generally refer to the systems which control, monitor, and manage the nation's critical infrastructures such as electric power generators, subway systems, dams, telecommunication systems, natural gas pipelines, and many others. Simply stated, a control system gathers information and then performs a function based on established parameters or information it received. Cyber Security Procurement Language for Control Systems Version 1.8 More Documents & Publications AMI System Security Requirements - v1_01-1

122

Towards an Experimental Testbed Facility for Cyber-Physical Security Research  

SciTech Connect (OSTI)

Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

Edgar, Thomas W.; Manz, David O.; Carroll, Thomas E.

2012-01-07T23:59:59.000Z

123

Two-Tier Hierarchical Cyber-Physical Security Analysis Framework For Smart Grid  

E-Print Network [OSTI]

Two-Tier Hierarchical Cyber-Physical Security Analysis Framework For Smart Grid Jin Wei and Deepa stability in the smart grid in the face of cyber-physical attack. We model the smart grid as a networked the proposed framework. I. INTRODUCTION It is well known that the smart grid promises increased reliability

Kundur, Deepa

124

Control Systems Cyber Security:Defense in Depth Strategies  

SciTech Connect (OSTI)

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing defense-in-depth strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

David Kuipers; Mark Fabro

2006-05-01T23:59:59.000Z

125

Cyber Friendly Fire: Research Challenges for Security Informatics  

SciTech Connect (OSTI)

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a systems topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF including both training concepts and suggestions for decision aids and visualization approachesare discussed.

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

2013-06-06T23:59:59.000Z

126

ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security  

Broader source: Energy.gov (indexed) [DOE]

and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed Twelve utilities have formed a consortium with ABB, a supervisory control and data acquisition (SCADA) system vendor, to privately fund advanced research and testing through the U.S. Department of Energy's (DOE) National SCADA Test Bed (NSTB), announced a recent article in the journal Transmission & Distribution World. ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed More Documents & Publications Security is Not an Option ABB SCADA/EMS System INEEL Baseline Summary Test Report (November 2004)

127

Strategic philanthropy for cyber security : an extended cost-benefit analysis framework to study cybersecurity  

E-Print Network [OSTI]

The international climate of cyber security is dramatically changing and thus unpredictable. As such, agile yet sustainable solutions are needed, along with an effective and a pragmatic evaluation framework to assess and ...

Cho, Yiseul

2012-01-01T23:59:59.000Z

128

Multiple Tenure/Tenure-Track Faculty Positions Software Engineering Focus: CyberSecurity and Big Data  

E-Print Network [OSTI]

Multiple Tenure/Tenure-Track Faculty Positions Software Engineering Focus: CyberSecurity and Big to cybersecurity and big data. Outstanding candidates from all areas of software engineering and computer science

Carver, Jeffrey C.

129

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

130

Follow-up Audit of the Department's Cyber Security Incident Management Program, IG-0878  

Broader source: Energy.gov (indexed) [DOE]

Department's Department's Cyber Security Incident Management Program DOE/IG-0878 December 2012 U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Department of Energy Washington, DC 20585 December 11, 2012 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Follow-up Audit of the Department's Cyber Security Incident Management Program" INTRODUCTION AND OBJECTIVE The Department of Energy operates numerous networks and systems to help accomplish its strategic missions in the areas of energy, defense, science and the environment. The systems are frequently subjected to sophisticated cyber attacks that could impact the Department's

131

Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer  

E-Print Network [OSTI]

Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer Dept security challenges for a fu- ture power grid. It highlights deficiencies and shortcom- ings of existing and fault resilience of power as a utility must be a prime objective for power grids. Security compromises

Mueller, Frank

132

Leadership Development Series: "A Holistic Look at Cyber Security" |  

Broader source: Energy.gov (indexed) [DOE]

Leadership Development Series: "A Holistic Look at Cyber Security" Leadership Development Series: "A Holistic Look at Cyber Security" Leadership Development Series: "A Holistic Look at Cyber Security" January 30, 2014 10:30AM to 12:00PM EST Registration link: By e-mail, $0 Course type: Classroom/Auditorium, Video Cast & Teleconference Course Location: DOE Headquarters, Forrestal Building, Washington, DC/ Main Auditorium Course Description: Dr. Steven Bucci, Director, Douglas and Sarah Allison Center for Foreign Policy Studies. The sheer volume of cyber activity is masking serious threats that impact government, business and our personal lives every day. Incidents are now ubiquitous, pervasive and constitute the new "normal". These day to day threats are not existential, but if not addressed, will hinder our

133

Management of Los Alamos National Laboratory's Cyber Security Program, IG-0880  

Broader source: Energy.gov (indexed) [DOE]

Los Alamos National Los Alamos National Laboratory's Cyber Security Program DOE/IG-0880 February 2013 U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Department of Energy Washington, DC 20585 February 11, 2013 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman Inspector General SUBJECT: INFORMATION: Audit Report on "Management of Los Alamos National Laboratory's Cyber Security Program" INTRODUCTION AND OBJECTIVE The Los Alamos National Laboratory (LANL), operated by the National Nuclear Security Administration on behalf of the Department of Energy, is one of the world's largest multi- disciplinary laboratories and is primarily responsible for helping to ensure the safety and

134

Good Things in Small Packages: Micro Worlds and Cyber Security  

SciTech Connect (OSTI)

Cyber events, as perpetrated by terrorists and nation states, have become commonplace as evidenced in national and international news media. Cyber attacks affect day-to-day activities of end users through exploitation of social networks, businesses such as banking and stock exchanges, and government entities including Departments of Defense. They are becoming more frequent and sophisticated. Currently, efforts are directed to understanding the methods employed by attackers and towards dissecting the planning and activities of the perpetrator, including review of psychosocial factors.

David I Gertman

2013-11-01T23:59:59.000Z

135

T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security  

SciTech Connect (OSTI)

Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

2009-07-20T23:59:59.000Z

136

Modeling and simulation for cyber-physical system security research, development and applications.  

SciTech Connect (OSTI)

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

2010-02-01T23:59:59.000Z

137

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program … 2013  

Broader source: Energy.gov (indexed) [DOE]

Evaluation Report Evaluation Report The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2013 OAS-M-14-01 October 2013 Department of Energy Washington, DC 20585 October 23, 2013 MEMORANDUM FOR THE EXECUTIVE DIRECTOR, FEDERAL ENERGY REGULATORY COMMISSION FROM: Rickey R. Hass Deputy Inspector General for Audits and Inspections Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2013" BACKGROUND The Federal Energy Regulatory Commission (Commission) is an independent agency within the Department of Energy (Department) responsible for, among other things, regulating the interstate

138

Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed  

Broader source: Energy.gov (indexed) [DOE]

Audit and Attack Detection Toolkit: National SCADA Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed May 2008 This project of the cyber security audit and attack detection toolkit is adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers While many energy utilities employ vulnerability scanners and security event managers (SEM) on their enterprise systems, these tools often lack the intelligence necessary to be effective in control systems. This two-year project aims to integrate control system intelligence into widely deployed vulnerability scanners and SEM, and to integrate security incident detection intelligence into control system historians. These upgrades will

139

Survey Paper Cyber security in the Smart Grid: Survey and challenges q  

E-Print Network [OSTI]

), and renewable energy resources (e.g., solar and hydro) [2]. Therefore, the National Institute of StandardsSurvey Paper Cyber security in the Smart Grid: Survey and challenges q Wenye Wang , Zhuo Lu importantly, with the integration of advanced computing and communication technologies, the Smart Grid

Wang, Wenye

140

Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems  

Broader source: Energy.gov (indexed) [DOE]

U.S. Department of Energy U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB September 2006 LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS Raymond K. Fink David F. Spencer Rita A. Wells NSTB INL/CON-06-11665 iii ABSTRACT Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems, or components of those systems, were reviewed to identify common problem areas. The common vulnerabilities identified ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

The Future of Cyber Security Prof. Ravi Sandhu  

E-Print Network [OSTI]

! Net-centric military Intelligence Smart grid Electronic health records and healthcare Smart! Productivity Security Let's build it Cash out the benefits Next generation can secure it Let's not build it Let

Sandhu, Ravi

142

Defining and Computing a Valued Based Cyber-Security Measure  

SciTech Connect (OSTI)

In earlier work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

2012-01-01T23:59:59.000Z

143

Office of Cyber and Security Assessments | Department of Energy  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

security policies and programs throughout the Department, including protection of special nuclear material, and classified and sensitive information. The Office has established and...

144

Applications for cyber security - System and application monitoring  

SciTech Connect (OSTI)

Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

Marron, J. E. [Invensys Process Systems, 33 Commercial Street, Foxboro, MA 02035 (United States)

2006-07-01T23:59:59.000Z

145

Remote Access to the BNL Network, Cyber Security, Information Technology  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Virtual Private Network (VPN) Virtual Private Network (VPN) at Brookhaven CryptoCard tokens (hard or soft) will not supported after December 31, 2010. Please switch to RSA SecurID tokens as soon as possible. Contact the ITD Helpdesk at x5522 (631-344-5522) or send an email to itdhelp@bnl.gov if you have questions or concerns. The VPN service allows remote users to securely access the Brookhaven internal network through their own personal Internet Service Provider, so that it appears as if their home computer is right on the BNL internal network. Requirements Some form of internet connectivity. Only BNL employees can access this service. You must have a RSA SecurID token. Desktop VPN Client Clientless VPN Obtain a RSA SecurID Token RSA SecurID User Guide Last Modified: September 23, 2013

146

CyberCrime - A Clear and Present Danger The Ceo's Guide to Cyber Security  

Science Journals Connector (OSTI)

Is Your Information Easy to Steal? Every business has something it needs to protect. Whether it's top-secret Ip, an exclusive client list, or a secure payment portal, your data is what sets you apart from the competition. But most businesses aren't doing ...

Roger Smith

2014-06-01T23:59:59.000Z

147

Fact Sheet: Cyber Security Audit and Attack Detection Toolkit  

Broader source: Energy.gov (indexed) [DOE]

Audit and Audit and Attack Detection Toolkit Adding control system intelligence to widely deployed enterprise vulnerability scanners and security event managers While many energy utilities employ vulnerability scanners and security event managers (SEM) on their enterprise systems, these tools often lack the intelligence necessary to be effective in control systems. This two-year project aims to integrate control system intelligence into widely deployed vulnerability scanners and SEM, and to integrate security incident detection intelligence into control system historians. These upgrades will be provided at no or a low cost to control system asset owners. The popular Nessus Vulnerability Scanner supports an audit plug-in that gathers configuration information from

148

Proxy Documentation, Cyber Security, Information Technology Division, ITD  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Proxy Configuration Proxy Configuration Here you will find instructions for using the FTP and Web proxies. Keep in mind that depending on where you access the proxies from (whether you are inside or outside of the BNL network), the process will differ slightly. For FTP, you will not be required to enter any passwords to use the proxies while on the BNL network. However, when accessing the proxies from an outside network (e.g. anything not .bnl.gov), you will be required to authenticate using a RSA SecurID Token. If you do not already have one of these, please visit the RSA SecurID User Guide for instructions on obtaining one. Users who are only interested in configuring their web browsers need NOT bother with RSA SecurID, as the web proxies will not be needed when you are outside the BNL network.

149

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011, OAS-M-12-01  

Broader source: Energy.gov (indexed) [DOE]

1 1 OAS-M-12-01 November 2011 Department of Energy Washington, DC 20585 November 15, 2011 MEMORANDUM FOR THE CHAIRMAN, FEDERAL ENERGY REGULATORY COMMISSION FROM: Rickey R. Hass Deputy Inspector General for Audits and Inspections Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011" INTRODUCTION AND OBJECTIVE The Federal Energy Regulatory Commission (Commission) is an independent agency within the Department of Energy responsible for regulating the Nation's oil pipeline, natural gas, hydroelectric and wholesale electric industries. The Commission relies on a wide range of information technology (IT) resources in achieving its mission of assisting consumers in

150

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2012, OAS-L-13-01  

Broader source: Energy.gov (indexed) [DOE]

2 2 OAS-L-13-01 November 2012 Department of Energy Washington, DC 20585 November 7, 2012 MEMORANDUM FOR THE EXECUTIVE DIRECTOR, FEDERAL ENERGY REGULATORY COMMISSION FROM: Daniel M. Weeber Assistant Inspector General for Audits and Administration Office of Inspector General SUBJECT: INFORMATION: Evaluation Report on "The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2012" BACKGROUND The Federal Energy Regulatory Commission (Commission) is an independent agency within the Department of Energy responsible for, among other things, regulating interstate transmission of the Nation's electricity, natural gas and oil. In addition, the Commission licenses and inspects private, municipal and state hydroelectric projects. To achieve its mission, the Commission relies

151

Shopping For Danger: E-commerce techniques applied to collaboration in cyber security  

SciTech Connect (OSTI)

Collaboration among cyber security analysts is essential to a successful protection strategy on the Internet today, but it is uncommonly practiced or encouraged in operating environments. Barriers to productive collaboration often include data sensitivity, time and effort to communicate, institutional policy, and protection of domain knowledge. We propose an ambient collaboration framework, Vulcan, designed to remove the barriers of time and effort and mitigate the others. Vulcan automated data collection, collaborative filtering, and asynchronous dissemination, eliminating the effort implied by explicit collaboration among peers. We instrumented two analytic applications and performed a mock analysis session to build a dataset and test the output of the system.

Bruce, Joseph R.; Fink, Glenn A.

2012-05-24T23:59:59.000Z

152

Disable Automatic Login, Cyber Security, Information Technology Division,  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Disable Automatic Login Disable Automatic Login Automatic Login MUST be disabled... Follow the steps below to verify that auto login is disabled. Verify Security Settings Select Personal Section: Click Make sure the following required boxes are checked. - Require password to wake this computer from sleep or screen saver - Disable automatic login If so, close panel. If not, continue... Note: Mac users should have the panel locked at all times. Click the lock image to lock the panel if its open to prevent further changes. To unlock the above panel, click the lock image to bring up the login box. Insert your username & password, click . You should now be able to make changes to the panel.

153

Data-Intensive Visual Analysis for Cyber Security  

SciTech Connect (OSTI)

Protecting communications networks against attacks where the aim is to steal information, disrupt order, or harm critical infrastructure can require the collection and analysis of staggering amounts of data. The ability to detect and respond to threats quickly is a paramount concern across sectors, and especially for critical government, utility and financial networks. Yet detecting emerging or incipient threats in immense volumes of network traffic requires new computational and analytic approaches. Network security increasingly requires cooperation between human analysts able to spot suspicious events through means such as data visualization and automated systems that process streaming network data in near real-time to triage events so that human analysts are best able to focus their work.

Pike, William A.; Best, Daniel M.; Love, Douglas V.; Bohn, Shawn J.

2013-01-29T23:59:59.000Z

154

2014 Headquarters Facilities Master Security Plan - Chapter 14...  

Broader source: Energy.gov (indexed) [DOE]

4, Cyber Security 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security June 2014 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber...

155

Cyber Security  

Office of Environmental Management (EM)

Advisor Robert Green Staff Action Control Officer Gale Mitchell Deputy Chief Information Officer Donald Adcock Deputy Associate IT Policy & Governance (IM-20) Russell Pereira...

156

Cyber Security  

Broader source: Energy.gov (indexed) [DOE]

(IM-21) Robin Crisp Director Policy & Performance Management Division (IM-22) Russell Pereira Director Records & Privacy Management Division (IM-23) Troy Manigault Director...

157

Cyber Security  

Office of Environmental Management (EM)

Policy & Performance Management Division (IM-22) Russell Pereira Director, Acting Records & Privacy Management Division (IM-23) Troy Manigault Director Associate CIO for IT...

158

Cyber security of the smart grid: Attack exposure analysis, detection algorithms, and testbed evaluation.  

E-Print Network [OSTI]

??While smart grid technologies are deployed to help achieve improved grid resiliency and efficiency, they also present an increased dependency on cyber resources which may (more)

Hahn, Adam

2013-01-01T23:59:59.000Z

159

Security | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security The Y-12 National Security Complex places the highest priority on maintaining and improving its security posture. We employ security police officers, cyber...

160

AstroCloud, a Cyber-Infrastructure for Astronomy Research: Data Archiving and Quality Control  

E-Print Network [OSTI]

AstroCloud is a cyber-Infrastructure for Astronomy Research initiated by Chinese Virtual Observatory (China-VO) under funding support from NDRC (National Development and Reform commission) and CAS (Chinese Academy of Sciences){\\url{http://astrocloud.china-vo.org}}\\citep{O8-5_Cui_adassxxiv}. To archive the astronomical data in China, we present the implementation of the astronomical data archiving system (ADAS). Data archiving and quality control are the infrastructure for the AstroCloud. Throughout the data of the entire life cycle, data archiving system standardized data, transferring data, logging observational data, archiving ambient data, And storing these data and metadata in database. Quality control covers the whole process and all aspects of data archiving.

He, Boliang; Fan, Dongwei; Li, Changhua; Xiao, Jian; Yu, Ce; Wang, Chuanjun; Cao, Zihuang; Chen, Junyi; Yi, Weimin; Li, Shanshan; Mi, Linying; Yang, Sisi

2014-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

Cyber-physical security metric inference in smart grid critical infrastructures based on system administrators' responsive behavior  

Science Journals Connector (OSTI)

Abstract To protect complex power-grid control networks, efficient security assessment techniques are required. However, efficiently making sure that calculated security measures match the expert knowledge is a challenging endeavor. In this paper, we present EliMet, a framework that combines information from different sources and estimates the extent to which a control network meets its security objective. Initially, EliMet passively observes system operators' online reactive behavior against security incidents, and accordingly refines the calculated security measure values. To make the values comply with the expert knowledge, EliMet actively queries operators regarding those states for which sufficient information was not gained during the passive observation. Finally, EliMet makes use of the estimated security measure values for predictive situational awareness by ranking potential cyber-physical contingencies that the security administrators should plan for upfront. Our experimental results show that EliMet can optimally make use of prior knowledge as well as automated inference techniques to minimize human involvement and efficiently deduce the expert knowledge regarding individual states of that particular system.

Saman Zonouz; Parisa Haghani

2013-01-01T23:59:59.000Z

162

Pacific Basin Nuclear Conference (PBNC 2012), BEXCO, Busan, Korea, March 18 ~ 23, 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS  

E-Print Network [OSTI]

PBNC 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS Kwangjo Kim KAIST, Daejeon, Korea.kim@kustar.ac.ae Abstract Nuclear Power Plants (NPPs) become one of the most important infrastructures in providing improvement. 1. Introduction Nuclear Power Plants (NPPs) become one of the most important infrastructures

Kim, Kwangjo

163

The Fragmented Securitization of Cyber Threats  

Science Journals Connector (OSTI)

Cybersecurity is one of the most pressing national security issues nowadays. Cyber threats reached truly global scales, cyber attacks that potentially or actually cause physical damage are on the rise, and sec...

Agnes Kasper

2014-01-01T23:59:59.000Z

164

Energy Cyber Other Degree Program  

E-Print Network [OSTI]

Rev. Energy Cyber Other Yes No Degree Program States National Security Implications of Energy & Environmental Stress New Theories of Cross-Advisor: Graduation Date: Curric Num: Power and Energy New Approaches to Understanding Dimensions of National Security

165

Cyber Crime, Cyber Security and Cyber Warfare  

Science Journals Connector (OSTI)

The digital world has become a battleground for the forces of good and evil. There is an ever increasing awareness that the digital world provides an unlimited opportunity to further ones goals.

Mark A. Gregory; David Glance

2013-01-01T23:59:59.000Z

166

Transmission and Distribution World March 2007: DOE Focuses on Cyber Security  

Broader source: Energy.gov [DOE]

Energy sector owners, operators and system vendors team up to boost control system security with national SCADA test bed.

167

Reducing Cyber Risk to Critical Infrastructure: NIST Framework...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

The Vulnerability Analysis of Energy Delivery Control Systems Report Guidelines for Smart Grid Cyber Security (3.4 MB PDF) A Guide to Developing a Cyber Security and Risk...

168

An inter-realm, cyber-security infrastructure for virtual supercomputing  

SciTech Connect (OSTI)

Virtual supercomputing, (ise ., high-performance grid computing), is poised to revolutionize the way we think about and use computing. However, the security of the links interconnecting the nodes within such an environment will be its Achilles heel, particularly when secure communication is required to tunnel through heterogeneous domains. In this paper we examine existing security mechanisms, show their inadequacy, and design a comprehensive cybersecurity infrastructure that meets the security requirements of virtual supercomputing. Keywords Security, virtual supercomputing, grid computing, high-performance computing, GSS-API, SSL, IPsec, component-based software, dynamic reconfiguration.

Al-Muhtadi, J. (Jalal); Feng, W. C. (Wu-Chun); Fisk, M. E. (Mike E. )

2001-01-01T23:59:59.000Z

169

ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber...  

Broader source: Energy.gov (indexed) [DOE]

and Energy Utilities Form Consortium to Fund SCADAEMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADAEMS Cyber...

170

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security, 1st edition  

Science Journals Connector (OSTI)

If you are responsible for meeting federal information security requirements such as FISMA, this book is all you need to know to get a system authorized. Now in the first full revision of FISMA since its inception in 2002, a new wave of stronger security ...

Stephen D. Gantz; Daniel R. Philpott

2012-12-01T23:59:59.000Z

171

Guide to Critical Infrastructure Protection Cyber Vulnerability...  

Broader source: Energy.gov (indexed) [DOE]

Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June 2012)...

172

Sandia National Laboratories: Sandia Cyber Engineering Research...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyberdefenders * CERL * computer security * Cyber Engineering Research Laboratory * cybersecurity * SAND2013-2827P * Sandia computing expertise * Sandia Science & Technology Park...

