National Library of Energy BETA

Sample records for requirements doe cyber

  1. DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA

    Broader source: Energy.gov [DOE]

    DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS. Key Cyber Security Role: Certification Agent (CA)

  2. DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS puzzle-693870_960_720.jpg DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS (78.26 KB) More Documents & Publications DOE CYBER SECURITY EBK: MINIMUM CORE COMPETENCY TRAINING REQUIREMENTS DOE CYBER SECURITY EBK: CORE COMPETENCY TRAINING REQUIREMENTS: CA Authorizing Official Designated Representative (AODR)

  3. DOE Cyber Strategy | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Strategy DOE Cyber Strategy The Office of the Chief Information Officer is pleased to announce publication of the U.S. Department of Energy (DOE) Cyber Strategy. 151228-doe-cyber-strategy123.png To meet the challenges of today's rapidly evolving cyber landscape, the Department has crafted a comprehensive cyber strategy rooted in enterprise-wide collaboration, accountability, and transparency. The underlying principles and strategic goals that form the Strategy's foundation attest to DOE's

  4. Extension of DOE Directive on Cyber Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-06-04

    DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, is extended until 6/4/04.

  5. DOE Cyber Conference | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Conference DOE Cyber Conference September 19, 2016 8:00AM EDT to September 22, 2016 1:00PM EDT Atlanta, Georgia

  6. Cyber Security Requirements for Wireless Devices and Information Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-11

    The Notice establishes DOE policy requirements and responsibilities for using wireless networks and devices within DOE and implements the requirements of DOE 0 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, including requirements for cyber resource protection, risk management, program evaluation, and cyber security plan development and maintenance. No cancellation. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  7. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes minimum implementation standards for cyber security management processes throughout the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B. No cancellations.

  8. Live: DOE Cyber Distinguished Speaker Series | Department of...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Live: DOE Cyber Distinguished Speaker Series Live: DOE Cyber Distinguished Speaker Series Live streaming video by Ustream HOW ACADEMIC INSTITUIONS ARE MEETING TODAY'S CYBER ...

  9. Extension of DOE Directive on Cyber Security

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-07-06

    This Notice extends DOE N 205.4, Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents, dated 3-18-02, until 7-6-05.

  10. Cyber Security Requirements for Risk Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice ensures that system owners consistently assess the threats to and vulnerabilities of systems in order to implement adequate security controls. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, and protect DOE information and information systems from unauthorized access, use, disclosure, modification, or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06.

  11. Collaborative Utility Task Force Partners with DOE to Develop Cyber

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security Requirements for Advanced Metering Infrastructure | Department of Energy Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure The Advanced Metering Infrastructure Security (AMI-SEC) Task Force announces the release of the AMI System Security Requirements, a first-of-its-kind for the

  12. DOE Cyber Distinguished Speaker Series

    Broader source: Energy.gov [DOE]

    Join us at the Department of Energy’s Cyber Distinguished Speaker Series on Wednesday, 13 January 2016, for an opportunity to expand your knowledge and awareness of today’s most pressing cyber issues.

  13. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation.

  14. Cyber Fed Model Application in support of DOE Cyber Security Initiatives -

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Ames Participation | The Ames Laboratory Cyber Fed Model Application in support of DOE Cyber Security Initiatives - Ames Participation FWP/Project Description: The Cyber Fed Model (CFM) is a communication and coordination framework focused on the reduction and mitigation of cyber security risk across a large distributed organization like the Department of Energy. The CFM framework can be used to help integrate various cyber security systems and capabilities spanning the DOE enterprise, the

  15. Cyber Security Process Requirements Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2008-08-12

    The Manual establishes the minimum implementation standards for cyber security management processes throughout the Department. No cancellation. Admin Chg 1 dated 9-1-09.

  16. DOE Issues Energy Sector Cyber Organization NOI

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Issues National Energy Sector Cyber Organization Notice of Intent February 11, 2010 The Department of Energy's (DOE) National Energy Technology Laboratory (NETL) announced on Jan. 7 that it intends to issue a Funding Opportunity Announcement (FOA) for a National Energy Sector Cyber Organization, envisioned as a partnership between the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security

  17. Foreign National Access to DOE Cyber Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1999-11-01

    DOE N 205.16, dated 9-15-05, extends this Notice until 9-30-06, unless sooner rescinded. To ensure foreign national access to DOE cyber systems continues to advance DOE program objectives while enforcing information access restrictions.

