Powered by Deep Web Technologies
Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

Cyber Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Cyber Security Previous cybersecurity evaluations and designs were often dependent upon personal experience and limited empirical evidence. An LDRD project focused on cybersecurity...

2

Cyber Security & Smart Grid  

E-Print Network [OSTI]

Cyber Security & Smart Grid Jonathan Shapiro Texas Institute The Clean Air Through Energy Efficiency (CATEE) Conference Cyber Security & Smart Grid ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Cyber Security and The Smart... and communication protocols. ESL-KT-11-11-23 CATEE 2011, Dallas, Texas, Nov. 7 ? 9, 2011 Smart Grid Systems ?Current Cyber Security Issues ? Advanced Metering Infrastructure (AMI) Security ? The wireless devices are used in the smart meters located...

Shapiro, J.

2011-01-01T23:59:59.000Z

3

Enhance your Cyber Security Knowledge  

E-Print Network [OSTI]

Enhance your Cyber Security Knowledge About NPS CS FUNDAMENTALS: Create a strong foundational by increasing the effectiveness of the armed forces of the United States and its allies. Cyber Security-4015 About CISR #12;Cyber Security Adversarial Techniques Cyber Security Defense Cyber Security Fundamentals

4

Cyber Security Architecture Guidelines  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

2001-03-08T23:59:59.000Z

5

Departmental Cyber Security Management Policy  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Departmental Cyber Security Management (DCSM) Policy was developed to further clarify and support the elements of the Integrated Safeguards and Security Management (ISSM) Policy regarding cyber security. Certified 9-23-10. No cancellation.

2001-05-08T23:59:59.000Z

6

Metaphors for cyber security.  

SciTech Connect (OSTI)

This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

2008-08-01T23:59:59.000Z

7

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation.

2008-08-12T23:59:59.000Z

8

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation. Admin Chg 1 dated 9-1-09.

2008-08-12T23:59:59.000Z

9

Extension of DOE Directive on Cyber Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, is extended until 6/4/04.

2003-06-04T23:59:59.000Z

10

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

2009-01-08T23:59:59.000Z

11

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

2009-01-08T23:59:59.000Z

12

Information Security: Coordination of Federal Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

and Technology Policy establish timelines for developing a federal agenda for cyber security research. GAO also recommends that the Office of Management and Budget (OMB) issue...

13

INL@Work Cyber Security  

SciTech Connect (OSTI)

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

Chaffin, May

2010-01-01T23:59:59.000Z

14

Cyber Security Process Requirements Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security management processes throughout the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B. No cancellations.

2008-08-12T23:59:59.000Z

15

INL@Work Cyber Security  

ScienceCinema (OSTI)

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

Chaffin, May

2013-05-28T23:59:59.000Z

16

Cyber Security Incident Management Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-08T23:59:59.000Z

17

DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS...  

Broader source: Energy.gov (indexed) [DOE]

CORE COMPETENCY TRAINING REQUIREMENTS: CA DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS. Key Cyber...

18

Visualizing Cyber Security: Usable Workspaces  

SciTech Connect (OSTI)

An environment that supports cyber analytics work should enable multiple, simultaneous investigations, information foraging, and provide a solution space for organizing data. We describe our study of cyber security professionals and visualizations in a large, high-resolution display work environment. We discuss the tasks and needs of analysts that such an environment can support and present several prototypes designed to support these needs. We conclude with a usability evaluation of the prototypes and additional lessons learned.

Fink, Glenn A.; North, Christopher L.; Endert, Alexander; Rose, Stuart J.

2009-10-11T23:59:59.000Z

19

Cyber Security and Resilient Systems  

SciTech Connect (OSTI)

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

Robert S. Anderson

2009-07-01T23:59:59.000Z

20

Third Annual Cyber Security and Information  

E-Print Network [OSTI]

Third Annual Cyber Security and Information Infrastructure Research Workshop May 14-15, 2007 TOWARDS COMPREHENSIVE STRATEGIES THAT MEET THE CYBER SECURITY CHALLENGES OF THE 21ST CENTURY Frederick Sheldon, Axel Krings, Seong-Moo Yoo, and Ali Mili (Editors) #12;CSIIRW07: Cyber Security and Information

Krings, Axel W.

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

cyber-security analysis of the SCADA system of the Gignac water distributioncyber security of SCADA systems managing other infrastructures (e.g. , oil and natural gas distribution

Amin, Saurabh

2011-01-01T23:59:59.000Z

22

THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders  

E-Print Network [OSTI]

THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security in Engineering, ACE-CS immerses students in the cyber-security discipline through a combination of intense in Engineering on Cyber Security (ACE-CS) [1] is to develop the next generation of cyber-security leaders

Older, Susan

23

INSTITUTE FOR CYBER SECURITY Application-Centric Security  

E-Print Network [OSTI]

INSTITUTE FOR CYBER SECURITY Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio

Sandhu, Ravi

24

Using Operational Security (OPSEC) to Support a Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Cyber Security: Defense in Depth Strategies The Chief Information Officer (CIO) at the U 2014 Headquarters Facilities Master Security Plan - Chapter 8, Operations Security Program...

25

Microgrid cyber security reference architecture.  

SciTech Connect (OSTI)

This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

2013-07-01T23:59:59.000Z

26

Department of Energy Cyber Security Management Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

2003-03-21T23:59:59.000Z

27

Department of Energy Cyber Security Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

2006-12-04T23:59:59.000Z

28

Cyber Security in Smart Grid Substations  

E-Print Network [OSTI]

Cyber Security in Smart Grid Substations Thijs Baars Lucas van den Bemd Michail Theuns Robin van.089 3508 TB Utrecht The Netherlands #12;CYBER SECURITY IN SMART GRID SUBSTATIONS Thijs Baars T.Brinkkemper@uu.nl Abstract. This report describes the state of smart grid security in Europe, specifically the Netherlands

Utrecht, Universiteit

29

Common Cyber Security Vulnerabilities Observed in Control System...  

Broader source: Energy.gov (indexed) [DOE]

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

30

Office of Electricity Delivery and Energy Reliability Cyber Security...  

Broader source: Energy.gov (indexed) [DOE]

Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections Office of Electricity Delivery and Energy Reliability Cyber Security Project Selections On...

31

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS...  

Broader source: Energy.gov (indexed) [DOE]

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA Cybersecurity Program Manager (CSPM...

32

THE ADVANCED COURSE IN ENGINEERING ON CYBER A Learning Community for Developing Cyber-Security Leaders  

E-Print Network [OSTI]

THE ADVANCED COURSE IN ENGINEERING ON CYBER SECURITY A Learning Community for Developing Cyber-Security Advanced Course in Engineering, ACE-CS immerses students in the cyber-security discipline through for the program. Key words: Cyber-security education, technical leadership, learning community. 1. INTRODUCTION

33

Mathematical and Statistical Opportunities in Cyber Security  

SciTech Connect (OSTI)

The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question 'What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics'? Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences.

Meza, Juan; Campbell, Scott; Bailey, David

2009-03-23T23:59:59.000Z

34

Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

2002-03-18T23:59:59.000Z

35

The Science, Engineering, and Business of Cyber Security  

E-Print Network [OSTI]

's nuclear football © Ravi Sandhu 7 World-Leading Research with Real-World Impact! Cyber Security Goal ManyThe Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas at San

Sandhu, Ravi

36

A Two-Constraint Approach to Risky CyberSecurity  

E-Print Network [OSTI]

A Two-Constraint Approach to Risky CyberSecurity Experiment Management John Wroclawski, Jelena Mirkovic, Ted Faber, Stephen Schwab #12;Risky CyberSecurity Research CyberSecurity systems becoming more;Domains of interest Traditional risky experiment Virus dissection Modern risky CyberSecurity

Faber, Ted

37

CyberSafety: On the Interactions between CyberSecurity and the  

E-Print Network [OSTI]

CyberSafety: On the Interactions between CyberSecurity and the Software Engineering of SafetyRZ. johnson@dcs.gla.ac.uk, http://www.dcs.gla.ac.uk/~johnson Keywords: Cyber Security, Cyber Safety security concerns. Malware has been detected in power distribution, healthcare, military and transportation

Johnson, Chris

38

Cyber Security Audit and Attack Detection Toolkit  

SciTech Connect (OSTI)

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Peterson, Dale

2012-05-31T23:59:59.000Z

39

INSTITUTE FOR CYBER SECURITY The PEI Framework for  

E-Print Network [OSTI]

not the right decision for securing distributed systems © Ravi Sandhu 5 #12;INSTITUTE FOR CYBER SECURITY PostINSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio May

Sandhu, Ravi

40

Control Systems Cyber Security Standards Support Activities  

SciTech Connect (OSTI)

The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

Robert Evans

2009-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

INSTITUTE FOR CYBER SECURITY A Hybrid Enforcement Model for  

E-Print Network [OSTI]

-leading research with real-world impact! #12;INSTITUTE FOR CYBER SECURITY Super vs Micro-distribution in g-SIS 8INSTITUTE FOR CYBER SECURITY A Hybrid Enforcement Model for Group-Centric Secure Information Executive Director and Endowed Professor Institute for Cyber Security University of Texas at San Antonio

Sandhu, Ravi

42

Cyber-security Research Ethics Dialogue & Strategy Erin Kenneally  

E-Print Network [OSTI]

Cyber-security Research Ethics Dialogue & Strategy Workshop Erin Kenneally CAIDA/UC, San Diego La The inaugural Cyber-security Research Ethics Dialogue & Strat- egy Workshop was held on May 23, 2013

California at San Diego, University of

43

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Modifications correct changes to the composition of Senior DOE Management organizations, name change from DOE Cyber Incident Response Capability to Joint Cybersecurity Coordination Center and transfer of responsibility for communications security and TEMPEST to the Office of Health, Safety and Security.

2012-12-06T23:59:59.000Z

44

Mathematical and Statistical Opportunities in Cyber Security Scott Campbell  

E-Print Network [OSTI]

Mathematical and Statistical Opportunities in Cyber Security Juan Meza Scott Campbell David Bailey problems exist within cyber security research that can be helped by advanced mathematics and statistics large and complex systems like the Internet. Our second assumption is that many proposed cyber security

Bailey, David H.

45

Formulating Cyber-Security as Convex Optimization Problems  

E-Print Network [OSTI]

Formulating Cyber-Security as Convex Optimization Problems Kyriakos G. Vamvoudakis, Jo~ao P. Mission-centric cyber-security analysts require a complete overview and understanding of the state. Keywords: Cyber-Security, Convex Optimization, System Identifica- tion, iCTF 1 Introduction Guaranteeing

Hespanha, JoĂŁo Pedro

46

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director cai@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Squicciarini, Anna Cinzia

47

Center for Cyber-Security, Information Privacy, and Trust  

E-Print Network [OSTI]

Center for Cyber-Security, Information Privacy, and Trust http://cybersecurity.ist.psu.edu Dr. Peng Liu, Director pliu@ist.psu.edu Center for Cyber-Security, Information Privacy, and Trust 16802-6822 The Center for Cyber-Security, Information Privacy, and Trust, aka Lions Center

Giles, C. Lee

48

Formulating Cyber-Security as Convex Optimization Problems  

E-Print Network [OSTI]

Formulating Cyber-Security as Convex Optimization ProblemsĂ? Kyriakos G. Vamvoudakis1 , Jo~ao P,vigna}@cs.ucsb.edu Abstract. Mission-centric cyber-security analysts require a complete overview and understanding The Flag (iCTF) hacking competition. Keywords: Cyber-Security, Convex Optimization, System Identifica- tion

Vigna, Giovanni

49

Cyber Security Audit and Attack Detection Toolkit: National SCADA...  

Broader source: Energy.gov (indexed) [DOE]

project of the cyber security audit and attack detection toolkit is adding control system intelligence to widely deployed enterprise vulnerability scanners and security event...

50

Cyber Security Audit and Attack Detection Toolkit: Bandolier...  

Broader source: Energy.gov (indexed) [DOE]

This project of the cyber security audit and attack detection toolkit will employ Bandolier Audit Files for optimizing security configurations and the Portaledge event detection...

51

Lessons Learned from Cyber Security Assessments of SCADA and...  

Broader source: Energy.gov (indexed) [DOE]

of Energy Office of Electricity Delivery and Energy Reliability Enhancing control systems security in the energy sector NSTB September 2006 LESSONS LEARNED FROM CYBER SECURITY...

52

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8

2011-05-16T23:59:59.000Z

53

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, cancels Chg 2.

2011-05-16T23:59:59.000Z

54

Cyber Security Requirements for Risk Management  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-19T23:59:59.000Z

55

SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems  

E-Print Network [OSTI]

SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA of the power network. From another perspective the authors of [7] attempted to quantify the impact of a cyber is to identify the vulnerabilities of these safety critical infrastruc- tures, determine the impact that possible

Johansson, Karl Henrik

56

Cyber Security Companies, governments, and consumers depend on secure and reliable  

E-Print Network [OSTI]

Cyber Security Companies, governments, and consumers depend on secure and reliable computer-speed computers all introduce new cyber-security challenges. Cyber- security researchers at the University in the software development cycle. e also creates secure authentication protocols for vulnerable distributed

Hill, Wendell T.

57

Towards Efficient Collaboration in Cyber Security  

SciTech Connect (OSTI)

Cyber security analysts in different geographical and organizational domains are often largely tasked with similar duties, albeit with domain-specific variations. These analysts necessarily perform much of the same work independently— for instance, analyzing the same list of security bulletins released by largely the same set of software vendors. As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert each other to high-severity security alerts in a more timely fashion. However, several barriers to practical and efficient collaboration exist, and as such, no such framework exists to support such efforts. In this paper, we discuss the inherent difficulties which make efficient collaboration between cyber security analysts a difficult goal to achieve. We discuss preliminary ideas and concepts towards a collaborative cyber-security framework currently under development, whose goal is to facilitate analyst collaboration across these boundaries. While still in its early stages, we describe work-in-progress towards achieving this goal, including motivation, functionality, concepts, and a high-level description of the proposed system architecture.

Hui, Peter SY; Bruce, Joseph R.; Fink, Glenn A.; Gregory, Michelle L.; Best, Daniel M.; McGrath, Liam R.; Endert, Alexander

2010-06-03T23:59:59.000Z

58

Chapter_14_Cyber_Security  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-Up fromDepartmentTieCelebrate Earth Day with SecretaryDerivedof&6. LIST OF::124 Cyber

59

Cyber Security | More Science | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth7-1D: Vegetation Proposed Newcatalyst phases onOrganization FY 2012 FYCustomer-Comments SignCyanideCYBER

60

Primer Control System Cyber Security Framework and Technical Metrics  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

Wayne F. Boyer; Miles A. McQueen

2008-05-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012.

2011-05-16T23:59:59.000Z

62

Department of Energy Cyber Security Program  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012; Chg 2, dated 3-11-13.

2011-05-16T23:59:59.000Z

63

Lessons Learned from Cyber Security Assessments of SCADA and...  

Energy Savers [EERE]

Energy Management Systems Results from ten cyber security vulnerability assessments of process control, SCADA, and energy management systems were reviewed to identify common...

64

Sandia National Laboratories: Cyber Security for Electric Infrastructu...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

advancements in phasor measurement units (PMUs), distributed energy resources (DER), smart-grid technologies, and cloud computing services represent significant cyber security...

65

Security Informatics Research Challenges for Mitigating Cyber Friendly Fire  

SciTech Connect (OSTI)

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly re (FF). We dene cyber FF as intentional o*ensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission e*ectiveness of friendly or neutral forces. We describe examples of cyber FF and discuss how it ts within a general conceptual framework for cyber security failures. Because it involves human failure, cyber FF may be considered to belong to a sub-class of cyber security failures characterized as unintentional insider threats. Cyber FF is closely related to combat friendly re in that maintaining situation awareness (SA) is paramount to avoiding unintended consequences. Cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and o*ensive countermeasures that may be applied to thwart network attacks. We describe a test bed designed to support empirical research on factors a*ecting cyber FF. Finally, we discuss mitigation strategies to combat cyber FF, including both training concepts and suggestions for decision aids and visualization approaches.

Carroll, Thomas E.; Greitzer, Frank L.; Roberts, Adam D.

2014-09-30T23:59:59.000Z

66

Critical Infrastructure and Cyber Security  

E-Print Network [OSTI]

that employ stealth methods such as steganography, allowing botmasters to exploit public forums and search engines #1; As U.S. national elections draw near, an increase in phishing, scams and malicious code targeting candidates, campaigns, etc.... Chemical Manufacturing The Chemical Manufacturing sector combines organic and inorganic materials to make chemicals used in everyday life and that contribute to the national security, public safety, and economic security. The components...

Doll, Abby; Pirrong, Renee; Jennings, Matthew; Stasny, George; Giblin, Andy; Shaffer, Steph; Anderson, Aimee

2011-01-01T23:59:59.000Z

67

Norwich University Applied Research Institutes Cyber Security Education/Training and Exercises  

E-Print Network [OSTI]

Norwich University Applied Research Institutes Cyber Security Education/Training and Exercises October 18, 2013 ­ University of Memphis Cyber Security Expo #12;Training ­ Cyber Incident Awareness Training Emergency Management for IT Professionals Cyber Security Exercise Development Tools ­ Cyber Smart

Dasgupta, Dipankar

68

Lecture 13: Control System Cyber Security  

E-Print Network [OSTI]

Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

CERN. Geneva

2013-01-01T23:59:59.000Z

69

Cyber Security Requirements for Wireless Devices and Information Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

2004-02-11T23:59:59.000Z

70

Help for the Developers of Control System Cyber Security Standards  

SciTech Connect (OSTI)

A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

Robert P. Evans

2008-05-01T23:59:59.000Z

71

October 2014 Mid-South Cyber Security Summit  

E-Print Network [OSTI]

government, industry, and academia. *Source: FCW citation: http://fcw.com/articles/2011/11/10/cybersecurity-workforce-planOctober 2014 Mid-South Cyber Security Summit Achieving Cybersecurity Excellence Through Evolution of the Nation's Cyber Workforce Benjamin Scribner Department of Homeland Security (DHS) National Cybersecurity

Dasgupta, Dipankar

72

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability  

E-Print Network [OSTI]

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 ? 25, 2010 ESL-HH-10-08-09 Proceedings of the 17... of Smart Grid devices ? Describe progress made in Smart Grid security ? Propose a more robust approach to SG security ? Describe needs for further research and development ESL-HH-10-08-09 Proceedings of the 17th Symposium for Improving Building Systems...

Ragsdale, G.

73

Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop  

SciTech Connect (OSTI)

The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

Sheldon, Frederick T [ORNL; Krings, Axel [ORNL; Yoo, Seong-Moo [ORNL; Mili, Ali [ORNL; Trien, Joseph P [ORNL

2006-01-01T23:59:59.000Z

74

Cyber safety : a systems thinking and systems theory approach to managing cyber security risks  

E-Print Network [OSTI]

If we are to manage cyber security risks more effectively in today's complex and dynamic Web 2.0 environment, then a new way of thinking is needed to complement traditional approaches. According to Symantec's 2014 Internet ...

Salim, Hamid M

2014-01-01T23:59:59.000Z

75

CyberPhysical System Security for the Electric Power Grid  

E-Print Network [OSTI]

systems that may be vulnerable to security attacks is discussed in this paper as are control loop successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grid's dependency of the cyber­physical relationships within the smart grid and a specific review of possible attack vectors

Manimaran, Govindarasu

76

Process Control System Cyber Security Standards - An Overview  

SciTech Connect (OSTI)

The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

Robert P. Evans

2006-05-01T23:59:59.000Z

77

Cyber Security Testing and Training Programs for Industrial Control Systems  

SciTech Connect (OSTI)

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

Daniel Noyes

2012-03-01T23:59:59.000Z

78

Gamification for Measuring Cyber Security Situational Awareness  

SciTech Connect (OSTI)

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

2013-03-01T23:59:59.000Z

79

Workshop on Scalable Cyber-Security Challenges in Large-Scale Networks: Deployment Obstacles  

E-Print Network [OSTI]

Workshop on Scalable Cyber-Security Challenges in Large-Scale Networks: Deployment Obstacles Large, and Definitions of Cybersecurity.... 8 Conventional Wisdom is Inadequate....................................... 9 Directions in Scalable Cyber-Security in Large-Scale Networks: Deployment Obstacles." The workshop

Feigenbaum, Joan

80

On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem  

E-Print Network [OSTI]

1 On the Exact Solution to a Smart Grid Cyber-Security Analysis Problem Kin Cheong Sou, Henrik Sandberg and Karl Henrik Johansson Abstract--This paper considers a smart grid cyber-security problem

Johansson, Karl Henrik

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

Cyber Security via Minority Games with Epistatic Signaling (Extended Abstract)  

E-Print Network [OSTI]

Cyber Security via Minority Games with Epistatic Signaling (Extended Abstract) W. Casey, L. Metcalf occurs when deceptions are employed in order to breach the security of the system, thus making the entire profiles (e.g., the distribution of players employing various kinds of vulnerability and threat predictions

Mishra, Bud

82

Cyber-Physical Systems Security for Smart Grid  

E-Print Network [OSTI]

Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy Acknowledgements This white paper was developed as one of nine white papers in the project "The Future Grid

83

Cyber-Physical Systems Security for Smart Grid  

E-Print Network [OSTI]

Cyber-Physical Systems Security for Smart Grid Future Grid Initiative White Paper Power Systems-Physical Systems Security for Smart Grid Prepared for the Project "The Future Grid to Enable Sustainable Energy as one of nine white papers in the project "The Future Grid to Enable Sustainable Energy Systems

84

Cyber Security Challenges in Using Cloud Computing in the Electric Utility Industry  

SciTech Connect (OSTI)

This document contains introductory material that discusses cyber security challenges in using cloud computing in the electric utility industry.

Akyol, Bora A.

2012-09-01T23:59:59.000Z

85

Cyber Security and Trust Research & DevelopmentCyber Security and Trust Research & Development http://www.ISTS.dartmouth.eduhttp://www.ISTS.dartmouth.edu  

E-Print Network [OSTI]

Cyber Security and Trust Research & DevelopmentCyber Security and Trust Research & Development http of a discrete distribution: www.ISTS.dartmouth.edu Entropy reminder INSTITUTE FOR SECURITY TECHNOLOGY STUDIES to packets & provide a visual summary? www.ISTS.dartmouth.edu Motivation INSTITUTE FOR SECURITY

Pellacini, Fabio

86

RT-Based Administrative Models for Community Cyber Security Information Sharing  

E-Print Network [OSTI]

RT-Based Administrative Models for Community Cyber Security Information Sharing Ravi Sandhu, Khalid Zaman Bijon, Xin Jin, and Ram Krishnan Institute for Cyber Security & Department of Computer Science Institute for Cyber Security & Department of Electrical and Computer Engineering University of Texas at San

Sandhu, Ravi

87

Towards Efficient Collaboration in Cyber Security Peter Hui Joe Bruce Glenn Fink  

E-Print Network [OSTI]

. INTRODUCTION Although distributed geographically and often across different organizations, cyber-securityTowards Efficient Collaboration in Cyber Security Peter Hui Joe Bruce Glenn Fink Michelle Gregory University aendert@cs.vt.edu ABSTRACT Cyber security analysts in different geographical and organizational

88

CYSEP --A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao  

E-Print Network [OSTI]

1 of 9 CYSEP -- A CYBER-SECURITY PROCESSOR FOR 10GBPS NETWORKS AND BEYOND H. Jonathan Chao.2Interface Memory Controller Cyber-Security Processor SPI4.2Interface To PCI Bus To Memory ToFramer To NP or End Sy stem Figure 1. Cyber-Security Processor (CYSEP) architecture The Firewall and Intrusion

Chao, Jonathan

89

Process Control System Cyber Security Standards - An Overview  

SciTech Connect (OSTI)

The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

2005-10-01T23:59:59.000Z

90

Cyber Security Evaluation of II&C Technologies  

SciTech Connect (OSTI)

The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.