173

DOE Issues Energy Sector Cyber Organization NOI  

Broader source: Energy.gov (indexed) [DOE]

Issues National Energy Sector Cyber Organization Notice of Intent Issues National Energy Sector Cyber Organization Notice of Intent February 11, 2010 The Department of Energy's (DOE) National Energy Technology Laboratory (NETL) announced on Jan. 7 that it intends to issue a Funding Opportunity Announcement (FOA) for a National Energy Sector Cyber Organization, envisioned as a partnership between the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security of the grid. The cyber organization is expected to have the knowledge, expertise, capabilities, and capacity, at a minimum to: * Identify and prioritize cyber security research and development issues.

174

Cautionary tales from real world failures for managing security in the cyber world  

Science Journals Connector (OSTI)

Any field of endeavor benefits from a body of knowledge of failures that provide guidance on what to avoid. As a relatively young discipline whose failures can often be handled privately, information security professionals do not have access to the volume ... Keywords: bridges, catastrophic failure, civil engineering, failure, lessons learned

Bill Naber

2010-10-01T23:59:59.000Z

175

The Technology of Cyber Operations Symposium on Cyber Operations and National  

E-Print Network [OSTI]

operations can be conducted with plausible deniability But adversaries make mistakes too, and allThe Technology of Cyber Operations Herb Lin Symposium on Cyber Operations and National Security not acknowledge role of offensive operations. · Offensive cyber operations can also have non-defensive purposes

176

Policing Cyber Hate, Cyber Threats and Cyber Terrorism  

Science Journals Connector (OSTI)

What are cyber threats? This book brings together a diverse range of multidisciplinary ideas to explore the extent of cyber threats, cyber hate and cyber terrorism. This ground-breaking text provides a comprehensive understanding of the range of activities ...

Imran Awan; Brian Blakemore

2012-07-01T23:59:59.000Z

177

NISTIR 7916 Proceedings of the Cybersecurity in Cyber-  

E-Print Network [OSTI]

NISTIR 7916 Proceedings of the Cybersecurity in Cyber- Physical Systems Workshop, April 23 ­ 24 of the Cybersecurity in Cyber- Physical Systems Workshop, April 23 ­ 24, 2012 Editor: Tanya Brewer Computer Security

178

STEM Incubator in Cyber Security (Haxor) Wednesdays 4:00 5:00pm, Manchester 244 Spring 2014  

E-Print Network [OSTI]

curity. Students will experiment with ethical hacking, cyber defense, and reverse engineering techniques: Demonstrable Outcomes . Understanding of ethical hacking approaches and awareness of laws concerning hacking code . The end of semester hacking challenge There is not a single text book that is best suited

Fulp, Errin W.

179

STEM Incubator in Cyber Security (Haxor) Wednesdays 4:00 -5:00pm, Manchester 244 Spring 2014  

E-Print Network [OSTI]

curity. Students will experiment with ethical hacking, cyber defense, and reverse engineering techniques:Demonstrable Outcomes · Understanding of ethical hacking approaches and awareness of laws concerning hacking code · The end of semester hacking challenge There is not a single text book that is best suited

Fulp, Errin W.

180

The cyber threat landscape: Challenges and future research directions  

Science Journals Connector (OSTI)

Cyber threats are becoming more sophisticated with the blending of once distinct types of attack into more damaging forms. Increased variety and volume of attacks is inevitable given the desire of financially and criminally-motivated actors to obtain ... Keywords: Culture of security, Cyber crime, Cyber exploitation, Policing and preventative strategy, Public private partnership, Routine Activity Theory

Kim-Kwang Raymond Choo

2011-11-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Broader source: Energy.gov (indexed) [DOE]

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June 2012)

182

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Broader source: Energy.gov (indexed) [DOE]

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June

183

Deception used for Cyber Defense of Control Systems  

SciTech Connect (OSTI)

Control system cyber security defense mechanisms may employ deception to make it more difficult for attackers to plan and execute successful attacks. These deceptive defense mechanisms are organized and initially explored according to a specific deception taxonomy and the seven abstract dimensions of security previously proposed as a framework for the cyber security of control systems.

Wayne F. Boyer; Miles A. McQueen

2009-05-01T23:59:59.000Z

184

Security and Trust Convergence: Attributes, Relations and Provenance  

E-Print Network [OSTI]

-World Impact! State of Cyber Security Cyber should be "controllable" Nuclear, chemical, biological have beenSecurity and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas

Sandhu, Ravi

185

Security and Trust Convergence: Attributes, Relations and Provenance  

E-Print Network [OSTI]

-World Impact! State of Cyber Security Cyber should be "controllable" Nuclear, chemical, biological have been1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas

Sandhu, Ravi

186

Cyber Innovation Technology Summit | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Cyber Innovation Technology Summit Cyber Innovation Technology Summit Cyber Innovation Technology Summit November 5, 2013 8:00AM EST Course Title: Cyber Innovation Technology Summit Course Start/End Date: November 5, 2013 Start/End Time: 8:00AM-12:00 PM Course Type: Classrooom Course Location: Forrestal Large Auditorium Course Description: Every October and November, the Department of Energy (DOE) joins the Department of Homeland Security (DHS) and other federal, state and local agencies across the country in support of National Cybersecurity Awareness Month and the "Stop. Think. Connect." campaign. This year marks the tenth year of the cyber security awareness campaign. The theme for this year is Achieving Cybersecurity Together: It's Our Shared Responsibility. By consistently following simple

187

Cyber Incidents Involving Control Systems  

SciTech Connect (OSTI)

The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).

Robert J. Turk

2005-10-01T23:59:59.000Z

188

Collaborative Utility Task Force Partners with DOE to Develop Cyber  

Broader source: Energy.gov (indexed) [DOE]

Collaborative Utility Task Force Partners with DOE to Develop Cyber Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure The Advanced Metering Infrastructure Security (AMI-SEC) Task Force announces the release of the AMI System Security Requirements, a first-of-its-kind for the utility industry that will help utilities procure and implement secure components and systems using a common set of security requirements. Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure More Documents & Publications AMI System Security Requirements - v1_01-1 Before the Senate Energy and Natural Resources Committee

189

Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May  

Broader source: Energy.gov (indexed) [DOE]

Protecting Intelligent Distributed Power Grids Against Cyber Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Protecting Intelligent Distributed Power Grids Against Cyber Attacks - May 2008 Development of a novel distributed and hierarchical security layer specific to intelligent grid design will help protect intelligent distributed power grids from cyber attacks. Intelligent power grids are interdependent energy management systems-encompassing generation, distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, efficiency, and reliability. But increased interconnection and automation over a large geographical area requires a distributed and hierarchical approach to cybersecurity. Protecting Intelligent Distributed Power Grids Again Cyber Attacks.pdf

190

Sandia National Laboratories: National Security Missions: Defense...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cybersecurity Delivering experience & expertise Training the next generation of cyber defenders Cybersecurity computing Defending national security Applying science and engineering...

191

The NIAC Convergence of Physical and Cyber Technbologies and Related  

Broader source: Energy.gov (indexed) [DOE]

The NIAC Convergence of Physical and Cyber Technbologies and The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations The NIAC convened the Physical/Cyber Convergence Working Group (CWG), in October 2005, to investigate the ongoing convergence of physical and cyber technologies for Supervisory Control and Data Acquisition (SCADA) and process control systems and their consolidated network management. The Working Group convened a Study Group of subject matter experts to inform its work. The Working Group report informed the NIAC's deliberations. The NIAC Convergence of Physical and Cyber Technbologies and Related

192

National Security Initiatives | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Our Primary Thrusts A science-based approach to cyber security Develop breakthrough nuclear forensic science Expand bioinformatics program to address critical biosurveillance gaps...

193

EVALUATING THREAT ASSESSMENT FOR MULTI-STAGE CYBER ATTACKS Shanchieh Jay Yang  

E-Print Network [OSTI]

EVALUATING THREAT ASSESSMENT FOR MULTI-STAGE CYBER ATTACKS Shanchieh Jay Yang Rochester Institute on how to evaluate a threat assessment algorithm, especially for cyber security. Because of the variety and the constantly changing nature of hacker behavior and network vulnerabilities, a cyber threat assessment

Jay Yang, Shanchieh

194

January 2014 Cybersecurity Awareness Campaign - Secure Online...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

January 2014 Cybersecurity Awareness Campaign - Secure Online Shopping January 2014 Cybersecurity Awareness Campaign - Secure Online Shopping The primary cyber theme for the...

195

Time-based intrusion detection in cyber-physical systems  

Science Journals Connector (OSTI)

Embedded systems, particularly real-time systems with temporal constraints, are increasingly deployed in every day life. Such systems that interact with the physical world are also referred to as cyber-physical systems (CPS). These systems commonly find ... Keywords: cyber-physical systems, real-time systems, security, timing analysis

Christopher Zimmer; Balasubramanya Bhat; Frank Mueller; Sibin Mohan

2010-04-01T23:59:59.000Z

196

Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.  

SciTech Connect (OSTI)

Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

2005-12-01T23:59:59.000Z

197

The Quality of Management and of the Science and Engineering at the NNSA National Security Laboratories  

Broader source: Energy.gov [DOE]

The Quality of Management and of the Science and Engineering at the NNSA National Security Laboratories was presented to CRENEL 9/15/2014.

198

Cyber Train Videos | The Ames Laboratory  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber Train Videos 1. Cyber Train Overview 2. Cyber Train Opt-Out Process 3. Cyber Train Complete Training 4. Submitting Course Completion Materials...

199

Energy Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber-physical solutions Cybersecurity for energy delivery systems outreach AMI smart metering upgradeability test framework Practical quantum security for grid automation...

200

Data Intensive Architecture for Scalable Cyber Analytics  

SciTech Connect (OSTI)

Cyber analysts are tasked with the identification and mitigation of network exploits and threats. These compromises are difficult to identify due to the characteristics of cyber communication, the volume of traffic, and the duration of possible attack. In this paper, we describe a prototype implementation designed to provide cyber analysts an environment where they can interactively explore a months worth of cyber security data. This prototype utilized On-Line Analytical Processing (OLAP) techniques to present a data cube to the analysts. The cube provides a summary of the data, allowing trends to be easily identified as well as the ability to easily pull up the original records comprising an event of interest. The cube was built using SQL Server Analysis Services (SSAS), with the interface to the cube provided by Tableau. This software infrastructure was supported by a novel hardware architecture comprising a Netezza TwinFin for the underlying data warehouse and a cube server with a FusionIO drive hosting the data cube. We evaluated this environment on a months worth of artificial, but realistic, data using multiple queries provided by our cyber analysts. As our results indicate, OLAP technology has progressed to the point where it is in a unique position to provide novel insights to cyber analysts, as long as it is supported by an appropriate data intensive architecture.

Olsen, Bryan K.; Johnson, John R.; Critchlow, Terence J.

2011-12-19T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

Critical Infrastructure and Cyber Security  

E-Print Network [OSTI]

indicators vis-a-vis one another, which is especially important in the midst of the current budgetary uncertainty in Washington. In this study, we present our definitions of the three indicators; an overview of the eighteen sectors of critical infrastructure...

Doll, Abby; Pirrong, Renee; Jennings, Matthew; Stasny, George; Giblin, Andy; Shaffer, Steph; Anderson, Aimee

2011-01-01T23:59:59.000Z

202

Numerically Efficient Water Quality Modeling and Security Applications  

E-Print Network [OSTI]

to consider e ective tools and mitigation strategies to improve water network security. This work presents two components that have been integrated into EPA?s Water Security Toolkit, an open-source software package that includes a set of tools to help water... several advantages and potential uses that are aligned with current emerging water security applications. This computational framework is able to e ciently generate an explicit mathematical model that can be easily embedded into larger mathematical...

Mann, Angelica

2013-02-04T23:59:59.000Z

203

Los Alamos director echoes cyber concerns  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Los Alamos director echoes cyber concerns Los Alamos director echoes cyber concerns Los Alamos director echoes cyber concerns Director Charlie McMillan told a gathering of energy executives that securing the electrical grid is a major concern now and it's only becoming more serious. May 21, 2013 Los Alamos National Laboratory Director Charlie McMillan (right), with, from left, Anthony Cugini of the National Energy Technology Laboratory, Thom Mason of Oak Ridge National Laboratory, and Tomas Diaz de la Rubia of Deloitte Consulting LLP. Los Alamos National Laboratory Director Charlie McMillan (right), with, from left, Anthony Cugini of the National Energy Technology Laboratory, Thom Mason of Oak Ridge National Laboratory, and Tomas Diaz de la Rubia of Deloitte Consulting LLP. Contact Fred deSousa

204

Quality of Service (QoS) security in mobile ad hoc networks  

E-Print Network [OSTI]

With the rapid proliferation of wireless networks and mobile computing applications, Quality of Service (QoS) for mobile ad hoc networks (MANETs) has received increased attention. Security is a critical aspect of QoS provisioning in the MANET...

Lu, Bin

2006-10-30T23:59:59.000Z

205

Safeguards and Security and Cyber Security RM  

Broader source: Energy.gov [DOE]

The SSCS RM is a tool that assists the DOE federal project review teams in evaluating the technical sufficiency of the project SSCS activities at CD-0 through CD-4.

206

Fact Sheet: Protecting Intelligent Distributed Power Grids Against Cyber Attacks  

Broader source: Energy.gov (indexed) [DOE]

Protecting Intelligent Distributed Protecting Intelligent Distributed Power Grids Against Cyber Attacks Development of a novel distributed and hierarchical security layer specific to intelligent grid design Intelligent power grids are interdependent energy management systems- encompassing generation, distribution, IT networks, and control systems-that use automated data analysis and demand response capabilities to increase system functionality, efficiency, and reliability. But increased interconnection and automation over a large geographical area requires a distributed and hierarchical approach to cyber security. This two-year project will develop three security components unique to intelligent power grids. The first is an automated

207

Operations Security (OPSEC) Reminder | Department of Energy  

Office of Environmental Management (EM)

or 301-903-9990. Addthis Related Articles Operations Security (OPSEC) Reminder Cybersecurity Is Every Citizen's Responsibility Secretary Moniz visits the Office of Cyber...

208

Security  

Broader source: Energy.gov [DOE]

Security refers to the security of the stream of principal and interest repayments and what happens in the event that a secured loan defaults.

209

Cyber in the Cloud -- Lessons Learned from INL's Cloud E-Mail Acquisition  

SciTech Connect (OSTI)

As we look at the cyber security ecosystem, are we planning to fight the battle as we did yesterday, with firewalls and intrusion detection systems (IDS), or are we sensing a change in how security is evolving and planning accordingly? With the technology enablement and possible financial benefits of cloud computing, the traditional tools for establishing and maintaining our cyber security ecosystems are being dramatically altered.

Troy Hiltbrand; Daniel Jones

2012-12-01T23:59:59.000Z

210

Subjective audio quality over a secure IEEE 802.11n network  

Science Journals Connector (OSTI)

This paper presents an empirical evaluation of audio quality generated by a G.711 codec and transmitted over IEEE 802.11n, IEEE 802.11b, and IEEE 802.11g Wireless Local Area Networks (WLANs). Audio quality decline due to additional calls or by securing the WLAN with Internet Protocol Security (IPsec) is quantified. Results suggest that audio quality over an IEEE 802.11n WLAN is not higher than over an IEEE 802.11b WLAN for up to 10 simultaneous calls. The data strongly suggest that toll quality audio (MOS ? 4.0) is not currently practical over IEEE 802.11 WLANs secured with WPA2, even using the G.711 codec.

Benjamin W. Ramsey; Barry E. Mullins; Ryan W. Thomas; Todd R. Andel

2011-01-01T23:59:59.000Z

211

Cyber sleuths face off  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

to plasma physics and new materials. Contact Communications Office (505) 667-7000 Hacking skills put to the test in week of hands-on cyber warfare training LOS ALAMOS, New...

212

Innovating to Meet the Evolving Cyber Challenge | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge September 19, 2013 - 12:02pm Addthis Innovating to Meet the Evolving Cyber Challenge Patricia A. Hoffman Patricia A. Hoffman Assistant Secretary, Office of Electricity Delivery & Energy Reliability What are the key facts? Protecting critical energy infrastructure -- which makes reliable electricity transmission and robust national security possible -- is a top priority for the Energy Department. This week, the Energy Department announced more than $30 million in awards to cutting-edge energy sector stakeholders in seven states across the country. This funding will drive the development of new technologies that will help utilities and the oil and gas sectors further strengthen

213

Innovating to Meet the Evolving Cyber Challenge | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge Innovating to Meet the Evolving Cyber Challenge September 19, 2013 - 12:02pm Addthis Innovating to Meet the Evolving Cyber Challenge Patricia A. Hoffman Patricia A. Hoffman Assistant Secretary, Office of Electricity Delivery & Energy Reliability What are the key facts? Protecting critical energy infrastructure -- which makes reliable electricity transmission and robust national security possible -- is a top priority for the Energy Department. This week, the Energy Department announced more than $30 million in awards to cutting-edge energy sector stakeholders in seven states across the country. This funding will drive the development of new technologies that will help utilities and the oil and gas sectors further strengthen

214

September 27 29, 2010, Baltimore Convention Center Focusing on Emerging Automation Specifications and Use Cases, Software Assurance, Healthcare IT, Cyber Security, and Regulatory Compliance  

E-Print Network [OSTI]

the technical burdens of policy compliance, and innovated uses of automation across the enterprise in both, Vulnerability Identification, and Remediation Federal Information Security Management Act (FISMA) Federal Validated Tools Content Validation Innovative Case Studies Highlights Beautiful Baltimore Inner Harbor

215

PSERC Webinar Series: Issues in Designing the Future Grid - Cyber-Physical  

Broader source: Energy.gov (indexed) [DOE]

Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 PSERC Webinar Series: Issues in Designing the Future Grid - Cyber-Physical Systems Security for the Smart Grid - February 7, 2012 PSERC is offering a free, public webinar series from January to May 2012 entitled "Issues in Designing the Future Grid," focusing on the information hierarchy for the future grid and grid enablers of sustainable energy systems. The second webinar, Cyber-Physical Systems Security for the Smart Grid, will be held on Fecruary 7, 2012 by Manimaran Govindarasu, Professor if Electrical and Computer Engineering at Iowa State University. Govindarasu_PSERC_Webinar_Feb_2012.pdf More Documents & Publications April 2012 PSERC Webinars on Issues in Designing the Future Grid

216

An environmental sensor network to determine drinking water quality and security  

E-Print Network [OSTI]

An environmental sensor network to determine drinking water quality and security Anastassia. Small Civil & Environmental Engineering and Engineering & Public Policy Carnegie Mellon University ms35@andrew.cmu.edu Jeanne VanBriesen Civil and Environmental Engineering and Biomedical Engineering Carnegie

Ailamaki, Anastassia

217

Protecting the Nation's Electric Grid from Cyber Threats | Department of  

Broader source: Energy.gov (indexed) [DOE]

Protecting the Nation's Electric Grid from Cyber Threats Protecting the Nation's Electric Grid from Cyber Threats Protecting the Nation's Electric Grid from Cyber Threats January 11, 2012 - 11:28am Addthis A smarter, modernized, and more secure grid will be pivotal to the United States’ world leadership in a clean energy future. | Photo courtesy of National Renewable Energy Laboratory. A smarter, modernized, and more secure grid will be pivotal to the United States' world leadership in a clean energy future. | Photo courtesy of National Renewable Energy Laboratory. Howard A. Schmidt White House Cybersecurity Coordinator Secretary Steven Chu: "Establishing a comprehensive cybersecurity approach will give utility companies and grid operators another important tool to improve the grid's ability to respond to cybersecurity risks."

218

Microsoft Word - OE Cyber Release 10 18 07.doc  

Broader source: Energy.gov (indexed) [DOE]

Megan Barnett, (202) 586-4940 Thursday, October 18, 2007 Megan Barnett, (202) 586-4940 Thursday, October 18, 2007 DOE to Provide Nearly $8 Million to Safeguard the Nation's Energy Infrastructure from Cyber Attacks WASHINGTON, DC - U.S. Department of Energy (DOE) Assistant Secretary for Electricity Delivery and Energy Reliability Kevin M. Kolevar today announced five projects that have been selected for negotiation of awards of up to $7.9 million in DOE funding to develop and integrate technologically- advanced controls and cyber-security devices into our electric grid and energy infrastructure. These projects aim to protect our Nation's energy infrastructure from cyber attacks and seek to modernize our electricity grid, advancing the President's efforts to increase energy and economic security. These projects will

219

The Basics of Cyber Warfare: Understanding the Fundamentals of Cyber Warfare in Theory and Practice  

Science Journals Connector (OSTI)

The Basics of Cyber Warfare provides readers with fundamental knowledge of cyber war in both theoretical and practical aspects. This book explores the principles of cyber warfare, including military and cyber doctrine, social engineering, and ...

Steve Winterfeld; Jason Andress

2012-12-01T23:59:59.000Z

220

PARS II New Contractor Information for Interconnection Security...  

Office of Environmental Management (EM)

V1.0 (November 18, 2010) The Department of Energy (DOE) Headquarters Program Cyber Security Plan (PCSP), dated February 2008, requires the Project Assessment and Reporting System...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

Computer Security Division 2009 Annual Report  

E-Print Network [OSTI]

Security 12 Smart Grid Cyber Security 13 Supply Chain Risk Management 13 Cryptographic Validation Programs Computing Project 36 Policy Machine 36 Security for Grid and Pervasive Systems 38 Security OntologiesComputer Security Division 2009 Annual Report #12;Table of Contents Welcome 1 Division

222

PACIFIC NORTHWEST CYBER SUMMIT  

SciTech Connect (OSTI)

On March 26, 2013, the Snohomish County Public Utility District (PUD) and the U.S. Department of Energys (DOEs) Pacific Northwest National Laboratory (PNNL) jointly hosted the Pacific Northwest Cyber Summit with the DOEs Office of Electricity Delivery and Energy Reliability, the White House, Washington State congressional delegation, Washington State National Guard, and regional energy companies.