  18. DOE Cyber Distinguished Speaker Series | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    DOE Cyber Distinguished Speaker Series DOE Cyber Distinguished Speaker Series Featured Speaker: Dr. Winfried K. Hensinger Date: August 5, 2016 Time: 11:00 am - 12:00 pm Location: DOE Headquarters, Forrestal Auditorium, Washington, DC Winfried K. Hensinger.jpg Dr. Winfried Hensinger - Professor of Quantum Technologies, Ion Quantum Technology Group, Department of Physics and Astronomy, University of Sussex Winfried Hensinger obtained his undergraduate degree at the Ruprechts-Karls University in

  19. Transmission and Distribution World March 2007: DOE Focuses on Cyber

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security | Department of Energy Transmission and Distribution World March 2007: DOE Focuses on Cyber Security Transmission and Distribution World March 2007: DOE Focuses on Cyber Security Energy sector owners, operators and system vendors team up to boost control system security with national SCADA test bed. Energy Secrtor Owners, operators and system vendors team up to boost control system security with national SCADA test bed (570.08 KB) More Documents & Publications ABB and Energy

  20. DOE Issues Energy Sector Cyber Organization NOI, Feb 2010 | Department of

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Energy Issues Energy Sector Cyber Organization NOI, Feb 2010 DOE Issues Energy Sector Cyber Organization NOI, Feb 2010 The Department of Energy's (DOE) National Energy Technology Laboratory (NETL) announced on Jan. 7 that it intends to issue a Funding Opportunity Announcement (FOA) for a National Energy Sector Cyber Organization, envisioned as a partnership between the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart

  1. Department of Energy Cyber Security Management

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2006-12-04

    The purpose of the DOE Cyber Security Management Program is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE O 205.1. Canceled by DOE O 205.1B.

  2. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  3. Department of Energy Cyber Security Management Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-03-21

    The purpose of the Department of Energy (DOE) Cyber Security Management Program (hereafter called the Program) is to protect all DOE cyber information and information systems in order to implement the requirements of applicable laws required to maintain national security and ensure DOE business operations proceed without security events such as interruption or compromise. Cancels DOE N 205.1

  4. Handling Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2002-03-18

    To establish Department of Energy (DOE) requirements and responsibilities for reporting cyber security incidents involving classified and unclassified systems and responding to cyber security alerts and advisories; and to implement requirements of DOE N 205.1, Unclassified Cyber Security Program, and DOE M 471.2-2, Classified Information Systems Security Manual. DOE N 205.13, dated 7-6-04, extends this notice until 7-6-05. Cancels DOE M 471.2-2, Chapter III, section 8.

  5. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations. Admin Chg 1 dated 9-1-09.

  6. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. No cancellations.

  7. cyber

    National Nuclear Security Administration (NNSA)

    and the review of information prior to public release or posting to publicly available web sites to assure it does not contain data that would assist an adversary.

  8. Cyber Security Incident Management Manual

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2009-01-08

    The manual establishes minimum requirements for a structured cyber security incident detection and management process for detecting, identifying, categorizing, containing, reporting, and mitigating cyber security incidents involving DOE information and information systems operated by DOE or by contractors on behalf of the Department. Admin Chg 1 dated 9-1-09; Admin Chg 2 dated 12-22-09. Canceled by DOE O 205.1B.

  9. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8

  10. Chapter_14_Cyber_Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4 Cyber Security The DOE Cyber Security Program aims to protect the Department's diverse missions in a cost- effective manner; identify threats, risks, and mitigations; and remain flexible in a changing environment. Key Departmental directives, policies, and procedures governing the implementation of the Cyber Security Program at DOE HQ are: * DOE Order 205.1B, Department of Energy Cyber Security Management * DOE Policy 205.1, Department of Energy Cyber Security Management Policy * Headquarters

  11. CyberCon | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    CyberCon CyberCon CyberCon DOE Cyber-An Enterprise Approach: Excellence Through Innovation & Integration The Office of the Chief Information Officer (OCIO) will host the DOE Cyber Conference, September 19-22, 2016 in Atlanta, Georgia. The conference will convene the brightest cyber minds from across the DOE Enterprise to hear from dynamic thought leaders in cyber, including presenters from federal interagency, academia, private sector, and international arena. The conference will also

  12. cyber | National Nuclear Security Administration

    National Nuclear Security Administration (NNSA)

    cyber Information Security Information security deals with requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or NNSA and Department of Energy (DOE) directives.Classified Matter Protection and Control ensures the protection and control of

  13. Cyber Security Architecture Guidelines

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-03-08

    This Guide provides supplemental information on the implementation of cyber security architectures throughout the Department of Energy. Canceled by DOE N 205.18

  14. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012; Chg 2, dated 3-11-13.