Ken Thomas

2014-11-01T23:59:59.000Z

91

IEEE TRANSACTIONS ON SMART GRID, VOL. 4, NO. 2, JUNE 2013 847 Cyber-Physical Security Testbeds: Architecture,  

E-Print Network [OSTI]

IEEE TRANSACTIONS ON SMART GRID, VOL. 4, NO. 2, JUNE 2013 847 Cyber-Physical Security Testbeds-physical systems, cyber security, smart grid, testbeds. I. INTRODUCTION CYBER security incidents have gained the importance of cyber security due to more substantial ICT dependencies. The U.S. Department of Energy (DOE

Manimaran, Govindarasu

92

Cyber Security Through Science | More Science | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth7-1D: Vegetation Proposed Newcatalyst phases onOrganization FY 2012 FYCustomer-Comments SignCyanideCYBER -Cyber

93

A Hierarchical Security Architecture for Cyber-Physical Systems  

SciTech Connect (OSTI)

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Quanyan Zhu; Tamer Basar

2011-08-01T23:59:59.000Z

94

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

her students on security of process control systems. I amcyber-security tools for process control systems. In theon the security mechanisms of process control systems, few

Amin, Saurabh

2011-01-01T23:59:59.000Z

95

MODELING SECURITY IN CYBER-PHYSICAL SYSTEMS  

E-Print Network [OSTI]

network at the Davis-Besse nuclear power plant in Oak Harbor, Ohio, was infected [39]. There have been the behavior of the adversary is controlled by a threat model that captures both the cyber aspects (with-physical systems, threat models, protocols for treaty verification. 1. Introduction The rapid growth of information

Burmester, Mike

96

A Comparison of Cross-Sector Cyber Security Standards  

SciTech Connect (OSTI)

This report presents a review and comparison (commonality and differences) of three cross-sector cyber security standards and an internationally recognized information technology standard. The comparison identifies the security areas covered by each standard and reveals where the standards differ in emphasis. By identifying differences in the standards, the user can evaluate which standard best meets their needs. For this report, only cross-sector standards were reviewed.

Robert P. Evans

2005-09-01T23:59:59.000Z

97

CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the system’s cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

Kathleen A. Lee

2008-01-01T23:59:59.000Z

98

Automatic Labeling for Entity Extraction in Cyber Security  

SciTech Connect (OSTI)

Timely analysis of cyber-security information necessitates automated information extraction from unstructured text. While state-of-the-art extraction methods produce extremely accurate results, they require ample training data, which is generally unavailable for specialized applications, such as detecting security related entities; moreover, manual annotation of corpora is very costly and often not a viable solution. In response, we develop a very precise method to automatically label text from several data sources by leveraging related, domain-specific, structured data and provide public access to a corpus annotated with cyber-security entities. Next, we implement a Maximum Entropy Model trained with the average perceptron on a portion of our corpus (~750,000 words) and achieve near perfect precision, recall, and accuracy, with training times under 17 seconds.

Bridges, Robert A [ORNL] [ORNL; Jones, Corinne L [ORNL] [ORNL; Iannacone, Michael D [ORNL] [ORNL; Testa, Kelly M [ORNL] [ORNL; Goodall, John R [ORNL] [ORNL

2014-01-01T23:59:59.000Z

99

GridStat – Cyber Security and Regional Deployment Project Report  

SciTech Connect (OSTI)

GridStat is a developing communication technology to provide real-time data delivery services to the electric power grid. It is being developed in a collaborative effort between the Electrical Power Engineering and Distributed Computing Science Departments at Washington State University. Improving the cyber security of GridStat was the principle focus of this project. A regional network was established to test GridStat’s cyber security mechanisms in a realistic environment. The network consists of nodes at Pacific Northwest National Laboratory, Idaho National Laboratory, and Washington State University. Idaho National Laboratory (INL) was tasked with performing the security assessment, the results of which detailed a number or easily resolvable and previously unknown issues, as well as a number of difficult and previously known issues. Going forward we recommend additional development prior to commercialization of GridStat. The development plan is structured into three domains: Core Development, Cyber Security and Pilot Projects. Each domain contains a number of phased subtasks that build upon each other to increase the robustness and maturity of GridStat.

Clements, Samuel L.

2009-02-18T23:59:59.000Z

100

Evaluation Report on "The Department's Unclassified Cyber Security Program"  

SciTech Connect (OSTI)

Industry experts report that security challenges and threats are continually evolving as malicious activity has become more web-based and attackers are able to rapidly adapt their attack methods. In addition, the number of data breaches continues to rise. In an effort to mitigate and address threats and protect valuable information, the Department of Energy anticipated spending about $275 million in Fiscal Year (FY) 2009 to implement cyber security measures necessary to protect its information technology resources. These systems and data are designed to support the Department's mission and business lines of energy security, nuclear security, scientific discovery and innovation, and environmental responsibility. The Federal Information Security Management Act of 2002 (FISMA) provides direction to agencies on the management and oversight of information security risks, including design and implementation of controls to protect Federal information and systems. As required by FISMA, the Office of Inspector General conducts an annual independent evaluation to determine whether the Department's unclassified cyber security program adequately protects its information systems and data. This memorandum and the attached report present the results of our evaluation for FY 2009. The Department continued to make incremental improvements in its unclassified cyber security program. Our evaluation disclosed that most sites had taken action to address weaknesses previously identified in our FY 2008 evaluation report. They improved certification and accreditation of systems; strengthened configuration management of networks and systems; performed independent assessments; and, developed and/or refined certain policies and procedures. In addition, the Department instituted a centralized incident response organization designed to eliminate duplicative efforts throughout the Department. As we have noted in previous reports, the Department continued to maintain strong network perimeter defenses against malicious intruders and other externals threats. These are positive accomplishments. However, in our judgment, additional action is required to further enhance the Department's unclassified cyber security program and help reduce risks to its systems and data. For example, our current review identified opportunities for improvements in areas such as security planning and testing, systems inventory, access controls, and configuration management. In particular, we issued a number of findings at sites managed by the National Nuclear Security Administration (NNSA). We also identified weaknesses across various Department program elements. Issues that warrant further attention include: (1) Weaknesses such as outdated security plans and not completing annual security control self-assessments were identified at several sites; (2) The Department had not yet resolved systems inventory issues and had yet to deploy a complex-wide automated asset management tool to help track information technology resources and identify interfaces between systems or networks; (3) Although certain improvements had been made to enhance access controls, we noted deficiencies such as a lack of periodic account reviews and inadequate password management at a number of sites; and (4) Previously identified weaknesses in configuration management had been corrected, however, we found problems related to weak administrator account settings and failure to install software patches, as well as incomplete implementation of the Federal Desktop Core Configuration. These internal control weaknesses existed, at least in part, because certain cyber security roles and responsibilities were not clearly delineated. Program officials also had not effectively performed monitoring and review activities essential for evaluating the adequacy of cyber security performance. In some cases, officials had not ensured that weaknesses discovered during audits and other evaluations were recorded and tracked to resolution in the organizations' Plans of Action and Milestones. Our testing disclosed that about 39 p

None

2009-10-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

J. [2004], Low-latency cryptographic protection for SCADAlatency high-integrity security retrofit for lecacy SCADA

Amin, Saurabh

2011-01-01T23:59:59.000Z

102

Ideal Based Cyber Security Technical Metrics for Control Systems  

SciTech Connect (OSTI)

Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

W. F. Boyer; M. A. McQueen

2007-10-01T23:59:59.000Z

103

The Role of Signal Processing in meeting Cyber-Security and Privacy Challenges  

E-Print Network [OSTI]

1 The Role of Signal Processing in meeting Cyber-Security and Privacy Challenges Lalitha Sankar Spaces Image Classification/ Location Privacy Modify Control Messages Security Privacy Fig. 1. Illustration of several classes of cyber-security and privacy threats in networks and distributed data systems

Paris-Sud XI, Université de

104

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

105

Cyber Assessment Methods For SCADA Security  

SciTech Connect (OSTI)

The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national infrastructure, such as electric power, oil, and gas production and distribution. Since their incapacitation or destruction would have a debilitating impact on the defense or economic security of the United States, one of the main objectives of this program is to identify vulnerabilities and encourage the public and private sectors to work together to design secure control systems that resolve these weaknesses. This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure.

May Robin Permann; Kenneth Rohde

2005-06-01T23:59:59.000Z

106

Cyber Assessment Methods for SCADA Security  

SciTech Connect (OSTI)

The terrorist attacks of September 11, 2001 brought to light threats and vulnerabilities that face the United States. In response, the U.S. Government is directing the effort to secure the nation's critical infrastructure by creating programs to implement the National Strategy to Secure Cyberspace (1). One part of this effort involves assessing Supervisory Control and Data Acquisition (SCADA) systems. These systems are essential to the control of critical elements of our national infrastructure, such as electric power, oil, and gas production and distribution. Since their incapacitation or destruction would have a debilitating impact on the defense or economic security of the United States, one of the main objectives of this program is to identify vulnerabilities and encourage the public and private sectors to work together to design secure control systems that resolve these weaknesses. This paper describes vulnerability assessment methodologies used in ongoing research and assessment activities designed to identify and resolve vulnerabilities so as to improve the security of the nation's critical infrastructure.

Not Available

2005-06-01T23:59:59.000Z

107

The Impact of Secure OSs on Internet Security: What Cyber-Insurers Need to Know  

E-Print Network [OSTI]

In recent years, researchers have proposed \\emph{cyber-insurance} as a suitable risk-management technique for enhancing security in Internet-like distributed systems. However, amongst other factors, information asymmetry between the insurer and the insured, and the inter-dependent and correlated nature of cyber risks have contributed in a big way to the failure of cyber-insurance markets. Security experts have argued in favor of operating system (OS) platform switching (ex., from Windows to Unix-based OSs) or secure OS adoption as being one of the techniques that can potentially mitigate the problems posing a challenge to successful cyber-insurance markets. In this regard we model OS platform switching dynamics using a \\emph{social gossip} mechanism and study three important questions related to the nature of the dynamics, for Internet-like distributed systems: (i) which type of networks should cyber-insurers target for insuring?, (ii) what are the bounds on the asymptotic performance level of a network, wher...

Pal, Ranjan

2012-01-01T23:59:59.000Z

108

Comparison of two methods to quantify cyber and physical security effectiveness.  

SciTech Connect (OSTI)

With the increasing reliance on cyber technology to operate and control physical security system components, there is a need for methods to assess and model the interactions between the cyber system and the physical security system to understand the effects of cyber technology on overall security system effectiveness. This paper evaluates two methodologies for their applicability to the combined cyber and physical security problem. The comparison metrics include probabilities of detection (P{sub D}), interruption (P{sub I}), and neutralization (P{sub N}), which contribute to calculating the probability of system effectiveness (P{sub E}), the probability that the system can thwart an adversary attack. P{sub E} is well understood in practical applications of physical security but when the cyber security component is added, system behavior becomes more complex and difficult to model. This paper examines two approaches (Bounding Analysis Approach (BAA) and Expected Value Approach (EVA)) to determine their applicability to the combined physical and cyber security issue. These methods were assessed for a variety of security system characteristics to determine whether reasonable security decisions could be made based on their results. The assessments provided insight on an adversary's behavior depending on what part of the physical security system is cyber-controlled. Analysis showed that the BAA is more suited to facility analyses than the EVA because it has the ability to identify and model an adversary's most desirable attack path.

Wyss, Gregory Dane; Gordon, Kristl A.

2005-11-01T23:59:59.000Z

109

A quantitative man-machine model for cyber security efficiency analysis  

E-Print Network [OSTI]

The analysis of security defense processes is of utmost importance in the management of various cyber-security attacks, which are increasing in scope and rapidity. Organizations need to optimize their resources based on a sound understanding...

Jung, Sung-Oh

2007-04-25T23:59:59.000Z

110

Probabilistic Characterization of Adversary Behavior in Cyber Security  

SciTech Connect (OSTI)

The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

Meyers, C A; Powers, S S; Faissol, D M

2009-10-08T23:59:59.000Z

111

Security and Cyber Guidance | Department of Energy  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-Up from the Gridwise Global1WasteRecoveryAwards SECTION BNew EmployeeSecurity

112

Secure control systems with application to cyber-physical systems  

SciTech Connect (OSTI)

Control systems are computer-based systems with networked units consisting of sensors, actuators, control processing units, and communication devices. The role of control system is to interact, monitor, and control physical processes. Reactive power control is a fundamental issue in ensuring the security of the power network. It is claimed that Synchronous Condensers (SC) have been used at both distribution and transmission voltage levels to improve stability and to maintain voltages within desired limits under changing load conditions and contingency situations. Performance of PI controller corresponding to various tripping faults are analyzed for SC systems. Most of the eort in protecting these systems has been in protection against random failures or reliability. However, besides failures these systems are subject to various signal attacks for which new analysis are discussed here. When a breach does occur, it is necessary to react in a time commensurate with the physical dynamics of the system as it responds to the attack. Failure to act swiftly enough may result in undesirable, and possibly irreversible, physical eects. Therefore, it is meaningful to evaluate the security of a cyber-physical system, especially to protect it from cyber-attack. Illustrative numerical examples are provided together with an application to the SC systems.

Dong, Jin [ORNL] [ORNL; Djouadi, Seddik M [ORNL] [ORNL; Nutaro, James J [ORNL] [ORNL; Kuruganti, Phani Teja [ORNL] [ORNL

2014-01-01T23:59:59.000Z

113

Cyber Friendly Fire: Research Challenges for Security Informatics  

SciTech Connect (OSTI)

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a system’s topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF— including both training concepts and suggestions for decision aids and visualization approaches—are discussed.

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

2013-06-06T23:59:59.000Z

114

Control Systems Cyber Security:Defense in Depth Strategies  

SciTech Connect (OSTI)

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

David Kuipers; Mark Fabro

2006-05-01T23:59:59.000Z

115

Control Systems Cyber Security: Defense-in-Depth Strategies  

SciTech Connect (OSTI)

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

Mark Fabro

2007-10-01T23:59:59.000Z

116

Cyber-Security Considerations for the Smart Grid  

SciTech Connect (OSTI)

The electrical power grid is evolving into the “smart grid”. The goal of the smart grid is to improve efficiency and availability of power by adding more monitoring and control capabilities. These new technologies and mechanisms are certain to introduce vulnerabilities into the power grid. In this paper we provide an overview of the cyber security state of the electrical power grid. We highlight some of the vulnerabilities that already exist in the power grid including limited capacity systems, implicit trust and the lack of authentication. We also address challenges of complexity, scale, added capabilities and the move to multipurpose hardware and software as the power grid is upgraded. These changes create vulnerabilities that did not exist before and bring increased risks. We conclude the paper by showing that there are a number mitigation strategies that can help keep the risk at an acceptable level.

Clements, Samuel L.; Kirkham, Harold

2010-07-26T23:59:59.000Z

117

Cyber Science and Security - An R&D Partnership at LLNL  

SciTech Connect (OSTI)

Lawrence Livermore National Laboratory has established a mechanism for partnership that integrates the high-performance computing capabilities of the National Labs, the network and cyber technology expertise of leading information technology companies, and the long-term research vision of leading academic cyber programs. The Cyber Science and Security Center is designed to be a working partnership among Laboratory, Industrial, and Academic institutions, and provides all three with a shared R&D environment, technical information sharing, sophisticated high-performance computing facilities, and data resources for the partner institutions and sponsors. The CSSC model is an institution where partner organizations can work singly or in groups on the most pressing problems of cyber security, where shared vision and mutual leveraging of expertise and facilities can produce results and tools at the cutting edge of cyber science.

Brase, J; Henson, V

2011-03-11T23:59:59.000Z

118

Strategic philanthropy for cyber security : an extended cost-benefit analysis framework to study cybersecurity  

E-Print Network [OSTI]

The international climate of cyber security is dramatically changing and thus unpredictable. As such, agile yet sustainable solutions are needed, along with an effective and a pragmatic evaluation framework to assess and ...

Cho, Yiseul

2012-01-01T23:59:59.000Z

119

Multiple Tenure/Tenure-Track Faculty Positions Software Engineering Focus: CyberSecurity and Big Data  

E-Print Network [OSTI]

Multiple Tenure/Tenure-Track Faculty Positions Software Engineering Focus: CyberSecurity and Big to cybersecurity and big data. Outstanding candidates from all areas of software engineering and computer science

Carver, Jeffrey C.

120

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY  

SciTech Connect (OSTI)

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues  

SciTech Connect (OSTI)

This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

Wayne F. Boyer; Scott A. McBride

2009-04-01T23:59:59.000Z

122

Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor  

SciTech Connect (OSTI)

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

2011-04-01T23:59:59.000Z

123

Good Things in Small Packages: Micro Worlds and Cyber Security  

SciTech Connect (OSTI)

Cyber events, as perpetrated by terrorists and nation states, have become commonplace as evidenced in national and international news media. Cyber attacks affect day-to-day activities of end users through exploitation of social networks, businesses such as banking and stock exchanges, and government entities including Departments of Defense. They are becoming more frequent and sophisticated. Currently, efforts are directed to understanding the methods employed by attackers and towards dissecting the planning and activities of the perpetrator, including review of psychosocial factors.

David I Gertman

2013-11-01T23:59:59.000Z

124

Cyber Security Indications and Warning System (SV): CRADA 1573.94 Project Accomplishments Summary  

SciTech Connect (OSTI)

As the national focus on cyber security increases, there is an evolving need for a capability to provide for high-speed sensing of events, correlation of events, and decision-making based on the adverse events seen across multiple independent large-scale network environments. The purpose of this Shared Vision project, Cyber Security Indications and Warning System, was to combine both Sandia's and LMC's expertise to discover new solutions to the challenge of protecting our nation's infrastructure assets. The objectives and scope of the proposal was limited to algorithm and High Performance Computing (HPC) model assessment in the unclassified environment within funding and schedule constraints. The interest is the identification, scalability assessment, and applicability of current utilized cyber security algorithms as applied in an HPC environment.

Hu, Tan Chang (PI, Sandia); Robinson, David G. (Technical PI)

2011-09-08T23:59:59.000Z

125

T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security  

SciTech Connect (OSTI)

Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

2009-07-20T23:59:59.000Z

126

Modeling and simulation for cyber-physical system security research, development and applications.  

SciTech Connect (OSTI)

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

2010-02-01T23:59:59.000Z

127

A Cooperative Cyber Defense for Securing Critical Infrastructures  

E-Print Network [OSTI]

networked relationships. At electrical substations, it is common to find equipment from several companies-state and terrorist cyber attacks further complicates the ad hoc arrangement until the complexity of the situation substations to reduce costs and improve cooperation. Regulatory agencies, equipment manufacturers

Fulp, Errin W.

128

Cyber-Security of Networked Control Systems Karl Henrik Johansson  

E-Print Network [OSTI]

to cyber-threats with many poten@al points of aRacks · How systems · ARack on power network state es@mator · Stealthy minimum-effort a) but no disclosure resources ·If the zero is unstable, then the plant state can be moved

Johansson, Karl Henrik

129

CYBER SECURITY THREATS TO SAFETY-CRITICAL, SPACE-BASED INFRASTRUCTURES  

E-Print Network [OSTI]

role in national critical infrastructures. The certification of Global Navigation Satellite SystemsCYBER SECURITY THREATS TO SAFETY-CRITICAL, SPACE-BASED INFRASTRUCTURES C.W. Johnson (1) , A-based systems play an important role within national critical infrastructures. They are being integrated

Johnson, Chris

130

ITL BULLETIN FOR OCTOBER 2010 CYBER SECURITY STRATEGIES FOR THE SMART GRID: PROTECTING THE  

E-Print Network [OSTI]

ITL BULLETIN FOR OCTOBER 2010 CYBER SECURITY STRATEGIES FOR THE SMART GRID: PROTECTING THE ADVANCED, reduce greenhouse gas emissions, and create new employment opportunities. Called the Smart Grid in the development process to assure a smooth transition to the Smart Grid. Under the Energy Independence

131

Cyber Security in the Smart Grid: Survey and Challenges$ Wenye Wanga,  

E-Print Network [OSTI]

Cyber Security in the Smart Grid: Survey and Challenges$ Wenye Wanga, , Zhuo Lua a The Smart Grid, generally referred to as the next-generation power system, is considered as a revolutionary and communication technologies, the Smart Grid is expected to greatly enhance efficiency and reliability of future

Wang, Wenye

132

Proceedings of Student-Faculty Research Day, CSIS, Pace University, May 3rd A Frame Problem Approach for Adaptive Cyber Security Design  

E-Print Network [OSTI]

Problem Approach for Adaptive Cyber Security Design R. Shaikh, T. Bryla, and S. Ahmed Pace University entails the motivation and efforts to integrate the Frame Problem approach to the distributed cyber in the context of network security counteraction against cyber-attacks. A simple simulator is designed

Tappert, Charles

133

Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge  

SciTech Connect (OSTI)

The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

Ondrej Linda; Todd Vollmer; Milos Manic

2012-08-01T23:59:59.000Z

134

A Secured Health Care Application Architecture for Cyber-Physical Systems  

E-Print Network [OSTI]

Cyber-physical systems (CPS) can be viewed as a new generation of systems with integrated control, communication and computational capabilities. Like the internet transformed how humans interact with one another, cyber-physical systems will transform how people interact with the physical world. Currently, the study of CPS is still in its infancy and there exist many research issues and challenges ranging from electricity power, health care, transportation and smart building etc. In this paper, an introduction of CPeSC3 (cyber physical enhanced secured wireless sensor networks (WSNs) integrated cloud computing for u-life care) architecture and its application to the health care monitoring and decision support systems is given. The proposed CPeSC3 architecture is composed of three main components, namely 1) communication core, 2) computation core, and 3) resource scheduling and management core. Detailed analysis and explanation are given for relevant models such as cloud computing, real time scheduling and secu...

Wang, Jin; Lee, Sungyoung; Shu, Lei; Xia, Feng

2012-01-01T23:59:59.000Z

135

INL Cyber Security Research (2008) | Department of Energy  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power.pdf11-161-LNG | Department ofHTS Cable ProjectsHistoryia/802871 IAINFOGRAPHIC:INL Cyber

136

Fact Sheet: Cyber Security Audit and Attack Detection Toolkit  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-UpHeat PumpRecord ofESPCofConstructionofFYOxideof Energy Clean Coal TechnologyCyber

137

Cyber - Security focus of conference ... | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth7-1D: Vegetation Proposed Newcatalyst phases onOrganization FY 2012 FYCustomer-Comments SignCyanideCYBER -

138

Cyber Security Expert Jim Mellander Retires from NERSC  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

to enhance cybersecurity at Berkeley Lab and NERSC. He's also written several notable security software programs, including Update, a UNIX-based sniffer detector; Kazaa...

139

Evaluation Report on The Department's Unclassified Cyber Security...  

Office of Environmental Management (EM)

users continues to increase. In response to increasing threats to the Government's computer networks and systems, Congress enacted the Government hformation Security Reform Act...

140

Applications for cyber security - System and application monitoring  

SciTech Connect (OSTI)

Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

Marron, J. E. [Invensys Process Systems, 33 Commercial Street, Foxboro, MA 02035 (United States)

2006-07-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS  

SciTech Connect (OSTI)

The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

Ray Fink

2006-10-01T23:59:59.000Z

142

IEC 61850 and IEC 62351 Cyber Security Acceleration Workshop  

SciTech Connect (OSTI)

The purpose of this workshop was to identify and discuss concerns with the use and adoption of IEC 62351 security standard for IEC 61850 compliant control system products. The industry participants discussed performance, interoperability, adoption, challenges, business cases, and future issues.

Clements, Samuel L.; Edgar, Thomas W.; Manz, David O.

2012-04-01T23:59:59.000Z

143

NERSC Cyber Security Challenges That Require DOE Development and Support  

E-Print Network [OSTI]

) is to accelerate the pace of scientific discovery by providing high performance computing, information, data, and impacts the productivity of the DOE Science community. In particular, NERSC and other high performance computing (HPC) centers have special security challenges that are unlikely to be met unless DOE funds

Geddes, Cameron Guy Robinson

144

OIA: Office of Contract Assurance: Assurance Systems: Cyber Security...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

(QA) It is the policy of the Ernest Orlando Lawrence Berkeley National Laboratory (LBNL) to carry out all activities in a reliable, safe and quality manner. To help fulfill...

145

Shopping For Danger: E-commerce techniques applied to collaboration in cyber security  

SciTech Connect (OSTI)

Collaboration among cyber security analysts is essential to a successful protection strategy on the Internet today, but it is uncommonly practiced or encouraged in operating environments. Barriers to productive collaboration often include data sensitivity, time and effort to communicate, institutional policy, and protection of domain knowledge. We propose an ambient collaboration framework, Vulcan, designed to remove the barriers of time and effort and mitigate the others. Vulcan automated data collection, collaborative filtering, and asynchronous dissemination, eliminating the effort implied by explicit collaboration among peers. We instrumented two analytic applications and performed a mock analysis session to build a dataset and test the output of the system.

Bruce, Joseph R.; Fink, Glenn A.

2012-05-24T23:59:59.000Z

146

Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements  

SciTech Connect (OSTI)

Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

Ondrej Linda; Milos Manic; Miles McQueen

2012-09-01T23:59:59.000Z

147

Office of Cyber and Security Assessments | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomen OwnedofDepartment ofJaredOakscience-based,OHAGas and OilDepartmentand Security

148

2014 Headquarters Facilities Master Security Plan - Chapter 14...  

Office of Environmental Management (EM)

4, Cyber Security 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security June 2014 2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber...