Lesperance, Ann M.; Matlock, Gordon W.; Becker-Dippmann, Angela S.; Smith, Karen S.

2013-08-07T23:59:59.000Z

223

DOE Issues Energy Sector Cyber Organization NOI, Feb 2010 | Department of  

Broader source: Energy.gov (indexed) [DOE]

Issues Energy Sector Cyber Organization NOI, Feb 2010 Issues Energy Sector Cyber Organization NOI, Feb 2010 DOE Issues Energy Sector Cyber Organization NOI, Feb 2010 The Department of Energy's (DOE) National Energy Technology Laboratory (NETL) announced on Jan. 7 that it intends to issue a Funding Opportunity Announcement (FOA) for a National Energy Sector Cyber Organization, envisioned as a partnership between the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security of the grid. DOE Issues Energy Sector Cyber Organization NOI More Documents & Publications FAQ: Funding Opportunity Announcement-Smart Grid Investment Grants Grantsdown.xls Before the House Science and Technology Subcommittee on Energy and

224

Argonne Team Challenges Physical Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Engineering & Systems Analysis Engineering & Systems Analysis Success Stories For further information, contact Roger Johnston, rogerj@anl.gov "Real security is thinking like the bad guys," maintains Roger Johnston, head of Argonne's VAT. Argonne Team Challenges Physical Security Physical security-the art of protecting tangible assets-is the counterpart to cyber security. Physical security can take the form of locks, tamper-indicating seals, guards who stand watch

225

Security is Not an Option | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

is Not an Option Security is Not an Option A 10-year roadmap for achieving control system cyber security in the energy industry has been hailed as a model for other industries....

226

Cyber-Security week is coming up during the week of October 13, thru October 17, 2008. This year the Residence Hall Association is sponsoring a poster contest to educate and  

E-Print Network [OSTI]

the Residence Hall Association is sponsoring a poster contest to educate and bring awareness of cyber this is an issue that affects all of us. How do you get involved? Your poster should created electronically the document in a PDF format. What will you be doing? The poster should consist of information about the topic

Ray, David

227

E-Print Network 3.0 - analytical resources securely Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

and Computational Science Collection: Mathematics 28 ITL BULLETIN FOR OCTOBER 2010 CYBER SECURITY STRATEGIES FOR THE SMART GRID: PROTECTING THE Summary: Standards, Release 1.0....

228

Recommended Practice: Creating Cyber Forensics Plans for Control Systems  

SciTech Connect (OSTI)

Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are not comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.

Eric Cornelius; Mark Fabro

2008-08-01T23:59:59.000Z

229

Cyber and physical infrastructure interdependencies.  

SciTech Connect (OSTI)

The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

2008-09-01T23:59:59.000Z

230

Cyber and Security Assessments | Department of Energy  

Energy Savers [EERE]

material. To accomplish this independent oversight function, our office sponsors and trains the DOE composite adversary team to role play the postulated adversary during...

231

Strengthening Cyber Security | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

the National Environmental Policy Act Vision for 2025: A Framework for Change Demand Response and Smart Metering Policy Actions Since the Energy Policy Act of 2005: A Summary...

232

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

infrastructure systems in the analysis of safety and stability - a significant contribution to the theory of hybrid

Amin, Saurabh

2011-01-01T23:59:59.000Z

233

Design Security and Cyber-Physical Threats  

Science Journals Connector (OSTI)

The trustworthiness of reconfigurable hardware, such as FPGAs is defined by the mechanisms protecting the configuration data. The field programmability of an FPGA is a distinct feature enabling various possibi...

Thomas Feller

2014-01-01T23:59:59.000Z

234

MODELING SECURITY IN CYBER-PHYSICAL SYSTEMS  

E-Print Network [OSTI]

novel aspects of networked systems that include integrating dis- tributed computing systems with monitoring and controlling entities in the physical environment. For example, in real-time control systems stations. Other examples include smart grid systems and supervisory control and data acquisition (SCADA

Burmester, Mike

235

January 2015 | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

with members of the Idaho National Laboratory. The lab has a long history in the nuclear energy area and its growing expertise in new threat areas such as cyber security; make it...

236

Cyber Attacks, Prevention, and Countermeasures  

Science Journals Connector (OSTI)

In response to the ever-increasing number of cyber attacks on both private companies and the United States government, U.S. Congress has introduced the Cybersecurity Enhancement Act of 2007, the National Commi...

Newton Lee

2013-01-01T23:59:59.000Z

237

Convergence Approach to Model Physical World and Cyber World of Aviation Cyber Physical System  

Science Journals Connector (OSTI)

Aviation Cyber-Physical Systems are the integration of cyber systems and physical systems. Recent concentration to Aviation Cyber Physical Systems (ACPS) is driven by the demand for deeper Convergence of design disciplines that integrate physical and ... Keywords: Aviation Cyber Physical System CPS, Modelica, AADL, SysML, Spatial-Temporal Features, Dynamic Continuous Features

Lichen Zhang

2014-08-01T23:59:59.000Z

238

Architecture-driven smart grid security management  

Science Journals Connector (OSTI)

The introduction of smart grids goes along with an extensive use of ICT technologies in order to support the integration of renewable energy sources. However, the use of ICT technologies bears risks in terms of cyber security attacks which could negatively ... Keywords: risks, security, security management, smart grid

Markus Kammerstetter; Lucie Langer; Florian Skopik; Wolfgang Kastner

2014-06-01T23:59:59.000Z

239

BROOKHAVEN NATIONAL LABORATORYS CAPABILITIES FOR ADVANCED ANALYSES OF CYBER THREATS  

SciTech Connect (OSTI)

BNL has several ongoing, mature, and successful programs and areas of core scientific expertise that readily could be modified to address problems facing national security and efforts by the IC related to securing our nations computer networks. In supporting these programs, BNL houses an expansive, scalable infrastructure built exclusively for transporting, storing, and analyzing large disparate data-sets. Our ongoing research projects on various infrastructural issues in computer science undoubtedly would be relevant to national security. Furthermore, BNL frequently partners with researchers in academia and industry worldwide to foster unique and innovative ideas for expanding research opportunities and extending our insights. Because the basic science conducted at BNL is unique, such projects have led to advanced techniques, unlike any others, to support our mission of discovery. Many of them are modular techniques, thus making them ideal for abstraction and retrofitting to other uses including those facing national security, specifically the safety of the nations cyber space.

DePhillips M. P.

2014-06-06T23:59:59.000Z

240

SECURING HARDWARE, SOFTWARE AND DATA  

Broader source: Energy.gov (indexed) [DOE]

of the Cyber Security of the Cyber Security Research Needs for Open Science Workshop July 23-24, 2007 Sponsored by the DOE Office of Science in Cooperation with the Office of Electricity Delivery and Energy Reliability i PNNL-16971 Report of the Cyber Security Research Needs for Open Science Workshop July 23-24, 2007 Sponsored by the DOE Office of Science in Cooperation with the Office of Electricity Delivery and Energy Reliability iii Acknowledgements The workshop chairs wish to thank Joree O'Neal and Rachel Smith for all their help and support with organizing the logistics and registration activities for this workshop; Sue Chin, Ted Tanasse, Barbara Wilson, and Stacy Larsen for their expert help with the assembly, text editing, and graphics for this report; and Lance Baatz for his masterful

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Cyberspace security system  

SciTech Connect (OSTI)

A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

2014-06-24T23:59:59.000Z

242

A Key Management Scheme for Secure Communications of Advanced Metering Infrastructure  

Science Journals Connector (OSTI)

Key management for secure communications of Advanced Metering Infrastructure is an unsolved problem until now. The ... proposing a key management scheme based on a hybrid-tree graph for AMI. The cyber security...

Jinshan Chen; Nian Liu; Wenxia Liu; Hong Luo

2011-01-01T23:59:59.000Z

243

National SCADA Test Bed- Enhancing control systems security in the energy sector (September 2009)  

Broader source: Energy.gov [DOE]

Improving the security of energy control systems has become a national priority. Since the mid-1990s, security experts have become increasingly concerned about the threat of malicious cyber...

244

Roadmap to Secure Control Systems in the Energy Sector- January 2006  

Broader source: Energy.gov [DOE]

This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

245

Cyber Incident Information | Department of Energy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Services » Guidance » Privacy » Cyber Incident Information Services » Guidance » Privacy » Cyber Incident Information Cyber Incident Information July 2013 Cyber Incident The Department of Energy has confirmed a cyber incident that occurred at the end of July and resulted in the unauthorized disclosure of federal employee Personally Identifiable Information (PII). January 2013 Cyber Incident The Department of Energy (DOE) has confirmed a cyber incident that occurred in mid-January 2013 which targeted the Headquarters' network and resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information (PII). Tips to Monitor Your Identity Here is a suggested list of tips to monitor and protect yourself. Assistive Technology Forms Guidance Capital Planning Information Collection Management

246

Impact of Cyber Attacks on Transient Stability of Smart Grids with Voltage Support Devices  

E-Print Network [OSTI]

these requirements, some technologies such as Phasor Measurement Unit (PMU), Flexible AC Transmission System (FACTS. Therefore, cyber physical security is vitally important for smart grid infrastructure. The data representing on the U.S. infrastructure increased 17-fold from 2009 to 2011 [4]. The Supervisory Control and Data

Kundur, Deepa

247

Lemnos Interoperable Security Program  

SciTech Connect (OSTI)

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or ?? tunnels?, to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems Lemnos is built on the successes of Open PCS Security Architecture for Interoperable Design (OPSAID), a previous DOE National SCADA Test Bed (NSTB) project. It enhances security interoperability by identifying basic cyber security functions based on utility requirements and then selecting open source solutions, namely Internet Engineering Task Force (IETF) RFCs, to support these functions. Once identified, specific configuration parameters for each RFC suitable for the electric utility control system environment are identified and documented. These configuration parameters are referred to as Interoperable Configuration Profiles (ICP) and their effectiveness within the utility control systems environment is verified with comprehensive testing as the final step in the process. The project focused on development of ICPs for four security protocols (IPsec, SSH, LDAP, and Syslog) which represent fundamental building blocks which can be utilized for securing utility control systems. These ICPs are product agnostic and can be applied modularly to any device (router, substation gateway, intelligent electronic device, etc.) within the utility control system as the end user deems necessary for their unique system architecture. The Lemnos Interoperable Security Program is a public-private partnership under the U.S. Department of Energy (DOE) Office of Electricity Delivery and Energy Reliability's Cybersecurity for Energy Delivery Systems (CEDS) program and supports The Roadmap to Secure Energy Delivery Systems. In addition to EnerNex, the core team supporting the effort includes Tennessee Valley Authority, Sandia National Laboratories, and Schweitzer Engineering Laboratories. Adding to the core team effort is collaboration from additional industry participants in the project including the Electric Power Research Institute (EPRI), Alien Vault, Cisco, Encore Networks, GarrettCom, Industrial Defender, N-Dimension Solutions, Phoenix Contact, RuggedCom, and Siemens.

John Stewart; Ron Halbgewachs; Adrian Chavez; Rhett Smith; David Teumim

2012-01-31T23:59:59.000Z

248

Underground Test Area Fiscal Year 2013 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0  

SciTech Connect (OSTI)

This report is required by the Underground Test Area (UGTA) Quality Assurance Plan (QAP) and identifies the UGTA quality assurance (QA) activities for fiscal year (FY) 2013. All UGTA organizationsU.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); Navarro-Intera, LLC (N-I); National Security Technologies, LLC (NSTec); and the U.S. Geological Survey (USGS)conducted QA activities in FY 2013. The activities included conducting assessments, identifying findings and completing corrective actions, evaluating laboratory performance, and publishing documents. In addition, integrated UGTA required reading and corrective action tracking was instituted.

Krenzien, Susan; Marutzky, Sam

2014-01-01T23:59:59.000Z

249

OCIO Technology Summit: Cyber Innovation | Department of Energy  

Energy Savers [EERE]

Articles OCIO Technology Summit: Cyber Innovation OCIO Technology Summit: Data Analytics OCIO Technology Summit: Cyber Innovation OCIO Technology Summit: High Performance Computing...

250

Survey on Security Threats and Protection Mechanisms  

E-Print Network [OSTI]

Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan Studnia1 and can be seen as entry points for cyber attacks. In this paper, we present a survey on security threats in the embedded networks of current vehicles, we then analyze the potential threats targeting these networks

Paris-Sud XI, Université de

251

Cognitive Cyber Weapon Selection Tool Empirical Evaluation.  

E-Print Network [OSTI]

??Keeping in pace with the latest technological innovations in the cyber world, the misuse of this powerful infrastructure has also increased proportionally. Although a lot (more)

Ponangi, Preethi Vinayak

2011-01-01T23:59:59.000Z

252

Cyber - Protection for utilities ... | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber - Protection for utilities ... Hackers hoping to disrupt the power grid, water or natural gas service may be foiled by an intrusion detection system developed by researchers...

253

NNSA Policies | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

About Us > Our Operations > Management and Budget > NNSA Policy About Us > Our Operations > Management and Budget > NNSA Policy System > NNSA Policies NNSA Policies NNSA Policies (NAPs) impart policy and requirements unique to the Administration or provide short-term notices until more formal direction can be provided. NAP-4B Corporate Performance Process for M&O Contractors June 30, 2008 NAP-5 Standards Management October 16, 2002 NAP-6 FEOSH Program for NNSA Headquarters Employees December 19, 2002 NAP-7 NNSA's Acquisition and Assistance Policy Guidance December 9, 2002 NAP-14.1D Baseline Cyber Security Program December 14, 2012 NAP-21 Signed Governance and Oversight March 2, 2011 NAP-23 Transformational Governance and Oversight February 28, 2011 NAP-24 Weapons Quality Policy June 20, 2013 NAP-25 Management and Operating Contractor Business Meals and Light Refreshment

254

Graph anomalies in cyber communications  

SciTech Connect (OSTI)

Enterprises monitor cyber traffic for viruses, intruders and stolen information. Detection methods look for known signatures of malicious traffic or search for anomalies with respect to a nominal reference model. Traditional anomaly detection focuses on aggregate traffic at central nodes or on user-level monitoring. More recently, however, traffic is being viewed more holistically as a dynamic communication graph. Attention to the graph nature of the traffic has expanded the types of anomalies that are being sought. We give an overview of several cyber data streams collected at Los Alamos National Laboratory and discuss current work in modeling the graph dynamics of traffic over the network. We consider global properties and local properties within the communication graph. A method for monitoring relative entropy on multiple correlated properties is discussed in detail.

Vander Wiel, Scott A [Los Alamos National Laboratory; Storlie, Curtis B [Los Alamos National Laboratory; Sandine, Gary [Los Alamos National Laboratory; Hagberg, Aric A [Los Alamos National Laboratory; Fisk, Michael [Los Alamos National Laboratory

2011-01-11T23:59:59.000Z

255

Developing Energy Crops for Thermal Applications: Optimizing Fuel Quality, Energy Security and GHG Mitigation  

Science Journals Connector (OSTI)

Unprecedented opportunities for biofuel development are occurring as a result of increasing energy security concerns and the need to reduce greenhouse gas (GHG) emissions. This chapter analyzes the potential ... ...

Roger Samson; Claudia Ho Lem

2008-01-01T23:59:59.000Z

256

From Manual Cyber Attacks Forensic to  

E-Print Network [OSTI]

From Manual Cyber Attacks Forensic to Automatic Characterization of Attackers' Profiles J. Briffaut-00995211,version1- #12;From Manual Cyber Attacks Forensic to Automatic Characterization of Attackers, or governmental organisations. Experimental results of these forensic and high level characteriza- tion methods

Paris-Sud XI, Université de

257

Cyber-Physical System Verification Embedded Systems Group  

E-Print Network [OSTI]

(Felipe Bichued) 21 Introducing Simulation of Hybrid Systems with the Modelica Tool 32 #12;Cyber Physical

Berns, Karsten

258

Environment/Health/Safety/Security (EHSS): Security & Emergency Services:  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security & Emergency Services Security & Emergency Services Security Update ID Cards Gate Procedures Visitor/Guest Access Bus/Shuttle Reporting Foreign Contacts Mail Handling Contacts Cyber Protection Website ISSM Website ISSM: Counterintelligence and Counterterrorism Emergency Services Website Security and Emergency Operations Website Security Update THREAT ASSESSMENT: January 9, 2004-- The Department of Energy has directed all DOE sites to lower their security status to Secon Level 3, to coincide with the Department of Homeland Security advisory system. Security measures as listed below are in place. If you have any questions, call Dan Lunsford at x6016. ID Cards: Every employee must have a valid LBNL proximity badge and either wear it or produce it upon request. Badges and clips are available in the Site Access

259

Transportation Secure Data Center: Real-World Data for Environmental and Air Quality Analysis (Fact Sheet)  

SciTech Connect (OSTI)

The National Renewable Energy Laboratory (NREL) and the U.S. Department of Transportation (DOT) have launched the free, web-based Transportation Secure Data Center (TSDC). The TSDC (www.nrel.gov/tsdc) preserves respondent anonymity while making vital transportation data available to a broad group of users through secure, online access. The TSDC database provides free-of-charge web-based access to valuable transportation data that can be used for: Emissions and air pollution modeling, Vehicle energy and power analysis, Climate change impact studies, Alternative fuel station planning, and Validating transportation data from other sources. The TSDC's two levels of access make composite data available with simple online registration, and allow researchers to use detailed spatial data after completing a straight forward application process.

Not Available

2013-01-01T23:59:59.000Z

260

Chapter 2 - Definitions of Cyber Terrorism  

Science Journals Connector (OSTI)

Abstract The term cyber terror appeared for the first time in the mid-eighties. Since then the notion has been misused a number of times by journalists and politicians. It does not help that cyber terror does not have a clear, agreed definition. This chapter first analyses the background of the confusion. Secondly, the chapter provides a definition of cyber terrorism which aligns with national definitions of terrorism. From this, it becomes clear that no act of cyber terror has yet occurred. We need to be prepared however as the increasing societal critical reliance on ICT will make ICT systems and services as well as embedded ICT an interesting target for future terrorists.

Eric Luiijf

2014-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

A rational jurisdiction for cyber terrorism  

Science Journals Connector (OSTI)

Abstract Cyberspace is a cross-national world that transcends geopolitical national borders. Jurisdiction is the focal point for any dispute arising in the international arena, because it determines which state court has the authority to settle a dispute. The objective of this paper is to analyse territorial and universal jurisdiction principles which can be specifically related to cyberspace to determine which of them is best suited to providing the appropriate jurisdiction in combating cyber terrorism and how conflicts arising between them can be settled. The transnational nature of cyber terrorism offences leads to jurisdictional complexity, thereby investigation and prosecution is difficult. Lack of harmonisation in legislating among countries leads to difficulty in investigation and prosecution of cyber terrorism offences. This paper notes that universal jurisdiction is the most feasible and effective method to deter cyber terrorism.

Pardis Moslemzadeh Tehrani; Nazura Abdul Manap

2013-01-01T23:59:59.000Z

262

Model Transformation for Cyber Physical Systems  

Science Journals Connector (OSTI)

Cyber Physical Systems(CPS) are composed with discrete and continuous dynamics. Traditional modeling techniques cant implement the requirement of modeling CPS. One way of solving this is to model CPS parts wi...

Shuguang Feng; Lichen Zhang

2014-01-01T23:59:59.000Z

263

Nuclear Forensics | National Security | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Initiatives Initiatives Cyber Security Nuclear Forensics Bioinformatics National Security Home | Science & Discovery | National Security | Initiatives | Nuclear Forensics SHARE Nuclear Forensics image Tools, techniques, and expertise in nuclear fuel cycle research gained over seven decades help ORNL scientists control and track nuclear bomb-grade materials to be sure they don't fall into the wrong hands. Among the leading-edge technologies used by researchers are high-resolution techniques that allow analysis of radiation detector data in stunning detail. Researchers are also developing aerosol sampling systems to collect airborne particulates and instantly send an alert if radiation is detected. For more information, please contact: nuclearforensicsinitiative

264

A nexus of Cyber-Geography and Cyber-Psychology: Topos/Notopia and identity in hacking  

Science Journals Connector (OSTI)

This paper explores the Cyber-Psychological and Cyber-Geographic aspects of hacking and hacktivism. An examination of the literature related to hackers and hacking reveals a complex nexus of spatial (including cyber-spatial such as Notopia) and psychological aspects of hacking, from which emerges a central question of how humans perceive and manipulate their cyber-identities. Concealing (real and cyber) identities is typical in hacking. With our progressive acculturation with identity-less and place-less modes of existence, our cyber-identities through time may be studied from within John Lockes criterion of memory and the spatial-geographical criterion of identity.

Fivos Papadimitriou

2009-01-01T23:59:59.000Z

265

cyber  

National Nuclear Security Administration (NNSA)

and the review of information prior to public release or posting to publicly available web sites to assure it does not contain data that would assist an adversary.