  15. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program that protects information and information systems for DOE. Cancels DOE O 205.1A, DOE M 205.1-4, DOE M 205.1-5, DOE M 205.1-6, DOE M 205.1-7 and DOE M 205.1-8. Admin Chg 1, dated 12-7-2012.

  16. Cyber sleuths face off

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber and Security Assessments Cyber and Security Assessments Cyber and Security Assessments within the Office of Independent Enterprise Assessments implements the independent security performance monitoring functions for DOE. The other half of the Independent Oversight Program is implemented by the Office of Safety and Emergency Management Evaluations for safety oversight. The independent oversight function performed by these two offices is delineated in DOE Order 227.1A, Independent Oversight

  17. Obama's Call for Public-Private Cyber Security Collaboration...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's ...

  18. Collaborative Utility Task Force Partners with DOE to Develop...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Collaborative Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure Collaborative Utility Task Force Partners with DOE to ...

  19. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Website Administrator The DOE Directives, Regulations, and Requirements Portal is operated by Doxcelerate Corporation for the Office of Information Resources (MA-90). Location: Santa Fe, NM, USA Author's external home page... Select a document from the list below to leave feedback for the writer. For contact information, use the DOE Phonebook. Latest content created by this user May 22, 2015 Recently Approved Justification Memoranda May 20, 2015 DRAFT - DOE O 331.1D, Employee Performance and

  20. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    www.directives.doe.gov Directives are the Department of Energy's primary means of establishing policies, requirements, responsibilities, and procedures for Departmental elements and contractors. New - DOE O 430.1C, Real Property Asset Management https://www.directives.doe.gov/news/0430.1C-new The directive establishes an integrated corporate-level, performance based approach to the life-cycle management of our real property assets. It links real property asset planning, programming, budgeting

  1. Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-19

    The Notice establishes DOE policy requirements and responsibilities for remote connections to DOE and contractor information technology systems. The Notice will also ensure compliance with the requirements of DOE O 205.1, Department of Energy Cyber Security Management Program, dated 3-21-03, to protect DOE information and information technology systems commensurate with the risk and magnitude of harm that could result from their unauthorized access, use, disclosure, modification or destruction. DOE N 205.15, dated 3/18/05, extends this directive until 3/18/06. No cancellations.

  2. DOE-STD-1104 Requirements Crosswalk

    Office of Environmental Management (EM)

    09 to DOE-STD-1104-2014 Requirements Matrix - 1 - No. Section Page Number DOE-STD-1104-2009 Requirement DOE-STD-1104-2014 Requirements Comment Gen DOE-STD-1104-2009 was broadly ...

  3. July 2013 Cyber Incident

    Broader source: Energy.gov [DOE]

    The Department of Energy (DOE) has confirmed a cyber incident that occurred at the end of July and resulted in the unauthorized disclosure of federal employee Personally Identifiable Information ...

  4. January 2013 Cyber Incident

    Broader source: Energy.gov [DOE]

    The Department of Energy (DOE) has confirmed a recent cyber incident that occurred in mid-January 2013 which targeted the Headquarters' network and resulted in the unauthorized disclosure of...

  5. Order DOE O 205.1B

    Broader source: Energy.gov [DOE]

    To set forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE)

  6. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2011-05-16

    The order sets forth requirements and responsibilities for a Departmental Cyber Security Program (CSP) that protects information and information systems for the Department of Energy (DOE). Chg 1 dated 12-7-2012; Chg 2 dated 3-11-2013; Chg 3, dated 4-29-2014, supersedes Chg 2.