149

Cyber Security  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Strategic Programs Division IM-52 George Dudley Director Associate CIO for IT Policy & Governance (IM-20) LeAnn Oliver Porfolio & Analysis Division (IM-21) Robin Crisp Director...

150

Cyber Security  

Energy Savers [EERE]

Programs Division IM-52 Al Gallo (Acting) Director Associate CIO for IT Policy & Governance (IM-20) LeAnn Oliver Porfolio & Analysis Division (IM-21) Robin Crisp Director...

151

Cyber Security  

Office of Environmental Management (EM)

Policy & Performance Management Division (IM-22) Russell Pereira Director, Acting Records & Privacy Management Division (IM-23) Troy Manigault Director Associate CIO for IT...

152

Cyber Security  

Broader source: Energy.gov (indexed) [DOE]

(IM-21) Robin Crisp Director Policy & Performance Management Division (IM-22) Russell Pereira Director Records & Privacy Management Division (IM-23) Troy Manigault Director...

153

Cyber Security  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart GridThird QuarterintoCurrent Test

154

Cyber Security  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energyon ArmedWaste andAccessCO2AdministrativeCriticality SafetyCurrentAssociate CIO for

155

Cyber Security  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:Year in Review: Top FiveDepartmentfor

156

Cyber Security  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:Year in Review: Top FiveDepartmentfor06/2015) CIO, DCIO, COO, CTO, CA, ACIO, DACIO Director

157

NERSC Cyber Security Challenges That Require DOE Development andSupport  

SciTech Connect (OSTI)

Traditional security approaches do not adequately addressall the requirements of open, scientific computing facilities. Many ofthe methods used for more restricted environments, including almost allcorporate/commercial systems, do not meet the needs of today's science.Use of only the available "state of the practice" commercial methods willhave adverse impact on the ability of DOE to accomplish its sciencegoals, and impacts the productivity of the DOE Science community. Inparticular, NERSC and other high performance computing (HPC) centers havespecial security challenges that are unlikely to be met unless DOE fundsdevelopment and support of reliable and effective tools designed to meetthe cyber security needs of High Performance Science. The securitychallenges facing NERSC can be collected into three basic problem sets:network performance and dynamics, application complexity and diversity,and a complex user community that can have transient affiliations withactual institutions. To address these problems, NERSC proposes thefollowing four general solutions: auditing user and system activityacross sites; firewall port configuration in real time;cross-site/virtual organization identity management and access control;and detecting security issues in application middleware. Solutions arealsoproposed for three general long term issues: data volume,application complexity, and information integration.

Draney, Brent; Campbell, Scott; Walter, Howard

2007-01-16T23:59:59.000Z

158

Experiences and Challenges with Using Cert Data to Analyze International Cyber Security  

E-Print Network [OSTI]

With the increasing interconnection of computer networks and sophistication of cyber attacks, it is important to understand the dynamics of such situations, especially in regards to cyber international relations. The ...

Madnick, Stuart

159

Quantifying Availability in SCADA Environments Using the Cyber Security Metric MFC  

SciTech Connect (OSTI)

Supervisory Control and Data Acquisition (SCADA) systems are distributed networks dispersed over large geographic areas that aim to monitor and control industrial processes from remote areas and/or a centralized location. They are used in the management of critical infrastructures such as electric power generation, transmission and distribution, water and sewage, manufacturing/industrial manufacturing as well as oil and gas production. The availability of SCADA systems is tantamount to assuring safety, security and profitability. SCADA systems are the backbone of the national cyber-physical critical infrastructure. Herein, we explore the definition and quantification of an econometric measure of availability, as it applies to SCADA systems; our metric is a specialization of the generic measure of mean failure cost.

Aissa, Anis Ben [Université de Tunis El Manar, Tunisia] [Université de Tunis El Manar, Tunisia; Rabai, Latifa Ben Arfa [Université de Tunis, Tunisia] [Université de Tunis, Tunisia; Abercrombie, Robert K [ORNL] [ORNL; Sheldon, Frederick T [ORNL] [ORNL; Mili, Ali [New Jersey Insitute of Technology] [New Jersey Insitute of Technology

2014-01-01T23:59:59.000Z

160

Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements  

SciTech Connect (OSTI)

Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was selected from the list of standards identified in the identification effort. The requirements in these seven standards were then compared against the requirements given in the Framework. This comparison identified gaps (requirements not covered) in both the individual industry standards and in the Framework. In addition to the sector-specific standards reviewed, the team compared the requirements in the cross-sector Instrumentation, Systems, and Automation Society (ISA) Technical Reports (TR) 99 -1 and -2 to the Framework requirements. The Framework defines a set of security classes separated into families as functional requirements for control system security. Each standard reviewed was compared to this template of requirements to determine if the standard requirements closely or partially matched these Framework requirements. An analysis of each class of requirements pertaining to each standard reviewed can be found in the comparison results section of this report. Refer to Appendix A, ''Synopsis of Comparison Results'', for a complete graphical representation of the study's findings at a glance. Some of the requirements listed in the Framework are covered by many of the standards, while other requirements are addressed by only a few of the standards. In some cases, the scope of the requirements listed in the standard for a particular industry greatly exceeds the requirements given in the Framework. These additional families of requirements, identified by the various standards bodies, could potentially be added to the Framework. These findings are, in part, due to the maturity both of the security standards themselves and of the different industries current focus on security. In addition, there are differences in how communication and control is used in different industries and the consequences of disruptions via security breaches to each particular industry that could affect how security requirements are prioritized. The differences in the requirements listed in the Framework and in the various industry standards are due, in part, to differences in the level and purpose of the standards. While the requir

Robert P. Evans

2005-09-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

arvutimnguritus world cyber: Topics by E-print Network  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

cyber-insurer, thereby making 74 SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems Fission and Nuclear Technologies Websites...

162

alleged russian cyber: Topics by E-print Network  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

cyber-insurer, thereby making 69 SESSION: CYBER-PHYSICAL SYSTEM SECURITY IN A SMART GRID ENVIROMENT 1 Cyber-Security of SCADA Systems Fission and Nuclear Technologies Websites...

163

Challenges for Cyber-Physical Systems: Security, Timing Analysis and Soft Error Protection  

E-Print Network [OSTI]

from cyber attacks. While this assumption may not be sound, substations themselves are a more likely link at a substation) could allow attackers to affect power devices. Some protection could be provided to invest in research on the protection of the power grid, both from the perspective of cyber attacks

Mueller, Frank

164

Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks  

SciTech Connect (OSTI)

A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.

T. Vollmer; M. Manic

2014-05-01T23:59:59.000Z

165

R&K Cyber Solutions licenses ORNL malware detection technology...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

R&K Cyber Solutions licenses ORNL malware detection technology R&K Cyber Solutions LLC has licensed Hyperion, a cyber security technology from the Department of Energy's Oak Ridge...

166

Status Report on Protected Domains for Cyber Infrastructure Management  

E-Print Network [OSTI]

through the use of distributed, highly secure, protected domains. Instead of creating a costly physically, Network Security, Information Assurance 1 Introduction Currently, our national cyber infrastructure to the President for Cyber Space Security and Chairman, President's Critical Infrastructure Protection Board

Irvine, Cynthia E.

167

Cyber-Physical Security via Geometric Control: Distributed Monitoring and Malicious Attacks  

E-Print Network [OSTI]

Pasqualetti, Florian D¨orfler, and Francesco Bullo Abstract-- Cyber-physical systems are ubiquitous in power. Fabio Pasqualetti, Florian D¨orfler, and Francesco Bullo are with the Center for Control, Dynamical Systems and Computation, University of California at Santa Barbara, {fabiopas,dorfler

Bullo, Francesco

168

Pacific Basin Nuclear Conference (PBNC 2012), BEXCO, Busan, Korea, March 18 ~ 23, 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS  

E-Print Network [OSTI]

PBNC 2012 CHALLENGES OF CYBER SECURITY FOR NUCLEAR POWER PLANTS Kwangjo Kim KAIST, Daejeon, Korea.kim@kustar.ac.ae Abstract Nuclear Power Plants (NPPs) become one of the most important infrastructures in providing improvement. 1. Introduction Nuclear Power Plants (NPPs) become one of the most important infrastructures

Kim, Kwangjo

169

Energy Cyber Other Degree Program  

E-Print Network [OSTI]

Rev. Energy Cyber Other Yes No Degree Program States National Security Implications of Energy & Environmental Stress New Theories of Cross-Advisor: Graduation Date: Curric Num: Power and Energy New Approaches to Understanding Dimensions of National Security

170

Ninth Annual Cyber and Information Security Research Conference | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn CyberNeutronsNewNewsNick BuraglioNikolayNinth

171

Elisa Bertino Cyber Center  

E-Print Network [OSTI]

on Information and System Security, ACM Transactions on Web, Acta Informatica, the Parallel and Distributed Society Tsutomu Kanai Award "For pioneering and innovative research contributions to secure distributed Elisa Bertino Director, Cyber Center bertino@purdue.edu 765-496-2399 Elisa Bertino is professor

Ginzel, Matthew

172

An inter-realm, cyber-security infrastructure for virtual supercomputing  

SciTech Connect (OSTI)

Virtual supercomputing, (ise ., high-performance grid computing), is poised to revolutionize the way we think about and use computing. However, the security of the links interconnecting the nodes within such an environment will be its Achilles heel, particularly when secure communication is required to tunnel through heterogeneous domains. In this paper we examine existing security mechanisms, show their inadequacy, and design a comprehensive cybersecurity infrastructure that meets the security requirements of virtual supercomputing. Keywords Security, virtual supercomputing, grid computing, high-performance computing, GSS-API, SSL, IPsec, component-based software, dynamic reconfiguration.

Al-Muhtadi, J. (Jalal); Feng, W. C. (Wu-Chun); Fisk, M. E. (Mike E. )

2001-01-01T23:59:59.000Z

173

ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber...  

Broader source: Energy.gov (indexed) [DOE]

and Energy Utilities Form Consortium to Fund SCADAEMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADAEMS Cyber...

174

DOE Issues Energy Sector Cyber Organization NOI  

Broader source: Energy.gov (indexed) [DOE]

sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security of the grid. The cyber organization is...

175

Guide to Critical Infrastructure Protection Cyber Vulnerability...  

Broader source: Energy.gov (indexed) [DOE]

Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for...

176

Impact Analysis of Transient Stability Due to Cyber Attack on FACTS Devices  

E-Print Network [OSTI]

and distribution systems [2]. There- fore, cyber security is becoming an important R&D concern for smart grid. Many attack, cyber security, smart grids, SVC, STATCOM, FACTS, transient stability, voltage support device I are not designed to be adequately protected from cyber attack, these applications introduce numerous cyber security

Kundur, Deepa

177

The Technology of Cyber Operations Symposium on Cyber Operations and National  

E-Print Network [OSTI]

operations can be conducted with plausible deniability But adversaries make mistakes too, and allThe Technology of Cyber Operations Herb Lin Symposium on Cyber Operations and National Security not acknowledge role of offensive operations. · Offensive cyber operations can also have non-defensive purposes

178

SciTech Connect: Continuous Monitoring And Cyber Security For High  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administrationcontroller systems controllerAdditiveBetatron Radiation fromTopPerformance

179

Summary of The 3rd Control System Cyber-Security (CS)2/HEP Workshop  

E-Print Network [OSTI]

Over the last decade modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, programmable logic controllers (PLCs), supervisory control and data acquisition (SCADA) systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this (r)evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. The Stuxnet worm of 2010 against a particular Siemens PLC is a unique example for a sophisticated attack against control systems [1]. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data being ...

Lüders, S

2011-01-01T23:59:59.000Z

180

Developing a Power Measurement Framework for Cyber Defense  

E-Print Network [OSTI]

substations and hydroelectric facilities is a normal part of guerilla warfare [3]. Cyber attack of EDS systems, they have become more vulnerable to cyber-attacks as well. As part of a systems health monitoring approach, Experimentation, Security. Keywords Energy Delivery Systems, malware, rootkits, cyber-attacks, Power Distribution

Pouchard, Line

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

Simulation of PKI-Enabled Communication for Identity Management Using CyberCIEGE  

E-Print Network [OSTI]

, authentication, provenance, and access control. Keywords-network cyber security; identity management; information environment, players1 are guided through a series of scenarios that highlight various cyber security education colleges. CyberCIEGE was created by the Center for Information Systems Security Studies and Research (CISR

182

Cyber Friendly Fire  

SciTech Connect (OSTI)

Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public. The network is essentially divided into a production component that hosts the web and network services, and a user component that hosts thirty employee workstations and other end devices. The organization's network is separated from the Internet by a Cisco ASA network security device that both firewalls and detects intrusions. Business sensitive information is stored in various servers. This includes data comprising thousands of internal documents, such as finance and technical designs, email messages for the organization's employees including the CEO, CFO, and CIO, the organization's source code, and Personally Identifiable client data. Release of any of this information to unauthorized parties would have a significant, detrimental impact on the organization's reputation, which would harm earnings. The valuable information stored in these servers pose obvious points of interest for an adversary. We constructed several scenarios around this environment to support studies in cyber SA and cyber FF that may be run in the test range. We describe mitigation strategies to combat cyber FF including both training concepts and suggestions for decision aids and visualization approaches. Finally, we discuss possible future research directions.

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

2011-09-01T23:59:59.000Z

183

Strengthening Cyber Security  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of Energy Strain Rate Characterization ofDepartment ofTechnologiesE n E

184

Deception used for Cyber Defense of Control Systems  

SciTech Connect (OSTI)

Control system cyber security defense mechanisms may employ deception to make it more difficult for attackers to plan and execute successful attacks. These deceptive defense mechanisms are organized and initially explored according to a specific deception taxonomy and the seven abstract dimensions of security previously proposed as a framework for the cyber security of control systems.

Wayne F. Boyer; Miles A. McQueen

2009-05-01T23:59:59.000Z

185

Cyber Fit Pyramid for the home user. | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Publications Microsoft Word - Resource MaterialsOct09.doc INL Cyber Security Research (2008) "Supervisory Control and Data Acquisition (SCADA) Systems." The CIP Report. Vol 7 No 8...

186

Cyber Security | National Security | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth7-1D: Vegetation Proposed Newcatalyst phases onOrganization FY 2012 FYCustomer-Comments SignCyanideCYBERCyber

187

Security and Trust Convergence: Attributes, Relations and Provenance  

E-Print Network [OSTI]

-World Impact! State of Cyber Security Cyber should be "controllable" Nuclear, chemical, biological have beenSecurity and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas

Sandhu, Ravi

188

Security and Trust Convergence: Attributes, Relations and Provenance  

E-Print Network [OSTI]

-World Impact! State of Cyber Security Cyber should be "controllable" Nuclear, chemical, biological have been1 Security and Trust Convergence: Attributes, Relations and Provenance Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber Security University of Texas

Sandhu, Ravi

189

Cyber Incidents Involving Control Systems  

SciTech Connect (OSTI)

The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).

Robert J. Turk

2005-10-01T23:59:59.000Z

190

Naval Postgraduate School Cyber Academic Group Graduation Checklist for MS Cyber Systems and Operations (CSO) Degree  

E-Print Network [OSTI]

Environment (3-2) ________ ___CY4700 Cyber Wargame: Blue Force Operations (2-5) ________ ___CY4710 Cyber Planned Qtr ___NW3230 Strategy & Policy (4-2) ________ ___NW3275 Joint Maritime Operations Part 1 (4-0) ________ ___NW3276 Joint Maritime Operations Part 2 (2-2) ________ ___NW3285 National Security Decision Making (4

191

rtino is prof of Cyber Ce  

E-Print Network [OSTI]

Program Technolo Worksho Bertino is Compute systems Compute to secure rtino is prof of Cyber Ce internatio Database Indexing Intelligen Services the Very on the e Security& on Web, Program VLDB, A Data Eng distributed fessor of Co enter and R nce and Se mputer Scien EC laborator maden) in S ers Universi arch

Holland, Jeffrey

192

IEEE Communications Magazine August 2012 530163-6804/12/$25.00 2012 IEEE CYBER SECURITY FOR SMART GRID COMMUNICATIONS  

E-Print Network [OSTI]

FOR SMART GRID COMMUNICATIONS Daojing He, Chun Chen, and Jiajun Bu, Zhejiang University Sammy Chan, City University Secure Service Provision in Smart Grid Communications INTRODUCTION An increasing demand grids. As the world's largest engineered system, the smart grid will expand the current capabilities

Zhang, Yan

193

Impact of Cyber Attacks on Transient Stability of Smart Grids with Voltage Support Devices  

E-Print Network [OSTI]

Impact of Cyber Attacks on Transient Stability of Smart Grids with Voltage Support Devices Bo Chen--Cyber security is becoming a major concern of smart grids, as the functionality of a smart grid is highly on smart grids. This paper discusses several types of cyber attacks. Then, it presents results of studies

Kundur, Deepa

194

National Security Initiatives | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Our Primary Thrusts A science-based approach to cyber security Develop breakthrough nuclear forensic science Expand bioinformatics program to address critical biosurveillance gaps...

195

A Game Theoretic Approach to Cyber Attack Prediction  

SciTech Connect (OSTI)

The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

Peng Liu

2005-11-28T23:59:59.000Z

196

Analysis of operations and cyber security policies for a system of cooperating Flexible Alternating Current Transmission System (FACTS) devices.  

SciTech Connect (OSTI)

Flexible Alternating Current Transmission Systems (FACTS) devices are installed on electric power transmission lines to stabilize and regulate power flow. Power lines protected by FACTS devices can increase power flow and better respond to contingencies. The University of Missouri Rolla (UMR) is currently working on a multi-year project to examine the potential use of multiple FACTS devices distributed over a large power system region in a cooperative arrangement in which the FACTS devices work together to optimize and stabilize the regional power system. The report describes operational and security challenges that need to be addressed to employ FACTS devices in this way and recommends references, processes, technologies, and policies to address these challenges.

Phillips, Laurence R.; Tejani, Bankim; Margulies, Jonathan; Hills, Jason L.; Richardson, Bryan T.; Baca, Micheal J.; Weiland, Laura

2005-12-01T23:59:59.000Z

197

Cyber-Physical Systems under Attack Models, Fundamental limitations, and Monitor Design  

E-Print Network [OSTI]

Pasqualetti Florian D¨orfler Francesco Bullo Center for Control, Dynamical systems and Computation University, FL, Dec 11, 2011 F. Pasqualetti, F. D¨orfler, F. Bullo Cyber-Physical Systems Under Attack Security-efficient buildings (heat transfer) F. Pasqualetti, F. D¨orfler, F. Bullo Cyber-Physical Systems Under Attack Security

Hu, Fei

198

Mission Assurance and Cyber Security  

E-Print Network [OSTI]

, IPSes, TLS ZigBee X10 Wifi Smart Meter SubstationDistribution FAN/AMI Field Area Network SAN Substation assets Take action by remapping our business processes What is your attack surface look like? What threats ride on the ubiquitous attack surfaces of our infrastructure) #12;mccuskero@sonalysts.com 16 What

Memphis, University of

199

Cyber Security Standards.PDF  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana. DOCUMENTS AVAILABLEReport 2009Site | DepartmentOffice

200

cyber | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartmentNational NuclearhasAdministration goSecuritycdns | Nationalcontractingcyber |

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

The Quality of Management and of the Science and Engineering at the NNSA National Security Laboratories  

Broader source: Energy.gov [DOE]

The Quality of Management and of the Science and Engineering at the NNSA National Security Laboratories was presented to CRENEL 9/15/2014.

202

A cognitive and economic decision theory for examining cyber defense strategies.  

SciTech Connect (OSTI)

Cyber attacks pose a major threat to modern organizations. Little is known about the social aspects of decision making among organizations that face cyber threats, nor do we have empirically-grounded models of the dynamics of cooperative behavior among vulnerable organizations. The effectiveness of cyber defense can likely be enhanced if information and resources are shared among organizations that face similar threats. Three models were created to begin to understand the cognitive and social aspects of cyber cooperation. The first simulated a cooperative cyber security program between two organizations. The second focused on a cyber security training program in which participants interact (and potentially cooperate) to solve problems. The third built upon the first two models and simulates cooperation between organizations in an information-sharing program.

Bier, Asmeret Brooke

2014-01-01T23:59:59.000Z

203

Safeguards and Security and Cyber Security RM  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power.pdf11-161-LNG |September2-SCORECARD-01-24-13 Page 1 of 1  470.4-7 | Department

204

Cyber in the Cloud -- Lessons Learned from INL's Cloud E-Mail Acquisition  

SciTech Connect (OSTI)

As we look at the cyber security ecosystem, are we planning to fight the battle as we did yesterday, with firewalls and intrusion detection systems (IDS), or are we sensing a change in how security is evolving and planning accordingly? With the technology enablement and possible financial benefits of cloud computing, the traditional tools for establishing and maintaining our cyber security ecosystems are being dramatically altered.

Troy Hiltbrand; Daniel Jones

2012-12-01T23:59:59.000Z

205

Taxonomies of Cyber Adversaries and Attacks: A Survey of Incidents and Approaches  

SciTech Connect (OSTI)

In this paper we construct taxonomies of cyber adversaries and methods of attack, drawing from a survey of the literature in the area of cyber crime. We begin by addressing the scope of cyber crime, noting its prevalence and effects on the US economy. We then survey the literature on cyber adversaries, presenting a taxonomy of the different types of adversaries and their corresponding methods, motivations, maliciousness, and skill levels. Subsequently we survey the literature on cyber attacks, giving a taxonomy of the different classes of attacks, subtypes, and threat descriptions. The goal of this paper is to inform future studies of cyber security on the shape and characteristics of the risk space and its associated adversaries.

Meyers, C A; Powers, S S; Faissol, D M

2009-10-08T23:59:59.000Z

206

Quality of Service (QoS) security in mobile ad hoc networks  

E-Print Network [OSTI]

With the rapid proliferation of wireless networks and mobile computing applications, Quality of Service (QoS) for mobile ad hoc networks (MANETs) has received increased attention. Security is a critical aspect of QoS provisioning in the MANET...

Lu, Bin

2006-10-30T23:59:59.000Z

207

Cyber threat metrics.  

SciTech Connect (OSTI)

Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.

Frye, Jason Neal; Veitch, Cynthia K.; Mateski, Mark Elliot; Michalski, John T.; Harris, James Mark; Trevino, Cassandra M.; Maruoka, Scott

2012-03-01T23:59:59.000Z

208

Security  

Broader source: Energy.gov [DOE]

Security refers to the security of the stream of principal and interest repayments and what happens in the event that a secured loan defaults.

209

IEEE TRANSACTIONS ON POWER SYSTEMS, VOL. 29, NO. 2, MARCH 2014 627 Impact of Data Quality on Real-Time  

E-Print Network [OSTI]

-Time Locational Marginal Price Liyan Jia, Jinsub Kim, Robert J. Thomas, Life Fellow, IEEE, and Lang Tong, Fellow--Bad data detection, cyber security of smart grid, locational marginal price (LMP), power system state, IEEE Abstract--The problem of characterizing impacts of data quality on real-time locational marginal

Tong, Lang

210

PACIFIC NORTHWEST CYBER SUMMIT  

SciTech Connect (OSTI)

On March 26, 2013, the Snohomish County Public Utility District (PUD) and the U.S. Department of Energy’s (DOE’s) Pacific Northwest National Laboratory (PNNL) jointly hosted the Pacific Northwest Cyber Summit with the DOE’s Office of Electricity Delivery and Energy Reliability, the White House, Washington State congressional delegation, Washington State National Guard, and regional energy companies.

Lesperance, Ann M.; Matlock, Gordon W.; Becker-Dippmann, Angela S.; Smith, Karen S.

2013-08-07T23:59:59.000Z

211

Cyber Physical Systems: Design Challenges Edward A. Lee  

E-Print Network [OSTI]

, such as distributed micro power generation coupled into the power grid, where tim- ing precision and security issuesCyber Physical Systems: Design Challenges Edward A. Lee Electrical Engineering and Computer is granted without fee provided that copies are not made or distributed for profit or commercial advantage

212

September 27 29, 2010, Baltimore Convention Center Focusing on Emerging Automation Specifications and Use Cases, Software Assurance, Healthcare IT, Cyber Security, and Regulatory Compliance  

E-Print Network [OSTI]

September 27 ­ 29, 2010, Baltimore Convention Center Focusing on Emerging Automation Specifications Annual IT Security Automation Conference, hosted by the National Institute of Standards and Technology Systems Agency, will focus on the breadth and depth of automation principles and technologies designed

213

IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011 835 Cyber Attack Exposure Evaluation Framework for  

E-Print Network [OSTI]

IEEE TRANSACTIONS ON SMART GRID, VOL. 2, NO. 4, DECEMBER 2011 835 Cyber Attack Exposure Evaluation Framework for the Smart Grid Adam Hahn, Student Member, IEEE, and Manimaran Govindarasu, Senior Member, IEEE Abstract--The smart grid's heavy reliance on cyber resources introduces numerous security concerns

Manimaran, Govindarasu

214

PARS II New Contractor Information for Interconnection Security...  