266

Microsoft Word - Cyber Effects Analysis Using VCSE 09.doc  

Broader source: Energy.gov (indexed) [DOE]

8-5954 8-5954 Unlimited Release Printed September 2008 Cyber Effects Analysis Using VCSE Promoting Control System Reliability Michael J. McDonald, Gregory N. Conrad, Travis C. Service, Regis H. Cassidy Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 and Livermore, California 94550 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000. Approved for public release; further dissemination unlimited. Issued by Sandia National Laboratories, operated for the United States Department of Energy by Sandia Corporation. NOTICE: This report was prepared as an account of work sponsored by an agency of

267

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Does not cancel other directives. Canceled by DOE O 205.1B

2009-01-05T23:59:59.000Z

268

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

269

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

270

Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song  

E-Print Network [OSTI]

Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song-- Cyber Security of smart grids becomes more and more important to our everyday life for its wide of this important area. We believe that simulation systems designed for research purposes in the smart grid security

Wang, Weichao

271

Technical Services | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Technical Technical Services Technical Services Technical services spans Y-12 disciplines that support manufacturing at Y-12. Information Systems (National Security Systems Development) Provide solutions for information security, including the protection of national security, proprietary and any other class of highly sensitive information. Develop highly integrated, enterprise level software applications for use within the federal space and adaptable to commercial application. Leverage the transformative information technology capabilities of the NNSA to a broad spectrum of federal applications for rapidly deployed, cost effective and reproducible technical solutions. Develop virtual collaborative networks for cluster manufacturing. Develop, test, and implement operational cyber security strategies

272

GAO Challenges and Efforts to Secure Control Systems (March 2004) |  

Broader source: Energy.gov (indexed) [DOE]

GAO Challenges and Efforts to Secure Control Systems (March 2004) GAO Challenges and Efforts to Secure Control Systems (March 2004) GAO Challenges and Efforts to Secure Control Systems (March 2004) Computerized control systems perform vital functions across many of our nation's critical infrastructures. For example, in natural gas distribution, they can monitor and control the pressure and flow of gas through pipelines. In October 1997, the President's Commission on Critical Infrastructure Protection emphasized the increasing vulnerability of control systems to cyber attacks. The House Committee on Government Reform and its Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census asked GAO to report on potential cyber vulnerabilities, focusing on (1) significant cybersecurity risks associated with control systems (2) potential and reported cyber attacks

273

What is Security? A perspective on achieving security  

SciTech Connect (OSTI)

This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

Atencio, Julian J.

2014-05-05T23:59:59.000Z

274

Cyber-Physical Systems CPS Program  

E-Print Network [OSTI]

prosthetics Critical Infrastructure More reliable and efficient power grid Highways that allow denser traffic hybridization of computational (logical), physical, and human action." Examples of cyber-physical systems devices and systems, next-generation power grid, future defense systems, next-generation automobiles

Rajkumar, Ragunathan "Raj"

275

BNL Password Procedures, Cyber Security,Information Technology Division,  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Password Policy, Procedures, and Guidance Password Policy, Procedures, and Guidance Password Policy Choosing a Good Password - Online Random Password Generator Password Do's and Don'ts Password Protection Password Changing Password Change Process - Using Windows NT/2000/XP Operating Systems - Unix Systems Users not logged into the BNL Domain Password Policy for BlackBerry and Windows-based Hand-held Wireless Devices Password Policy Based upon DOE Notice N205.3 and guidance in DOE G 205.3-1, all BNL computer platforms capable of supporting password protection systems must have passwords that are in accord with the following. Password contains at least eight non-blank characters, provided such passwords are allowed by the operating system or application. Password contains a combination of letters (a mixture of upper and lowercase), numbers, and at least one special character within the first seven positions, provided such passwords are allowed by the operating system or application.

276

NNSA Seeking Comments on Consolidated IT and Cyber Security Support...  

Energy Savers [EERE]

search criteria, click on the down arrow and select "Reference Number". Type in,DE-SOL-0005569. Addthis Related Articles DOE Issues Draft Request for Proposals for Hanford Site...

277

Secure Cyber Incident Information Sharing UTSA Team Leads  

E-Print Network [OSTI]

A #12;Next Steps · UTSA to incorporate INL input · Develop prototype in OpenStack · Share research results with INL ­ August/September #12;Thanks · Comments, Q&A #12;Backup #12;OpenStack · Open

Sandhu, Ravi

278

The Use of SNePS for Cyber Security Reasoning  

E-Print Network [OSTI]

Seyed, and Stuart C. Shapiro Department of Computer Science and Engineering Center for Cognitive Science National Center for Multisource Information Fusion State University of New York at Buffalo {mwk3|apseyed|shapiro with acting is required, and for these purposes, we have chosen SNePS (Shapiro, 2000; Shapiro and The SNe

Shapiro, Stuart C.

279

Obama's Call for Public-Private Cyber Security Collaboration...  

Broader source: Energy.gov (indexed) [DOE]

Sector and the collaborative online project database. Media contact(s): Office of Electricity Delivery & Energy Reliability (202) 586-4940 Addthis Related Articles...

280

Cyber Security Expert Jim Mellander Retires from NERSC  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

experts, but not to a bug or a virus. Jim Mellander, senior cybersecurity engineer at NERSC, is retiring November 1. He's been with NERSC since 2009 and affiliated with...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

National cyber defense high performance computing and analysis : concepts, planning and roadmap.  

SciTech Connect (OSTI)

There is a national cyber dilemma that threatens the very fabric of government, commercial and private use operations worldwide. Much is written about 'what' the problem is, and though the basis for this paper is an assessment of the problem space, we target the 'how' solution space of the wide-area national information infrastructure through the advancement of science, technology, evaluation and analysis with actionable results intended to produce a more secure national information infrastructure and a comprehensive national cyber defense capability. This cybersecurity High Performance Computing (HPC) analysis concepts, planning and roadmap activity was conducted as an assessment of cybersecurity analysis as a fertile area of research and investment for high value cybersecurity wide-area solutions. This report and a related SAND2010-4765 Assessment of Current Cybersecurity Practices in the Public Domain: Cyber Indications and Warnings Domain report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

Hamlet, Jason R.; Keliiaa, Curtis M.

2010-09-01T23:59:59.000Z

282

6/16/13 New search tool developed to catch cyber thieves post.jagran.com/new-search-tool-developed-to-catch-cyber-thieves-1370602608 1/5  

E-Print Network [OSTI]

cyber thieves Montreal: A new search tool developed by researchers in Canada can now help crime Lifestyle News Desk Cyber thief child porn search tool Canada cyber crime #12;6/16/13 New search tool6/16/13 New search tool developed to catch cyber thieves post.jagran.com/new-search-tool

Fung, Benjamin C. M.

283

Hallmark Project Commercialization of the Secure SCADA Communications  

Broader source: Energy.gov (indexed) [DOE]

Project Commercialization of the Secure SCADA Project Commercialization of the Secure SCADA Communications Protocol, a cryptographic security solution for device-to-device communication Hallmark Project Commercialization of the Secure SCADA Communications Protocol, a cryptographic security solution for device-to-device communication Increased connectivity and automation in the control systems that manage the nation's energy infrastructure have improved system functionality, but left systems more vulnerable to cyber attack. Intruders could severely disrupt control system operation by sending fabricated information or commands to control system devices. To ensure message integrity, supervisory control and data acquisition (SCADA) systems require a method to validate device-to-device communication and verify that information has

284

The cyber threat landscape: Challenges and future research directions  

Science Journals Connector (OSTI)

Cyber threats are becoming more sophisticated with the blending of once distinct types of attack into more damaging forms. Increased variety and volume of attacks is inevitable given the desire of financially and criminally-motivated actors to obtain personal and confidential information, as highlighted in this paper. We describe how the Routine Activity Theory can be applied to mitigate these risks by reducing the opportunities for cyber crime to occur, making cyber crime more difficult to commit and by increasing the risks of detection and punishment associated with committing cyber crime. Potential research questions are also identified.

Kim-Kwang Raymond Choo

2011-01-01T23:59:59.000Z

285

Office of the CISO, December 2010 Information Security Risk Advisory  

E-Print Network [OSTI]

Office of the CISO, December 2010 Information Security Risk Advisory Web Browsing Software attacks that exploit web browsers (e.g., Internet Explorer, Firefox, Safari, Chrome, Opera) are on the rise. Cyber criminals frequently attack web browsers to take control of computers, delete files, steal personally

Queitsch, Christine

286

Mitigations for Security Vulnerabilities Found in Control System Networks |  

Broader source: Energy.gov (indexed) [DOE]

Mitigations for Security Vulnerabilities Found in Control System Mitigations for Security Vulnerabilities Found in Control System Networks Mitigations for Security Vulnerabilities Found in Control System Networks Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in

287

Secure Defences  

Science Journals Connector (OSTI)

......friendly attack - employing penetration testers or ethical hackers...for what is also known as penetration tester (note that there has...interchangeably). With the rate of cyber attacks doubling...friendly attack' employing penetration testers or ethical hackers......

Jutta Mackwell

2011-03-01T23:59:59.000Z

288

Cyber-physical energy systems: focus on smart buildings  

Science Journals Connector (OSTI)

Operating at the intersection of multiple sensing and control systems designed for occupant comfort, performability and operational efficiency, modern buildings represent a prototypical cyber-physical system with deeply coupled embedded sensing and networked ... Keywords: LEED, ZNEB, buildings, cyber-physical, embedded, energy management, energy metering, smart grid

Jan Kleissl; Yuvraj Agarwal

2010-06-01T23:59:59.000Z

289

Cyber Threat Trees for Large System Threat Cataloging and Analysis*  

E-Print Network [OSTI]

Cyber Threat Trees for Large System Threat Cataloging and Analysis* P. Ongsakorn, K. Turney, M, kturney, mitch, nair, szygenda, manikas}@lyle.smu.edu Abstract--The implementation of cyber threat. Because large systems have many possible threats that may be interdependent, it is crucial

Thornton, Mitchell

290

Implementing constrained cyber-physical systems with IEC 61499  

Science Journals Connector (OSTI)

Cyber-physical systems (CPS) are integrations of computation and control with sensing and actuation of the physical environment. Typically, such systems consist of embedded computers that monitor and control physical processes in a feedback loop. While ... Keywords: Compilers, IEC 61499, cyber-physical systems, function blocks, software synthesis, synchronous

Li Hsien Yoong; Partha S. Roop; Zoran Salcic

2012-12-01T23:59:59.000Z

291

View Consistency in Architectures for Cyber-Physical Systems  

Science Journals Connector (OSTI)

Current methods for modeling, analysis, and design of cyber-physical systems lack a unifying framework due to the complexity and heterogeneity of the constituent elements and their interactions. Our approach is to define relationships between system ... Keywords: system architecture, view consistency, graph morphism, multi-domain modeling, cyber-physical systems

Ajinkya Bhave; Bruce H. Krogh; David Garlan; Bradley Schmerl

2011-04-01T23:59:59.000Z

292

A modelica coordination pattern library for cyber-physical systems  

Science Journals Connector (OSTI)

Today's embedded systems often do not operate individually anymore. Instead, they form so called cyber-physical systems, where the overall functionality is provided by the collaboration of systems. Consequently, the design of this collaboration is an ... Keywords: cyber-physical systems, design patterns, modelica, real-time coordination, simulation

Uwe Pohlmann; Stefan Dziwok; Matthias Meyer; Matthias Tichy; Sebastian Thiele

2014-03-01T23:59:59.000Z

293

Towards a theory for cyber-physical systems modeling  

Science Journals Connector (OSTI)

Modeling the heterogeneous composition of physical, computational and communication systems is an important challenge in engineering Cyber-Physical Systems (CPS), where the major sources of heterogeneity are causality, time semantics, and different physical ... Keywords: cyber-physical systems, formalization, heterogeneous composition, model-based engineering

Gabor Simko; Tihamer Levendovszky; Miklos Maroti; Janos Sztipanovits

2014-04-01T23:59:59.000Z

294

Quantitative Cyber Risk Reduction Estimation Methodology for a Small Scada Control System  

SciTech Connect (OSTI)

We propose a new methodology for obtaining a quick quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.

Miles A. McQueen; Wayne F. Boyer; Mark A. Flynn; George A. Beitel

2006-01-01T23:59:59.000Z

295

Cyber Effects Analysis Using VCSE Promoting Control System Reliability |  

Broader source: Energy.gov (indexed) [DOE]

Cyber Effects Analysis Using VCSE Promoting Control System Cyber Effects Analysis Using VCSE Promoting Control System Reliability Cyber Effects Analysis Using VCSE Promoting Control System Reliability This report describes the Virtual Control System Environment (VCSE) technology- developed at Sandia National Laboratories-to investigate Supervisory Control And Data Acquisition (SCADA) vulnerabilities associated with energy systems; and it describes a set of experiments with findings from using that environment. The report explains how VCSE can be used to analyze and develop an understanding of cyber attacks. Specific analyses in this report focus on unencrypted, unsecured data channels on Internet protocol (IP)-routed computer networks within electric power systems. Cyber Effects Analysis Using VCSE Promoting Control System Reliability

296

Los Alamos director echoes cyber concerns  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

of times by adversaries. Our systems, and yours, are very attractive. Securing the grid will be key for energy security going forward NATIONAL HARBOR, Md.,May 21, 2013-Los...

297

Development and Demonstration of a Security Core Component  

SciTech Connect (OSTI)

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on security through obscurity. Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. The rise of the Internet and the accompanying demand for more data about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. Cyber crime has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group has something to prove. Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be on the front line if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utilitys SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values even results from a SIEM (Security Information and Event Management) system. When the system deviates from normal, CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSMs built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that real world training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipients SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.

Turke, Andy

2014-02-28T23:59:59.000Z

298

National SCADA Test Bed Enhancing control systems security in the energy  

Broader source: Energy.gov (indexed) [DOE]

SCADA Test Bed Enhancing control systems security in the SCADA Test Bed Enhancing control systems security in the energy sector National SCADA Test Bed Enhancing control systems security in the energy sector Improving the security of energy control systems has become a national priority. Since the mid-1990's, security experts have become increasingly concerned about the threat of malicious cyber attacks on the vital supervisory control and data acquisition (SCADA) and distributed control systems (DCS) used to monitor and manage our energy infrastructure. Many of the systems still in use today were designed to operate in closed, proprietary networks. National SCADA Test Bed Enhancing control systems security in the energy sector More Documents & Publications NSTB Summarizes Vulnerable Areas Transmission and Distribution World March 2007: DOE Focuses on Cyber

299

Certification and Accreditation Process for Information Systems Including National Security Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures the effectiveness of security controls on DOE Federal information systems including national security systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. No cancellations. DOE N 205.15, dated 3-18-05, extends this directive until 3-18-06.

2004-02-19T23:59:59.000Z

300

Global Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Applications Global Security science-innovationassetsimagesicon-science.jpg Global Security National security depends on science and technology. The United States relies on...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

Ruminati : modeling the detection of textual cyber-bullying  

E-Print Network [OSTI]

The scourge of cyber-bullying has received widespread attention at all levels of society including parents, educators, adolescents, social scientists, psychiatrists and policy makers at the highest echelons of power. ...

Dinakar, Karthik

2012-01-01T23:59:59.000Z

302

Advances in Materials Genomics: Making CyberSteels Fly | Argonne...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Events Upcoming Events Upcoming Events Advances in Materials Genomics: Making CyberSteels Fly January 7, 2015 3:00PM to 4:00PM Presenter Greg Olson, Northwestern University and...

303

Managing Threats to Web Databases and Cyber Systems  

Science Journals Connector (OSTI)

This chapter provides an overview of some of the cyber threats information systems as well as data management ... then discusses potential solutions and challenges. The threats include access control violations, ...

Bhavani Thuraisingham

2005-01-01T23:59:59.000Z

304

Towards a modeling language for cyber-physical systems  

Science Journals Connector (OSTI)

A cyber-physical system (CPS) is an interactive system of continuous plants and real-time controller programs. These systems usually feature a tight relationship between the physical and computational components and exhibit true concurrency with respect ...

Longfei Zhu; Yongxin Zhao; Huibiao Zhu; Qiwen Xu

2013-01-01T23:59:59.000Z

305

July 2013 Cyber Incident | Department of Energy  

Energy Savers [EERE]

7. How is the Department of Energy responding to this attack? The Department's Cybersecurity office, the Office of Health, Safety and Security and the Inspector General's...

306

National Security & Safety | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Safety Safety National Security & Safety In the video above, three veterans discuss how the skills they learned in the service are helping them advance energy security and grow the clean energy economy. The veterans shared their experiences at a Champions of Change event at the White House. | Video by Matty Greene, Energy Department. The Energy Department plays an important and multifaceted role in protecting national security. In addition to our work to increase nuclear nonproliferation and ensure the security of the U.S. nuclear weapons stockpile, we manage the Strategic Petroleum Reserve, invest in protections against cyber and physical attacks on U.S. energy infrastructure, conduct programs to ensure worker health and safety, provide training tools and

307

2011 Quality Council Annual Report  

Broader source: Energy.gov [DOE]

DEPARTMENT OF ENERGY QUALITY COUNCIL ANNUAL REPORT For Calendar Year 2011 Office of Health Safety and Security

308

Protecting IT Systems from Cyber Crime  

Science Journals Connector (OSTI)

......company's own personnel. The rotation of...vetting and security training of that staff more...than for intramural personnel. (However, it...utilization, its operating procedures--and...Security awareness training (2) Integrated...PRIORITIZATION IN THE SELECTION OF DEFENCE OPTIONS......

R. Benjamin; B. Gladman; B. Randell

1998-01-01T23:59:59.000Z

309

AstroCloud, a Cyber-Infrastructure for Astronomy Research: Architecture  

E-Print Network [OSTI]

AstroCloud is a cyber-Infrastructure for Astronomy Research initiated by Chinese Virtual Observatory (China-VO) under funding support from NDRC (National Development and Reform commission) and CAS (Chinese Academy of Sciences). The ultimate goal of this project is to provide a comprehensive end-to-end astronomy research environment where several independent systems seamlessly collaborate to support the full lifecycle of the modern observational astronomy based on big data, from proposal submission, to data archiving, data release, and to in-situ data analysis and processing. In this paper, the architecture and key designs of the AstroCloud platform are introduced, including data access middleware, access control and security framework, extendible proposal workflow, and system integration mechanism.

Xiao, Jian; Cui, Chenzhou; He, Boliang; Li, Changhua; Fan, Dongwei; Hong, Zhi; Yin, Shucheng; Wang, Chuanjun; Cao, Zihuang; Fan, Yufeng; Li, Shanshan; Mi, Linying; Wan, Wanghui; Wang, Jianguo; Zhang, Hailong

2014-01-01T23:59:59.000Z

310

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 |  

Broader source: Energy.gov (indexed) [DOE]

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 July 12, 2007 Issued to Los Alamos National Security, LLC related to the Unauthorized Reproduction and Removal of Classified Matter from the Los Alamos National Laboratory The Compliance Order directs LANS to implement specific corrective actions to remediate both the laboratory management deficiencies that contributed to the thumb drive security incident at Los Alamos National Laboratory (LANL) discovered in October 2006 and, more broadly, longstanding deficiencies in the classified information and cyber security programs at LANL. Violation of the Compliance Order would subject LANS to issuance of a notice of violation and assessment of civil penalties up to S100,000 per

311

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 |  

Broader source: Energy.gov (indexed) [DOE]

Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 Compliance Order, Los Alamos National Security, LLC - July 12, 2007 July 12, 2007 Issued to Los Alamos National Security, LLC related to the Unauthorized Reproduction and Removal of Classified Matter from the Los Alamos National Laboratory The Compliance Order directs LANS to implement specific corrective actions to remediate both the laboratory management deficiencies that contributed to the thumb drive security incident at Los Alamos National Laboratory (LANL) discovered in October 2006 and, more broadly, longstanding deficiencies in the classified information and cyber security programs at LANL. Violation of the Compliance Order would subject LANS to issuance of a notice of violation and assessment of civil penalties up to S100,000 per

312

Engineering Energy Systems of the Future as Cyber-Physical Ecosystems  

E-Print Network [OSTI]

Engineering Energy Systems of the Future as Cyber-Physical Ecosystems Marija Ilic, Carnegie Mellon University milic@andrew.cmu.edu Keynote at the Workshop on eNetworks as Infrastructure for the Future Cyber · Examples of existing and evolving energy industry architectures as particular cases of cyber- physical

Ilic, Marija D.

313

Cumulative strategic capability and performance of early movers and followers in the cyber market  

Science Journals Connector (OSTI)

Today, the cyber market is evolving rapidly in the networked age. In the cyber market, the traditional competitive strategy appears to no longer be effective. This study investigates the strategic choice differences of online firms based on their strategic ... Keywords: Cyber market, Early mover, Follower, Porter's generic strategies, Sand Cone model

Sang-Gun Lee; Chulmo Koo; Kichan Nam

2010-06-01T23:59:59.000Z

314

Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu  

E-Print Network [OSTI]

Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu side of the picture--the computers which we train students, young and old, to be effective cyber-citizens; and the media coverage or produce more effective tailors. S.W. SMITH Dartmouth College T oalargeextent,computingsystemsareu

Smith, Sean W.

315

Security Rulemaking | Department of Energy  

Office of Environmental Management (EM)

Security Rulemaking Security Rulemaking Transportation Security Rulemaking Activities Security Rulemaking More Documents & Publications Transportation Security Rulemaking...

316

Critical issues in process control system security : DHS spares project.  