  7. Cyber Security and Resilient Systems

    SciTech Connect (OSTI)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  8. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    SciTech Connect (OSTI)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was selected from the list of standards identified

  9. Microsoft Word - Attachment J-6 List of Applicable DOE Directives and COntractor Requirements Documents.doc

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    J-6-1 ATTACHMENT J.6 LIST OF APPLICABLE DOE DIRECTIVES AND CONTRACTOR REQUIREMENTS DOCUMENTS (LIST B) The following is a list of applicable DOE Directives and Orders appended to this Contract as prescribed in Section I, Clause I.3. This list is not all inclusive. Document Number Title CRD O 150.1 Continuity Programs CRD O 205.1b, Chg.3 DOE Cyber Program CRD O 206.1 DOE Privacy Program CRD O 243.1B, Admin. Chg 1. Records Management Program CRD O 414.1D, Admin Chg 1. Quality Assurance CRD O

  10. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    of Energy Employee Concerns Program Jun 17, 2016 Notice of Intent to Develop DOE P XXX.X, Contractor Assurance Systems Policy May 20, 2016 New - DOE N 251.115, Cancellation of ...

  11. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    DOE Differing Professional Opinions DOE Differing Professional Opinions DOE has established a variety of work processes for its employees (including DOE Federal, contractor, and subcontractor employees) to raise concerns so that they are assessed and appropriate actions are taken. Employees are to use these processes to resolve issues at the lowest possible level. In rare cases, an employee may decide that despite those efforts, there remains a concern about a technical issue with a potential

  12. Acronyms - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Acronyms by Website Administrator CRD - Contractor Requirements Document DNFSB - Defense Nuclear Facilities Safety Board DMTeam - Directives Management Team (MA-90) DOE P - Department of Energy Policy DOE N - Department of Energy Notice DOE O - Department of Energy Order DOE M - Department of Energy Manual DOE G - Department of Energy Guide DPC - Directives Point of Contact DRB - Directives Review Board established by DOE O 251.1C OPI - Office of Primary Interest (the writing organization)

  13. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    writer. For contact information, use the DOE Phonebook. Latest content created by this user Mar 13, 2014 Occurrence Reporting and Processing of Operations Information Apr 08,...

  14. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    News Item Packaging and Transportation for Offsite Shipment of Materials of National Security Interest https:www.directives.doe.govinformational-purposes-only...

  15. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    information, use the DOE Phonebook. Latest content created by this user Dec 29, 2015 Information Technology Project Execution Model Guide for Small and Medium Projects Jul 07,...

  16. Other Requirements - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Other Requirements by Website Administrator More filters Less filters Other Policy Type Secretarial Memo Program Office Memo Invoked Technical Standards 100 Office of Primary Interest (OPI) Office of Primary Interest (OPI) All AD - Office of Administrative Services AU - Office of Environment, Health, Safety and Security CF - Office of the Chief Financial Officer CI - Office of Congressional and Intergovernmental Affairs CN - Office of Counterintelligence CP - Office of the Press Secretary CR -

  17. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Diane Johnson I load documents, fix links etc. Select a document from the list below to leave feedback for the writer. For contact information, use the DOE Phonebook. Latest...

  18. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Tiffany M Wheeler Select a document from the list below to leave feedback for the writer. For contact information, use the DOE Phonebook. Latest content created by this user Jan...

  19. Facility Safety - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    facility and programmatic safety requirements for DOE and NNSA for nuclear safety design criteria, fire protection, criticality safety, natural phenomena hazards (NPH)...

  20. Extension of DOE Directives

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2005-03-18

    The following directives are extended until 3-18-06: DOE N 205.8, Cyber Security Requirements for Wireless Devices and Information Systems, dated 2-11-04; DOE N 205.9, Certification and Accreditation Process for Information Systems Including National Security Systems, dated 02-19-04; DOE N 205.10, Cyber Security Requirements for Risk Management, dated 02-19-04; DOE N 205.11, Security Requirements for Remote Access to DOE and Applicable Contractor Information Technology Systems, dated 2-19-04. DOE N 205.12, Clearing, Sanitizing, and Destroying Information System Storage Media, Memory Devices, and Other Related Hardware, dated 2-19-04.