Office of Environmental Management (EM)

V1.0 (November 18, 2010) The Department of Energy (DOE) Headquarters Program Cyber Security Plan (PCSP), dated February 2008, requires the Project Assessment and Reporting System...

215

Microgrids and Heterogeneous Security, Quality, Reliability, andAvailability  

SciTech Connect (OSTI)

This paper describes two stylized alternative visions inpopular currencyof how the power system might evolve to meet futurerequirements for the high quality electricity service that modern digitaleconomies demand, a supergrids paradigm and a dispersed paradigm. Some ofthe economics of the dispersed vision are explored. Economic perspectivesare presented on both the choice of homogeneous universal power qualityupstream in the electricity supply, and also on the extremelyheterogeneous require-ments of end-use loads. Finally, the potential roleof microgrids in delivering heterogeneous power quality is demonstratedby reference to two ongoing microgrid tests in the U.S. andJapan.

Marnay, Chris

2007-01-31T23:59:59.000Z

216

North American Electricity Infrastructure: System Security, Quality, Reliability, Availability, and Efficiency  

E-Print Network [OSTI]

1 North American Electricity Infrastructure: System Security, Quality, Reliability, Availability for reliable and disturbance-free electricity. The massive power outages in the United States, Canada, UK and Italy in 2003 underscored electricity infrastructure's vulnerabilities [1-11]. This vital yet complex

Amin, S. Massoud

217

An environmental sensor network to determine drinking water quality and security  

E-Print Network [OSTI]

An environmental sensor network to determine drinking water quality and security Anastassia. Small Civil & Environmental Engineering and Engineering & Public Policy Carnegie Mellon University ms35@andrew.cmu.edu Jeanne VanBriesen Civil and Environmental Engineering and Biomedical Engineering Carnegie

Ailamaki, Anastassia

218

Underground Test Area Quality Assurance Project Plan Nevada National Security Site, Nevada, Revision 0  

SciTech Connect (OSTI)

This Quality Assurance Project Plan (QAPP) provides the overall quality assurance (QA) program requirements and general quality practices to be applied to the U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO) Underground Test Area (UGTA) Sub-Project (hereafter the Sub-Project) activities. The requirements in this QAPP are consistent with DOE Order 414.1C, Quality Assurance (DOE, 2005); U.S. Environmental Protection Agency (EPA) Guidance for Quality Assurance Project Plans for Modeling (EPA, 2002); and EPA Guidance on the Development, Evaluation, and Application of Environmental Models (EPA, 2009). The QAPP Revision 0 supersedes DOE--341, Underground Test Area Quality Assurance Project Plan, Nevada Test Site, Nevada, Revision 4.

Irene Farnham

2011-05-01T23:59:59.000Z

219

Methodology for prioritizing cyber-vulnerable critical infrastructure equipment and mitigation strategies.  

SciTech Connect (OSTI)

The Department of Homeland Security (DHS), National Cyber Security Division (NSCD), Control Systems Security Program (CSSP), contracted Sandia National Laboratories to develop a generic methodology for prioritizing cyber-vulnerable, critical infrastructure assets and the development of mitigation strategies for their loss or compromise. The initial project has been divided into three discrete deliverables: (1) A generic methodology report suitable to all Critical Infrastructure and Key Resource (CIKR) Sectors (this report); (2) a sector-specific report for Electrical Power Distribution; and (3) a sector-specific report for the water sector, including generation, water treatment, and wastewater systems. Specific reports for the water and electric sectors are available from Sandia National Laboratories.

Dawson, Lon Andrew; Stinebaugh, Jennifer A.

2010-04-01T23:59:59.000Z

220

Cyber sleuths face off  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsruc DocumentationP-Series to UserProduct: Crude OilPublic Safety and100CurrentCybersecurityCyber

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

Building Smart Communities with Cyber-Physical Systems  

E-Print Network [OSTI]

There is a growing trend towards the convergence of cyber-physical systems (CPS) and social computing, which will lead to the emergence of smart communities composed of various objects (including both human individuals and physical things) that interact and cooperate with each other. These smart communities promise to enable a number of innovative applications and services that will improve the quality of life. This position paper addresses some opportunities and challenges of building smart communities characterized by cyber-physical and social intelligence.

Xia, Feng

2012-01-01T23:59:59.000Z

222

Cyber and physical infrastructure interdependencies.  

SciTech Connect (OSTI)

The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

2008-09-01T23:59:59.000Z

223

Recommended Practice: Creating Cyber Forensics Plans for Control Systems  

SciTech Connect (OSTI)

Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are not comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.

Eric Cornelius; Mark Fabro

2008-08-01T23:59:59.000Z

224

Human dimensions in cyber operations research and development priorities.  

SciTech Connect (OSTI)

Within cyber security, the human element represents one of the greatest untapped opportunities for increasing the effectiveness of network defenses. However, there has been little research to understand the human dimension in cyber operations. To better understand the needs and priorities for research and development to address these issues, a workshop was conducted August 28-29, 2012 in Washington DC. A synthesis was developed that captured the key issues and associated research questions. Research and development needs were identified that fell into three parallel paths: (1) human factors analysis and scientific studies to establish foundational knowledge concerning factors underlying the performance of cyber defenders; (2) development of models that capture key processes that mediate interactions between defenders, users, adversaries and the public; and (3) development of a multi-purpose test environment for conducting controlled experiments that enables systems and human performance measurement. These research and development investments would transform cyber operations from an art to a science, enabling systems solutions to be engineered to address a range of situations. Organizations would be able to move beyond the current state where key decisions (e.g. personnel assignment) are made on a largely ad hoc basis to a state in which there exist institutionalized processes for assuring the right people are doing the right jobs in the right way. These developments lay the groundwork for emergence of a professional class of cyber defenders with defined roles and career progressions, with higher levels of personnel commitment and retention. Finally, the operational impact would be evident in improved performance, accompanied by a shift to a more proactive response in which defenders have the capacity to exert greater control over the cyber battlespace.

Forsythe, James Chris; Silva, Austin Ray; Stevens-Adams, Susan Marie; Bradshaw, Jeffrey [Institute for Human and Machine Cognition

2012-11-01T23:59:59.000Z

225

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

Studi Di Milano, Italy. Saberi, A. , Stoorvogel, A. A. andand Michel [1995]; Saberi et al. [1999]; Toivonen [1983];

Amin, Saurabh

2011-01-01T23:59:59.000Z

226

On Cyber Security for Networked Control Systems  

E-Print Network [OSTI]

buildings and smart structures portend immense datavehicles and buildings equipped with smart meters). Thebuilding’s occupants). The operating systems of upcoming infrastructures such as smart

Amin, Saurabh

2011-01-01T23:59:59.000Z

227

Cyber and Security Assessments | Department of Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy UsageAUDITVehiclesTankless orAChiefAppropriation FY 2012 FY 2013 FYCurrent and

228

Tom Harper receives cyber security award  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas ConchasPassiveSubmittedStatusButler Tina ButlerToday in Energy Today in

229

Cyber Assessment Methods for SCADA Security  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana. DOCUMENTS AVAILABLEReport 2009Site | DepartmentOffice ofExamination Report5

230

Strengthening Cyber Security | Department of Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartment of Energyof theRestoration at Young - Rainey

231

OpenEI Community - cyber security  

Open Energy Info (EERE)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home5b9fcbce19 No revision hasInformation Earth'sOklahoma/Geothermal < Oklahomast, 2012Coast UtilitiesUpdateHighwayoverviewen

232

FY13 AWARD FEE DETERMINATION SCORECARD Contractor: Wastren-EnergX...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

of HSPD-12 badging, implementation of temporary security fencing for D&D projects, the PIIOUO cyber security protection program, the improved quality of the cyber security...

233

January 2015 | National Nuclear Security Administration  

National Nuclear Security Administration (NNSA)

with members of the Idaho National Laboratory. The lab has a long history in the nuclear energy area and its growing expertise in new threat areas such as cyber security; make it...

234

BROOKHAVEN NATIONAL LABORATORYS CAPABILITIES FOR ADVANCED ANALYSES OF CYBER THREATS  

SciTech Connect (OSTI)

BNL has several ongoing, mature, and successful programs and areas of core scientific expertise that readily could be modified to address problems facing national security and efforts by the IC related to securing our nation’s computer networks. In supporting these programs, BNL houses an expansive, scalable infrastructure built exclusively for transporting, storing, and analyzing large disparate data-sets. Our ongoing research projects on various infrastructural issues in computer science undoubtedly would be relevant to national security. Furthermore, BNL frequently partners with researchers in academia and industry worldwide to foster unique and innovative ideas for expanding research opportunities and extending our insights. Because the basic science conducted at BNL is unique, such projects have led to advanced techniques, unlike any others, to support our mission of discovery. Many of them are modular techniques, thus making them ideal for abstraction and retrofitting to other uses including those facing national security, specifically the safety of the nation’s cyber space.

DePhillips M. P.

2014-06-06T23:59:59.000Z

235

Minimax Control For Cyber-Physical Systems under Network Packet Scheduling Attacks  

E-Print Network [OSTI]

Minimax Control For Cyber-Physical Systems under Network Packet Scheduling Attacks Yasser Shoukry. Unfortunately, this re- liance on networks also brings new security vulnerabilities for con- trol systems. We and distribute reprints for Governmental purposes notwith- standing any copyright notation thereon. The views

Johansson, Karl Henrik

236

Gone Rogue: An Analysis of Rogue Security Software Campaigns (Invited Paper)  

E-Print Network [OSTI]

victims. A troubling, recent example of this trend is cyber- criminals distributing rogue security or no protection. While the technical and economical aspects of rogue security software (e.g., its distribution programs are distributed by cyber- criminals to generate a financial profit. In fact, after the initial

Yang, Junfeng

237

Cyberspace security system  

SciTech Connect (OSTI)

A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

2014-06-24T23:59:59.000Z

238

A Scalable Framework for Cyber Attack Discovery and Situational...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Scalable Framework for Cyber Attack Discovery and Situational Understanding (SITU) May 15, 2013 Problem Statement: Cyber attacks cost commercial and governmental organizations vast...

239

Information Security: Coordination of Federal Cyber Security Research and  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomentheATLANTA,Fermi NationalBusiness PlanPosting Thomas F.Needs

240

Safeguards and Security and Cyber Security RM | Department of Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector GeneralDepartment of Energy fromCommentsRevolving STATEMENT OF Peter Malati, Rahul

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Roadmap to Secure Control Systems in the Energy Sector- January 2006  

Broader source: Energy.gov [DOE]

This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented...

242

Network QoS Management in Cyber-Physical Systems  

E-Print Network [OSTI]

Technical advances in ubiquitous sensing, embedded computing, and wireless communication are leading to a new generation of engineered systems called cyber-physical systems (CPS). CPS promises to transform the way we interact with the physical world just as the Internet transformed how we interact with one another. Before this vision becomes a reality, however, a large number of challenges have to be addressed. Network quality of service (QoS) management in this new realm is among those issues that deserve extensive research efforts. It is envisioned that wireless sensor/actuator networks (WSANs) will play an essential role in CPS. This paper examines the main characteristics of WSANs and the requirements of QoS provisioning in the context of cyber-physical computing. Several research topics and challenges are identified. As a sample solution, a feedback scheduling framework is proposed to tackle some of the identified challenges. A simple example is also presented that illustrates the effectiveness of the pr...

Xia, Feng; Dong, Jinxiang; Sun, Youxian

2008-01-01T23:59:59.000Z

243

Graph anomalies in cyber communications  

SciTech Connect (OSTI)

Enterprises monitor cyber traffic for viruses, intruders and stolen information. Detection methods look for known signatures of malicious traffic or search for anomalies with respect to a nominal reference model. Traditional anomaly detection focuses on aggregate traffic at central nodes or on user-level monitoring. More recently, however, traffic is being viewed more holistically as a dynamic communication graph. Attention to the graph nature of the traffic has expanded the types of anomalies that are being sought. We give an overview of several cyber data streams collected at Los Alamos National Laboratory and discuss current work in modeling the graph dynamics of traffic over the network. We consider global properties and local properties within the communication graph. A method for monitoring relative entropy on multiple correlated properties is discussed in detail.

Vander Wiel, Scott A [Los Alamos National Laboratory; Storlie, Curtis B [Los Alamos National Laboratory; Sandine, Gary [Los Alamos National Laboratory; Hagberg, Aric A [Los Alamos National Laboratory; Fisk, Michael [Los Alamos National Laboratory

2011-01-11T23:59:59.000Z

244

Assessment of current cybersecurity practices in the public domain : cyber indications and warnings domain.  

SciTech Connect (OSTI)

This report assesses current public domain cyber security practices with respect to cyber indications and warnings. It describes cybersecurity industry and government activities, including cybersecurity tools, methods, practices, and international and government-wide initiatives known to be impacting current practice. Of particular note are the U.S. Government's Trusted Internet Connection (TIC) and 'Einstein' programs, which are serving to consolidate the Government's internet access points and to provide some capability to monitor and mitigate cyber attacks. Next, this report catalogs activities undertaken by various industry and government entities. In addition, it assesses the benchmarks of HPC capability and other HPC attributes that may lend themselves to assist in the solution of this problem. This report draws few conclusions, as it is intended to assess current practice in preparation for future work, however, no explicit references to HPC usage for the purpose of analyzing cyber infrastructure in near-real-time were found in the current practice. This report and a related SAND2010-4766 National Cyber Defense High Performance Computing and Analysis: Concepts, Planning and Roadmap report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

Hamlet, Jason R.; Keliiaa, Curtis M.

2010-09-01T23:59:59.000Z

245

Lemnos Interoperable Security Program  

SciTech Connect (OSTI)

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or â?? tunnelsâ?ť, to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems Lemnos is built on the successes of Open PCS Security Architecture for Interoperable Design (OPSAID), a previous DOE National SCADA Test Bed (NSTB) project. It enhances security interoperability by identifying basic cyber security functions based on utility requirements and then selecting open source solutions, namely Internet Engineering Task Force (IETF) RFCs, to support these functions. Once identified, specific configuration parameters for each RFC suitable for the electric utility control system environment are identified and documented. These configuration parameters are referred to as Interoperable Configuration Profiles (ICP) and their effectiveness within the utility control systems environment is verified with comprehensive testing as the final step in the process. The project focused on development of ICPs for four security protocols (IPsec, SSH, LDAP, and Syslog) which represent fundamental building blocks which can be utilized for securing utility control systems. These ICPs are product agnostic and can be applied modularly to any device (router, substation gateway, intelligent electronic device, etc.) within the utility control system as the end user deems necessary for their unique system architecture. The Lemnos Interoperable Security Program is a public-private partnership under the U.S. Department of Energy (DOE) Office of Electricity Delivery and Energy Reliability's Cybersecurity for Energy Delivery Systems (CEDS) program and supports The Roadmap to Secure Energy Delivery Systems. In addition to EnerNex, the core team supporting the effort includes Tennessee Valley Authority, Sandia National Laboratories, and Schweitzer Engineering Laboratories. Adding to the core team effort is collaboration from additional industry participants in the project including the Electric Power Research Institute (EPRI), Alien Vault, Cisco, Encore Networks, GarrettCom, Industrial Defender, N-Dimension Solutions, Phoenix Contact, RuggedCom, and Siemens.

John Stewart; Ron Halbgewachs; Adrian Chavez; Rhett Smith; David Teumim

2012-01-31T23:59:59.000Z

246

Engineering Resilient Cyber-Physical Systems  

E-Print Network [OSTI]

Engineering Resilient Cyber-Physical Systems Future Grid Thrust Area 6 White Paper Power Systems Engineering Research Center Empowering Minds to Engineer the Future Electric Energy System #12;Thrust Area 6 White Paper Engineering Resilient Cyber-Physical Systems Project Team Thomas J. Overbye University

247

From Manual Cyber Attacks Forensic to  

E-Print Network [OSTI]

From Manual Cyber Attacks Forensic to Automatic Characterization of Attackers' Profiles J. Briffaut-00995211,version1- #12;From Manual Cyber Attacks Forensic to Automatic Characterization of Attackers, or governmental organisations. Experimental results of these forensic and high level characteriza- tion methods

Paris-Sud XI, Université de

248

Cyber-Physical System Verification Embedded Systems Group  

E-Print Network [OSTI]

(Felipe Bichued) 21 Introducing Simulation of Hybrid Systems with the Modelica Tool 32 #12;Cyber Physical

Berns, Karsten

249

Underground Test Area Fiscal Year 2013 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0  

SciTech Connect (OSTI)

This report is required by the Underground Test Area (UGTA) Quality Assurance Plan (QAP) and identifies the UGTA quality assurance (QA) activities for fiscal year (FY) 2013. All UGTA organizations—U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); Navarro-Intera, LLC (N-I); National Security Technologies, LLC (NSTec); and the U.S. Geological Survey (USGS)—conducted QA activities in FY 2013. The activities included conducting assessments, identifying findings and completing corrective actions, evaluating laboratory performance, and publishing documents. In addition, integrated UGTA required reading and corrective action tracking was instituted.

Krenzien, Susan; Marutzky, Sam

2014-01-01T23:59:59.000Z

250

Underground Test Area Fiscal Year 2012 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0  

SciTech Connect (OSTI)

This report is mandated by the Underground Test Area (UGTA) Quality Assurance Project Plan (QAPP) and identifies the UGTA quality assurance (QA) activities for fiscal year (FY) 2012. All UGTA organizations—U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Site Office (NNSA/NSO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); Navarro-Intera, LLC (N-I); National Security Technologies, LLC (NSTec); and the U.S. Geological Survey (USGS)—conducted QA activities in FY 2012. The activities included conducting assessments, identifying findings and completing corrective actions, evaluating laboratory performance, revising the QAPP, and publishing documents. In addition, processes and procedures were developed to address deficiencies identified in the FY 2011 QAPP gap analysis.

Farnham, Irene; Marutzky, Sam

2013-01-01T23:59:59.000Z

251

KNOWLEDGE: Building, Securing, Sharing & Applying  

E-Print Network [OSTI]

is to educate and provide powerful analytical tools for information sharing, collaboration & decision support against threats to cyber infrastructure and data Data management in emergency situations Risk analysis for challenging problems in data analysis that address present and emerging homeland security threats Our Mission

252

AC 2010-2361: REU PROGRAM IN TELEMATICS AND CYBER PHYSICAL SYSTEMS: SHARING STRATEGIES, EXPERIENCE AND LESSONS LEARNED  

E-Print Network [OSTI]

AC 2010-2361: REU PROGRAM IN TELEMATICS AND CYBER PHYSICAL SYSTEMS: SHARING STRATEGIES, EXPERIENCE processing, embedded systems, in-vehicle networking, performance analysis of networking protocols, secure of Electrical and Computer Engineer of Wayne State University. His research interests lie in distributed

Mahmud, Syed Masud

253

National Security Initiatives | ORNL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn Cyber Security Nuclear Forensics Bioinformatics

254

A Framework for Modeling Cyber-Physical Switching Attacks in Smart Grid  

E-Print Network [OSTI]

IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTING Received 24 March 2013; revised 8 August 2013 and 14 November 2013; accepted 21 November 2013. Date of publication 2 January 2014; date of current version 21 January 2014. Digital Object Identifier... AUTHOR: S. LIU (liushan2009@gmail.com) This work was supported by the National Science Foundation under NSF Grant EECS-1028246 and the Norman Hackerman Advanced Research Program under Project 000512-0111-2009. ABSTRACT Security issues in cyber...

Liu, Shan; Mashayekh, Salman; Kundur, Deepa; Zourntos, Takis; Butler-Purry, Karen

2014-01-02T23:59:59.000Z

255

Assessing Power Substation Network Security and Survivability: A Work in Progress Report1  

E-Print Network [OSTI]

to the assessment of power substation control networks for cyber based attacks. Another goal is to r1 Assessing Power Substation Network Security and Survivability: A Work in Progress Report1 Carol experiences with identifying cyber-based threats to the survivability of power substation control networks

Krings, Axel W.

256

Naval Postgraduate School Cyber Academic Group Graduation Checklist for MS Cyber Systems and Operations (CSO) Degree  

E-Print Network [OSTI]

Environment (3-2) ________ ___CY4700 Cyber Wargame: Blue Force Operations (2-5) ________ ___CY4710 Cyber Strategy & Policy (4-2) ________ ___NW3275 Joint Maritime Operations Part 1 (4-0) ________ ___NW3276 Joint and Operations (CSO) Degree 6208P Subspecialty Code (Effective for students commencing Fall AY11 to Winter AY13

257

Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems  

SciTech Connect (OSTI)

The consolidation of cyber communications networks and physical control systems within the energy smart grid introduces a number of new risks. Unfortunately, these risks are largely unknown and poorly understood, yet include very high impact losses from attack and component failures. One important aspect of risk management is the detection of anomalies and changes. However, anomaly detection within cyber security remains a difficult, open problem, with special challenges in dealing with false alert rates and heterogeneous data. Furthermore, the integration of cyber and physical dynamics is often intractable. And, because of their broad scope, energy grid cyber-physical systems must be analyzed at multiple scales, from individual components, up to network level dynamics. We describe an improved approach to anomaly detection that combines three important aspects. First, system dynamics are modeled using a reduced order model for greater computational tractability. Second, a probabilistic and principled approach to anomaly detection is adopted that allows for regulation of false alerts and comparison of anomalies across heterogeneous data sources. Third, a hierarchy of aggregations are constructed to support interactive and automated analyses of anomalies at multiple scales.

Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Melin, Alexander M [ORNL; Czejdo, Bogdan [ORNL

2013-01-01T23:59:59.000Z

258

Approaches for scalable modeling and emulation of cyber systems : LDRD final report.  

SciTech Connect (OSTI)

The goal of this research was to combine theoretical and computational approaches to better understand the potential emergent behaviors of large-scale cyber systems, such as networks of {approx} 10{sup 6} computers. The scale and sophistication of modern computer software, hardware, and deployed networked systems have significantly exceeded the computational research community's ability to understand, model, and predict current and future behaviors. This predictive understanding, however, is critical to the development of new approaches for proactively designing new systems or enhancing existing systems with robustness to current and future cyber threats, including distributed malware such as botnets. We have developed preliminary theoretical and modeling capabilities that can ultimately answer questions such as: How would we reboot the Internet if it were taken down? Can we change network protocols to make them more secure without disrupting existing Internet connectivity and traffic flow? We have begun to address these issues by developing new capabilities for understanding and modeling Internet systems at scale. Specifically, we have addressed the need for scalable network simulation by carrying out emulations of a network with {approx} 10{sup 6} virtualized operating system instances on a high-performance computing cluster - a 'virtual Internet'. We have also explored mappings between previously studied emergent behaviors of complex systems and their potential cyber counterparts. Our results provide foundational capabilities for further research toward understanding the effects of complexity in cyber systems, to allow anticipating and thwarting hackers.

Mayo, Jackson R.; Minnich, Ronald G.; Armstrong, Robert C.; Rudish, Don W.

2009-09-01T23:59:59.000Z

259

August 2012 CIP Report Focuses on Smart Grid Security  

Broader source: Energy.gov [DOE]

The August 2012 issue of The CIP Report from George Mason University's Center for Infrastructure Protection and Homeland Security highlights the significance and challenges to securing the smart grid. The report includes an overview of smart grid security by Deputy Assistant Secretary Hank Kenchington and the findings for reducing cyber risks from the Workshop on Securing the Smart Grid: Best Practices in Supply Chain Security, Integrity, and Resilience.

260

cyber  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartmentNationalRestart of the Review of theOFFICE OF CIVILAMENDMENT OF0/%2A1/%2A2/%2A

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

Protecting Intelligent Distributed Power Grids against Cyber Attacks  

SciTech Connect (OSTI)

Like other industrial sectors, the electrical power industry is facing challenges involved with the increasing demand for interconnected operations and control. The electrical industry has largely been restructured due to deregulation of the electrical market and the trend of the Smart Grid. This moves new automation systems from being proprietary and closed to the current state of Information Technology (IT) being highly interconnected and open. However, while gaining all of the scale and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications for the power grid were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: (1) integration with existing, legacy systems in a non-intrusive fashion; (2) desirable performance in terms of modularity, scalability, extendibility, and manageability; (3) alignment to the 'Roadmap to Secure Control Systems in the Energy Sector' and the future smart grid. The on-site system test of the developed prototype security system is briefly presented as well.