SciTech Connect (OSTI)

The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

2010-10-01T23:59:59.000Z

317

National Security & Safety Reports | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

July 2, 2012 July 2, 2012 Inspection Report: INS-O-12-02 Management of Explosives at Selected Department Sites June 29, 2012 Audit Report: OAS-M-12-05 Office of Secure Transportation Capabilities May 31, 2012 Audit Report: IG-0866 Integrated Safety Management at Sandia National Laboratories April 23, 2012 Audit Report: OAS-L-12-05 The Joint Actinide Shock Physics Experimental Research Facility at the Nevada National Security Site March 6, 2012 Inspection Report: INS-L-12-02 Follow-up Inspection on Security Clearance Terminations and Badge Retrieval at the Lawrence Livermore National Laboratory February 28, 2012 Audit Report: IG-0860 The Department of Energy's Implementation of Homeland Security Presidential Directive 12 November 15, 2011 Evaluation Report: OAS-M-12-01 The Federal Energy Regulatory Commission's Unclassified Cyber Security

318

DOE and Industry Showcase New Control Systems Security Technologies at  

Broader source: Energy.gov (indexed) [DOE]

Technology Development » Energy Delivery Systems Technology Development » Energy Delivery Systems Cybersecurity » Control Systems Security News Archive » DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH DistribuTECH Conference Tuesday-Thursday, March 23-25, 2010 Tampa Convention Center Booth #231 Tampa, FL Join the Department of Energy and its industry partners as they showcase six new products and technologies designed to secure the nation's energy infrastructure from cyber attack on Tuesday through Thursday, March 23-25. Visit Booth #231 at the DistribuTECH 2010 Conference & Exhibition in Tampa, FL, to see first-hand demonstrations of several newly commercialized control systems security products-each developed through a

319

PARS II New Contractor Information for Interconnection Security Agreement  

Broader source: Energy.gov (indexed) [DOE]

New Contractor Information for Interconnection Security Agreement New Contractor Information for Interconnection Security Agreement V1.0 (November 18, 2010) The Department of Energy (DOE) Headquarters Program Cyber Security Plan (PCSP), dated February 2008, requires the Project Assessment and Reporting System (PARS) II System Owner and the contractor sign an Interconnection Security Agreement (ISA). The requirement for an Interconnection Security Agreement can be found on page 182 of the PCSP. The ISA template is available for review on the PARS II portal (http://management.energy.gov/online_resources/pars2.htm) under Contractor Documents. Before the contractor begins sending data to PARS II, DOE will send the ISA to the contractor for review and signature. In order to prepare the ISA for review and signature, the PARS II Support Team needs

320

August 2012 CIP Report Focuses on Smart Grid Security | Department of  

Broader source: Energy.gov (indexed) [DOE]

August 2012 CIP Report Focuses on Smart Grid Security August 2012 CIP Report Focuses on Smart Grid Security August 2012 CIP Report Focuses on Smart Grid Security September 4, 2012 - 2:01pm Addthis The August 2012 issue of The CIP Report from George Mason University's Center for Infrastructure Protection and Homeland Security highlights the significance and challenges to securing the smart grid. The report includes an overview of smart grid security by Deputy Assistant Secretary Hank Kenchington and the findings for reducing cyber risks from the Workshop on Securing the Smart Grid: Best Practices in Supply Chain Security, Integrity, and Resilience. The issue also includes contributions from Progress Energy explaining their collaborative efforts in building bridges between operations technology, information technology, and supply chain

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

August 2012 CIP Report Focuses on Smart Grid Security | Department of  

Broader source: Energy.gov (indexed) [DOE]

August 2012 CIP Report Focuses on Smart Grid Security August 2012 CIP Report Focuses on Smart Grid Security August 2012 CIP Report Focuses on Smart Grid Security September 4, 2012 - 2:01pm Addthis The August 2012 issue of The CIP Report from George Mason University's Center for Infrastructure Protection and Homeland Security highlights the significance and challenges to securing the smart grid. The report includes an overview of smart grid security by Deputy Assistant Secretary Hank Kenchington and the findings for reducing cyber risks from the Workshop on Securing the Smart Grid: Best Practices in Supply Chain Security, Integrity, and Resilience. The issue also includes contributions from Progress Energy explaining their collaborative efforts in building bridges between operations technology, information technology, and supply chain

322

SP 800-82. Guide to Industrial Control Systems (ICS) Security: Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC)  

Science Journals Connector (OSTI)

The purpose of this document is to provide guidance for securing industrial control systems (ICS), including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other systems performing control functions. ... Keywords: Cyber-physcial systems, ICS, Industrial Control Systems, SCADA, Supervisory Control and Data Acquisition, security controls, threats, vulnerabilities

Keith A. Stouffer; Joseph A. Falco; Karen A. Scarfone

2011-06-01T23:59:59.000Z

323

Synthesis of Optimal Controllers for Cyber Physical Systems Salar Moarref  

E-Print Network [OSTI]

Synthesis of Optimal Controllers for Cyber Physical Systems Salar Moarref November 16, 2012 construction. In this framework, we consider controller synthesis problem: given a model of the system.e. a controller that optimizes a quantitative measure.We review some of the recent works on synthesis of optimal

Plotkin, Joshua B.

324

CyberWalk: Enabling unconstrained omnidirectional walking through virtual environments  

Science Journals Connector (OSTI)

Despite many recent developments in virtual reality, an effective locomotion interface which allows for normal walking through large virtual environments was until recently still lacking. Here, we describe the new CyberWalk omnidirectional treadmill ... Keywords: Virtual reality, control system, locomotion, spatial navigation, treadmill

J. L. Souman; P. Robuffo Giordano; M. Schwaiger; I. Frissen; T. Thmmel; H. Ulbrich; A. De Luca; H. H. Blthoff; M. O. Ernst

2011-11-01T23:59:59.000Z

325

Statistical Model Checking for Cyber-Physical Systems  

E-Print Network [OSTI]

-Physical System (CPS). The autopilot is a software which provides inputs to the aircraft's engines and flight to keep control of the vehicle and improving safety. Cyber-Physical Systems enjoy wide adoption in our society, even in safety- critical applications, but are difficult to reason about. In particular

Clarke, Edmund M.

326

Cyber-Physical Energy Systems: Focus on Smart Buildings  

E-Print Network [OSTI]

of a deeply coupled system of energy usage, comfort and work derived. At a macroscale, buildings use approxiCyber-Physical Energy Systems: Focus on Smart Buildings Jan Kleissl Dept. of Mechanical- tributions: one, a careful examination of different types of buildings and their energy use; two

Gupta, Rajesh

327

Cyber-Physical Systems Energy and the Environment  

E-Print Network [OSTI]

to Restructure · Generate energy locally ­ Wind, Solar ­ Energy Storage Plug in Hybrids ­ Share Power ­ Economics12/16/2008 1 Cyber-Physical Systems Energy and the Environment Bruce McMillin Department FREEDM ­ Future Renewable Electric Energy Delivery and Management Systems McMillin, 12/15/2008 Major

Rajkumar, Ragunathan "Raj"

328

Domestic campsites and cyber landscapes in the Rocky Mountains  

E-Print Network [OSTI]

Domestic campsites and cyber landscapes in the Rocky Mountains Laura L. Scheiber1 & Judson Byrd, Central Rocky Mountains, GIS, GPS, stone circles, architecture, multi-scalar, households, technology, tipis, horses and wagons occupying a flat clearing along a valley floor c. 1907. Photograph by Richard

Scheiber, Laura L.

329

National Nuclear Security Administration Lawrence Livermore  

National Nuclear Security Administration (NNSA)

budget challenges, LLNS maintained effective and efficient environment, safety, and health (ES&H), quality and security programs. It continued to implement long-term work...

330

Requirements for security signalling  

SciTech Connect (OSTI)

There has been some interest lately in the need for ``authenticated signalling``, and the development of signalling specifications by the ATM Forum that support this need. The purpose of this contribution is to show that if authenticated signalling is required, then supporting signalling facilities for directory services (i.e. key management) are also required. Furthermore, this contribution identifies other security related mechanisms that may also benefit from ATM-level signalling accommodations. For each of these mechanisms outlined here, an overview of the signalling issues and a rough cut at the required fields for supporting Information Elements are provided. Finally, since each of these security mechanisms are specified by a number of different standards, issues pertaining to the selection of a particular security mechanism at connection setup time (i.e. specification of a required ``Security Quality of Service``) are also discussed.

Pierson, L.G.; Tarman, T.D.

1995-02-05T23:59:59.000Z

331

TCIP: Trustworthy CyberInfrastructure for the Power Grid | Department of  

Broader source: Energy.gov (indexed) [DOE]

TCIP: Trustworthy CyberInfrastructure for the Power Grid TCIP: Trustworthy CyberInfrastructure for the Power Grid TCIP: Trustworthy CyberInfrastructure for the Power Grid The TCIP, or Trustworthy CyberInfrastructure for the Power Grid, project's vision is to provide the fundamental science and technology to create an intelligent, adaptive power grid which survives malicious adversaries, provides continuous delivery of power, and supports dynamically varying trust requirements. This goal may be reached by creating the cyber building blocks, architecture, and validation technology to quantify the amount of trust provided by a proposed approach. The presentation below was given by William H. Saunders at the Visualization and Controls Program Peer Review in October 2006. TCIP: Trustworthy CyberInfrastructure for the Power Grid

332

Security Cases  

Broader source: Energy.gov (indexed) [DOE]

security-cases Office of Hearings and Appeals 1000 security-cases Office of Hearings and Appeals 1000 Independence Ave., SW Washington, DC, 20585 202-287-1566 en PSH-13-0103 - In the Matter of Personnel Security http://energy.gov/oha/downloads/psh-13-0103-matter-personnel-security security" class="title-link">PSH-13-0103 - In the Matter of Personnel Security

333

Infrastructure Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

for the U.S. Department of Energy's National Nuclear Security Administration under contract DE-AC04-94AL85000. SAND2013-7809W to enhance the nation's security and prosperity...

334

Use and Abuse of the Internet: Parental Knowledge of Cyber Bullying in Middle School.  

E-Print Network [OSTI]

??The current literature has emphasized the impact of cyber bullying on the lives of children and adolescents. However there are gaps in the literature in (more)

Rowe, Na Lisa

2008-01-01T23:59:59.000Z

335

Terrorism or hacking? A law interpretation on the concept of cyber terrorism.  

E-Print Network [OSTI]

?? Cyber-crime, terrorism and hacking is a topic discussed widely and many independent groups as for example Wikileaks and Anonymous are often taken into consideration (more)

Synnestvedt Jensen, Louise

2013-01-01T23:59:59.000Z

336

Breaking into a computer : attack techniques and tools used by cyber-criminals  

ScienceCinema (OSTI)

Oral presentation in English, slides in English. We will show you how and why cyber-criminals attack your computers: their motives, methods and tools.

None

2011-10-06T23:59:59.000Z

337

OPC Security Whitepaper #3Hardening Guidelines for OPC Hosts | Department  

Broader source: Energy.gov (indexed) [DOE]

OPC Security Whitepaper #3Hardening Guidelines for OPC Hosts OPC Security Whitepaper #3Hardening Guidelines for OPC Hosts OPC Security Whitepaper #3Hardening Guidelines for OPC Hosts In recent years, Supervisory Control and Data Acquisition (SCADA), process control and industrial manufacturing systems have increasingly relied on commercial Information Technologies (IT) such as Ethernet(tm), Transmission Control Protocol/Internet Protocol (TCP/IP) and Windows® for both critical and non-critical communications. This has made the interfacing of industrial control equipment much easier, but has resulted in significantly less isolation from the outside world, resulting in the increased risk of cyber-based attacks impacting industrial production and human safety. OPC Security Whitepaper #3 Hardening Guidelines for OPC Hosts

338

Roadmap to Secure Control Systems in the Energy Sector  

Broader source: Energy.gov (indexed) [DOE]

Roadmap Roadmap to Secure Control Systems in the Energy Sector -  - Foreword T his document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improing cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and goernment to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors oer the next ten years. The Roadmap proides a strategic framework for guiding industry and goernment efforts based on a clear ision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. A distinctie feature of this collaboratie effort is the actie inolement and leadership of energy asset

339

Life-changing Computer Security Research careers. The Sandia Difference  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Addressing sophisticated cyber threats demands a Addressing sophisticated cyber threats demands a multidisciplinary team with a unique mindset. Sandia provides challenging career opportunities for those with a passion to tackle the complexities of protecting critical systems. World-changing technologies. Life-changing Computer Security Research careers. The Sandia Difference S A N D I A E N V I R O N M E N T At Sandia, you will have access to first-class, state- of-the-art facilities and equipment to develop advanced technologies. Sandia's unique work requires the collective, creative minds of the nation's top scientists, engineers, and support staff. L O C A T I O N & W E A T H E R Sandia's principal sites are in Albuquerque, NM and Livermore, CA. You will find diverse cultural, sport, and outdoor activities amid countryside and climate

340

Enforcement Documents - Nevada National Security Site | Department of  

Broader source: Energy.gov (indexed) [DOE]

Nevada National Security Site Nevada National Security Site Enforcement Documents - Nevada National Security Site November 13, 2007 Enforcement Letter, National Security Technologies LLC,- November 13, 2007 Enforcement Letter issued to National Security Technologies, LLC related to an Unplanned Radiological Exposure during a Borehole Activity at the Nevada Test Site May 21, 2007 Enforcement Letter, National Security Technologies, LLC - May 21, 2007 Enforcement Letter issued to National Security Technologies, LLC related to Nuclear Safety Quality Assurance Requirements Deficiencies at the Nevada Test Site April 1, 2004 Enforcement Letter, Bechtel Nevada - April 1, 2002 Enforcement Letter issued to Bechtel Nevada related to Noncompliances with Occupational Radiation Protection and Quality Assurance Requirements at the

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Control-theoretic cyber-physical system modeling and synthesis: A case study of an active direct methanol fuel cell  

Science Journals Connector (OSTI)

A joint optimization of the physical system and the cyber world is one of the key problems in the design of a cyber-physical system (CPS). The major mechanical forces and/or chemical reactions in a plant are commonly modified by actuators in the balance-of-plant ... Keywords: Balance of plants system, Cyber-physical systems, Direct methanol fuel cell

Donghwa Shin; Jaehyun Park; Younghyun Kim; Jaeam Seo; Naehyuck Chang

2012-12-01T23:59:59.000Z

342

Positive affect predicting worker psychological response to cyber-bullying in the high-tech industry in Northern Taiwan  

Science Journals Connector (OSTI)

Online cyber-bullying has become a frequent occurrence in organizations. To understand individual dispositions and the organizational factors that effect online cyber-bullying, the present study investigates the relationship among positive affect, the ... Keywords: Cyber-bullying, Organizational innovation climate, Positive thinking, Psychological response, Workplace bullying

Jon-Chao Hong; Lin Chien-Hou; Ming-Yueh Hwang; Ru-Ping Hu; Yi-Ling Chen

2014-01-01T23:59:59.000Z

343

A cost-effectiveness analysis of water security and water quality: impacts of climate and land-use change on the River Thames system  

Science Journals Connector (OSTI)

...Dustin Garrick, Simon Dadson and Rob Hope A cost-effectiveness analysis of water security...the river basin and used to assess the cost-effectiveness of a range of mitigation...measures can improve the situation. A cost-effectiveness study has been undertaken...

2013-01-01T23:59:59.000Z

344

The National Weather Sensor Grid: a large-scale cyber-sensor infrastructure for environmental monitoring  

Science Journals Connector (OSTI)

A sensor grid integrates sensor networks with grid infrastructures to enable the real-time collection of sensor data, and the sharing of computational and storage resources for sensor data processing and management. We have developed a sensor grid architecture framework, called the Scalable Proxy-based aRchItecture for seNsor Grid (SPRING). Based on the SPRING framework, we designed the National Weather Sensor Grid (NWSG), a large-scale cyber-sensor infrastructure for environmental monitoring. The NWSG integrates mini weather stations deployed geographically across Singapore for weather data collection, processing and management. We have designed and implemented core sensor grid middleware components and services such as resource discovery, meta scheduling, job migration and security. The NWSG is designed to support long-term weather monitoring. The performance of the NWSG has been demonstrated in terms of reduction in latency for end-user response, significant improvement in overall system throughput, and even load balance across the sensor grid infrastructure.

Hock Beng Lim; Mudasser Iqbal; Wenqiang Wang; Yuxia Yao

2010-01-01T23:59:59.000Z

345

VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy Challenges |  

Broader source: Energy.gov (indexed) [DOE]

VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy Challenges VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy Challenges October 26, 2013 - 3:35pm Addthis Secretary Moniz speaks at the Center for Strategic and International Studies on October 24, 2013. | Video courtesy of the Center for Strategic and International Studies. Marissa Newhall Marissa Newhall Managing Editor, Energy.gov Learn More About U.S. Energy Security Explore a map that shows the potential effects of climate change on our energy supplies and infrastructure. Learn about recent steps the Energy Department has taken to protect our energy infrastructure from cyber attacks. See ways the Energy Department is working to ensure national security and safety. Read the President's Blueprint for a Secure Energy Future.

346

VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy Challenges |  

Broader source: Energy.gov (indexed) [DOE]

VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy Challenges VIDEO: Secretary Moniz on Meeting U.S. Energy Security Policy Challenges October 26, 2013 - 3:35pm Addthis Secretary Moniz speaks at the Center for Strategic and International Studies on October 24, 2013. | Video courtesy of the Center for Strategic and International Studies. Marissa Newhall Marissa Newhall Managing Editor, Energy.gov Learn More About U.S. Energy Security Explore a map that shows the potential effects of climate change on our energy supplies and infrastructure. Learn about recent steps the Energy Department has taken to protect our energy infrastructure from cyber attacks. See ways the Energy Department is working to ensure national security and safety. Read the President's Blueprint for a Secure Energy Future.

347

A multi-level approach to understanding the impact of cyber crime on the financial sector  

Science Journals Connector (OSTI)

This paper puts forward a multi-level model, based on system dynamics methodology, to understand the impact of cyber crime on the financial sector. Consistent with recent findings, our results show that strong dynamic relationships, amongst tangible ... Keywords: Causal loop diagram, Cyber crime, Economic impact, Financial sector, System dynamics

Monica Lagazio, Nazneen Sherif, Mike Cushman

2014-09-01T23:59:59.000Z

348

Emergent Behavior in Cybersecurity Example 2: Program VerificationExample 1: Cyber Epidemics  

E-Print Network [OSTI]

Emergent Behavior in Cybersecurity Example 2: Program VerificationExample 1: Cyber Epidemics Informal Definition and Implication Abstract We argue that emergent behavior is inherent to cybersecurity). Scenario: Illustration of cyber epidemics model (which is a specific kind of Cybersecurity Dynamics model

Xu, Shouhuai

349

Safety, Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Safety, Security Safety, Security Safety, Security LANL's mission is to develop and apply science and technology to ensure the safety, security, and reliability of the U.S. nuclear deterrent; reduce global threats; and solve other emerging national security and energy challenges. Contact Operator Los Alamos National Laboratory (505) 667-5061 We do not compromise safety for personal, programmatic, or operational reasons. Safety: we integrate safety, security, and environmental concerns into every step of our work Our commitments We conduct our work safely and responsibly to achieve our mission. We ensure a safe and healthful environment for workers, contractors, visitors, and other on-site personnel. We protect the health, safety, and welfare of the general public. We do not compromise safety for personal, programmatic, or

350

Lab announces security changes  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Lab announces security changes Lab announces security changes The Laboratory is implementing several changes to its security procedures as the result of a recent security...

351

Establishing a process of irradiating small animal brain using a CyberKnife and a microCT scanner  

SciTech Connect (OSTI)

Purpose: Establish and validate a process of accurately irradiating small animals using the CyberKnife G4 System (version 8.5) with treatment plans designed to irradiate a hemisphere of a mouse brain based on microCT scanner images. Methods: These experiments consisted of four parts: (1) building a mouse phantom for intensity modulated radiotherapy (IMRT) quality assurance (QA), (2) proving usability of a microCT for treatment planning, (3) fabricating a small animal positioning system for use with the CyberKnife's image guided radiotherapy (IGRT) system, and (4)in vivo verification of targeting accuracy. A set of solid water mouse phantoms was designed and fabricated, with radiochromic films (RCF) positioned in selected planes to measure delivered doses. After down-sampling for treatment planning compatibility, a CT image set of a phantom was imported into the CyberKnife treatment planning systemMultiPlan (ver. 3.5.2). A 0.5 cm diameter sphere was contoured within the phantom to represent a hemispherical section of a mouse brain. A nude mouse was scanned in an alpha cradle using a microCT scanner (cone-beam, 157 149 pixels slices, 0.2 mm longitudinal slice thickness). Based on the results of our positional accuracy study, a planning treatment volume (PTV) was created. A stereotactic body mold of the mouse was printed using a 3D printer laying UV curable acrylic plastic. Printer instructions were based on exported contours of the mouse's skin. Positional reproducibility in the mold was checked by measuring ten CT scans. To verify accurate dose delivery in vivo, six mice were irradiated in the mold with a 4 mm target contour and a 2 mm PTV margin to 3 Gy and sacrificed within 20 min to avoid DNA repair. The brain was sliced and stained for analysis. Results: For the IMRT QA using a set of phantoms, the planned dose (6 Gy to the calculation point) was compared to the delivered dose measured via film and analyzed using Gamma analysis (3% and 3 mm). A passing rate of 99% was measured in areas of above 40% of the prescription dose. The final inverse treatment plan was comprised of 43 beams ranging from 5 to 12.5 mm in diameter (2.5 mm size increments are available up to 15 mm in diameter collimation). Using the Xsight Spine Tracking module, the CyberKnife system could not reliably identify and track the tiny mouse spine; however, the CyberKnife system could identify and track the fiducial markers on the 3D mold.In vivo positional accuracy analysis using the 3D mold generated a mean error of 1.41 mm 0.73 mm when fiducial markers were used for position tracking. Analysis of the dissected brain confirmed the ability to target the correct brain volume. Conclusions: With the use of a stereotactic body mold with fiducial markers, microCT imaging, and resolution down-sampling, the CyberKnife system can successfully perform small-animal radiotherapy studies.