  1. Cyber and Security Assessments | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber and Security Assessments Cyber and Security Assessments Cyber and Security Assessments within the Office of Independent Enterprise Assessments implements the independent security performance monitoring functions for DOE. The other half of the Independent Oversight Program is implemented by the Office of Safety and Emergency Management Evaluations for safety oversight. The independent oversight function performed by these two offices is delineated in DOE Order 227.1A, Independent Oversight

  2. Conduct of Operations Requirements for DOE Facilities

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    1990-07-09

    "To provide requirements and guidelines for Departmental Elements, including the National Nuclear Security Administration (NNSA), to use in developing directives, plans, and/or procedures relating to the conduct of operations at DOE facilities. The implementation of these requirements and guidelines should result in improved quality and uniformity of operations. Change 2, 10-23-2001. Canceled by DOE O 422.1.

  3. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Site map An overview of the available content on this site. Keep the pointer still over an item for a few seconds to get its description. Directives Delegations Other Requirements Top 10 Directives Help Directives Tools RevCom

  4. DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Contact form Directives are the Department of Energy's primary means of establishing policies, requirements, responsibilities, and procedures for Departmental elements and contractors. Directives Program Management Emily Stanton, (202) 287-5641 Rachel Mack, (202) 287-6804 Delegation Program Management Gail Cephas,(202) 586-1049 Web Site Administration Technical Support Staff, (505) 663-1302 Fill in this form to contact us. Name Please enter your full name E-Mail (Required) Please enter your

  5. Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy 4, Cyber Security Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security 2016 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security HQ cyber security activities are managed by the Cyber Support Division (IM-622) within the Office of Chief Information Officer (IM-1). This chapter only covers the requirement for each HQ program element to appoint an Information Systems Security Officer (ISSO) to act as the point of contact between the

  6. DOE O 205.1B Department of Energy Cyber Security Program

    Broader source: Energy.gov [DOE]

    On May 16, 2011, the Department issued a Contractor Requirements Document (CRD) to the above listed Directive.

  7. DOE Challenge Home, California Program Requirements | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Home, California Program Requirements DOE Challenge Home, California Program Requirements DOE Challenge Home, California Program Requirements, as posted on the U.S. Department of Energy's DOE Challenge Home website. ch_california_requirements2013.pdf (296.75 KB) More Documents & Publications Washington DOE ZERH Program Requirements DOE Zero Energy Ready Home National Program Requirements (Rev. 04) California DOE ZERH Program Requiremets

  8. Cyber Security Evaluations Appraisal Process Guide - April 2008 |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Cyber Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal Process Guide - April 2008 April 2008 Cyber Security Evaluations Appraisal Process Guide was developed for the purpose of documenting the appraisal approach and techniques specific to evaluations of classified and unclassified cyber security programs throughout DOE. This process guide provides information about the Department of Energy's (DOE) Independent Oversight

  9. Understanding DOE Quality Assurance Requirements and ASME NQA...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    DOE Quality Assurance Requirements and ASME NQA-1 For Application in DOE Nuclear Projects Training Agenda Understanding DOE Quality Assurance Requirements and ASME NQA-1 For ...

  10. Quality Assurance - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    services meet or exceed customers' requirements and expectations. Cancels DOE O 414.1C. Adm Chg 1, 5-8-13 o414.1d4-25-11.pdf -- PDF Document, 243 KB Writer: Colette Broussard...

  11. Directives Help - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Help by Website Administrator All DOE directives are available through this site. While it may seem overwhelming, given the number of documents, we have provided a number of ways in which you may get to the information you need. Navigating the DOE Directives, Delegations, and Requirements Portal A guide for using the new portal is available here. Navigation Tools The links at the top of the page will take you to the major elements of the site--directives, delegations and requirements. The

  12. Recent DOE Directives Changes

    Broader source: Energy.gov [DOE]

    On September 1, 2009, the Department of Energy (DOE) manuals were revised and issued to correspond with the following recent Contractor Requirements Documents (CRDs) changes to the following Directives: DOE M 205.1-8 Administrative Change 1—Cyber Security Incident Management Manual; DOE M 205.1-7 Administrative Change 1—Security Controls for Unclassified Information Systems Manual; DOE M 205.1-6 Administrative Change 1—Media Sanitization Manual; DOE M 205.1-5 Administrative Change 1—Cyber Security Process Requirements Manual

  13. Office of Cyber Assessments | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Assessments Office of Cyber Assessments MISSION The Office of Cyber Assessments is responsible for the independent evaluation of the effectiveness of classified and unclassified computer security policies and programs throughout the Department. The Office has established and maintains a continuous program for assessing the security of DOE classified and unclassified networks through expert program and technical analysis, including detailed network penetration testing to detect

  14. Cyber Train Videos | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Train Videos Cyber Train Overview Cyber Train Opt-Out Process Cyber Train Complete Training Submitting Course Completion Materials...