Dong Wei; Yan Lu; Mohsen Jafari; Paul Skare; Kenneth Rohde

2010-12-31T23:59:59.000Z

262

Accumulating Automata and Cascaded Equations Automata for Communicationless Information Theoretically Secure Multi-Party Computation  

E-Print Network [OSTI]

number 428/11), Cabarnit Cyber Security MAGNET Consortium, Grant from the Institute for Future Defense;1 Introduction Secure multi-party computation (MPC) is a powerful concept in secure distributed computing Theoretically Secure Multi-Party Computation (Preliminary Report) Shlomi Dolev1 and Niv Gilboa2 and Ximing Li1 1

263

Investigating the effectiveness of many-core network processors for high performance cyber protection systems. Part I, FY2011.  

SciTech Connect (OSTI)

This report documents our first year efforts to address the use of many-core processors for high performance cyber protection. As the demands grow for higher bandwidth (beyond 1 Gbits/sec) on network connections, the need to provide faster and more efficient solution to cyber security grows. Fortunately, in recent years, the development of many-core network processors have seen increased interest. Prior working experiences with many-core processors have led us to investigate its effectiveness for cyber protection tools, with particular emphasis on high performance firewalls. Although advanced algorithms for smarter cyber protection of high-speed network traffic are being developed, these advanced analysis techniques require significantly more computational capabilities than static techniques. Moreover, many locations where cyber protections are deployed have limited power, space and cooling resources. This makes the use of traditionally large computing systems impractical for the front-end systems that process large network streams; hence, the drive for this study which could potentially yield a highly reconfigurable and rapidly scalable solution.

Wheeler, Kyle Bruce; Naegle, John Hunt; Wright, Brian J.; Benner, Robert E., Jr.; Shelburg, Jeffrey Scott; Pearson, David Benjamin; Johnson, Joshua Alan; Onunkwo, Uzoma A.; Zage, David John; Patel, Jay S.

2011-09-01T23:59:59.000Z

264

A Mathematical Framework for the Analysis of Cyber-Resilient Control Systems  

SciTech Connect (OSTI)

The increasingly recognized vulnerability of industrial control systems to cyber-attacks has inspired a considerable amount of research into techniques for cyber-resilient control systems. The majority of this effort involves the application of well known information security (IT) techniques to control system networks. While these efforts are important to protect the control systems that operate critical infrastructure, they are never perfectly effective. Little research has focused on the design of closed-loop dynamics that are resilient to cyber-attack. The majority of control system protection measures are concerned with how to prevent unauthorized access and protect data integrity. We believe that the ability to analyze how an attacker can effect the closed loop dynamics of a control system configuration once they have access is just as important to the overall security of a control system. To begin to analyze this problem, consistent mathematical definitions of concepts within resilient control need to be established so that a mathematical analysis of the vulnerabilities and resiliencies of a particular control system design methodology and configuration can be made. In this paper, we propose rigorous definitions for state awareness, operational normalcy, and resiliency as they relate to control systems. We will also discuss some mathematical consequences that arise from the proposed definitions. The goal is to begin to develop a mathematical framework and testable conditions for resiliency that can be used to build a sound theoretical foundation for resilient control research.

Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Fugate, David L [ORNL; Kisner, Roger [ORNL

2013-01-01T23:59:59.000Z

265

Transportation Secure Data Center: Real-World Data for Environmental and Air Quality Analysis (Fact Sheet)  

SciTech Connect (OSTI)

The National Renewable Energy Laboratory (NREL) and the U.S. Department of Transportation (DOT) have launched the free, web-based Transportation Secure Data Center (TSDC). The TSDC (www.nrel.gov/tsdc) preserves respondent anonymity while making vital transportation data available to a broad group of users through secure, online access. The TSDC database provides free-of-charge web-based access to valuable transportation data that can be used for: Emissions and air pollution modeling, Vehicle energy and power analysis, Climate change impact studies, Alternative fuel station planning, and Validating transportation data from other sources. The TSDC's two levels of access make composite data available with simple online registration, and allow researchers to use detailed spatial data after completing a straight forward application process.

Not Available

2013-01-01T23:59:59.000Z

266

Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design  

E-Print Network [OSTI]

Cyber-physical systems integrate computation, communication, and physical capabilities to interact with the physical world and humans. Besides failures of components, cyber-physical systems are prone to malicious attacks so that specific analysis tools and monitoring mechanisms need to be developed to enforce system security and reliability. This paper builds upon the results presented in our companion paper [1] and proposes centralized and distributed monitors for attack detection and identification. First, we design optimal centralized attack detection and identification monitors. Optimality refers to the ability of detecting (respectively identifying) every detectable (respectively identifiable) attack. Second, we design an optimal distributed attack detection filter based upon a waveform relaxation technique. Third, we show that the attack identification problem is computationally hard, and we design a sub-optimal distributed attack identification procedure with performance guarantees. Finally, we illustr...

Pasqualetti, Fabio; Bullo, Francesco

2012-01-01T23:59:59.000Z

267

Control Systems Security Test Center - FY 2004 Program Summary  

SciTech Connect (OSTI)

In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nation’s critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

Robert E. Polk; Alen M. Snyder

2005-04-01T23:59:59.000Z

268

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Does not cancel other directives. Canceled by DOE O 205.1B

2009-01-05T23:59:59.000Z

269

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

270

Security Controls for Unclassified Information Systems Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Manual establishes minimum implementation standards for cyber security technical, management, and operational controls that will be followed in all information systems operated by DOE and the information systems. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

2009-01-05T23:59:59.000Z

271

Foreign National Access to DOE Cyber Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

DOE N 205.16, dated 9-15-05, extends this Notice until 9-30-06, unless sooner rescinded. To ensure foreign national access to DOE cyber systems continues to advance DOE program objectives while enforcing information access restrictions.

1999-11-01T23:59:59.000Z

272

Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song  

E-Print Network [OSTI]

Integrated Learning Environment for Smart Grid Security Kewen Wang, Yi Pan, Wen-Zhan Song-- Cyber Security of smart grids becomes more and more important to our everyday life for its wide of this important area. We believe that simulation systems designed for research purposes in the smart grid security

Wang, Weichao

273

6/16/13 New search tool developed to catch cyber thieves post.jagran.com/new-search-tool-developed-to-catch-cyber-thieves-1370602608 1/5  

E-Print Network [OSTI]

cyber thieves Montreal: A new search tool developed by researchers in Canada can now help crime Lifestyle News Desk Cyber thief child porn search tool Canada cyber crime #12;6/16/13 New search tool6/16/13 New search tool developed to catch cyber thieves post.jagran.com/new-search-tool

Fung, Benjamin C. M.

274

National cyber defense high performance computing and analysis : concepts, planning and roadmap.  

SciTech Connect (OSTI)

There is a national cyber dilemma that threatens the very fabric of government, commercial and private use operations worldwide. Much is written about 'what' the problem is, and though the basis for this paper is an assessment of the problem space, we target the 'how' solution space of the wide-area national information infrastructure through the advancement of science, technology, evaluation and analysis with actionable results intended to produce a more secure national information infrastructure and a comprehensive national cyber defense capability. This cybersecurity High Performance Computing (HPC) analysis concepts, planning and roadmap activity was conducted as an assessment of cybersecurity analysis as a fertile area of research and investment for high value cybersecurity wide-area solutions. This report and a related SAND2010-4765 Assessment of Current Cybersecurity Practices in the Public Domain: Cyber Indications and Warnings Domain report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.

Hamlet, Jason R.; Keliiaa, Curtis M.

2010-09-01T23:59:59.000Z

275

SuperIdentity: Fusion of Identity across Real and Cyber Domains  

SciTech Connect (OSTI)

Under both benign and malign circumstances, people now manage a spectrum of identities across both real-world and cyber domains. Our belief, however, is that all these instances ultimately track back for an individual to reflect a single 'SuperIdentity'. This paper outlines the assumptions underpinning the SuperIdentity Project, describing the innovative use of data fusion to incorporate novel real-world and cyber cues into a rich framework appropriate for modern identity. The proposed combinatorial model will support a robust identification or authentication decision, with confidence indexed both by the level of trust in data provenance, and the diagnosticity of the identity factors being used. Additionally, the exploration of correlations between factors may underpin the more intelligent use of identity information so that known information may be used to predict previously hidden information. With modern living supporting the 'distribution of identity' across real and cyber domains, and with criminal elements operating in increasingly sophisticated ways in the hinterland between the two, this approach is suggested as a way forwards, and is discussed in terms of its impact on privacy, security, and the detection of threat.

Black, Sue; Creese, Sadie; Guest, Richard; Pike, William A.; Saxby, Steven; Stanton Fraser, Danae; Stevenage, Sarah; Whitty, Monica

2012-04-23T23:59:59.000Z

276

National Security Science  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn Cyber Security Nuclear ForensicsScience National

277

National Security Science Archive  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn Cyber Security Nuclear ForensicsScienceScience »

278

Before the House Subcommittee on Emerging Threats, Cyber Security...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

By: Patricia Hoffman, Acting Assistant Secretary for Electricity Delivery and Energy Reliability 7-21-09FinalTestimonyHoffman.pdf More Documents & Publications Statement of...

279

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS...  

Broader source: Energy.gov (indexed) [DOE]

incident characterization (i.e., Type 1 or Type 2) and categorization (i.e., low, medium, high, or very high). * Respond to and report incidents within mandated timeframes...

280

Secure Cyber Incident Information Sharing UTSA Team Leads  

E-Print Network [OSTI]

A #12;Next Steps · UTSA to incorporate INL input · Develop prototype in OpenStack · Share research results with INL ­ August/September #12;Thanks · Comments, Q&A #12;Backup #12;OpenStack · Open

Sandhu, Ravi

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

Obama's Call for Public-Private Cyber Security Collaboration...  

Broader source: Energy.gov (indexed) [DOE]

Sector and the collaborative online project database. Media contact(s): Office of Electricity Delivery & Energy Reliability (202) 586-4940 Addthis Related Articles...

282

NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGY TAXBalanced Scorecard Federal2 to:Diesel Engines|Foreign Travel RequestNEXT

283

Office of Electricity Delivery and Energy Reliability Cyber Security  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion | Department ofT ib l L d F SSales LLC OrderEfficiencyOceanOctober XX,/2012 1Conference

284

of Western Area Power Administration's Cyber Security Program  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomen Owned SmallOf TheViolationsRio Blanco ResponsibleSuiteFrom: LarryWestern Area

285

Sandia National Laboratories: Cyber Security for Electric Infrastructure  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary)morphinanInformation Desert Southwest RegionatSearch WelcomeScience SSRL ScienceCRFCareersandContact Us

286

Lessons Learned from Cyber Security Assessments of SCADA and Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector General Office0-72.pdfGeorgeDoesn't Happen to HighJosephNOx TrapsLeasingLeslie09091Work

287

The Department's Unclassified Cyber Security Program 2002, IG-0567  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of Energy StrainClientDesignOfficeTheDepartment ofManagement of the

288

Control Systems Cyber Security: Defense in Depth Strategies | Department of  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart GridThird Quarter Overall

289

Cyber Assessment Methods for SCADA Security | Department of Energy  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart GridThird QuarterintoCurrent Test Procedure|Department

290

DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS |  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana. DOCUMENTS AVAILABLEReportEnergyDevelopingSolid-StateBrings Together01-13

291

NNSA Seeking Comments on Consolidated IT and Cyber Security Support...  

Energy Savers [EERE]

search criteria, click on the down arrow and select "Reference Number". Type in,DE-SOL-0005569. Addthis Related Articles DOE Issues Draft Request for Proposals for Hanford Site...

292

Lab hosts multi-lab cyber security games  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsruc DocumentationP-SeriesFlickrinformationPostdocs space control NewsUWFive R&DLab hosts

293

Management of Naval Reactors' Cyber Security Program, OIG-0884  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion | Department of Energy Low-TemperatureEnergy Maine09 Balance SheetSmallVHTRNaval

294

Cyber Security Expert Jim Mellander Retires from NERSC  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsruc DocumentationP-Series to UserProduct: Crude OilPublic Safety and100CurrentCybersecurity Expert

295

2014 Headquarters Facilities Master Security Plan - Chapter 14, Cyber  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energyon ArmedWaste and Materials2014 Chief Freedom of Information ActAwareness

296

Evaluation Report on The Department's Unclassified Cyber Security Program  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana.Program -DepartmentNovember 1, 2010December 1,Goals Chapter 42.15 -2002,

297

Common Cyber Security Vulnerabilities Observed in Control System  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart Grid RFI: AddressingEnergy

298

Cyber Security Audit and Attack Detection Toolkit: Bandolier and  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana. DOCUMENTS AVAILABLEReport 2009Site | DepartmentOffice ofExamination

299

Cyber Security Evaluations Appraisal Process Guide - April 2008 |  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana. DOCUMENTS AVAILABLEReport 2009Site | DepartmentOffice ofExaminationDepartment

300

The Department's Unclassified Cyber Security Program - 2012, IG-0877  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGYWomenthe House Committee on EnergyEnergy SecretarySeries | DepartmentEvaluation

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

Strategy for Improvements in Cyber Security | Department of Energy  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-Up from the GridwiseSiteDepartment ofCreatingCellStrategicYears 2003 -Strategy for

302

The Department's Cyber Security Incident Management Program, IG-0787 |  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-Up from theDepartment of Energy TechnicalFlowNation |Department of

303

NNSA Seeking Comments on Consolidated IT and Cyber Security Support  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |EnergyonSupport0.pdf5 OPAM SEMIANNUALNASCAR Green Gets First PlaceServices Draft | Department

304

Department of Energy's July 2013 Cyber Security Breach  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:Year in Review: TopEnergy DOEDealing WithDevelopmentReport and7Department ofManagement

305

Before the House Subcommittee on Emerging Threats, Cyber Security and  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-Up fromDepartmentTie Ltd: ScopeDepartment of Energy InesOversight |

306

The Center for Cyber Defenders  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear SecurityTensile Strain Switched Ferromagnetism in Layered NbS2 and NbSe2 .2004The AtmosphericHomologous58 -

307

Abstract--Network security against possible attacks involves making decisions under uncertainty. Not only may one be  

E-Print Network [OSTI]

], security in wireless networks [12], [13] and cyber-security [14], [15], [16]. In [17] the readers can find1 Abstract--Network security against possible attacks involves making decisions under uncertainty for a further DDoS (Distributed Denial of Service) botnet attack on servers). Due to limited defense

308

Embedded Cyber-Physical Anomaly Detection in Smart Meters  

E-Print Network [OSTI]

Embedded Cyber-Physical Anomaly Detection in Smart Meters Massimiliano Raciti, Simin Nadjm vulnerabilities that arise from deployment of local cyber-physical attacks at a smart metering location at destabilisation. In this paper we study a smart metering device that uses a trusted platform for storage

309

COST FUNCTIONS FOR SCHEDULING TASKS IN CYBER-PHYSICAL SYSTEMS  

E-Print Network [OSTI]

COST FUNCTIONS FOR SCHEDULING TASKS IN CYBER-PHYSICAL SYSTEMS Abhinna Jain, C.M. Krishna, Israel, cost functions, controlled plant dynamics Abstract: In Cyber Physical Systems (CPS), computational response times are different. In this paper, we consider using cost functions of task response time

Massachusetts at Amherst, University of

310

Experience with the CyberKnife for intracranial stereotactic radiosurgery: Analysis of dosimetry indices  

SciTech Connect (OSTI)

We evaluated coverage, dose homogeneity, dose conformity, and dose gradient in CyberKnife VSI treatment plans. Several dosimetric indices were calculated, and the results were compared with those of previous publications. The effect of target volume on the radiosurgical treatment indices selected was also investigated. The study population comprised the first 40 patients treated at our department from March 2011 to September 2012. Dosimetric indices were calculated and compared with published results for other frame-based and frameless intracranial stereotactic radiotherapy techniques. A comparison of the indices confirmed the ability of the CyberKnife VSI system to provide very high-quality dosing plans. The results were independent of target volume for coverage, homogeneity, and dose conformity. However, a dependence on target volume was observed for the dose-gradient indices analyzed. Based on the indices proposed, CyberKnife provides very good treatment plans and compares favorably with other techniques in most cases. However, greater consensus on the radiosurgery indices calculated would be desirable to facilitate comparison of the various techniques or the same techniques when applied by different users.

Floriano, Alejandro, E-mail: afloriano@grupoimo.com; Santa-Olalla, Iciar; Sanchez-Reyes, Alberto

2014-04-01T23:59:59.000Z

311

What is Security? A perspective on achieving security  

SciTech Connect (OSTI)

This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

Atencio, Julian J.

2014-05-05T23:59:59.000Z

312

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)  

SciTech Connect (OSTI)

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

Hadley, Mark D.; Clements, Samuel L.

2009-01-01T23:59:59.000Z

313

Quality Management  

Broader source: Energy.gov [DOE]

The Office of Quality Management, within the Office of Health, Safety and Security develops policies and procedures to ensure the classification and control of information is effective and...

314

Agent-based Cyber Control Strategy Design for Resilient Control Systems: Concepts, Architecture and Methodologies  

SciTech Connect (OSTI)

The implementation of automated regulatory control has been around since the middle of the last century through analog means. It has allowed engineers to operate the plant more consistently by focusing on overall operations and settings instead of individual monitoring of local instruments (inside and outside of a control room). A similar approach is proposed for cyber security, where current border-protection designs have been inherited from information technology developments that lack consideration of the high-reliability, high consequence nature of industrial control systems. Instead of an independent development, however, an integrated approach is taken to develop a holistic understanding of performance. This performance takes shape inside a multiagent design, which provides a notional context to model highly decentralized and complex industrial process control systems, the nervous system of critical infrastructure. The resulting strategy will provide a framework for researching solutions to security and unrecognized interdependency concerns with industrial control systems.

Craig Rieger; Milos Manic; Miles McQueen

2012-08-01T23:59:59.000Z

315

Quantitative Cyber Risk Reduction Estimation Methodology for a Small Scada Control System  

SciTech Connect (OSTI)

We propose a new methodology for obtaining a quick quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.

Miles A. McQueen; Wayne F. Boyer; Mark A. Flynn; George A. Beitel

2006-01-01T23:59:59.000Z

316

CyberGIS software: a synthetic review and integration roadmap  

SciTech Connect (OSTI)

CyberGIS defined as cyberinfrastructure-based geographic information systems (GIS) has emerged as a new generation of GIS representing an important research direction for both cyberinfrastructure and geographic information science. This study introduces a 5-year effort funded by the US National Science Foundation to advance the science and applications of CyberGIS, particularly for enabling the analysis of big spatial data, computationally intensive spatial analysis and modeling (SAM), and collaborative geospatial problem-solving and decision-making, simultaneously conducted by a large number of users. Several fundamental research questions are raised and addressed while a set of CyberGIS challenges and opportunities are identified from scientific perspectives. The study reviews several key CyberGIS software tools that are used to elucidate a vision and roadmap for CyberGIS software research. The roadmap focuses on software integration and synthesis of cyberinfrastructure, GIS, and SAM by defining several key integration dimensions and strategies. CyberGIS, based on this holistic integration roadmap, exhibits the following key characteristics: high-performance and scalable, open and distributed, collaborative, service-oriented, user-centric, and community-driven. As a major result of the roadmap, two key CyberGIS modalities gateway and toolkit combined with a community-driven and participatory approach have laid a solid foundation to achieve scientific breakthroughs across many geospatial communities that would be otherwise impossible.

Wang, Shaowen [University of Illinois, Urbana-Champaign; Anselin, Luc [Arizona State University; Bhaduri, Budhendra L [ORNL; Cosby, Christopher [University Navstar Consortium, Boulder, CO; Goodchild, Michael [University of California, Santa Barbara; Liu, Yan [University of Illinois, Urbana-Champaign; Nygers, Timothy L. [University of Washington, Seattle

2013-01-01T23:59:59.000Z

317

Supervisory Control Strategies for Enhancing System Security and Privacy Christoforos N. Hadjicostis  

E-Print Network [OSTI]

cyber-infrastructures (ranging from defense and banking to health care and power distribution sys- temsSupervisory Control Strategies for Enhancing System Security and Privacy Christoforos N. Hadjicostis Abstract-- Enhancing the security and reliability of auto- mated systems that control vital

Hadjicostis, Christoforos

318

Security Awareness in Virtual Communities: The Case of Non-collocated Academic Research Collaborations  

E-Print Network [OSTI]

security and conduct awareness training [15]. Colleges and universities are targeted for cyber attacksSecurity Awareness in Virtual Communities: The Case of Non-collocated Academic Research is reflected in the distributed nature of research communities. Research has a strong collaborative dimension

Paris-Sud XI, Université de

319

Towards a Secure Email Service for The Future Muhammad Shoaib Saleem and Eric Renault  

E-Print Network [OSTI]

content distribution, user privacy and security, naming and addressing, routing and name resolutionTowards a Secure Email Service for The Future Internet Muhammad Shoaib Saleem and ´Eric Renault.renault}@it-sudparis.eu Abstract--Email is one of the most used application over the Internet and it is vulnerable to cyber attacks

Paris-Sud XI, Université de

320

Modeling Cyber Conflicts Using an Extended Petri Net Formalism  

SciTech Connect (OSTI)

When threatened by automated attacks, critical systems that require human-controlled responses have difficulty making optimal responses and adapting protections in real- time and may therefore be overwhelmed. Consequently, experts have called for the development of automatic real-time reaction capabilities. However, a technical gap exists in the modeling and analysis of cyber conflicts to automatically understand the repercussions of responses. There is a need for modeling cyber assets that accounts for concurrent behavior, incomplete information, and payoff functions. Furthermore, we address this need by extending the Petri net formalism to allow real-time cyber conflicts to be modeled in a way that is expressive and concise. This formalism includes transitions controlled by players as well as firing rates attached to transitions. This allows us to model both player actions and factors that are beyond the control of players in real-time. We show that our formalism is able to represent situational aware- ness, concurrent actions, incomplete information and objective functions. These factors make it well-suited to modeling cyber conflicts in a way that allows for useful analysis. MITRE has compiled the Common Attack Pattern Enumera- tion and Classification (CAPEC), an extensive list of cyber attacks at various levels of abstraction. CAPEC includes factors such as attack prerequisites, possible countermeasures, and attack goals. These elements are vital to understanding cyber attacks and to generating the corresponding real-time responses. We demonstrate that the formalism can be used to extract precise models of cyber attacks from CAPEC. Several case studies show that our Petri net formalism is more expressive than other models, such as attack graphs, for modeling cyber conflicts and that it is amenable to exploring cyber strategies.

Zakrzewska, Anita N [ORNL; Ferragut, Erik M [ORNL

2011-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

Office of the CISO, December 2010 Information Security Risk Advisory  

E-Print Network [OSTI]

Office of the CISO, December 2010 Information Security Risk Advisory Web Browsing Software attacks that exploit web browsers (e.g., Internet Explorer, Firefox, Safari, Chrome, Opera) are on the rise. Cyber criminals frequently attack web browsers to take control of computers, delete files, steal personally

Queitsch, Christine

322

SOFTWARE QUALITY & SYSTEMS ENGINEERING PROGRAM: Preacceptance...  

Broader source: Energy.gov (indexed) [DOE]

PROGRAM: Preacceptance Checklist Security Issues SOFTWARE QUALITY & SYSTEMS ENGINEERING PROGRAM: Preacceptance Checklist Security Issues The following checklist is intended to...

323

Advances in Materials Genomics: Making CyberSteels Fly | Argonne...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Events Upcoming Events Upcoming Events Advances in Materials Genomics: Making CyberSteels Fly January 7, 2015 3:00PM to 4:00PM Presenter Greg Olson, Northwestern University and...