Kim, Haksoo; Welford, Scott [Department of Radiation Oncology, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States)] [Department of Radiation Oncology, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States); Fabien, Jeffrey; Zheng, Yiran; Yuan, Jake; Brindle, James; Yao, Min; Lo, Simon; Wessels, Barry; Machtay, Mitchell; Sohn, Jason W., E-mail: jason.sohn@case.edu [Department of Radiation Oncology, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 and University Hospitals of Cleveland, 11100 Euclid Avenue, Cleveland, Ohio 44106 (United States); Sloan, Andrew [Department of Neurosurgery, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States)] [Department of Neurosurgery, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States)

2014-02-15T23:59:59.000Z

352

Security Specialist  

Broader source: Energy.gov [DOE]

A successful candidate in this position will serve as a Security Specialist with responsibility as the performance monitor for protective force operations conducts line management oversight of the...

353

Global Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

nonpartisan organization with a mission to strengthen global security by reducing the risk of use and preventing the spread of nuclear, biological, and chemical weapons and to...

354

Global security  

SciTech Connect (OSTI)

Patrick Lynch helps technical staff, academic leaders and governments around the world improve the safety and security of their nuclear power programs.

Lynch, Patrick

2014-07-14T23:59:59.000Z

355

Global security  

ScienceCinema (OSTI)

Patrick Lynch helps technical staff, academic leaders and governments around the world improve the safety and security of their nuclear power programs.

Lynch, Patrick

2014-07-15T23:59:59.000Z

356

Infrastructure Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

to enhance the nation's security and prosperity through sustainable, transformative approaches to our most challenging energy, climate, and infrastructure problems. vision...

357

Transportation Security  

Broader source: Energy.gov (indexed) [DOE]

Preliminary Draft - For Review Only 1 Transportation Security Draft Annotated Bibliography Review July 2007 Preliminary Draft - For Review Only 2 Work Plan Task * TEC STG Work...

358

GAO-04-354, CRITICAL INFRASTRUCTURE PROTECTION: Challenges and Efforts to Secure Control Systems  

Broader source: Energy.gov (indexed) [DOE]

Report to Congressional Requesters Report to Congressional Requesters United States General Accounting Office GAO March 2004 CRITICAL INFRASTRUCTURE PROTECTION Challenges and Efforts to Secure Control Systems GAO-04-354 www.gao.gov/cgi-bin/getrpt?GAO-04-354. To view the full product, including the scope and methodology, click on the link above. For more information, contact Robert F. Dacey at (202) 512-3317 or daceyr@gao.gov. Highlights of GAO-04-354, a report to congressional requesters March 2004 CRITICAL INFRASTRUCTURE PROTECTION Challenges and Efforts to Secure Control Systems In addition to general cyber threats, which have been steadily increasing, several factors have contributed to the escalation of the risks of cyber attacks against control systems. These include the adoption of standardized

359

Energy Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Energy Security Energy Security Energy Security LANL's mission is to develop and apply science and technology to ensure the safety, security, and effectiveness of the U.S. nuclear deterrent; reduce global threats; and solve other emerging national security and energy challenges. April 12, 2012 A closed photobioreactor system is essentially a series of plastic or glass containers for water and algae. A closed photobioreactor system is essentially a series of plastic or glass containers for water and algae. Proponents of such bioreactors (compared to open ponds) say the growth environment can be more easily controlled; they prevent evaporation; and light penetrates through all sides of the container, which increases cell density. However, bioreactors suffer high materials and energy costs as well as mixing and gas-exchange

360

Control Systems Security News Archive | Department of Energy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

News Archive News Archive Control Systems Security News Archive Control Systems Security News Archive September 2010 - Secretary Chu Announces Latest Efforts to Address Cybersecurity August 2010: - DOE 2010 Cybersecurity Peer Review Update March 2010 - DOE and Industry Showcase New Control Systems Security Technologies at DistribuTECH Feb. 2010 - DOE Issues National Energy Sector Cyber Organization Notice of Intent Nov. 2009 - New TCIPG Research Program Builds on Past Successes with Nearly $18.8 Million DOE Award October 2009 - DOE NSTB researchers demonstrated R&D successes to asset owners at EnergySec Conference September 2009 - ISA approves standard for wireless automation in process control applications Sept. 2009 - Government and Industry a Force for Collaboration at the

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

Roadmap to Secure Control Systems in the Energy: Executive Summary  

Broader source: Energy.gov (indexed) [DOE]

Foreword Foreword T his document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. A distinctive feature of this collaborative effort is the active involvement and leadership of energy asset owners and operators in developing the Roadmap content and priorities. The Roadmap synthesizes

362

defense nuclear security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

nuclear security | National Nuclear Security Administration People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response...

363

nuclear security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

security | National Nuclear Security Administration People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our...

364

Environmental Security and Restoration [EVS Program Area]  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Environmental Security and Restoration Environmental Security and Restoration EVS focuses on environmental and human health aspects of homeland and national security, as well as restoration of sites contaminated with hazardous materials. Contamination in our environment - in air, water, and soil - contributes to health problems and affects the quality of our lives. The EVS Division confronts this challenge by addressing environmental and human health aspects of homeland and national security and by characterizing and restoring sites contaminated with hazardous materials. We integrate extensive expertise in engineering, health physics, hydrogeology, environmental science, chemistry, spatial analysis, database management, and computer programming to contribute to environmental security and restoration.

365

Security In Information Systems  

E-Print Network [OSTI]

rights, and they are proposing security policies, security planning, personal data protection laws, etc

Candan, Selçuk

366

Security | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Security Security Security Security program under Office of Health, Safety and Security developes security policy, provides security expertise to assist field elements in planning site protection strategies and coordinates with domestic authorities to provide safeguards and security technical assistance, technical systems support, and technology development and deployment opportunities. Departmental Personnel Security, also ensures that Departmental personnel security programs (included the National Nuclear Security Administration) are consistent and effectively implemented. Headquarters Facilities Master Security Plan The purpose of the Headquarters Facility Master Security Plan (HQFMSP) is to inform employees, contractors, and visitors of the security procedures

367

ENERGY SECURITY  

Broader source: Energy.gov (indexed) [DOE]

national strategy for national strategy for ENERGY SECURITY recommendations to the nation on reducing u.s. oil dependence september 2008 a project of a project of a national strategy for energy security Recommendations to the Nation on Reducing U.S. Oil Dependence september 2008 Table of Contents 2 Energy Security Leadership Council 3 Statement of Purpose 4 Letter to the President, the Congress, and the American People 7 Outline of Main Body of Report 13 Introduction 21 Policy Recommendations: Summary 33 Part I · Diversify Energy Supplies for the Transportation Sector

368

Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 |  

Broader source: Energy.gov (indexed) [DOE]

Energy: Executive Summary Energy: Executive Summary - 2006 Roadmap to Secure Control Systems in the Energy: Executive Summary - 2006 This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. Roadmap to Secure Control Systems in the Energy: Executive Summary

369

Roadmap to Secure Control Systems in the Energy Sector - 2006 | Department  

Broader source: Energy.gov (indexed) [DOE]

- 2006 - 2006 Roadmap to Secure Control Systems in the Energy Sector - 2006 This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision supported by goals and time-based milestones. It addresses the energy sector's most urgent challenges as well as longer-term needs and practices. Roadmap to Secure Control Systems in the Energy Sector More Documents & Publications

370

Transportation Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Transportation Security SHARE Global Threat Reduction Initiative Transportation Security Cooperation Secure Transport Operations (STOP) Box Security of radioactive material while...

371

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes the overall objectives and requirements for the Department of Energy Personnel Security Program. Cancels DOE M 472.1-1B. Canceled by DOE O 472.2.

2005-08-26T23:59:59.000Z

372

Security Rulemaking  

Broader source: Energy.gov (indexed) [DOE]

2 NATIONAL TRANSPORTATION STAKEHOLDERS FORUM 2 NATIONAL TRANSPORTATION STAKEHOLDERS FORUM Knoxville, TN - May 16, 2012 2 NRC Actions Since September 11, 2001 * Interim solution - enhance existing regulations through Security Orders * Objectives of the Orders are enhanced control of material to - Prevent unauthorized access - Prevent malevolent use of material - Mitigate consequences * Orders were issued to NRC licensees that transport: - Spent Nuclear Fuel - IAEA Code of Conduct Category 1 and 2 quantities of radioactive material Security Rulemakings 3 NRC Ongoing Activities * Orders are an interim measure * Long-term approach is to enhance transport security through public rulemaking * Rulemaking process in progress for - SNF Transportation Security - Physical Protection of Category 1 and 2 material (both fixed

373

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes requirements for a successful, efficient and cost-effective personnel security program to ensure accurate, timely and equitable determinations of individuals eligibility for access to classified information and fitness for placement or retention in national security positions. Cancels DOE M 470.4-5, DOE N 470.4 and DOE N 470.5. Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

374

The 2011 Military Communications Conference -Track 3 -Cyber Security and Network Operations From Security to Vulnerability: Data Authentication  

E-Print Network [OSTI]

in Substation Automation Systems (SAS). To this end, we establish a small-scale SAS prototype with commonly, an upgrade of in formation technologies is essential from out-of-date serial communication technologies [2

Wang, Wenye

375

Quality Management | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Quality Management Quality Management Quality Management The Office of Quality Management, within the Office of Health, Safety and Security develops policies and procedures to ensure the classification and control of information is effective and consistent. The Office of Quality Management also assists other Government agencies to meet the requirements contained in DOE-issued regulations concerning Restricted Data and Formerly Restricted Data. To meet these missions, the Office of Quality Management: Develops and revises DOE Regulations and Orders concerning Restricted Data, Formerly Restricted Data, Transclassified Foreign Nuclear Information, National Security Information, Unclassified Controlled Nuclear Information, and Official Use Only Responds to Mandatory Declassification Review Requests under

376

Conformance Tool High Level Design Document: IEC 61850 Cyber Security Acceleration Project  

SciTech Connect (OSTI)

This document is the high level design document for the Pacific Northwest National Laboratory (PNNL) IEC 62351-3, 4 and 6 standards conformance test software toolkit.

Edgar, Thomas W.

2013-05-01T23:59:59.000Z

377

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

intrinsic issues. First, the power grid is losing control tochanges. The existing power grid was not designed to connectmodel, making the existing power grid more intelligent and

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

378

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

terms of the DR service. Energy Market - Power Trading. Withwholesale and/or retail energy market. He can choose to buyGeneration Microgrid Energy market Carbon Emission Market

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

379

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

lighting) Solar panel and Energy storage Electric from the solar panels, into a virtual energy storage whose

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

380

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

ESI to maintain any information for access control such as user id-ESI or the EMCS authenticates users using its own database of ID-

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

Cyber-security analysis in smart grid SCADA systems: A game theoretic approach.  

E-Print Network [OSTI]

??Power grid systems deliver electricity from suppliers that generate the power to be transmitted through grids of interconnected networks and distributed to customers. Smart grids (more)

Rudrapattana, Sudeeptha Ranganath 1989-

2013-01-01T23:59:59.000Z

382

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

Power generation [KW] on a solar panel in summer andpole, a desk lamp, or a solar panel at home. Challenge:Electric Vehicle (EV) and solar panel to smart light and

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

383

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

curity mechanisms, it benefits smart grid communications inin the smart grid offers significant benefits over wired,

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

384

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

Data logger Measurement MP (ADR client) loads Power ?data over 7 days (168 hours) Figure 3.8: Microgrid operation with power generation, load,power of the submeters. Then, the load drop is measured and compared with CBL data.

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

385

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

station * Solar panel Figure 3.2: Energy resources incapability Energy resource Specification solar panel 1 5KWh,new types of energy resources like a solar panel or a

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

386

Assuring the Safety, Security, and Reliability of Medical-Device Cyber-  

E-Print Network [OSTI]

· Difibtech external defibrillators (2007) ­ Self-test resets low-battery status · Baxter's Colleague Infusion of adverse events associated with the use of infusion pumps - 1% deaths, 34% serious injuries - 87 infusion and Radiological Health. White Paper: Infusion Pump Improvement Initiative, April 2010 Infusion Pump Safety #12

Hu, Fei

387

Control Systems Security Publications Library | Department of...  

Energy Savers [EERE]

Protection Cyber Vulnerability Assessment - November 2007 Categorizing Threat: Building and Using a Generic Threat Matrix - September 2007 Threat Analysis Framework -...

388

Treatment outcomes using CyberKnife for brain metastases from lung cancer  

Science Journals Connector (OSTI)

......Treatment outcomes using CyberKnife for brain metastases from lung cancer Keisuke Tamari...fractionated stereotactic radiotherapy (SRT) for brain metastases from lung cancer. A total of 67 patients with 109 brain metastases from lung cancer treated using......

Keisuke Tamari; Osamu Suzuki; Naoya Hashimoto; Naoki Kagawa; Masateru Fujiwara; Iori Sumida; Yuji Seo; Fumiaki Isohashi; Yasuo Yoshioka; Toshiki Yoshimine; Kazuhiko Ogawa

2014-10-01T23:59:59.000Z

389

Cyber visual training as a new method for the mastery of endoscopic surgery  

Science Journals Connector (OSTI)

We devised a new method incorporating cyber visual training whereby novices in endoscopic surgery are instructed via repetition of a video-recorded procedure. We then conducted a study designed to investigate ...

S. Takiguchi; M. Sekimoto; M. Yasui

2005-09-01T23:59:59.000Z

390

Tag: security | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

security security Tag: security Displaying 1 - 5 of 5... Category: Security Security Y-12 places the highest priority on maintaining and improving its security posture. More... Category: News Johnson shares perspective on security Rod Johnson, B&W Y-12 deputy general manager of Security, recently discussed the security atmosphere since his arrival last August and what he sees as Y-12's security future. More... Category: News Y-12 to Install New Fence to Reduce Trespassing The National Nuclear Security Administration today announced plans to extend the boundary fence at the Y-12 National Security Complex along Scarboro Road. The new fence is expected to be in place by April 4. More... Category: News New institute promotes nuclear security Y-12 is partnering with the University of Tennessee and others to provide

391

Location Based Security for Smart Grid Applications  

Science Journals Connector (OSTI)

Abstract Smart Grid (SG) promises efficient, sustainable, green and reliable electrical delivery by combining the existing electrical distribution network assets with modern information and communications technologies (ICT) in order to transfer information and energy in both directions. Introduction of these intelligent devices will help the grid monitor, protect, and automatically optimise the operation of interconnected elements, in addition to interaction between energy suppliers and consumers. However, this exposes the future grid to new security challenges and risks. In this paper, a framework for protecting Smart Grid applications using geographic location of the devices connected to it is proposed. With this framework, each device on the grid adds an extra layer of security. The proposed scheme is not application or device specific which means it can be implemented on any communication node on the grid. The scheme uses an algebraic code based cryptosystems known as GPT (Gabidulin -Paramonov-Trejtakov), which provides a very strong protection while utilising the smallest key size as compared to other cryptosystems based on algebraic codes. As with other code based cryptosystems, the proposed security framework protects grid information against cyber threats as well as against channel impairments in the form of error protection codes.

Eraj Khan; Bamidele Adebisi; Bahram Honary

2013-01-01T23:59:59.000Z

392

Energy Security Council  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Energy Security Council Energy Security Council Reliable, secure, sustainable carbon energy solutions for the nation. Contact Albert Migliori (505) 663-5627 Email David Watkins...

393

Reducing Cyber Risk to Critical Infrastructure: NIST Framework  

Broader source: Energy.gov [DOE]

Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, the President under Executive Order (EO) 13636 Improving...

394

Transportation Security  

Broader source: Energy.gov (indexed) [DOE]

For Review Only 1 Transportation Security Draft Annotated Bibliography Review July 2007 Preliminary Draft - For Review Only 2 Work Plan Task * TEC STG Work Plan, dated 8/2/06, Product #16, stated: "Develop an annotated bibliography of publicly-available documents related to security of radioactive material transportation." * Earlier this year, a preliminary draft annotated bibliography on this topic was developed by T-REX , UNM, to initially address this STG Work Plan Task. Preliminary Draft - For Review Only 3 Considerations in Determining Release of Information * Some "Publicly-available" documents could potentially contain inappropriate information according to standards set by DOE information security policy and DOE Guides. - Such documents would not be freely

395

Message Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Message Message Security Services Overview ECS Audio/Video Conferencing Fasterdata IPv6 Network Network Performance Tools (perfSONAR) ESnet OID Registry PGP Key Service Virtual Circuits (OSCARS) OSCARS Case Study Documentation User Manual FAQ Design Specifications Functional Specifications Notifications Publications Authorization Policy Default Attributes Message Security Clients For Developers Interfaces Links Hardware Requirements DOE Grids Service Transition Contact Us Technical Assistance: 1 800-33-ESnet (Inside the US) 1 800-333-7638 (Inside the US) 1 510-486-7600 (Globally) 1 510-486-7607 (Globally) Report Network Problems: trouble@es.net Provide Web Site Feedback: info@es.net Message Security Overview The OSCARS Web pages and Web Services are run within a Tomcat container which uses SSL connections to encrypt all messages. The OSCARS Web Service

396

Predicting Cyber-Production deviance in the workplace  

Science Journals Connector (OSTI)

The excessive use of the internet for non-work-related activities is a form of white-collar deviant behaviour at work. Applying the Theory of Reasoned Action, structural equation modelling was used to predict Cyber-Production (CP) deviant behaviours in the workplace. Attitude and intention to visit non-work-related websites were found to be important predictors of such behaviours. Workplace Subjective Norms (SN) had no impact on the tendency to perform CP deviant activities but did influence intention to visit work-related websites. The findings of the study contributed to an expanded understanding of the potential predictors of CP deviance in the workplace and suggested appropriate strategies for effective internet management.

Pruthikrai Mahatanankoon

2006-01-01T23:59:59.000Z

397

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Section E, Technical Surveillance Countermeasures Program, is Official Use Only. Please contact the DOE Office of Health, Safety and Security at 301-903-0292 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A

2007-06-29T23:59:59.000Z

398

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Attachment E, Technical Surveillance Countermeasures Program, is for Official Use Only. Contact the Office of Security and Safety Performance Assurance at 301-903-3653 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A.

2005-08-26T23:59:59.000Z

399

SECURITY HANDBOOK 2 UH IT SECURITY HANDBOOK  

E-Print Network [OSTI]

Administration · 2-Factor Authentication Administration for PCI compliance · Web Site Security Scanning, please contact security@uh.edu. · Web Site Security Scanning · 2-Factor Authentication Administration

Azevedo, Ricardo

400

Tag: Security | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Search Tags Tag: Security Tag: Security Displaying 1 - 6 of 6... Category: Security Sheltering in Place If you are advised to shelter-in-place by local news or our website,...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

www.ISTS.dartmouth.edu Institute for Security,  

E-Print Network [OSTI]

efficient, high- quality care. · Security of the power grid ­ exploring wayswww.ISTS.dartmouth.edu Institute for Security, Technology, and Society at Dartmouth College 6211 to pursuing research and education to advance information security and privacy throughout society ISTS

402

Security rethink  

Science Journals Connector (OSTI)

......breaches or heightening the risks. One of my clients...business to the socio-political situation of particular...based on the return on investment in keeping a high standard...times that security risks are at their highest...lay-offs. The return on investment must consider the positive......

Michael Chua

2002-09-01T23:59:59.000Z

403

Security Conditions  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To ensure that DOE uniformly meets the protection requirements specified in Presidential Decision Directive 39, "U.S. Policy on Counterterrorism (U)." Attachment 2 is no longer available online. Please e-mail your request for the Attachment to: Security.Directives@hq.doe.gov. DOE N 251.44, dated 05/06/02, extends this directive until 12/31/02.

2000-09-18T23:59:59.000Z

404

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individuals eligibility for access to classified information and Special Nuclear Material (SNM). Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

405

Physical Security Systems | National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Physical Security Systems | National Nuclear Security Administration Physical Security Systems | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Physical Security Systems Home > About Us > Our Programs > Nuclear Security > Physical Security Systems Physical Security Systems After the 9/11 terrorist attacks, NNSA took steps to protect its critical

406

Physical Security Systems | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Physical Security Systems | National Nuclear Security Administration Physical Security Systems | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Physical Security Systems Home > About Us > Our Programs > Nuclear Security > Physical Security Systems Physical Security Systems After the 9/11 terrorist attacks, NNSA took steps to protect its critical

407

Security Forms | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

NMMSS Information, Reports & Forms Security Forms Security Forms U.S. Department of Energy U.S. Nuclear Regulatory Commission Nuclear Materials Management & Safeguards...

408

Contact Us | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

The National Nuclear Security Administration The National Nuclear Security Administration Contact Us Home > Field Offices > Welcome to the Sandia Field Office > Contact Us Contact Us If you have questions about activities at the Sandia Field Office, please contact the SFO Public Affairs Director at (505) 845-5264. Our mailing address is: U. S. Department of Energy, National Nuclear Security Administration, Sandia Field Office, P.O. Box 5400, Albuquerque, NM 87185. Printer-friendly version Printer-friendly version Facebook Twitter Youtube Flickr General Information About SFO Contact Us Contract Administration & Business Management Emergency Information Facilities & Projects Nuclear Operations Environment, Safety & Health Public Affairs Safeguards & Security Performance and Quality Assurance

409

Security seal  

DOE Patents [OSTI]

Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

Gobeli, Garth W. (Albuquerque, NM)

1985-01-01T23:59:59.000Z

410

Nonproliferation & International Security | National Nuclear Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Nonproliferation & International Security | National Nuclear Security Nonproliferation & International Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nonproliferation & International Security Home > About Us > Our Programs > Nonproliferation > Nonproliferation & International Security Nonproliferation & International Security

411

Nonproliferation & International Security | National Nuclear Security  

National Nuclear Security Administration (NNSA)

Nonproliferation & International Security | National Nuclear Security Nonproliferation & International Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nonproliferation & International Security Home > About Us > Our Programs > Nonproliferation > Nonproliferation & International Security Nonproliferation & International Security

412

Collaborative business and data privacy: Toward a cyber-control?  