324

Integration of wireless sensor networks in environmental monitoring cyber infrastructure  

E-Print Network [OSTI]

Integration of wireless sensor networks in environmental monitoring cyber infrastructure Jue Yang Ă? to revolutionize many science and engineering domains. We present a novel environmental monitoring system collection, management, visualization, dissemination, and exchange, conforming to the new Sensor Web

Huang, Yan

325

National Security Photo Gallery | Argonne National Laboratory  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn Cyber Security Nuclear Forensics

326

Real-Time SCADA Cyber Protection Using Compression Techniques  

SciTech Connect (OSTI)

The Department of Energy’s Office of Electricity Delivery and Energy Reliability (DOE-OE) has a critical mission to secure the energy infrastructure from cyber attack. Through DOE-OE’s Cybersecurity for Energy Delivery Systems (CEDS) program, the Idaho National Laboratory (INL) has developed a method to detect malicious traffic on Supervisory, Control, and Data Acquisition (SCADA) network using a data compression technique. SCADA network traffic is often repetitive with only minor differences between packets. Research performed at the INL showed that SCADA network traffic has traits desirable for using compression analysis to identify abnormal network traffic. An open source implementation of a Lempel-Ziv-Welch (LZW) lossless data compression algorithm was used to compress and analyze surrogate SCADA traffic. Infected SCADA traffic was found to have statistically significant differences in compression when compared against normal SCADA traffic at the packet level. The initial analyses and results are clearly able to identify malicious network traffic from normal traffic at the packet level with a very high confidence level across multiple ports and traffic streams. Statistical differentiation between infected and normal traffic level was possible using a modified data compression technique at the 99% probability level for all data analyzed. However, the conditions tested were rather limited in scope and need to be expanded into more realistic simulations of hacking events using techniques and approaches that are better representative of a real-world attack on a SCADA system. Nonetheless, the use of compression techniques to identify malicious traffic on SCADA networks in real time appears to have significant merit for infrastructure protection.

Lyle G. Roybal; Gordon H Rueff

2013-11-01T23:59:59.000Z

327

National Security Science December 2014  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn Cyber Security Nuclear ForensicsScience

328

Development and Demonstration of a Security Core Component  

SciTech Connect (OSTI)

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more data about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from “normal,” CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSM’s built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that “real world” training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipient’s SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.

Turke, Andy

2014-02-28T23:59:59.000Z

329

Office of Cyber Assessments | Department of Energy  

Energy Savers [EERE]

for the independent evaluation of the effectiveness of classified and unclassified computer security policies and programs throughout the Department. The Office has established...

330

Certification and Accreditation Process for Information Systems Including National Security Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice ensures the effectiveness of security controls on DOE Federal information systems including national security systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. No cancellations. DOE N 205.15, dated 3-18-05, extends this directive until 3-18-06.

2004-02-19T23:59:59.000Z

331

Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks  

SciTech Connect (OSTI)

Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both of these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.

Hartman, Steven M [ORNL] [ORNL

2012-01-01T23:59:59.000Z

332

Switched System Models for Coordinated Cyber-Physical Attack Construction and Simulation  

E-Print Network [OSTI]

Switched System Models for Coordinated Cyber-Physical Attack Construction and Simulation Shan Liu the need to develop intelligent models of cyber-physical attacks that produce salient disruptions. In this paper, we present a foundation for the development of a class of intelligent cyber-physical attacks

Kundur, Deepa

333

Terry Benzel, Bob Braden, Dongho Kim, Cliford Neuman. Anthony Joseph and Keith Sklower Ron Ostrenga and Stephen Schwab, Experience with DETER: A Testbed for Security Research. 2nd IEEE Conference on testbeds and Research Infrastructures for the  

E-Print Network [OSTI]

network attacks such as distributed denial of service, worms, and viruses. These cyber-security problems and Stephen Schwab, Experience with DETER: A Testbed for Security Research. 2nd IEEE Conference on testbeds 2006 IEEE EXPERIENCE WITH DETER: A TESTBED FOR SECURITY RESEARCH Terry Benzel, Robert Braden, Dongho

Joseph, Anthony D.

334

GAO-06-811 Information Security: Coordination of Federal Cyber Security Research and Development  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-UpHeatMulti-Dimensional Subject: Guidance for Fast-Track CooperativeGAOa GAOthe Chairman,

335

Using Operational Security (OPSEC) to Support a Cyber Security Culture in  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists' Research Petroleum ReserveDepartment ofEnergy,PotomacGenerators PowerControl Systems

336

Security Policy  

Broader source: Energy.gov [DOE]

The Office of Security Policy analyzes, develops and interprets safeguards and security policy governing national security functions and the protection of related critical assets entrusted to the...

337

Attack Detection and Identification in Cyber-Physical Systems  

E-Print Network [OSTI]

Attack Detection and Identification in Cyber-Physical Systems Fabio Pasqualetti, Florian D¨orfler, Florian D¨orfler, and Francesco Bullo are with the Center for Control, Dynamical Systems and Computation, University of California at Santa Barbara, {fabiopas,dorfler,bullo}@engineering.ucsb.edu. #12;appropriate

Bullo, Francesco

338

Cyber-Physical Energy Systems: Focus on Smart Buildings  

E-Print Network [OSTI]

of a deeply coupled system of energy usage, comfort and work derived. At a macroscale, buildings use approxi computers and laptops in offices and homes will exceed over 3x the energy use by all data centers combinedCyber-Physical Energy Systems: Focus on Smart Buildings Jan Kleissl Dept. of Mechanical

Gupta, Rajesh

339

Cyber-Vulnerability of Power Grid Monitoring and Control Systems  

E-Print Network [OSTI]

, a methodology is proposed for the evaluation of the impact of cyber attacks on the power grid-effect on the proposed method determines the likelihood of the consequence, which can be evaluated based on a substation networks can lead to undesirable switching operations executed by attackers, resulting in widespread power

Manimaran, Govindarasu

340

A Deception Framework for Survivability Against Next Generation Cyber Attacks  

E-Print Network [OSTI]

to the electronic business domain. According to the asymmetric warfare theory, attack- ers have the advantage- rity, survivability 1. Introduction This is the era of cyber-warfare and it is no longer limited to military domain. Knapp and Boulton [12] have reviewed information warfare literature from 1990 to mid-2005

Upadhyaya, Shambhu

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

sSCADA: Securing SCADA Infrastructure Communications Yongge Wang and Bei-Tseng Chu  

E-Print Network [OSTI]

sSCADA: Securing SCADA Infrastructure Communications Yongge Wang and Bei-Tseng Chu Dept. of SIS, UNC Charlotte, 9201 University City Blvd, Charlotte, NC 28223, August 5, 2004 Abstract Distributed, and wastewater industries. While control systems can be vulnerable to a variety of types of cyber attacks

342

Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu  

E-Print Network [OSTI]

Secure Systems Editor: S.W. Smith, sws@cs.dartmouth.edu side of the picture--the computers which we train students, young and old, to be effective cyber-citizens; and the media coverage or produce more effective tailors. S.W. SMITH Dartmouth College T oalargeextent,computingsystemsareu

Smith, Sean W.

343

Secure Communications in the Smart Grid Jeff Naruchitparames and Mehmet Hadi Gunes  

E-Print Network [OSTI]

Secure Communications in the Smart Grid Jeff Naruchitparames and Mehmet Hadi G¨unes¸ Department the smart grid by using smart meters as a gateway between intra- and inter-network communications if the communications infrastructure is insecure and vulnerable to cyber attacks. Currently, smart grid research focuses

Gunes, Mehmet Hadi

344

2011 Quality Council Annual Report  

Broader source: Energy.gov [DOE]

DEPARTMENT OF ENERGY QUALITY COUNCIL ANNUAL REPORT For Calendar Year 2011 Office of Health Safety and Security

345

Critical issues in process control system security : DHS spares project.  

SciTech Connect (OSTI)

The goals of this event are: (1) Discuss the next-generation issues and emerging risks in cyber security for control systems; (2) Review and discuss common control system architectures; (3) Discuss the role of policy, standards, and supply chain issues; (4) Interact to determine the most pertinent risks and most critical areas of the architecture; and (5) Merge feedback from Control System Managers, Engineers, IT, and Auditors.

Hernandez, Jacquelynne; McIntyre, Annie; Henrie, Morgan

2010-10-01T23:59:59.000Z

346

Breaking into a computer : attack techniques and tools used by cyber-criminals  

SciTech Connect (OSTI)

Oral presentation in English, slides in English. We will show you how and why cyber-criminals attack your computers: their motives, methods and tools.

None

2010-06-24T23:59:59.000Z

347

Breaking into a computer : attack techniques and tools used by cyber-criminals  

ScienceCinema (OSTI)

Oral presentation in English, slides in English. We will show you how and why cyber-criminals attack your computers: their motives, methods and tools.

None

2011-10-06T23:59:59.000Z

348

Computationally Efficient Neural Network Intrusion Security Awareness  

SciTech Connect (OSTI)

An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

Todd Vollmer; Milos Manic

2009-08-01T23:59:59.000Z

349

Modern Quantum Technologies of Information Security  

E-Print Network [OSTI]

In the paper systematization and classification of modern quantum technologies of the information security against cyber-terrorist attack are carried out. The characteristic of the basic directions of quantum cryptography from the viewpoint of used quantum technologies is given. The qualitative analysis of advantages and disadvantages of concrete quantum protocols is made. The current status of a problem of practical quantum cryptography using in telecommunication networks is considered. In particular, the short review of existing commercial systems of quantum key distribution is given.

Korchenko, Oleksandr; Gnatyuk, Sergiy

2010-01-01T23:59:59.000Z

350

Defense on the Move: Ant-Based Cyber Defense  

SciTech Connect (OSTI)

Many common cyber defenses (like firewalls and IDS) are as static as trench warfare allowing the attacker freedom to probe them at will. The concept of Moving Target Defense (MTD) adds dynamism to the defender side, but puts the systems to be defended themselves in motion, potentially at great cost to the defender. An alternative approach is a mobile resilient defense that removes attackers’ ability to rely on prior experience without requiring motion in the protected infrastructure itself. The defensive technology absorbs most of the cost of motion, is resilient to attack, and is unpredictable to attackers. The Ant-Based Cyber Defense (ABCD) is a mobile resilient defense providing a set of roaming, bio-inspired, digital-ant agents working with stationary agents in a hierarchy headed by a human supervisor. The ABCD approach provides a resilient, extensible, and flexible defense that can scale to large, multi-enterprise infrastructures like the smart electric grid.

Fink, Glenn A.; Haack, Jereme N.; McKinnon, Archibald D.; Fulp, Errin W.

2014-04-15T23:59:59.000Z

351

Microsoft Word - OE Cyber Release 10 18 07.doc  

Broader source: Energy.gov (indexed) [DOE]

for security interoperability through the Lemnos Interoperable Security Program. * Siemens Corporate Research, Inc. of Princeton, NJ - selected for an award of up to 1.3...

352

A co-simulation framework for design of time-triggered automotive cyber physical systems  

E-Print Network [OSTI]

A co-simulation framework for design of time-triggered automotive cyber physical systems Zhenkai Automotive control system SystemC a b s t r a c t Designing cyber-physical systems (CPS) is challenging due to the tight interactions between software, network/platform, and physical components. Automotive control sys

Koutsoukos, Xenofon D.

353

Taming Uncertainties in Wireless Messaging for Automotive Cyber-Physical-Systems  

E-Print Network [OSTI]

Taming Uncertainties in Wireless Messaging for Automotive Cyber-Physical-Systems Hongwei Zhang Wireless networking for automotive CPS Today's vehicles are much more than a mechanical device, and complex to the scalability of vehicular communication system, which is a basic element of automotive cyber-physical systems

Rajkumar, Ragunathan "Raj"

354

National Center for Digital Government Reflections on The Fog of (Cyber)War  

E-Print Network [OSTI]

National Center for Digital Government Reflections on The Fog of (Cyber)War Diego. These assertions are: (a) Cyberspace is a new operational domain for waging war; (b) Cyber warfare can be as severe, it aims at reconnecting the idea of "fog of war" to its Clausewitzian roots, highlighting the importance

Schweik, Charles M.

355

Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack1  

E-Print Network [OSTI]

and SCADA systems such as: "Which is the most vulnerable device of our power substation under an attack to remote power substations and control centers comes with the added risk of cyber attack by hackers andModeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack

Krings, Axel W.

356

EL Program: Smart Grid Program Manager: David Wollman, Smart Grid and Cyber-Physical Systems  

E-Print Network [OSTI]

EL Program: Smart Grid Program Manager: David Wollman, Smart Grid and Cyber-Physical Systems Program Office, Associate Program Manager: Dean Prochaska, Smart Grid and Cyber- Physical Systems Program [updated August 23, 2013] Summary: This program develops and demonstrates smart grid measurement science

357

Towards a Framework for Cyber Attack Impact Analysis of the Electric Smart Grid  

E-Print Network [OSTI]

Towards a Framework for Cyber Attack Impact Analysis of the Electric Smart Grid Deepa Kundur analysis of a smart grid. We focus on the model synthesis stage in which both cyber and physical grid-effect relationships can be conveniently expressed for both analysis and extension to large-scale smart grid systems. I

Kundur, Deepa

358

Emergent Behavior in Cybersecurity Example 2: Program VerificationExample 1: Cyber Epidemics  

E-Print Network [OSTI]

Emergent Behavior in Cybersecurity Example 2: Program VerificationExample 1: Cyber Epidemics Informal Definition and Implication Abstract We argue that emergent behavior is inherent to cybersecurity). Scenario: Illustration of cyber epidemics model (which is a specific kind of Cybersecurity Dynamics model

Xu, Shouhuai

359

Establishing a process of irradiating small animal brain using a CyberKnife and a microCT scanner  

SciTech Connect (OSTI)

Purpose: Establish and validate a process of accurately irradiating small animals using the CyberKnife G4 System (version 8.5) with treatment plans designed to irradiate a hemisphere of a mouse brain based on microCT scanner images. Methods: These experiments consisted of four parts: (1) building a mouse phantom for intensity modulated radiotherapy (IMRT) quality assurance (QA), (2) proving usability of a microCT for treatment planning, (3) fabricating a small animal positioning system for use with the CyberKnife's image guided radiotherapy (IGRT) system, and (4)in vivo verification of targeting accuracy. A set of solid water mouse phantoms was designed and fabricated, with radiochromic films (RCF) positioned in selected planes to measure delivered doses. After down-sampling for treatment planning compatibility, a CT image set of a phantom was imported into the CyberKnife treatment planning system—MultiPlan (ver. 3.5.2). A 0.5 cm diameter sphere was contoured within the phantom to represent a hemispherical section of a mouse brain. A nude mouse was scanned in an alpha cradle using a microCT scanner (cone-beam, 157 × 149 pixels slices, 0.2 mm longitudinal slice thickness). Based on the results of our positional accuracy study, a planning treatment volume (PTV) was created. A stereotactic body mold of the mouse was “printed” using a 3D printer laying UV curable acrylic plastic. Printer instructions were based on exported contours of the mouse's skin. Positional reproducibility in the mold was checked by measuring ten CT scans. To verify accurate dose delivery in vivo, six mice were irradiated in the mold with a 4 mm target contour and a 2 mm PTV margin to 3 Gy and sacrificed within 20 min to avoid DNA repair. The brain was sliced and stained for analysis. Results: For the IMRT QA using a set of phantoms, the planned dose (6 Gy to the calculation point) was compared to the delivered dose measured via film and analyzed using Gamma analysis (3% and 3 mm). A passing rate of 99% was measured in areas of above 40% of the prescription dose. The final inverse treatment plan was comprised of 43 beams ranging from 5 to 12.5 mm in diameter (2.5 mm size increments are available up to 15 mm in diameter collimation). Using the Xsight Spine Tracking module, the CyberKnife system could not reliably identify and track the tiny mouse spine; however, the CyberKnife system could identify and track the fiducial markers on the 3D mold.In vivo positional accuracy analysis using the 3D mold generated a mean error of 1.41 mm ± 0.73 mm when fiducial markers were used for position tracking. Analysis of the dissected brain confirmed the ability to target the correct brain volume. Conclusions: With the use of a stereotactic body mold with fiducial markers, microCT imaging, and resolution down-sampling, the CyberKnife system can successfully perform small-animal radiotherapy studies.

Kim, Haksoo; Welford, Scott [Department of Radiation Oncology, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States)] [Department of Radiation Oncology, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States); Fabien, Jeffrey; Zheng, Yiran; Yuan, Jake; Brindle, James; Yao, Min; Lo, Simon; Wessels, Barry; Machtay, Mitchell; Sohn, Jason W., E-mail: jason.sohn@case.edu [Department of Radiation Oncology, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 and University Hospitals of Cleveland, 11100 Euclid Avenue, Cleveland, Ohio 44106 (United States); Sloan, Andrew [Department of Neurosurgery, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States)] [Department of Neurosurgery, School of Medicine, Case Western Reserve University, 10900 Euclid Avenue, Cleveland, Ohio 44106 (United States)

2014-02-15T23:59:59.000Z

360

Employee Concerns Reporting Form | National Nuclear Security...  

National Nuclear Security Administration (NNSA)

act requirements Nature of concern: * Safety Health EEO Human Resources Quality Security Environmental Workplace Violence FraudWasteAbuse Management Mismanagement Multiple...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

Towards a Standard for Highly Secure SCADA Systems  

SciTech Connect (OSTI)

The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied to automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.

Carlson, R.

1998-09-25T23:59:59.000Z

362

Measurable Control System Security through Ideal Driven Technical Metrics  

SciTech Connect (OSTI)

The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based on the two case studies and evaluation of the seven assessments, the security ideals demonstrated their value in guiding security thinking. Further, the final set of core technical metrics has been demonstrated to be both usable in the control system environment and provide significant coverage of standard security issues.

Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

2008-01-01T23:59:59.000Z

363

Researchers develop new search tool to help fight child porn, catch cyber  

E-Print Network [OSTI]

Researchers develop new search tool to help fight child porn, catch cyber thieves Canada Standard a comment... Post to Facebook 0 0 New #12;Researchers develop new search tool to help fight child porn

Fung, Benjamin C. M.

364

ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models  

E-Print Network [OSTI]

dynamics. In CPS, models are essential; but any model we could possibly build necessarily deviates from. In CPS, models are essential; but a cyber- physical systems (CPS) safe. Formal methods make strong guarantees about the system behavior

Platzer, André

365

Integrating Neuromuscular and Cyber Systems for Neural Control of Artificial Legs  

E-Print Network [OSTI]

and computer system is essential. This integration leads to a cyber- physical system (CPS), in which a complex (CPS) for neurally controlled artificial legs. The key to the new CPS system is the neural

Yang, Qing "Ken"

366

Synthesis of Distributed Execution Platforms for Cyber-Physical Systems with Applications to  

E-Print Network [OSTI]

of the behavior, such as time, that are essential to CPSs. For this reason, CPS designers are forced to extensive are just a few examples of Cyber-Physical Systems (CPS) [1], [2], [3], [4], [5], [6]. The characterizing

Carloni, Luca

367

Secure Information Exchange Gateway for Electric Grid Operations  

SciTech Connect (OSTI)

The major objectives of the SIEGate project were to improve the security posture and minimize the cyber-attack surface of electric utility control centers and to reduce the cost of maintaining control-room-to-control-room information exchange. Major project goals included the design, development, testing, and commercialization of a single security-hardened appliance that could meet industry needs for resisting cyber-attacks while protecting the confidentiality and integrity of a growing volume of real-time information needed to ensure the reliability of the bulk electric system and interoperating with existing data formats and networking technologies. The SIEGate project has achieved its goals and objectives. The SIEGate Design Document, issued in March 2012, presented SIEGate use cases, provided SIEGate requirements, established SIEGate design principles, and prescribed design functionality of SIEGate as well as the components that make up SIEGate. SIEGate Release Version 1.0 was posted in January 2014. Release Version 1.0.83, which was posted on March 28, 2014, fixed many issues discovered by early adopters and added several new features. Release Candidate 1.1, which added additional improvements and bug fixes, was posted in June 2014. SIEGate executables have been downloaded more than 300 times. SIEGate has been tested at PJM, Entergy, TVA, and Southern. Security testing and analysis of SIEGate has been conducted at PNNL and PJM. Alstom has provided a summary of recommended steps for commercialization of the SIEGate Appliance and identified two deployment models with immediate commercial application.

Robertson, F.; Carroll, J.; Sanders, William; Yardley, Timothy; Heine, Erich; Hadley, Mark; McKinnon, David; Motteler, Barbara; Giri, Jay; Walker, William; McCartha, Esrick

2014-09-30T23:59:59.000Z

368

Naval Nuclear Propulsion Plants | National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn Cyber Security NuclearNewNatural

369

Naval Nuclear Propulsion Plants | National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May JunDatastreamsmmcrcalgovInstrumentsrucLas Conchas recoveryLaboratory | NationalJohn Cyber Security NuclearNewNaturalOur Mission /

370

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

ESI to maintain any information for access control such as user id-ESI or the EMCS authenticates users using its own database of ID-

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

371

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

Power generation [KW] on a solar panel in summer andpole, a desk lamp, or a solar panel at home. Challenge:Electric Vehicle (EV) and solar panel to smart light and

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

372

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

technology and network optimization algorithms have been leveraged to analyze the time series of energy usage

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

373

Conformance Tool High Level Design Document: IEC 61850 Cyber Security Acceleration Project  

SciTech Connect (OSTI)

This document is the high level design document for the Pacific Northwest National Laboratory (PNNL) IEC 62351-3, 4 and 6 standards conformance test software toolkit.

Edgar, Thomas W.

2013-05-01T23:59:59.000Z

374

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

in more flexible ways as a “prosumer”. In the trading, realESI supports as a service prosumer. The other two examine

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

375

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

terms of the DR service. Energy Market - Power Trading. Withwholesale and/or retail energy market. He can choose to buyGeneration Microgrid Energy market Carbon Emission Market

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

376

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

C. Qiu, C. -C. Chu, and R. Gadh. Design of Fair ChargingQiu, C. -C. Chu, and R. Gadh. Design of Fast Response SmartK. Lee, R. Huang, P. Chu, R. Gadh, and M. Gerla. Enhancing

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

377

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

Energy Research Center (SMERC), who are always willing toand deployed by the UCLA SMERC research team. I thank Rui

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

378

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

energy curtailment of a service contract. The strategy mustenergy loads) of a service contract. The customer expectsCSP). That is, a service contract is made amongst three

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

379

Survey Paper Cyber security in the Smart Grid: Survey and challenges q  

E-Print Network [OSTI]

of energy resources, including traditional fossil fuel sources (e.g., coal, petroleum, and natural gas is expected to greatly enhance efficiency and reliability of future power systems with renewable energy not been keeping pace with the industrial and social advance- ments that drastically increase the demand

Wang, Wenye

380

The strategic implications of the current Internet design for cyber security  

E-Print Network [OSTI]

In the last two decades, the Internet system has evolved from a collection point of a few networks to a worldwide interconnection of millions of networks and users who connect to transact virtually all kinds of business. ...

Iheagwara, Charles M

2011-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

Two-Tier Hierarchical Cyber-Physical Security Analysis Framework For Smart Grid  

E-Print Network [OSTI]

a scenario in which active control is computed using local and distributed PMU data and employs short

Kundur, Deepa

382

Assuring the Safety, Security, and Reliability of Medical-Device Cyber-  

E-Print Network [OSTI]

· Difibtech external defibrillators (2007) ­ Self-test resets low-battery status · Baxter's Colleague Infusion of adverse events associated with the use of infusion pumps - 1% deaths, 34% serious injuries - 87 infusion and Radiological Health. White Paper: Infusion Pump Improvement Initiative, April 2010 Infusion Pump Safety #12

Hu, Fei

383

Follow-up Audit of the Department's Cyber Security Incident Management Program, IG-0878  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-UpHeat PumpRecordFederal7.pdfFlash_2010_-24.pdfOverview Flow CellsOREGONFocuson

384

Obama's Call for Public-Private Cyber Security Collaboration Reflected in  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of EnergyEnergyENERGY TAXBalanced ScorecardReactor TechnologyOFFICE: I Oak Ridge,8 8 8 ,DOE's Priorities |

385

21 Steps to Improve Cyber Security of SCADA Networks | Department of Energy  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustionImprovement3 Beryllium-Associated Worker2014 HouseCoveredAirDepartment ofof04of50Establish1

386

ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustionImprovement3 Beryllium-Associated Worker2014DepartmentI325 8 (8-89) EFGDepartment of

387

Report of the Cyber Security Research Needs for Open Science Workshop |  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power.pdf11-161-LNG |September 15,2015 |RebeccaRegionalReliabilityRenewableDepartment of

388

Management of Los Alamos National Laboratory's Cyber Security Program, IG-0880  

Energy Savers [EERE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Office of Inspector General Office0-72.pdfGeorgeDoesn't HappenLow-Cost ProductionManagement ControlsVHTRManagement

389

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2011, OAS-M-12-01  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of EnergyThe Energy Department Feeds Families ThePNNL-23318 The1Evaluation

390

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2012, OAS-L-13-01  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of EnergyThe Energy Department Feeds Families ThePNNL-23318

391

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program Â… 2013  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of EnergyThe Energy Department Feeds Families ThePNNL-23318Evaluation

392

Cyber Security Audit and Attack Detection Toolkit: National SCADA Test Bed  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart GridThird QuarterintoCurrent TestMay 2008 | Department of

393

Cyber Security Procurement Language for Control Systems Version 1.8 |  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartmentSmart GridThird QuarterintoCurrent TestMay 2008 | Department

394

Cyber Security for Power Grids Frank Mueller, Subhashish Bhattacharya, Christopher Zimmer  

E-Print Network [OSTI]

" that exploit renewable energy sources are emerging. As such distributed power generation requires networked: distributed power generation (DG) from renewable energy sources, power electronics-based control devices-7534 Abstract Power grids worldwide are undergoing a revolutionary transition as so-called "smart grids

Mueller, Frank

395

Delegation Order No. 003.03-02 Delegation of Authority - Cyber Security -  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth7-1D: Vegetation Proposed Newcatalyst phasesData Files Data Files 1B&W Y-12studiesDOE Directives,

396

Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-UpHeatMulti-Dimensionalthe10 DOEWashington,LM-04-XXXXLocatedMakes A09

397

Cyber Security Summer School: Lessons for the Modern Grid | Department of  

Broader source: Energy.gov (indexed) [DOE]

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarly Career Scientists'Montana. DOCUMENTS AVAILABLEReport 2009Site | DepartmentOfficeEnergy Carol Hawk

398

Implementation of a Cyber Secure Control System, Critical Elements, Requirements and Controls  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-UpHeatMulti-Dimensionalthe U.S. Department-2023 Idaho4FuelImplementationto:Major

399

Interoperable and Secure Communication for Cyber Physical Systems in the Energy Grid  

E-Print Network [OSTI]

Loads for Demand Response within Buildings. In ACM BuildSys,Demand Response (ADR) service contract with the buildingbuilding owner participate in an automated demand response

Lee, Eun Kyu

2014-01-01T23:59:59.000Z

400

Transportation Security  

Broader source: Energy.gov (indexed) [DOE]

Preliminary Draft - For Review Only 1 Transportation Security Draft Annotated Bibliography Review July 2007 Preliminary Draft - For Review Only 2 Work Plan Task * TEC STG Work...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

Security Specialist  

Broader source: Energy.gov [DOE]

A successful candidate in this position will serve as a Security Specialist with responsibility as the performance monitor for protective force operations conducts line management oversight of the...

402

Global security  

ScienceCinema (OSTI)

Patrick Lynch helps technical staff, academic leaders and governments around the world improve the safety and security of their nuclear power programs.

Lynch, Patrick

2014-07-15T23:59:59.000Z

403

Global security  

SciTech Connect (OSTI)

Patrick Lynch helps technical staff, academic leaders and governments around the world improve the safety and security of their nuclear power programs.

Lynch, Patrick

2014-07-14T23:59:59.000Z

404

Secure Control Systems for the Energy Sector  

SciTech Connect (OSTI)

Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

Smith, Rhett; Campbell, Jack; Hadley, Mark

2012-03-31T23:59:59.000Z

405

Secure Data Transfer Guidance for Industrial Control and SCADA Systems  

SciTech Connect (OSTI)

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

2011-09-01T23:59:59.000Z

406

The 2011 Military Communications Conference -Track 3 -Cyber Security and Network Operations From Security to Vulnerability: Data Authentication  

E-Print Network [OSTI]

in Substation Automation Systems (SAS). To this end, we establish a small-scale SAS prototype with commonly, an upgrade of in formation technologies is essential from out-of-date serial communication technologies [2

Wang, Wenye

407

Transportation Perspectives on Automotive Cyber Physical System: Integrating Hardware-in-the-Loop, Software-in-the-Loop and Human-in-the-Loop Simulations  

E-Print Network [OSTI]

1 Transportation Perspectives on Automotive Cyber Physical System: Integrating Hardware and development environment to evaluate automotive cyber physical system (CPS) as well as its components foundation of the automotive CPS for developing and testing vehicular networking and sensing technologies

Rajkumar, Ragunathan "Raj"

408

Convergence for the Smart Grid -On the technology opportunities for Future Cyber-Physical Energy Systems, invited paper at New Research Directions for Future Cyber-Physical Energy  

E-Print Network [OSTI]

Convergence for the Smart Grid - On the technology opportunities for Future Cyber-Physical Energy Angeles, CA. 90095 http://winmec.ucla.edu Email:smartgrid@winmec.ucla.edu Convergence for the Smart Grid into what the Future / Smart Electric Grid should look like. For example the DOE has a vision for the Modern

California at Los Angeles, University of

409

Presentation to the Control Systems Security Outreach Coordination Meeting  

E-Print Network [OSTI]

CIEGE- Learners construct and defend a cyber network in online game. SAST Systems Administrator Simulation Trainer

410

A Case Study on the Model-Based Design and Integration of Automotive Cyber-Physical Systems  

E-Print Network [OSTI]

A Case Study on the Model-Based Design and Integration of Automotive Cyber-Physical Systems Di--Cyber-physical systems (CPS), such as automotive systems, are very difficult to design due to the tight interactions of an integrated automotive control system. The system is composed of two independently designed controllers

Koutsoukos, Xenofon D.

411

Automotive Cyber Physical Systems in the Context of Human Mobility Daniel Work, Alexandre Bayen, and Quinn Jacobson  

E-Print Network [OSTI]

Automotive Cyber Physical Systems in the Context of Human Mobility Daniel Work, Alexandre Bayen with other technologies. In the larger context of human mobility, the automotive CPS must become more open in the surrounding physical environment. II. FUNDAMENTAL LIMITATIONS OF THE EXISTING AUTOMOTIVE CYBER PHYSICAL SYSTEM

412

CS3600 Lab Manual CyberCIEGE is an information assurance (IA) training tool that illustrates computer and  

E-Print Network [OSTI]

CS3600 Lab Manual Lab SSL CyberCIEGE is an information assurance (IA) training tool. The CyberCIEGE SSL scenario illustrates the use of SSL to authenticate the identity of web servers. This scenario explores the following concepts: · SSL is a means of authenticating a server (e.g., a web server

413

Security Conditions  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Notice ensures that DOE uniformly meets the requirements of the Homeland Security Advisory System outlined in Homeland Security Presidential Directive-3, Threat Conditions and Associated Protective Measures, dated 3-11-02, and provides responses specified in Presidential Decision Directive 39, U.S. Policy on Counterterrorism (U), dated 6-21-95. It cancels DOE N 473.8, Security Conditions, dated 8-7-02. Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels DOE N 473.8

2004-07-08T23:59:59.000Z

414

Security In Information Systems  

E-Print Network [OSTI]

rights, and they are proposing security policies, security planning, personal data protection laws, etc

Candan, Selçuk

415

US public perspectives on security :  

SciTech Connect (OSTI)

We report findings from a national Internet survey and a subset of questions administered by telephone in mid-2011 on public assessments of contemporary and emerging interstate nuclear threats, support for strategic arms control, and preferences for responding to limited nuclear attacks on the United States. Additionally, we analyze public views of the threat of terrorism, including cyber attacks, assessments of progress in the struggle against terrorism, and preferences for responding to an act of radiological terrorism against the United States. Also, we report findings from an Internet survey and a subset of questions administered by telephone among the American public in mid-2011 on US energy and environmental security. Key areas of investigation include public views on energy requirements, preferences for energy sources, energy conservation versus development, energy independence, implications of events at Fukushima, Japan, for US public support of nuclear generation, preferences for managing used nuclear fuel, and trust in nuclear risk assessments from government and other public sources. Where possible, findings from each survey are compared with previous surveys in this series for analyses of trends.

Herron, Kerry Gale; Jenkins-Smith, Hank C.; Silva, Carol L.

2012-02-01T23:59:59.000Z

416

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The manual establishes the overall objectives and requirements for the Department of Energy Personnel Security Program. Cancels DOE M 472.1-1B. Canceled by DOE O 472.2.

2005-08-26T23:59:59.000Z

417

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The protection and control of classified information is critical to our nation’s security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D.

2011-06-20T23:59:59.000Z

418

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Order establishes requirements for a successful, efficient and cost-effective personnel security program to ensure accurate, timely and equitable determinations of individuals’ eligibility for access to classified information and fitness for placement or retention in national security positions. Cancels DOE M 470.4-5, DOE N 470.4 and DOE N 470.5. Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

419

Transportation Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Transportation Security SHARE Global Threat Reduction Initiative Transportation Security Cooperation Secure Transport Operations (STOP) Box Security of radioactive material while...

420

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The protection and control of classified information is critical to our nation’s security. This Order establishes requirements and responsibilities for Department of Energy (DOE) Departmental Elements, including the National Nuclear Security Administration (NNSA), to protect and control classified information as required by statutes, regulation, Executive Orders, government-wide policy directives and guidelines, and DOE policy and directives. Cancels DOE M 470.4-4A Chg except for Section D. Admin Chg 1, dated 11-23-2012, cancels DOE O 471.6.

2011-06-20T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Attachment E, Technical Surveillance Countermeasures Program, is for Official Use Only. Contact the Office of Security and Safety Performance Assurance at 301-903-3653 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A.

2005-08-26T23:59:59.000Z

422

Information Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or Department of Energy directives. Section E, Technical Surveillance Countermeasures Program, is Official Use Only. Please contact the DOE Office of Health, Safety and Security at 301-903-0292 if your official duties require you to have access to this part of the directive. Cancels: DOE M 471.2-1B, DOE M 471.2-1C, DOE M 471.2-4, and DOE O 471.2A

2007-06-29T23:59:59.000Z

423

Reliability Modeling of Cyber-Physical Electric Power Systems: A System-Theoretic Framework  

E-Print Network [OSTI]

1 Reliability Modeling of Cyber-Physical Electric Power Systems: A System-Theoretic Framework systematic reliability analysis tools to address planning and operation challenges of future electric power and the introduction of new sources of uncertainty in systems already inherently complex. Current reliability analysis

Liberzon, Daniel

424

Verifiable Active Safety for Automotive Cyber-Physical Systems with Humans in the Loop  

E-Print Network [OSTI]

Verifiable Active Safety for Automotive Cyber-Physical Systems with Humans in the Loop Francesco-6925 A recent trend in the automotive industry is the rapid inclusion of electronics, computers and controls that focus entirely on improved functionality and overall system robustness. This makes the automotive sector

Rajkumar, Ragunathan "Raj"

425

Improved Power Grid Stability and Efficiency with a Building-Energy Cyber-Physical System  

E-Print Network [OSTI]

, or for sporadic reasons, for example a power plant goes offline unexpectedly (e.g., due to an earthquake or stagnant winds to propel wind turbines). Dur- ing an episode, the power grid operators must contend1 Improved Power Grid Stability and Efficiency with a Building-Energy Cyber-Physical System Mary

426

Gaussian Process Learning for Cyber-Attack Early Warning Jian Zhang1  

E-Print Network [OSTI]

Gaussian Process Learning for Cyber-Attack Early Warning Jian Zhang1 , Phillip Porras1 , Johannes- gressive attack sources, as such information can help to proactively defend their networks. For this pur of attacks observed by others. However, the total number of reported attackers is huge in these systems. Thus

Zhang, Jian

427

EVALUATING THREAT ASSESSMENT FOR MULTI-STAGE CYBER ATTACKS Shanchieh Jay Yang  

E-Print Network [OSTI]

attacks has become a critical issue, yet different from that of traditional physical attacks. Current behavior, hacking methods, and network vulnerabilities. This is different from traditional physical attacks by traditional physical attacks. The question then is how good a cyber threat assessment algorithm one should

Jay Yang, Shanchieh

428

An Abrupt Change Detection Heuristic with Applications to Cyber Data Attacks on Power Systems  

E-Print Network [OSTI]

hardware and software components such as smart meters, Phasor Measurement Units (PMUs), intelligent Borhan dynamics have been traditionally considered as a result of meter aging and malfunctioning, electrical of a designated cyber data attack to the system. In particular, with the emergence of smart grids and its smart

Sanandaji, Borhan M.

429

Fidelity-Aware Utilization Control for Cyber-Physical Surveillance Systems Jinzhu Chen1  

E-Print Network [OSTI]

environments. 1 Introduction Cyber-Physical System (CPS) is a new class of embed- ded systems that tightly fundamental requirement as many compu- tational tasks in a CPS must complete within tight deadlines in order computer for high-fidelity ob- ject detection and recognition. Both fidelity and timeliness are essential

430

MAR-CPS: Measurable Augmented Reality for Prototyping Cyber-Physical Systems  

E-Print Network [OSTI]

MAR-CPS: Measurable Augmented Reality for Prototyping Cyber-Physical Systems Shayegan Omidshafiei in CPSs, hardware-in-the-loop experiments are an essential step for transitioning from simulations to real in the Aerospace Controls Laboratory at the Massachusetts Institute of Technology. This system, referred to as MAR-CPS

Reif, Rafael

431

Security Conditions  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

To ensure that DOE uniformly meets the protection requirements specified in Presidential Decision Directive 39, "U.S. Policy on Counterterrorism (U)." Attachment 2 is no longer available online. Please e-mail your request for the Attachment to: Security.Directives@hq.doe.gov. DOE N 251.44, dated 05/06/02, extends this directive until 12/31/02.

2000-09-18T23:59:59.000Z

432

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individuals’ eligibility for access to classified information and Special Nuclear Material (SNM). Admin Chg 1, 10-8-13.

2011-07-27T23:59:59.000Z

433

SECURITY HANDBOOK 2 UH IT SECURITY HANDBOOK  

E-Print Network [OSTI]

Administration · 2-Factor Authentication Administration for PCI compliance · Web Site Security Scanning, please contact security@uh.edu. · Web Site Security Scanning · 2-Factor Authentication Administration

Azevedo, Ricardo

434

Microgrids and Heterogeneous Power Quality and Reliability  

E-Print Network [OSTI]

high security, quality, reliability, and availability”, IEEELave, and Marija Ilic: “Creating Reliability Choice: HowBuilding Less Reliability into Electric Power Grids Could

Marnay, Chris

2008-01-01T23:59:59.000Z

435

An integrated security framework for GOSS power grid analytics platform  

SciTech Connect (OSTI)

In power grid operations, security is an essential component for any middleware platform. Security protects data against unwanted access as well as cyber attacks. GridOpticsTM Software System (GOSS) is an open source power grid analytics platform that facilitates ease of access between applications and data sources and promotes development of advanced analytical applications. GOSS contains an API that abstracts many of the difficulties in connecting to various heterogeneous data sources. A number of applications and data sources have already been implemented to demonstrate functionality and ease of use. A security framework has been implemented which leverages widely accepted, robust JavaTM security tools in a way such that they can be interchanged as needed. This framework supports the complex fine-grained, access control rules identified for the diverse data sources already in GOSS. Performance and reliability are also important considerations in any power grid architecture. An evaluation is done to determine the overhead cost caused by security within GOSS and ensure minimal impact to performance.

Gibson, Tara D.; Ciraci, Selim; Sharma, Poorva; Allwardt, Craig H.; Rice, Mark J.; Akyol, Bora A.

2014-06-23T23:59:59.000Z

436

NISTIR 7916 Proceedings of the Cybersecurity in Cyber-  

E-Print Network [OSTI]

statutory responsibilities under the Federal Information Security Management Act (FISMA), Public Law (P wish to closely follow the development of these new publications by NIST. Organizations are encouraged.S. economy and public welfare by providing technical leadership for the Nation's measurement and standards

437

CS3600 Lab Manual Lab 1. CyberCIEGE Introduction  

E-Print Network [OSTI]

's desks · Connecting workstations to an existing LAN · Hiring support staff to help manage the information a series of birds-eye views. This will help when you buy computers and need to place them on desks. · When) training tool that illustrates computer and network security principles through simulation and resource

438

National Nuclear Security Administration  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

FROM: SUBJECT: USIUK Memorandum of Understanding between National Nuclear Security Administration's (NNSA) Associate Administrator for Defense Nuclear Security (AADNS)...

439

Direct Plan Comparison of RapidArc and CyberKnife for Spine Stereotactic Body Radiation Therapy  

E-Print Network [OSTI]

We compared the treatment planning performance of RapidArc (RA) vs. CyberKnife (CK) for spinal stereotactic body radiation therapy (SBRT). Ten patients with spinal lesions who had been treated with CK were re-planned with RA, which consisted of two complete arcs. Computed tomography (CT) and volumetric dose data of CK, generated using the Multiplan (Accuray) treatment planning system (TPS) and the Ray-Trace algorithm, were imported to Varian Eclipse TPS in Dicom format, and the data were compared with the RA plan using analytical anisotropic algorithm (AAA) dose calculation. The optimized dose priorities for both CK and RA plans were similar for all patients. The highest priority was to provide enough dose coverage to the planned target volume (PTV) while limiting the maximum dose to the spinal cord. Plan quality was evaluated with respect to PTV coverage, conformity index (CI), high-dose spillage, intermediate-dose spillage (R50% and D2cm), and maximum dose to the spinal cord, which are criteria recommended ...

Choi, Young Eun; Song, Si Yeol; Choi, Eun Kyung; Ahn, Seung Do; Cho, Byungchul

2015-01-01T23:59:59.000Z

440

Security seal  

DOE Patents [OSTI]

Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to "fingerprints" are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

Gobeli, Garth W. (Albuquerque, NM)

1985-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

Towards A Theory of Autonomous Reconstitution of Compromised Cyber-Systems  

SciTech Connect (OSTI)

The ability to maintain mission-critical operations in cyber-systems in the face of disruptions is critical. Faults in cyber systems can come from accidental sources (e.g., natural failure of a component) or deliberate sources (e.g., an intelligent adversary). Natural and intentional manipulation of data, computing, or coordination are the most impactful ways that an attacker can prevent an infrastructure from realizing its mission goals. Under these conditions, the ability to reconstitute critical infrastructure becomes important. Specifically, the question is: Given an intelligent adversary, how can cyber systems respond to keep critical infrastructure operational? In cyber systems, the distributed nature of the system poses serious difficulties in maintaining operations, in part due to the fact that a centralized command and control apparatus is unlikely to provide a robust framework for resilience. Resilience in cyber-systems, in general, has several components, and requires the ability to anticipate and withstand attacks or faults, as well as recover from faults and evolve the system to improve future resilience. The recovery effort (and any subsequent evolution) may require significant reconfiguration of the system (at all levels – hardware, software, services, permissions, etc.) if the system is to be made resilient to further attack or faults. This is especially important in the case of ongoing attacks, where reconfiguration decisions must be taken with care to avoid further compromising the system while maintaining continuity of operations. Collectively, we will label this recovery and evolution process as “reconstitution”. Currently, reconstitution is performed manually, generally after-the-fact, and usually consists of either standing up redundant systems, check-points (rolling back the configuration to a “clean” state), or re-creating the system using “gold-standard” copies. For enterprise systems, such reconstitution may be performed either directly on hardware, or using virtual machines. A significant challenge within this context is the ability to verify that the reconstitution is performed in a manner that renders the cyber-system resilient to ongoing and future attacks or faults. Fundamentally, the need is to determine optimal configuration of the cyber system when a fault is determined to be present. While existing theories for fault tolerance (for example, Byzantine fault tolerance) can guarantee resilience under certain conditions, in practice, these theories can break down in the face of an intelligent adversary. Further, it is difficult, in a dynamically evolving environment, to determine whether the necessary conditions for resilience have been met, resulting in difficulties in achieving resilient operation. In addition, existing theories do not sufficiently take into account the cost for attack and defense (the adversary is generally assumed to have infinite resources and time), hierarchy of importance (all network resources are assumed to be equally important), and the dynamic nature of some attacks (i.e., as the attack evolves, can resilience be maintained?). Alternative approaches to resilience based on a centralized command and control structure suffer from a single-point-failure. This paper presents preliminary research towards concepts for effective autonomous reconstitution of compromised cyber systems. We describe a mathematical framework as a first step towards a theoretical basis for autonomous reconstitution in dynamic cyber-system environments. We then propose formulating autonomous reconstitution as an optimization problem and describe some of the challenges associated with this formulation. This is followed by a brief discussion on potential solutions to these challenges.

Ramuhalli, Pradeep; Halappanavar, Mahantesh; Coble, Jamie B.; Dixit, Mukul

2013-11-12T23:59:59.000Z

442

Autonomic Intelligent Cyber Sensor to Support Industrial Control Network Awareness  

SciTech Connect (OSTI)

The proliferation of digital devices in a networked industrial ecosystem, along with an exponential growth in complexity and scope, has resulted in elevated security concerns and management complexity issues. This paper describes a novel architecture utilizing concepts of Autonomic computing and a SOAP based IF-MAP external communication layer to create a network security sensor. This approach simplifies integration of legacy software and supports a secure, scalable, self-managed framework. The contribution of this paper is two-fold: 1) A flexible two level communication layer based on Autonomic computing and Service Oriented Architecture is detailed and 2) Three complementary modules that dynamically reconfigure in response to a changing environment are presented. One module utilizes clustering and fuzzy logic to monitor traffic for abnormal behavior. Another module passively monitors network traffic and deploys deceptive virtual network hosts. These components of the sensor system were implemented in C++ and PERL and utilize a common internal D-Bus communication mechanism. A proof of concept prototype was deployed on a mixed-use test network showing the possible real world applicability. In testing, 45 of the 46 network attached devices were recognized and 10 of the 12 emulated devices were created with specific Operating System and port configurations. Additionally the anomaly detection algorithm achieved a 99.9% recognition rate. All output from the modules were correctly distributed using the common communication structure.

Todd Vollmer; Milos Manic; Ondrej Linda

2013-06-01T23:59:59.000Z

443

Studies in Power Quality Success  

E-Print Network [OSTI]

the immediate problem, but provides little security in overall system reliability. However, a systematic approach to understanding the susceptibility of equipment, the current level of power quality and the types of corrective or mitigation measures available...

Laan, B. A.

444

Personnel Security  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The order establishes requirements that will enable DOE to operate a successful, efficient, cost-effective personnel security program that will ensure accurate, timely and equitable determinations of individuals’ eligibility for access to classified information and Special Nuclear Material (SNM). This limited revision will ensure that individuals holding dual citizenship receive proper consideration from a counterintelligence perspective prior to being granted access to classified matter or Special Nuclear Material. Pg Chg 1, 7-9-14 cancels DOE O 472.2 Admin Chg 1.

2011-07-21T23:59:59.000Z

445

Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

The Notice establishes DOE policy requirements and responsibilities for remote connections to DOE and contractor information technology systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, to protect DOE information and information technology systems commensurate with the risk and magnitude of harm that could result from their unauthorized access, use, disclosure, modification or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06. No cancellations.

2004-02-19T23:59:59.000Z

446

Collaborative Utility Task Force Partners with DOE to Develop Cyber  

Office of Environmental Management (EM)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "of Energy Power Systems EngineeringDepartment of4CenterPointChristinaClayCoal to Liquids »CogentrixSecurity

447

Sandia National Laboratories: Sandia Cyber Engineering Research Laboratory  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 -theErik SpoerkeSolarCybernetics:2PIntroduction of Prof. DavidfacilityAtomic(CERL)

448

Transmission and Distribution World March 2007: DOE Focuses on Cyber  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious Rank EERE:YearRound-Up from theDepartment of EnergyThe SunMelissa Howell | DepartmentSecurity |

449

Sandia National Laboratories: Cyber-Based Vulnerability Assessments  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administration the1 -the Mid-Infrared0EnergySandia Involves Wind-FarmCool EarthSafety

450

Cyber-Physical Attacks in Power Networks: Models, Fundamental Limitations and Monitor Design  

E-Print Network [OSTI]

Future power networks will be characterized by safe and reliable functionality against physical malfunctions and cyber attacks. This paper proposes a unified framework and advanced monitoring procedures to detect and identify network components malfunction or measurements corruption caused by an omniscient adversary. We model a power system under cyber-physical attack as a linear time-invariant descriptor system with unknown inputs. Our attack model generalizes the prototypical stealth, (dynamic) false-data injection and replay attacks. We characterize the fundamental limitations of both static and dynamic procedures for attack detection and identification. Additionally, we design provably-correct (dynamic) detection and identification procedures based on tools from geometric control theory. Finally, we illustrate the effectiveness of our method through a comparison with existing (static) detection algorithms, and through a numerical study.

Pasqualetti, Fabio; Bullo, Francesco

2011-01-01T23:59:59.000Z

451

Machine Learning for Power System Disturbance and Cyber-attack Discrimination  

SciTech Connect (OSTI)

Power system disturbances are inherently complex and can be attributed to a wide range of sources, including both natural and man-made events. Currently, the power system operators are heavily relied on to make decisions regarding the causes of experienced disturbances and the appropriate course of action as a response. In the case of cyber-attacks against a power system, human judgment is less certain since there is an overt attempt to disguise the attack and deceive the operators as to the true state of the system. To enable the human decision maker, we explore the viability of machine learning as a means for discriminating types of power system disturbances, and focus specifically on detecting cyber-attacks where deception is a core tenet of the event. We evaluate various machine learning methods as disturbance discriminators and discuss the practical implications for deploying machine learning systems as an enhancement to existing power system architectures.