Science Journals Connector (OSTI)

The pervasive use of communication and information technologies can be seen as a driving force to develop distributed organisations. As far as collaborative business is concerned, short-term e-collaboration can be developed. In this case, security policies ... Keywords: BP, Data privacy, EDI, IP, IS, ISSO, OCTAVE, PKI, Process models, QoS, SDL, SRA, Security, UML, VE, Virtual enterprise, XML, eb-XML

Frdrique Biennier; Jol Favrel

2005-05-01T23:59:59.000Z

413

Fast multi-core co-simulation of Cyber-Physical Systems : Application to internal combustion engines  

E-Print Network [OSTI]

on renewable energy and energy efficiency. This challenge affects the whole energy cycle: production, transport. Automobiles are typical examples of Cyber-Physical Systems, where chem- ical energy (gasoline, diesel, ethanol. Currently, building high fidelity system-level models of Cyber-Physical Sys- tems in general and automotive

Boyer, Edmond

414

A Vulnerability Life Cycle-Based Security Modeling and Evaluation Approach  

Science Journals Connector (OSTI)

......the complexity of the models increases with the level of detail included...Artsiom Yautsiukhin (Eds.). Quality of Protection - Security Measurements...Stuart, E. (2006) Milk or Wine: Does Software Security Improve...Artsiom Yautsiukhin (Eds.). Quality of Protection - Security Measurements......

G. Vache Marconato; M. Kaniche; V. Nicomette

2013-04-01T23:59:59.000Z

415

Transportation Security | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Transportation Security Transportation Security Transportation Security More Documents & Publications Overview for Newcomers West Valley Demonstration Project Low-Level Waste...

416

NAQSAT National Air Quality Site Assessment Tool NAQSAT National Air Quality Site Assessment Tool  

E-Print Network [OSTI]

NAQSAT National Air Quality Site Assessment Tool NAQSAT National Air Quality Site Assessment Tool Air Quality Assessment Tool For Livestock Producers & Advisors #12;NAQSAT The National Air Quality Dairymen National Air Quality Site Assessment Tool Benefits for Producers · Voluntarily and securely assess

417

Submission to NSF, NIST, USCAR Cyber Physical Systems Workshop, 17-18 March 2011: Workshop for Developing Dependable and Secure Automotive Cyber-Physical Systems from Components.  

E-Print Network [OSTI]

emissions and energy consumption - constraints to be checked during the development process. Once identified of automotive vehicle safety are within the ambit of the functional safety prescriptions which require

Rajkumar, Ragunathan "Raj"

418

Border Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Border Security SHARE Border Security Testing of unmanned aerial surveillance equipment. ORNL performs border security research at the Security Sciences Field Laboratory (SSFL),...

419

Towards Lightweight Cyber-Physical Energy Systems using Linked Data, the  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Towards Lightweight Cyber-Physical Energy Systems using Linked Data, the Towards Lightweight Cyber-Physical Energy Systems using Linked Data, the Web of Things, and Social Media Speaker(s): Edward Curry Date: April 24, 2013 - 12:00pm Location: 90-3122 Seminar Host/Point of Contact: James O'Donnell Philip Haves Cyber-Physical Energy Systems (CPES) exploit the potential of information technology to boost energy efficiency while minimising environmental impacts. CPES can help manage energy more efficiently by providing a functional view of the entire energy system so that energy activities can be understood, changed, and reinvented to better support sustainable practices. CPES can be applied at different scales from Smart Grids and Smart Cities to Smart Enterprises and Smart Buildings. Significant technical challenges exist in terms of information management, leveraging

420

A hybrid systems model to simulate cyber interdependencies between critical infrastructures  

Science Journals Connector (OSTI)

Critical infrastructures (CI) depend on communications and information technology infrastructure (CITI) for many of their key functionalities, which is known as cyber interdependency. In this paper, we presented a cyber interdependency simulation technique that is based on the idea that overall performance of a CI network is determined by the behaviour of its components at multiple time scales. Accordingly, for cyber interdependency simulation, we decomposed CI network into two time scales; regular CI events are captured in large time-steps and data communication network events are captured in smaller time-steps. Two different simulators are used for each of these partitions and results from both simulations are synchronised appropriately. A real life example is presented to demonstrate the accuracy and usefulness of our approach. The hybrid simulation model gives significant flexibility to plug-in domain specific models into the critical infrastructure simulator for accurate and efficient solution.

Hafiz Abdur Rahman; José R. Martí; K.D. Srivastava

2011-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Information Security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Information Security | National Nuclear Security Administration Information Security | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Information Security Home > About Us > Our Programs > Nuclear Security > Information Security Information Security Information security deals with requirements for the protection and control of information and matter required to be classified or controlled by

422

Security for grids  

SciTech Connect (OSTI)

Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

2005-08-14T23:59:59.000Z

423

DOE Order on Quality Assurance  

Broader source: Energy.gov (indexed) [DOE]

INITIATED BY: INITIATED BY: www.directives.doe.gov Office of Health, Safety and Security U.S. Department of Energy ORDER Washington, D.C. Approved: 4-25-2011 SUBJECT: QUALITY ASSURANCE 1. PURPOSE. a. To ensure that Department of Energy (DOE), including National Nuclear Security Administration (NNSA), products and services meet or exceed customers' requirements and expectations. b. To achieve quality for all work based upon the following principles: (1) All work, as defined in this Order, is conducted through an integrated and effective management system; (2) Management support for planning, organization, resources, direction, and control is essential to quality assurance (QA); (3) Performance and quality improvement require thorough, rigorous

424

Designing security into software  

E-Print Network [OSTI]

When people talk about software security, they usually refer to security applications such as antivirus software, firewalls and intrusion detection systems. There is little emphasis on the security in the software itself. ...

Zhang, Chang Tony

2006-01-01T23:59:59.000Z

425

Review: Intranet Security  

Science Journals Connector (OSTI)

......Review Review: Intranet Security Reviewed by John Williamson Intranet Security John Vacca...Advanced Computer Technology and the Law Curtis...that in advanced technology the legal system...Wolverhampton University Intranet Security ?? Intranet......

John Williamson

1998-05-01T23:59:59.000Z

426

National Nuclear Security Administration  

Broader source: Energy.gov (indexed) [DOE]

National Nuclear Security Administration National Nuclear Security Administration Ofice of Secure Transportation mKlK= Box RQMM= ^luquerqueI= kj= UTNUR= ;JAN 03 213 MEMORANDUM FOR GREGORY eK= WOODS GENERAL COUNSEL DEPARTMENT OF ENERGY FROM: SUBJECT: JEFFREY P. HARREL ASSIST ANT DEPU FOR SECURE 2013 ANNUAL PLANNING SUMMARY In response to your memorandum of December TI= 2012, the following information is provided for the National Nuclear Security Administration Ofice of Secure

427

First-Ever Demonstration of Quantum Cryptography to Improve Security of the  

Broader source: Energy.gov (indexed) [DOE]

First-Ever Demonstration of Quantum Cryptography to Improve First-Ever Demonstration of Quantum Cryptography to Improve Security of the Electric Grid First-Ever Demonstration of Quantum Cryptography to Improve Security of the Electric Grid March 19, 2013 - 4:21pm Addthis A Los Alamos National Laboratory (LANL) team has successfully completed the first-ever demonstration of securing control data for electric grids using quantum cryptography. The demonstration was conducted in the test bed that is part of the OE-funded Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) project at the University of Illinois Urbana-Champaign. For more information about the demonstration, read the complete press release on the LANL website. To learn more about how OE is supporting the research and development of numerous advanced technologies uniquely designed to protect the electric

428

First-Ever Demonstration of Quantum Cryptography to Improve Security of the  

Broader source: Energy.gov (indexed) [DOE]

First-Ever Demonstration of Quantum Cryptography to Improve First-Ever Demonstration of Quantum Cryptography to Improve Security of the Electric Grid First-Ever Demonstration of Quantum Cryptography to Improve Security of the Electric Grid March 19, 2013 - 4:21pm Addthis A Los Alamos National Laboratory (LANL) team has successfully completed the first-ever demonstration of securing control data for electric grids using quantum cryptography. The demonstration was conducted in the test bed that is part of the OE-funded Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) project at the University of Illinois Urbana-Champaign. For more information about the demonstration, read the complete press release on the LANL website. To learn more about how OE is supporting the research and development of numerous advanced technologies uniquely designed to protect the electric

429

Putting Security in Context: Visual Correlation of Network Activity with Real-World Information  

SciTech Connect (OSTI)

To effectively identify and respond to cyber threats, computer security analysts must understand the scale, motivation, methods, source, and target of an attack. Central to developing this situational awareness is the analysts world knowledge that puts these attributes in context. What known exploits or new vulnerabilities might an anomalous traffic pattern suggest? What organizational, social, or geopolitical events help forecast or explain attacks and anomalies? Few visualization tools support creating, maintaining, and applying this knowledge of the threat landscape. Through a series of formative workshops with practicing security analysts, we have developed a visualization approach inspired by the human process of contextualization; this system, called NUANCE, creates evolving behavioral models of network actors at organizational and regional levels, continuously monitors external textual information sources for themes that indicate security threats, and automatically determines if behavior indicative of those threats is present on a network.

Pike, William A.; Scherrer, Chad; Zabriskie, Sean J.

2008-06-04T23:59:59.000Z

430

Office of Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOE › DOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Welcome to the Office of Security Mission and Functions The Office of Security (HS-50) developes security policy, provides security expertise to assist field elements in planning site protection strategies and coordinates with domestic authorities to provide safeguards and security technical assistance, technical systems support, and technology development and deployment opportunities. The Office of Security, through the Office of Departmental Personnel Security, also ensures that Departmental personnel security programs (included the National Nuclear Security Administration) are consistent and effectively implemented.

431

Personnel Security Activities  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes objectives, requirements and responsibilities for the Personnel Security Program and Personnel Security Assurance Program. Cancels DOE O 472.1B

2003-03-25T23:59:59.000Z

432

Security | Department of Energy  

Energy Savers [EERE]

Security Security Preventing nuclear weapons materials and technologies from falling into the hands of adversaries seeking to develop weapons of mass destruction is the top...

433

Security & Privacy | EMSL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security & Privacy Security & Privacy Privacy Notice We collect no personal information about you without your knowledge when you visit this site, although you may choose to...

434

Safeguards & Security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Nuclear Security Administration People Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure...

435

CS3600 Lab Manual Lab 1. CyberCIEGE Introduction  

E-Print Network [OSTI]

's desks · Connecting workstations to an existing LAN · Hiring support staff to help manage the information a series of birds-eye views. This will help when you buy computers and need to place them on desks. · When) training tool that illustrates computer and network security principles through simulation and resource

436

Cyber-Physical Systems -Are Computing Foundations Adequate?  

E-Print Network [OSTI]

robotics (telepresence, telemedicine), defense systems, manufacturing, and smart structures. It is easy to envision new capabilities, such as distributed micro power gen- eration coupled into the power grid, where timing precision and security issues loom large. Transportation systems could benefit considerably from

437

Cyber Physical Systems: Design Challenges Edward A. Lee  

E-Print Network [OSTI]

), defense systems, manufacturing, and smart structures. It is easy to envision new capabilities, such as distributed micro power generation coupled into the power grid, where tim- ing precision and security issues loom large. Transportation systems could benefit considerably from better embedded intelligence

438

Office of Security Policy  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Office of Security Policy Office of Security Policy Mission and Functions The Office of Security Policy develops and promulgates safeguards and security policy governing the protection of National Security and other critical assets entrusted to the Department. Director's Perspective Welcome to the Office of Security Policy Jack Cowden, Director The Office of Security Policy analyzes, develops and interprets safeguards and security policy governing national security functions and the protection of related critical assets entrusted to the Department. This includes the protection of DOE nuclear facilities, nuclear weapons components, special nuclear materials and classified information. Our broad topical areas are organized as: Program Planning and Management, Protection Program Operations (which includes both physical security and protective forces), Information Security and Material Control and Accountability.

439

Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for remote connections to DOE and contractor information technology systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, to protect DOE information and information technology systems commensurate with the risk and magnitude of harm that could result from their unauthorized access, use, disclosure, modification or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06. No cancellations.

2004-02-19T23:59:59.000Z

440

NATIONAL NUCLEAR SECURITY ADMINISTRATION  

National Nuclear Security Administration (NNSA)

NNSA Policy Letter: NAP-5 NNSA Policy Letter: NAP-5 (DOE P 450.3) Date: October 16, 2002 TITLE: Policy Letter for Standards Management I. OBJECTIVE: Establish NNSA expectations for Standards Management Programs used to select and maintain applicable standards for work performed at NNSA Headquarters and field sites. II. APPLICABILITY: NNSA federal staff and NNSA management and operating contractors, and other prime contractors as determined by NNSA Headquarters and/or field site management, shall use a defined formal process to tailor environment, safety, and health; project management; safeguards and security; quality assurance; business; and administrative standards and, as determined by NNSA management, other standards used to perform federal and contractor work. Here, the term standard encompasses federal,

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Office of Quality Management  

Broader source: Energy.gov [DOE]

The Office of Quality Management develops and interprets Government-wide policies and procedures and conducts training to ensure the accurate identification of information and documents that must be classified or controlled under statute or Executive order to protect the national security and controlled unclassified Official Use Only information for the effective operation of the Government.

442

Verifiable Active Safety for Automotive Cyber-Physical Systems with Humans in the Loop  

E-Print Network [OSTI]

-6925 A recent trend in the automotive industry is the rapid inclusion of electronics, computers and controlsVerifiable Active Safety for Automotive Cyber-Physical Systems with Humans in the Loop Francesco that focus entirely on improved functionality and overall system robustness. This makes the automotive sector

Rajkumar, Ragunathan "Raj"

443

Improved Power Grid Stability and Efficiency with a Building-Energy Cyber-Physical System  

E-Print Network [OSTI]

, or for sporadic reasons, for example a power plant goes offline unexpectedly (e.g., due to an earthquake or stagnant winds to propel wind turbines). Dur- ing an episode, the power grid operators must contend1 Improved Power Grid Stability and Efficiency with a Building-Energy Cyber-Physical System Mary

444

Towards automation of low standardized logistic processes by use of cyber physical robotic systems (CPRS)  

Science Journals Connector (OSTI)

Global logistics networks have an increasing demand for handling of general cargo. Particularly, huband-spoke networks requires a lot of handling actions in order to realize benefits in comparison to point-to-point networks. The use of automation technologies ... Keywords: cooperative robotics, cyber physical systems, human computer interaction, human machine interface, industrial robots, virtual reality

Bernd Scholz-Reiter; Moritz Rohde; Stefan Kunaschk; Michael Ltjen

2011-11-01T23:59:59.000Z

445

Cyber-Physical Systems for Optimal Energy Management Scheme of Autonomous Electric Vehicle  

Science Journals Connector (OSTI)

......cyber-physical systems; autonomous electric vehicle; energy management...applications [e.g., autonomous electric vehicle (AEV) with wireless...systems, such as aircrafts and automobiles, to large-scale systems...infrastructure that supplies electric energy for the recharging......

Jiafu Wan; Hehua Yan; Di Li; Keliang Zhou; Lu Zeng

2013-08-01T23:59:59.000Z

446

Towards A Framework for Cyber Social Status Based Trusted Open Collaboration  

E-Print Network [OSTI]

Towards A Framework for Cyber Social Status Based Trusted Open Collaboration Jaehong Park Institute University of Texas at San Antonio ravi.sandhu@utsa.edu Abstract--Collaboration takes place in both closed and open environments. While closed collaboration focuses on information or resource sharing amongst

Sandhu, Ravi

447

Security services architecture for Secure Mobile Grid Systems  

Science Journals Connector (OSTI)

Mobile Grid, is a full inheritor of the Grid with the additional feature that it supports mobile users and resources. Security is an important aspect in Grid based systems, and it is more complex to ensure this in a mobile platform owing to the limitations of resources in these devices. A Grid infrastructure that supports the participation of mobile nodes and incorporates security aspects will thus play a significant role in the development of Grid computing. The idea of developing software through systematic development processes to improve software quality is not new. However, many information systems such as those of Grid Computing are still not developed through methodologies which have been adapted to their most differentiating features. The lack of adequate development methods for this kind of systems in which security is taken into account has encouraged us to build a methodology to develop them, offering a detailed guide for their analysis, design and implementation. It is important to use software V&V techniques, according to IEEE Std. 1012 for Software Verification and Validation, to ensure that a software system meets the operational needs of the user. This ensures that the requirements for the system are correct, complete, and consistent, and that the life-cycle products correctly design and implement system requirements. This paper shows part of a development process that we are elaborating for the construction of information systems based on Grid Computing, which are highly dependent on mobile devices in which security plays a highly important role. In the design activity of the process, we design a security architecture which serves as a reference for any mobile Grid application that we wish to build since this security architecture defines a complete set of security services which will be instantiated depending on the requirements and features found in previous activities of the process. A V&V task is also defined in the design activity to validate and verify both the architecture built and the traceability of the artifacts generated in this activity. In this paper, we will present the service-oriented security architecture for Mobile Grid Systems which considers all possible security services that may be required for any mobile Grid application.

David G. Rosado; Eduardo Fernndez-Medina; Javier Lpez

2011-01-01T23:59:59.000Z

448

Secure Manufacturing | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Secure Secure Manufacturing Secure Manufacturing The depth and breadth of Y-12's manufacturing capabilities and expertise enable Y-12 to address current and emerging national security challenges by providing leadership and direction to perform the following activities: solving unique, high-risk manufacturing problems; eliminating the most difficult manufacturability and development obstacles; protecting classified and proprietary materials, components, and information; developing unique technologies to optimize manufacturing and systems performance; and executing projects cost effectively and with timeliness. Y-12 accomplishes this mission to meet the national security challenges of today and those of the future, with capability and expertise in the following areas:

449

Nuclear Security | National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

| National Nuclear Security Administration | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nuclear Security Home > About Us > Our Programs > Nuclear Security Nuclear Security The Office of Defense Nuclear Security (DNS) is responsible for the development and implementation of security programs for NNSA. In this capacity, DNS is the NNSA line management organization responsible for

450

Nuclear Security | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

| National Nuclear Security Administration | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nuclear Security Home > About Us > Our Programs > Nuclear Security Nuclear Security The Office of Defense Nuclear Security (DNS) is responsible for the development and implementation of security programs for NNSA. In this capacity, DNS is the NNSA line management organization responsible for

451

Nuclear Security Enterprise | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

Enterprise | National Nuclear Security Administration Enterprise | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Nuclear Security Enterprise Home > About Us > Our Programs > Defense Programs > Nuclear Security Enterprise Nuclear Security Enterprise The Nuclear Security Enterprise (NSE) mission is to ensure the Nation sustains a safe, secure, and effective nuclear deterrent through the

452

Better Security Through Discussion | Department of Energy  

Office of Environmental Management (EM)

Better Security Through Discussion Better Security Through Discussion Better Security Through Discussion More Documents & Publications Indiana Department of Homeland Security -...

453

Personnel Security Program Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

provides detailed requirements and procedures to supplement DOE O 472.1B, PERSONNEL SECURITY ACTIVITIES, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Cancels DOE M 472.1-1

2000-11-16T23:59:59.000Z

454

Personnel Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE). This Manual addresses only the Personnel Security Program.

1998-05-22T23:59:59.000Z

455

Office of Security Assistance  

Broader source: Energy.gov [DOE]

The Office of Security Assistance manages the Technology Deployment Program to improve the security posture of the Department of Energy and the protection of its assets and facilities through the deployment of new safeguards and security technologies and development of advanced technologies that reduce operating costs, save protective force lives, and improve security effectiveness.

456

NERSC Computer Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security NERSC Computer Security NERSC computer security efforts are aimed at protecting NERSC systems and its users' intellectual property from unauthorized access or modification. Among NERSC's security goal are: 1. To protect NERSC systems from unauthorized access. 2. To prevent the interruption of services to its users. 3. To prevent misuse or abuse of NERSC resources. Security Incidents If you think there has been a computer security incident you should contact NERSC Security as soon as possible at security@nersc.gov. You may also call the NERSC consultants (or NERSC Operations during non-business hours) at 1-800-66-NERSC. Please save any evidence of the break-in and include as many details as possible in your communication with us. NERSC Computer Security Tutorial

457

Office of Security Assistance  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security Home Sub Offices › Security Policy › Security Assistance › Departmental Personnel Security Mission & Functions › Security Policy › Security Assistance › Departmental Personnel Security Human Reliability Program (HRP) Guidance Documents Security Technology Information Archive (STIA) Related Links › DOE › DOE CIO › NNSA › DOE CFO › NTC › S&S PIR Contact Us HSS Logo Director's Perspective Welcome to the Office of Security Assistance Samuel N. Callahan, Director Mission and Functions The Office of Health, Safety, and Security (HSS) created the Office of Security Assistance Program to provide timely technical assistance and system support to field and Headquarters elements to enhance site security programs, upon request. The program is comprised of technologists and subject matter experts from all security disciplines including Program Management, Protection Program Operations, Information Security, Materials Control and Accountability, and Personnel Security. HSS is committed to building a security assistance program to serve the interests of the Department based upon the needs of our customers - with emphasis on customer-focus and meeting multi-disciplinary security needs. In Fiscal Year 2007, HSS performed extensive assistance activities at the request of DOE/NNSA program offices and field sites. The activities ranged from special and routine site survey assistance, physical and technical security inspections in support of the Office of Intelligence, Vulnerability Assessment and Design Basis Threat (DBT) implementation assistance, third-party, adversary support, and DBT implementation and planning validation activities associated with the Site Assistance Visits and Technology Assistance Visits. The security assistance provided to our customers included technical expertise tailored to augment site capabilities in critical fields.

458

A Trusted Computing Architecture for Secure Substation Automation  

Science Journals Connector (OSTI)

Most critical infrastructure systems can be modeled as cyber-physical systems whose cyber components control underlying physical processes so as to optimize specified system objectives based on physical propertie...

David Guidry; Mike Burmester; Xiuwen Liu

2013-01-01T23:59:59.000Z

459

Reliability Analysis for the Advanced Electric Power Grid: From Cyber Control and Communication to Physical Manifestations of Failure  

Science Journals Connector (OSTI)

The advanced electric power grid is a cyber-physical system comprised of ... of the device and the reliability of the power grid on which they are deployed. The IEEE118...

Ayman Z. Faza; Sahra Sedigh

2009-01-01T23:59:59.000Z

460

Water Use and Quality Assessment | Argonne National Laboratory  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

energy security and climate change, and not on the possible effects increased biofuel production may have on the quality and quantity of local and regional freshwater...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

T-560: Cisco Security Advisory: Management Center for Cisco Security...  

Broader source: Energy.gov (indexed) [DOE]

Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability T-560: Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code...

462

Global Security | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security Global Security We train nuclear industry professionals, emergency responders and security forces from around the world to safeguard vulnerable materials. Nuclear nonproliferation - stopping the spread of nuclear materials - is a critical part of creating a safer world. Y-12 has been working in nonproliferation since the early 1990s in more than 25 countries. As the nation reduces the size of its arsenal, Y-12 will play a central role in decommissioning weapons systems and providing weapons material for peacetime uses. We are a leader across the National Nuclear Security Administration in implementing technology and current training to ensure materials are protected with the highest degree of confidence. We provide the expertise to secure highly enriched uranium - domestically

463

Security Notice | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Notice Security Notice Security Notice Security Information This website is part of a federal computer system used to accomplish federal functions. Y-12 uses software programs to monitor this website for security purposes to ensure it remains available to all users and to protect information in the system. By accessing this website, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended purposes; to deny service to authorized users; to access, obtain, alter, damage, or destroy information; or otherwise to interfere with the system or its operation - all are prohibited. Evidence of such acts may be disclosed to law enforcement authorities and result in criminal prosecution under the Computer Fraud and

464

Office of Security Evaluations Appraisal Process Guide, April 2008  

Broader source: Energy.gov (indexed) [DOE]

SECURITY EVALUATIONS SECURITY EVALUATIONS APPRAISAL PROCESS GUIDE April 2008 Office of Health, Safety and Security U.S. Department of Energy Office of Security Evaluations Appraisal Process Guide Preface April 2008 i Preface The Office of Security Evaluations (HS-61) has prepared the Safeguards and Security Appraisal Process Guide, as part of a continuing effort to enhance the quality and consistency of safeguards and security appraisals. This guide should be used along with the Office of Independent Oversight (HS-60) Appraisal Process Protocols that describes the overall philosophy, scope, and general procedures applicable to all Independent Oversight appraisal activities, as dictated in DOE Orders 470.2B, Independent Oversight and Performance Assurance Program, and 226.1, Implementation of Department of Energy Oversight Policy. In

465

Preliminary Notice of Violation, National Security Technologies, LLC -  

Broader source: Energy.gov (indexed) [DOE]

National Security Technologies, National Security Technologies, LLC - NEA-2011-03 Preliminary Notice of Violation, National Security Technologies, LLC - NEA-2011-03 August 11, 2011 Preliminary Notice of Violation issued to National Security Technologies, LLC related to Deficiencies in Inspection and Installation of Penetration Fire Seals and Other Components at the Nevada National Security Site The Office of Health, Safety and Security's Office of Enforcement and Oversight has completed its investigation into the facts and circumstances associated with quality assurance (QA) related deficiencies in the inspection and installation of penetration fire seals and other components at the Criticality Experiments Facility (CEF) and the Device Assembly Facility (OAF) at the Nevada National Security Site. The results of

466

Homeland Security Programs | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Homeland Security Programs Homeland Security Programs SHARE Homeland Security Programs The Homeland Security Programs support the Department of Homeland Security (DHS), other federal and state agencies, and commercial partners. Through the integration of a number of key competencies, ORNL is able to provide critical operational, technical, and scientific support to these sponsors. A key focus of this area is to translate the critical research into operational capability for the security, protection, response, and recovery of the nation against natural and man-made events. Research Areas detecting, preventing, and reversing the proliferation of weapons of mass destruction deploying integrated systems for incident awareness, detection, and response providing technology for detecting explosives at the

467

National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

i. i. Message from the Administrator President Obama has reshaped our national security priorities making enterprise infrastructure modernization with integrated Information Technology (IT) capabilities a key strategic initiative. Our IT infrastructure must ensure that our workforce can access appropriate information in a secure, reliable, and cost-effective manner. Effective information sharing throughout the government enhances the national security of the United States (US). For the National Nuclear Security Administration (NNSA), effective information sharing helps strengthen our nuclear security mission; builds collaborative networks within NNSA as well as with the Department of Energy (DOE), Department of Defense (DoD), and other national security

468

Security Policy, Guidance & Reports  

Broader source: Energy.gov [DOE]

Preventing nuclear weapons materials and technologies from falling into the hands of adversaries seeking to develop weapons of mass destruction is the top priority of the Department of Energys corporate security programs. All Secretarial objectives are supported by a tailored level of security requirements for a wide range of Departmental scientific, research, and national security objectives based on the security significance of their national assets. DOE ensures that Departmental personnel security programs (including the National Nuclear Security Administration [NNSA]) are consistent and effectively implemented.

469

National Security Technology Incubator Operations Plan  

SciTech Connect (OSTI)

This report documents the operations plan for developing the National Security Technology Incubator (NSTI) program for southern New Mexico. The NSTI program will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. The NSTI program is being developed as part of the National Security Preparedness Project (NSPP), funded by Department of Energy (DOE)/National Nuclear Security Administration (NNSA). The operation plan includes detailed descriptions of the structure and organization, policies and procedures, scope, tactics, and logistics involved in sustainable functioning of the NSTI program. Additionally, the operations plan will provide detailed descriptions of continuous quality assurance measures based on recommended best practices in incubator development by the National Business Incubation Association (NBIA). Forms that assist in operations of NSTI have been drafted and can be found as an attachment to the document.

None

2008-04-30T23:59:59.000Z

470

Information Security Policy Policy Title Information Security Policy  

E-Print Network [OSTI]

Information Security Policy Policy Title Information Security Policy Responsible Executive Vice President of Information Technology and CIO Jay Dominick Responsible Office Office of Information Technology, Operations and Planning Endorsed by Information Security Policy Committee Contact Chief Information Security

Rowley, Clarence W.

471

Personal Security Assistance for Secure Internet Commerce  

E-Print Network [OSTI]

Jansson Swedish Institute of Computer Science Box 1263, S-164 28 Kista, Sweden ara@sics.se, sverker visiting your computer. Current agent security approaches are often based on trust in an ex- ternal assigned correct access-restrictions. We argue that a more rewarding security policy is to grant

Janson, Sverker

472

Office of Security Policy  

Broader source: Energy.gov [DOE]

The Office of Security Policy is the central source within the Department of Energy for the development and analysis of safeguards and security policies and standards affecting facilities, nuclear materials, personnel, and classified information.

473

Office of Information Security  

Broader source: Energy.gov [DOE]

The Office of Information Security is responsible for implementation of the Classified Matter Protection and Control Program (CMPC), the Operations Security Program (OPSEC) and the Facility Clearance Program and the Survey Program for Headquarters

474

Data Security ROCKVILLE, MD  

E-Print Network [OSTI]

by respondent identification. Thus, data security plans must be tailored to the unique needs and concerns of each data set: a "one-security-plan-fits-all" approach is neither feasible nor desirable. Nevertheless

Rau, Don C.

475

Rationale and Development of a Security Assurance Index with Application toward the Development of a World Risk Index  

SciTech Connect (OSTI)

Assurance categories were previously developed to support the Department of Homeland Securitys efforts in the mitigation of Cyber Control System events. Defined according to the risk of life and economic loss, the minimum range is designated by policy, whereas the maximum limit seems to be constrained only by limits and interdependencies of the event. Use of this life / assets scale has proven to be helpful in managing risk due to the scale's ease of use, communication, and understanding. Suggestions have been made that this scale could be applied to all events of terror, disaster, and calamity of an international scale, with equally good results. This paper presents the history of some existing scales of disaster and assurance, the rationale behind the development of the original Security Assurance Index, and our proposed scale of disaster and calamity as a World Risk Index.

M. M. Plum; G. A. Beitel, PhD

2006-06-01T23:59:59.000Z

476

Nuclear Security 101 | National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

101 | National Nuclear Security Administration 101 | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > Nuclear Security 101 Fact Sheet Nuclear Security 101 Mar 23, 2012 The goal of United States Government's nuclear security programs is to prevent the illegal possession, use or transfer of nuclear material,

477

Nuclear Security 101 | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

101 | National Nuclear Security Administration 101 | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > Nuclear Security 101 Fact Sheet Nuclear Security 101 Mar 23, 2012 The goal of United States Government's nuclear security programs is to prevent the illegal possession, use or transfer of nuclear material,

478

Security Scheme in Wireless Grid  

Science Journals Connector (OSTI)

In this paper, we considered the two security services of authorization and data security in wireless Grid. The security issues is related to authorization and security, specific to Grid, the characteristics of t...

Yue Hong Zhang; Li Hao; Zhong Shan Yang

2011-01-01T23:59:59.000Z

479

Personnel Security Program Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels: DOE M 472.1-1A.

2001-07-12T23:59:59.000Z

480

Bullying and Cyber-Bullying in Higher Education: Current Institutional Practice and Prevention  

E-Print Network [OSTI]

. (2010) believes bullying, especially cyber-bullying, is a real 21st century concern and that it must be addressed by those in power. 8 Chapter 2 Bullying of all forms continues to plague the educational system, with no clear methods... report that bullying exists in their schools and it largely through electronic means. Students believe they are anonymous through electronic means and now feel an aura of power and a willingness to say something they would never say in person...

Early, Jeremy Scott

2014-05-31T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

Security Analysis of Selected AMI Failure Scenarios Using Agent Based Game Theoretic Simulation  

SciTech Connect (OSTI)

Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our analysis on the Advanced Metering Infrastructure (AMI) functional domain which the National Electric Sector Cyber security Organization Resource (NESCOR) working group has currently documented 29 failure scenarios. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain. From these five selected scenarios, we characterize them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrates how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.

Abercrombie, Robert K [ORNL] [ORNL; Schlicher, Bob G [ORNL] [ORNL; Sheldon, Frederick T [ORNL] [ORNL

2014-01-01T23:59:59.000Z

482

D2Cyber: A Design Automation Tool for Dependable Cybercars  

E-Print Network [OSTI]

/or hydraulic systems. The use of electronic controllers in automotive systems has not only improved performance analysis of automotive systems considering electronics quality grade, cost, and temperature has not been incorporate electronic control units (ECUs) to implement various safety-critical functions such as x

483

Information Security Guide  

E-Print Network [OSTI]

Information Security Guide For Government Executives Pauline Bowen Elizabeth Chew Joan Hash #12; Table of Contents Introduction 1 Why do I need to invest in information security? 2 Where do I need to focus my attention in accomplishing critical information security goals? 4 What are the key activities

484

Lemnos Interoperable Security Program  

Broader source: Energy.gov (indexed) [DOE]

Lemnos Interoperable Security Program Lemnos Interoperable Security Program Creating common language and metrics for describing functions of network security tools and testing for interoperability As energy control systems employ more Internet-based features and routable communication methods, the need grows for enhanced security functions, such as firewalls, virtual private networks (VPNs), and intrusion detection systems. When purchasing network security products, today's control systems users cannot adequately compare products from different vendors because the industry lacks a widely accepted mechanism for evaluating functionality, performance,

485

Security | Argonne National Laboratory  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Security Security Nonproliferation and Nuclear Forensics Decision Science Sensors and Materials Security Enhancing national and homeland security requires technological advancements in everything from biosensors to risk assessments. Game-changing scientific discovery is required for the development of sensors, detectors and other technological advancements used to protect and defend our country. At Argonne, our highly collaborative community of scientists and engineers discover and develop critical security and defense technologies to prevent and mitigate events with the potential for mass disruption or destruction, thereby protecting our citizens and our national interests. Our goal is to make America a safer place through innovations in threat decision science, sensors and materials, infrastructure assurance,

486

T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability |  

Broader source: Energy.gov (indexed) [DOE]

74: Drupal Secure Password Hashes Module Security Bypass 74: Drupal Secure Password Hashes Module Security Bypass Vulnerability T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability July 22, 2011 - 3:00pm Addthis PROBLEM: Drupal Secure Password Hashes Module Security Bypass Vulnerability PLATFORM: Drupal Secure Password Hashes 6.X-1.0 Drupal Secure Password Hashes 5.X-1.4 ABSTRACT: The Secure Password Hashes module for Drupal is prone to a security-bypass vulnerability. reference LINKS: Drupal Homepage SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities IMPACT ASSESSMENT: Medium Discussion: This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the {users} database column but does not replace the pass attribute of the account

487

Enforcement Documents - Y-12 National Security Complex | Department of  

Broader source: Energy.gov (indexed) [DOE]

Y-12 National Security Complex Y-12 National Security Complex Enforcement Documents - Y-12 National Security Complex June 13, 2008 Preliminary Notice of Violation, Babcock & Wilcox Teclmical Services Y-12, LLC - NEA-2008-01 Preliminary Notice of Violation issued to Babcock & Wilcox Technical Services Y-12, LLC, related to a Uranium Chip Fire at the Y-12 National Security Complex September 18, 2007 Preliminary Notice of Violation, BWXT Y-12 LLC - EA-2007-04 Preliminary Notice of Violation issued to BWXT Y-12, LLC, related to Criticality Safety Controls at the Y-12 National Security Complex June 15, 2006 Enforcement Letter, BWXT Y-12 - June 15, 2006 Enforcement Letter issued to BWXT Y-12 related to Quality Assurance Deficiencies in construction activities at the Y-12 National Security

488

Security Evaluations Appraisal Process Guide - April 2008 | Department of  

Broader source: Energy.gov (indexed) [DOE]

Evaluations Appraisal Process Guide - April 2008 Evaluations Appraisal Process Guide - April 2008 Security Evaluations Appraisal Process Guide - April 2008 April 2008 The Safeguards and Security Appraisal Process Guide provides additional planning techniques and a detailed set of tables that describe the necessary steps to successfully conduct each phase of a safeguards and security appraisal activity. Office of Security Evaluations (HS-61) has prepared the Safeguards and Security Appraisal Process Guide, as part of a continuing effort to enhance the quality and consistency of safeguards and security appraisals. This guide should be used along with the Office of Independent Oversight (HS-60) Appraisal Process Protocols that describes the overall philosophy, scope, and general procedures applicable to all Independent Oversight appraisal

489

The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations  

Broader source: Energy.gov (indexed) [DOE]

T T T H H E E N N I I A A C C C C O O N N V V E E R R G G E E N N C C E E O O F F P P H H Y Y S S I I C C A A L L A A N N D D C C Y Y B B E E R R T T E E C C H H N N O O L L O O G G I I E E S S A A N N D D R R E E L L A A T T E E D D S S E E C C U U R R I I T T Y Y M M A A N N A A G G E E M M E E N N T T C C H H A A L L L L E E N N G G E E S S W W O O R R K K I I N N G G G G R R O O U U P P F F I I N N A A L L R R E E P P O O R R T T A A N N D D R R E E C C O O M M M M E E N N D D A A T T I I O O N N S S B B Y Y T T H H E E C C O O U U N N C C I I L L J J A A N N U U A A R R Y Y 1 1 6 6 , , 2 2 0 0 0 0 7 7 MARGARET E. GRAYSON WORKING GROUP CO-CHAIR PRESIDENT GRAYSON AND ASSOCIATES GREGORY PETERS WORKING GROUP CO-CHAIR MANAGING PARTNER COLLECTIVE IQ GEORGE CONRADES WORKING GROUP CO-CHAIR EXECUTIVE CHAIRMAN AKAMAI TECHNOLOGIES TABLE OF CONTENTS I. ACKNOWLEDGEMENTS.........................................................................................1 Working Group Members:

490

M&Ms4Graphs: Multi-scale, Multi-dimensional Graph Analytics Tools for Cyber-Security  

E-Print Network [OSTI]

ranging from micro- (host level) to macro-scale (enterprise level). Achievements · Major release of Graph Library - Exhibit at GraphLab Conference, July 2014 · Selected publications 1. "Towards A Networks-of-Networks of Machine Learning Research, 2014. Rendering of Network Traffic Data Showing Communication between IP

491

Transforming CyberSecurity R&D within the Department of Energy: Getting Ahead of The Threat  

SciTech Connect (OSTI)

This report outlines a preliminary response from DOE researchers to the following three questions: a) what are the key priorities w.r.t. cybersecurity R&D over the next decade? b) what would we recommend, in terms of a program, to address those priorities c) how would a DOE Office of Science program in this area complement other cybersecurity R&D initiatives such as NSF's or other agency programs?

Frincke, Deborah A.; Catlett, Charlie; Siebenlist, Frank; Strelitz, Richard; Talbot, Ed; Worley, Brian

2008-01-01T23:59:59.000Z

492

Fundamental Limits of Cyber-Physical Security in Smart Power Grids Yue Zhao, Andrea Goldsmith, and H. Vincent Poor  

E-Print Network [OSTI]

) for detecting such attacks, while attackers devise attacks that are unobservable by such PMU networks attacks leads to a natural characterization of their potential impacts. With optimized PMU deployment there be data attacks on measurements that disrupt situation awareness [1], but also control signals of many

Zhao, Yue

493

NISTIR 7628 Guidelines for  

E-Print Network [OSTI]

NISTIR 7628 Guidelines for Smart Grid Cyber Security: Vol. 1, Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements The Smart Grid Interoperability Panel ­ Cyber Security Working Group August 2010 #12;NISTIR 7628 Guidelines for Smart Grid Cyber Security: Vol. 1, Smart Grid Cyber Security

494

Quality Assurance Exchange August 2011  

Broader source: Energy.gov (indexed) [DOE]

The Department of Energy's (DOE's) Office The Department of Energy's (DOE's) Office of Health, Safety and Security (HSS) reorganized in May 2011, and within HSS, the Office of Quality Assurance Policy and Assistance (HS-23) is now the Office of Quality Assurance (HS-33) (see http://www.hss.doe.gov/orgchart.html). The Office of Quality Assurance reports to the newly formed Office of Nuclear Safety (HS-30) whose Director reports to the Chief Health, Safety and Security Officer, Mr. Glenn Podonsky. While the name of my office has changed slightly, our mission and functions remain the same. The entire staff of HS-33 is excited about this change and looks forward to the new interfaces, endeavors, and challenges in the coming years. Other exciting news is that DOE Order (O) 414.1D, Quality Assurance, was approved and issued

495

Secure upgrade of hardware security modules in bank networks  

Science Journals Connector (OSTI)

We study the secure upgrade of critical components in wide networked systems, focussing on the case study of PIN processing Hardware Security Modules (HSMs). These tamper-resistant devices, used by banks to securely transmit and verify the PIN typed ... Keywords: PIN processing, hardware security modules, security APIs, upgrade strategies

Riccardo Focardi; Flaminia L. Luccio

2010-03-01T23:59:59.000Z

496

National Nuclear Security Administration | Department of Energy  

Office of Environmental Management (EM)

National Nuclear Security Administration National Nuclear Security Administration National Nuclear Security Administration More Documents & Publications Global Threat Reduction...

497

Waste Isolation Pilot Plant Transportation Security | Department...  

Office of Environmental Management (EM)

Waste Isolation Pilot Plant Transportation Security Waste Isolation Pilot Plant Transportation Security Waste Isolation Pilot Plant Transportation Security More Documents &...

498

SECURITY TERMINATION STATEMENT | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

SECURITY TERMINATION STATEMENT SECURITY TERMINATION STATEMENT Form provides an individual's statement in connection with the termination of access authorization (security...

499

Office of Security Operations  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Office of Physical Protection Office of Physical Protection Bill Dwyer Director, 202-586-7887 Mission The mission of the Office of Physical Protection is to implement and oversee dedicated human resources, processes, and equipment designed to protect personnel and assets entrusted to our care at Department of Energy (DOE) Headquarters facilities. The Office is comprised of dedicated DOE Federal security professionals, Headquarters Protective Force personnel, and Alarms and Access Control Technicians. These security subject matter experts work together to ensure compliance with DOE Safeguards and Security regulations, Interagency Security Committee guidance, and federal laws. The result of this collaboration is a security program designed to ensure a safe and secure working environment for all Headquarters employees.

500

National Security Science Archive  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

National Security Science » National Security Science » NSS Archive National Security Science magazine Latest Issue:April 2013 All Issues » submit National Security Science Archive Using its broad and unique scientific and engineering capabilities, the Laboratory solves a diverse set of challenges to national and global security and the weapons programs. National Security Science magazine showcases the breadth and depth of the Laboratory's scientific and technical work to policy makers, the general public, academia, and scientific and technical experts. past issues cover Issue 2 2012 interactive | web | pdf past issues cover Issue 1 2012 interactive | web | pdf past issues cover Issue 3 2011 web | pdf past issues cover Issue 2 2011 web | pdf past issues cover Issue 1 2011 web | pdf past issues cover