Borges, Raymond Charles [ORNL; Beaver, Justin M [ORNL; Buckner, Mark A [ORNL; Morris, Thomas [Mississippi State University (MSU); Adhikari, Uttam [ORNL; Pan, Shengyi [Mississippi State University (MSU)

2014-01-01T23:59:59.000Z

452

Border Security | ornl.gov  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Border Security SHARE Border Security Testing of unmanned aerial surveillance equipment. ORNL performs border security research at the Security Sciences Field Laboratory (SSFL),...

453

Bullying and Cyber-Bullying in Higher Education: Current Institutional Practice and Prevention  

E-Print Network [OSTI]

. (2010) believes bullying, especially cyber-bullying, is a real 21st century concern and that it must be addressed by those in power. 8 Chapter 2 Bullying of all forms continues to plague the educational system, with no clear methods... report that bullying exists in their schools and it largely through electronic means. Students believe they are anonymous through electronic means and now feel an aura of power and a willingness to say something they would never say in person...

Early, Jeremy Scott

2014-05-31T23:59:59.000Z

454

D2Cyber: A Design Automation Tool for Dependable Cybercars  

E-Print Network [OSTI]

/or hydraulic systems. The use of electronic controllers in automotive systems has not only improved performance analysis of automotive systems considering electronics quality grade, cost, and temperature has not been incorporate electronic control units (ECUs) to implement various safety-critical functions such as x

455

Designing security into software  

E-Print Network [OSTI]

When people talk about software security, they usually refer to security applications such as antivirus software, firewalls and intrusion detection systems. There is little emphasis on the security in the software itself. ...

Zhang, Chang Tony

2006-01-01T23:59:59.000Z

456

Security guide for subcontractors  

SciTech Connect (OSTI)

This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.

Adams, R.C.

1991-01-01T23:59:59.000Z

457

Performance and Quality Assurance | National Nuclear Security  

National Nuclear Security Administration (NNSA)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr May Jun Jul(Summary) "ofEarlyEnergyDepartment ofDepartment ofofOxfordVeteransAdministration MayLifeOverviewpaperEvaluations

458

E-Print Network 3.0 - achieving sustainable quality Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

September-November 2006 Quality Systems Project Development and implementation of the ISO 9001... :2000 Quality Manual for the process of social security card emission process....

459

Personnel Security Activities  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

Establishes objectives, requirements and responsibilities for the Personnel Security Program and Personnel Security Assurance Program. Cancels DOE O 472.1B

2003-03-25T23:59:59.000Z

460

Global Nuclear Security  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Global Nuclear Security Both DOE and the National Nuclear Security Administration are working to reduce the risk of nuclear proliferation and provide technologies to improve...

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Office of Quality Management  

Broader source: Energy.gov [DOE]

The Office of Quality Management develops and interprets Government-wide policies and procedures and conducts training to ensure the accurate identification of information and documents that must be classified or controlled under statute or Executive order to protect the national security and controlled unclassified Official Use Only information for the effective operation of the Government.

462

Security guide for subcontractors  

SciTech Connect (OSTI)

This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

Adams, R.C.

1993-06-01T23:59:59.000Z

463

Tools and Methods for Hardening Communication Security of Energy Delivery Systems  

SciTech Connect (OSTI)

This document summarizes the research and development work the TT Government Solutions (TTGS), d.b.a. Applied Communication Sciences (ACS), team performed for the Department of Energy Cybersecurity for Energy Delivery Systems (CEDS) program. It addresses the challenges in protecting critical grid control and data communication, including the identification of vulnerabilities and deficiencies of communication protocols commonly used in energy delivery systems (e.g., ICCP, DNP3, C37.118, C12.22), as well as the development of effective means to detect and prevent the exploitation of such vulnerabilities and deficiencies. The team consists of • TT Government Solutions (TTGS), a leading provider of communications solutions that has extensive experience in commercializing communications solutions. TTGS also has deep cyber security research and development expertise supporting a variety of customers. • University of Illinois at Urbana-Champaign (UIUC), a leader in the cyber security research for the power grid. UIUC brings unique experience in designing secure communication protocols to this project. • Electric Power Research Institute (EPRI), an independent nonprofit that conducts research and development relating to the generation, delivery and use of electricity for the benefit of the public. EPRI brings to this effort its extensive technical expertise and its utility connections, with members representing more than 90 percent of the electricity generated and delivered in the United States. • DTE Energy, the 10th largest electric utility in the US, which helps ensure that this project focuses on the needs of utilities and is rightly positioned to address the needs of the market place. We designed, developed, and demonstrated a modular and extensible ADEC-G (Agent-based, Distributed, Extensible Cybersecurity for the Grid) system for monitoring/detecting abnormal energy delivery systems (EDS) protocol usage and ensuring security coverage. Our approach consists of i. An online system with stateful model based checkers (SMBCs) that helps utilities monitor EDS protocol communication contexts and flag abnormal session behaviors; ii. An offline framework that security tool developers, operators, and auditors can use to verify security properties (leverages formal methods). The modular design of the ADEC-G online system enables its easy extension to cover added protocol features, to introduce new monitoring capabilities, and to apply to additional communication protocols. Its monitoring capabilities and user interface features also facilitate visibilities into ongoing communication patterns and quick grasps of suspicious communication activities. The offline framework provides a platform not only for rigorous validation of security coverage, but also for systematic refinement of checker design leveraging the counter traces generated by the model checking tool. The ADEC-G online monitoring/detection system and the offline validation framework are both operational and have been demonstrated in various settings. The ADEC-G online system has also been integrated into TTGS SecureSmart Managed Security Services offering and been employed to perform security assessment in a section of a utility’s operational network as well as in other Smart Grid security pilot project offerings. TTGS is also in discussions with several system integrators for incorporating the integrated SecureSmart Managed Security Services offering as the cyber security solution for the nce of Operations Technology (OT) and Information Technology (IT).

Gadgil, Shrirang; Lin, Yow-Jian; Ghosh, Abhrajit; Samtani, Sunil; Kang, Jaewon; Siegell, Bruce; Kaul, Vikram; Unger, John; De Bruet, Andre; Martinez, Catherine; Vermeulen, Gerald; Rasche, Galen; Sternfeld, Scott; Berthier, Robin; Bobba, Rakesh; Campbell, Roy; Sanders, Williams; Lin, Yow-Jian

2014-06-30T23:59:59.000Z

464

Personnel Security Program Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

provides detailed requirements and procedures to supplement DOE O 472.1B, PERSONNEL SECURITY ACTIVITIES, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Cancels DOE M 472.1-1

2000-11-16T23:59:59.000Z

465

Personnel Security Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE). This Manual addresses only the Personnel Security Program.

1998-05-22T23:59:59.000Z

466

Office of Security Assistance  

Broader source: Energy.gov [DOE]

The Office of Security Assistance manages the Technology Deployment Program to improve the security posture of the Department of Energy and the protection of its assets and facilities through the deployment of new safeguards and security technologies and development of advanced technologies that reduce operating costs, save protective force lives, and improve security effectiveness.

467

Time-to-Compromise Model for Cyber Risk Reduction Estimation  

SciTech Connect (OSTI)

We propose a new model for estimating the time to compromise a system component that is visible to an attacker. The model provides an estimate of the expected value of the time-to-compromise as a function of known and visible vulnerabilities, and attacker skill level. The time-to-compromise random process model is a composite of three subprocesses associated with attacker actions aimed at the exploitation of vulnerabilities. In a case study, the model was used to aid in a risk reduction estimate between a baseline Supervisory Control and Data Acquisition (SCADA) system and the baseline system enhanced through a specific set of control system security remedial actions. For our case study, the total number of system vulnerabilities was reduced by 86% but the dominant attack path was through a component where the number of vulnerabilities was reduced by only 42% and the time-to-compromise of that component was increased by only 13% to 30% depending on attacker skill level.

Miles A. McQueen; Wayne F. Boyer; Mark A. Flynn; George A. Beitel

2005-09-01T23:59:59.000Z

468

Rationale and Development of a Security Assurance Index with Application toward the Development of a World Risk Index  

SciTech Connect (OSTI)

Assurance categories were previously developed to support the Department of Homeland Security’s efforts in the mitigation of Cyber Control System events. Defined according to the risk of life and economic loss, the minimum range is designated by policy, whereas the maximum limit seems to be constrained only by limits and interdependencies of the event. Use of this life / assets scale has proven to be helpful in managing risk due to the scale's ease of use, communication, and understanding. Suggestions have been made that this scale could be applied to all events of terror, disaster, and calamity of an international scale, with equally good results. This paper presents the history of some existing scales of disaster and assurance, the rationale behind the development of the original Security Assurance Index, and our proposed scale of disaster and calamity as a World Risk Index.

M. M. Plum; G. A. Beitel, PhD

2006-06-01T23:59:59.000Z

469

Security Analysis of Selected AMI Failure Scenarios Using Agent Based Game Theoretic Simulation  

SciTech Connect (OSTI)

Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our analysis on the Advanced Metering Infrastructure (AMI) functional domain which the National Electric Sector Cyber security Organization Resource (NESCOR) working group has currently documented 29 failure scenarios. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain. From these five selected scenarios, we characterize them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrates how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.

Abercrombie, Robert K [ORNL] [ORNL; Schlicher, Bob G [ORNL] [ORNL; Sheldon, Frederick T [ORNL] [ORNL

2014-01-01T23:59:59.000Z

470

Secure Cryptographic Key Management System (CKMS) Considerations for Smart Grid Devices  

SciTech Connect (OSTI)

In this paper, we examine some unique challenges associated with key management in the Smart Grid and concomitant research initiatives: 1) effectively model security requirements and their implementations, and 2) manage keys and key distribution for very large scale deployments such as Smart Meters over a long period of performance. This will set the stage to: 3) develop innovative, low cost methods to protect keying material, and 4) provide high assurance authentication services. We will present our perspective on key management and will discuss some key issues within the life cycle of a cryptographic key designed to achieve the following: 1) control systems designed, installed, operated, and maintained to survive an intentional cyber assault with no loss of critical function, and 2) widespread implementation of methods for secure communication between remote access devices and control centers that are scalable and cost-effective to deploy.

Abercrombie, Robert K [ORNL] [ORNL; Sheldon, Frederick T [ORNL] [ORNL; Aldridge, Hal [ORNL] [ORNL; Duren, Mike [Sypris Electronics, LLC] [Sypris Electronics, LLC; Ricci, Tracy [Sypris Electronics, LLC] [Sypris Electronics, LLC; Bertino, Elisa [ORNL] [ORNL; Kulatunga, Athula [Purdue University] [Purdue University; Navaratne, Uditha Sudheera [Purdue University] [Purdue University

2011-01-01T23:59:59.000Z

471

Water Use and Quality Assessment | Argonne National Laboratory  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

energy security and climate change, and not on the possible effects increased biofuel production may have on the quality and quantity of local and regional freshwater...

472

Anthem Cyber Attack: Information and Call-in Phone Number | Jefferson Lab  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmospheric Optical Depth (AOD)ProductssondeadjustsondeadjustAbout theOFFICEAmes Laboratory Site|Andrea4»Another keyAnthem Cyber

473

Do You Feel Lucky? A Large-Scale Analysis of Risk-Rewards Trade-Offs in Cyber Security  

E-Print Network [OSTI]

with spamming, and he will have to consider many options (money mules, Bitcoin, etc.) that will offer different

Vigna, Giovanni

474

Transforming CyberSecurity R&D within the Department of Energy: Getting Ahead of The Threat  

SciTech Connect (OSTI)

This report outlines a preliminary response from DOE researchers to the following three questions: a) what are the key priorities w.r.t. cybersecurity R&D over the next decade? b) what would we recommend, in terms of a program, to address those priorities c) how would a DOE Office of Science program in this area complement other cybersecurity R&D initiatives such as NSF's or other agency programs?

Frincke, Deborah A.; Catlett, Charlie; Siebenlist, Frank; Strelitz, Richard; Talbot, Ed; Worley, Brian

2008-01-01T23:59:59.000Z

475

Fundamental Limits of Cyber-Physical Security in Smart Power Grids Yue Zhao, Andrea Goldsmith, and H. Vincent Poor  

E-Print Network [OSTI]

) for detecting such attacks, while attackers devise attacks that are unobservable by such PMU networks attacks leads to a natural characterization of their potential impacts. With optimized PMU deployment there be data attacks on measurements that disrupt situation awareness [1], but also control signals of many

Zhao, Yue

476

M&Ms4Graphs: Multi-scale, Multi-dimensional Graph Analytics Tools for Cyber-Security  

E-Print Network [OSTI]

ranging from micro- (host level) to macro-scale (enterprise level). Achievements · Major release of Graph Library - Exhibit at GraphLab Conference, July 2014 · Selected publications 1. "Towards A Networks-of-Networks of Machine Learning Research, 2014. Rendering of Network Traffic Data Showing Communication between IP

477

The NIAC Convergence of Physical and Cyber Technbologies and Related Security Management Challenges Working Group Final Report and Recommendations  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE: Alternative Fuels Data Center Home Page on Google Bookmark EERE: Alternative Fuels Data Center Home Page on Delicious RankCombustion |Energy Usage »of EnergyThe Energy Department Feeds11,Industrial Sector,T T H H E E N N I

478

Organizational Chart Vice Chancellor for  

E-Print Network [OSTI]

: -Animal Program -Human Subjects -Select Agents -Export Control -Cyber Security -Conflict of Interest Management Services (AIMS) Administrative Process Redesign (APR) Auxiliary Operations Business Services Management Division Faculty and Staff Programs General Library System HIPAA Quality Improvement, Office

479

Secure and reliable operation of our  

E-Print Network [OSTI]

of threats: · Attacks upon the power system. In this case, the electricity infrastructure itself could use power plant cooling towers, for example, to disperse chem- ical or biological agents to national and international economy, security, and quality of life. Massoud Amin, Electric Power Research

Amin, S. Massoud

480

National Security Technology Incubator Operations Plan  

SciTech Connect (OSTI)

This report documents the operations plan for developing the National Security Technology Incubator (NSTI) program for southern New Mexico. The NSTI program will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. The NSTI program is being developed as part of the National Security Preparedness Project (NSPP), funded by Department of Energy (DOE)/National Nuclear Security Administration (NNSA). The operation plan includes detailed descriptions of the structure and organization, policies and procedures, scope, tactics, and logistics involved in sustainable functioning of the NSTI program. Additionally, the operations plan will provide detailed descriptions of continuous quality assurance measures based on recommended best practices in incubator development by the National Business Incubation Association (NBIA). Forms that assist in operations of NSTI have been drafted and can be found as an attachment to the document.

None

2008-04-30T23:59:59.000Z

Note: This page contains sample records for the topic "quality security cyber" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

A Flexible, High Performance Service-Oriented Architecture for Detecting Cyber Attacks  

SciTech Connect (OSTI)

The next generation of intrusion detection and cyber defense technologies must be highly flexible so that deployed solutions can be quickly modified to detect new attack scenarios. They must also be able to provide the performance necessary to monitor traffic from high speed networks, and scale to enterprise wide deployments. In this paper we describe our experiences in creating a production application for cyber situational awareness. The application exploits the capabilities of several independently developed components and integrates them using SIFT (Scalable Information Fusion and Triage), a service-oriented architecture (SOA) designed for creating domain-independent, enterprise scale analytical applications. SIFT exploits a common design pattern for composing analytical components, and extends an existing messaging platform with scaling capabilities. We describe the design of the application, and provide a performance analysis that demonstrates the capabilities of the SIFT platform. The paper concludes by discussing the lessons we have learned from this project, and outlines the architecture of the MeDICI, the next generation of our enterprise analytics platforms.

Wynne, Adam S.; Gorton, Ian; Almquist, Justin P.; Chatterton, Jack; Thurman, David A.

2008-02-01T23:59:59.000Z

482

Information Security Group IY5512 Computer Security  

E-Print Network [OSTI]

for process that controls interactions between users and resources. · Access control system implements Information Security Group Agenda · Access control basics · ACLs and capabilities · Information flow policies· Information flow policies · Bell-LaPadula Model · Role-Based Access Control · Resources 3 Information Security

Mitchell, Chris

483

Task Scheduling for Control Oriented Requirements for Cyber-Physical Systems Fumin Zhang, Klementyna Szwaykowska, Wayne Wolf, and Vincent Mooney  

E-Print Network [OSTI]

Institute of Technology Atlanta, GA, 30332 Email: {fumin, klimka, wolf, mooney}@gatech.edu Abstract The wide applications of cyber-physical systems (CPS) call for effective design strategies that optimize the perfor- mance of both computing units and physical plants. We study the task scheduling problem for a class

Mooney, Vincent

484

Developing Embedded/Real-Time and Cyber-Physical Systems: Functional Reactive Programming, RTL-based Formal Verification, Response Time  

E-Print Network [OSTI]

-alone systems to highly- networked cyber-physical systems (CPS), spanning a diverse array of software is produced are important in ensuring the safety of the car, its driver and passengers. In a CPS consisting congestions, formal safety verification and response time analysis are essential to the certification and use

Cheng, Albert M. K.

485

INFRASTRUCTURE SECURITY & ENERGY  

E-Print Network [OSTI]

price monitoring #12;INFRASTRUCTURE SECURITY & ENERGY RESTORATION OFFICE of ELECTRICITY DELIVERYINFRASTRUCTURE SECURITY & ENERGY RESTORATION OFFICE of ELECTRICITY DELIVERY & ENERGY RELIABILITY Real Time Monitoring of Energy Infrastructure Status Patrick Willging, PE Office of Electricity

Schrijver, Karel

486

Office of Security Policy  

Broader source: Energy.gov [DOE]

The Office of Security Policy is the central source within the Department of Energy for the development and analysis of safeguards and security policies and standards affecting facilities, nuclear materials, personnel, and classified information.

487

Data Security ROCKVILLE, MD  

E-Print Network [OSTI]

by respondent identification. Thus, data security plans must be tailored to the unique needs and concerns of each data set: a "one-security-plan-fits-all" approach is neither feasible nor desirable. Nevertheless

Rau, Don C.

488

Personnel Security Program Manual  

Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

This Manual provides detailed requirements and procedures to supplement DOE O 472.1B, Personnel Security Activities, which establishes the overall objectives, requirements, and responsibilities for implementation and operation of the Personnel Security Program and the Personnel Security Assurance Program in the Department of Energy (DOE), including the National Nuclear Security Administration (NNSA). Extended until 7-7-06 by DOE N 251.64, dated 7-7-05 Cancels: DOE M 472.1-1A.

2001-07-12T23:59:59.000Z

489

Security system signal supervision  

SciTech Connect (OSTI)

This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

Chritton, M.R. (BE, Inc., Barnwell, SC (United States)); Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States))

1991-09-01T23:59:59.000Z

490

Lemnos interoperable security project.  

SciTech Connect (OSTI)

With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance in a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.

Halbgewachs, Ronald D.

2010-03-01T23:59:59.000Z

491

Water Quality  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Water Quality Water Quality We protect water quality through stormwater control measures and an extensive network of monitoring wells and stations encompassing groundwater, surface...

492

Secure Interoperable Open Smart Grid Demonstration Project  

SciTech Connect (OSTI)

The Consolidated Edison, Inc., of New York (Con Edison) Secure Interoperable Open Smart Grid Demonstration Project (SGDP), sponsored by the United States (US) Department of Energy (DOE), demonstrated that the reliability, efficiency, and flexibility of the grid can be improved through a combination of enhanced monitoring and control capabilities using systems and resources that interoperate within a secure services framework. The project demonstrated the capability to shift, balance, and reduce load where and when needed in response to system contingencies or emergencies by leveraging controllable field assets. The range of field assets includes curtailable customer loads, distributed generation (DG), battery storage, electric vehicle (EV) charging stations, building management systems (BMS), home area networks (HANs), high-voltage monitoring, and advanced metering infrastructure (AMI). The SGDP enables the seamless integration and control of these field assets through a common, cyber-secure, interoperable control platform, which integrates a number of existing legacy control and data systems, as well as new smart grid (SG) systems and applications. By integrating advanced technologies for monitoring and control, the SGDP helps target and reduce peak load growth, improves the reliability and efficiency of Con Edison’s grid, and increases the ability to accommodate the growing use of distributed resources. Con Edison is dedicated to lowering costs, improving reliability and customer service, and reducing its impact on the environment for its customers. These objectives also align with the policy objectives of New York State as a whole. To help meet these objectives, Con Edison’s long-term vision for the distribution grid relies on the successful integration and control of a growing penetration of distributed resources, including demand response (DR) resources, battery storage units, and DG. For example, Con Edison is expecting significant long-term growth of DG. The SGDP enables the efficient, flexible integration of these disparate resources and lays the architectural foundations for future scalability. Con Edison assembled an SGDP team of more than 16 different project partners, including technology vendors, and participating organizations, and the Con Edison team provided overall guidance and project management. Project team members are listed in Table 1-1.

Magee, Thoman

2014-12-31T23:59:59.000Z

493

Password secured systems and negative authentication  

E-Print Network [OSTI]

Today's industry, government, and critical infrastructure are dependent on software systems. In their absence, our modern world would come to a stop. Given our dependence, the mounting cyber threat is of critical concern. ...

Madero, Alvaro

2013-01-01T23:59:59.000Z

494

Tag: Security | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security AdministrationcontrollerNanocrystallineForeign ObjectOUR TableE9. TotalNumberSecurity Tag: Security

495

Tag: security | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security AdministrationcontrollerNanocrystallineForeign ObjectOUR TableE9.security Tag: security Displaying 1 -

496

Secure Storage | Y-12 National Security Complex  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

AFDC Printable Version Share this resource Send a link to EERE: Alternative Fuels Data Center Home Page to someone by E-mail Share EERE: Alternative Fuels Data Center Home Page on Facebook Tweet about EERE: Alternative Fuels Data Center Home Page on Twitter Bookmark EERE:1 First Use of Energy for All Purposes (Fuel and Nonfuel),Feet) Year Jan Feb Mar Apr MayAtmosphericNuclear Security Administrationcontroller systemsBi (2) SrEvaluating the Seasonalsw ' b 0 % bP.SecureSecure Storage

497

Quality Assurance forQuality Assurance for Security-Critical SystemsSecurity-Critical Systems  

E-Print Network [OSTI]

Munich Extensive collaboration with industry (BMW,Extensive collaboration with industry (BMW, Hypo (rather than breaking) them.breaking) them. Assumptions on system context, physical environment.Assumptions on system context, physical environment. Attacker may use unintended/unnoticed functionalityAttacker may

Jurjens, Jan

498

Securing Internet Routing Securing Internet Routing  

E-Print Network [OSTI]

Plane (Routing protocols): S h b d Secure BGP [Kent Lynn Seo 00] soBGP, IRV, SPV, pgBGP, psBGP, Listen Whisper etc · Set up paths between nodes [Kent Lynn Seo 00] Listen-Whisper, etc., Data Plane: · Given d Secure BGP [Kent Lynn Seo 00] soBGP, IRV, SPV, pgBGP, psBGP, Listen Whisper etc · Set up paths

Goldberg, Sharon

499

Leveraging Formal Methods and Fuzzing to Verify Security and Reliability Properties of Large-Scale High-Consequence Systems.  

SciTech Connect (OSTI)

Formal methods describe a class of system analysis techniques that seek to prove specific propertiesabout analyzed designs, or locate flaws compromising those properties. As an analysis capability,these techniques are the subject of increased interest fromboth internal and external customersof Sandia National Laboratories. Given this lab's other areas of expertise, Sandia is uniquelypositioned to advance the state-of-the-art with respect toseveral research and application areaswithin formal methods. This research project was a one-yeareffort funded by Sandia's CyberSecurity S&T Investment Area in its Laboratory Directed Research&Development program toinvestigate the opportunities for formal methods to impactSandia's present mission areas, morefully understand the needs of the research community in the area of formal methods and whereSandia can contribute, and clarify from those potential research paths those that would best advancethe mission-area interests of Sandia. The accomplishmentsfrom this project reinforce the utilityof formal methods in Sandia, particularly in areas relevantto Cyber Security, and set the stagefor continued Sandia investments to ensure this capabilityis utilized and advanced within thislaboratory to serve the national interest.4

Ruthruff, Joseph; Armstrong, Robert C.; Davis, Benjamin Garry; Mayo, Jackson; Punnoose, Ratish J.

2012-09-01T23:59:59.000Z

500

ShadowNet: An Active Defense Infrastructure for Insider Cyber Attack Prevention  

SciTech Connect (OSTI)

The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

Cui, Xiaohui [ORNL; Beaver, Justin M [ORNL; Treadwell, Jim N [ORNL

2012-01-01T23:59:59.000Z