  15. Understanding DOE Quality Assurance Requirements and ASME NQA...

    Broader source: Energy.gov (indexed) [DOE]

    Materials for the Understanding DOE Quality Assurance Requirements and ASME NQA-1 For Application in DOE Nuclear ... DOE Nuclear Projects, A Management Overview and ...

  16. Cyber Train Videos | The Ames Laboratory

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Train Videos Cyber Train Overview Cyber Train Opt-Out Process Cyber Train Complete Training Submitting Course Completion Materials Click here for information on accessing Cyber Train.

  17. Justification Memoranda - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Justification Memoranda by Diane Johnson Notice of Intent to Revise Department of Energy Order 350.1, Contractor Human Resources Management Program - by Robert Myers - last modified Jun 19, 2014 11:17 AM DOE O 350.1 establishes responsibilities, requirements, and cost allow-ability criteria for the management an oversight of contractor human resource management programs, is being revised to remove contractor requirements from Chapter IV, Compensation, Chapter V, Benefits, and Chapter VI Pensions

  18. Sandia Energy Cyber

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    sandia-cyber-engineering-research-laboratory-cerl-formally-opensfeed 0 Sandia Builds Android-Based Network to Study Cyber Disruptions http:energy.sandia.gov...

  19. Washington DOE ZERH Program Requirements | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Washington DOE ZERH Program Requirements Washington DOE ZERH Program Requirements Washington specific program requirements for the U.S. Department of Energy's Zero Energy Ready Home Program. ch_washington_requirements8-23-13.pdf (289.63 KB) More Documents & Publications DOE Challenge Home, California Program Requirements Version Tracking Document for DOE Challenge Homes, National Program Requirements (Rev. 03) DOE Zero Energy Ready Home National Program Requirements (Rev. 04)

  20. DOE Zero Energy Ready Home National Program Requirements (Rev. 04) |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Home National Program Requirements (Rev. 04) DOE Zero Energy Ready Home National Program Requirements (Rev. 04) U.S. Department of Energy Zero Energy Ready Home National Program Requirements (Rev. 04) DOE Zero Energy Ready Home National Program Requirements Rev04.pdf (291.11 KB) More Documents & Publications DOE Zero Energy Ready Home National Program Requirements (Rev. 05) California DOE ZERH Program Requiremets DOE Challenge Home, California Program Requirement

  1. Understanding DOE Quality Assurance Requirements and ASME NQA-1 For

    Office of Environmental Management (EM)

    Application in DOE Nuclear Projects Training Agenda | Department of Energy Agenda Understanding DOE Quality Assurance Requirements and ASME NQA-1 For Application in DOE Nuclear Projects Training Agenda Agenda for the Understanding DOE Quality Assurance Requirements and ASME NQA-1 For Application in DOE Nuclear Projects Training Workshop held on May 14, 2015. Agenda (36.02 KB) More Documents & Publications Understanding DOE Quality Assurance Requirements and ASME NQA-1 For Application in

  2. Understanding DOE Quality Assurance Requirements and ASME NQA-1 For

    Office of Environmental Management (EM)

    Application in DOE Nuclear Projects Training Materials | Department of Energy Materials Understanding DOE Quality Assurance Requirements and ASME NQA-1 For Application in DOE Nuclear Projects Training Materials Training Materials for the Understanding DOE Quality Assurance Requirements and ASME NQA-1 For Application in DOE Nuclear Projects Training Workshop held on May 14, 2015. Training Materials (4.27 MB) More Documents & Publications Understanding DOE Quality Assurance Requirements

  3. DOE NEPA Guidance and Requirements - Search Index - Table of Contents |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Table of Contents DOE NEPA Guidance and Requirements - Search Index - Table of Contents Return to Download Page The DOE NEPA Guidance and Requirements - Search Index includes: NEPA Guidance and Requirements Documents Issued by Published A Brief Guide - DOE-wide Contracts For NEPA Documentation DOE 2003 A Citizen's Guide to the NEPA - Having Your Voice Heard CEQ 2007 A Resource Handbook on DOE Transportation Risk Assessment DOE 2002 Actions During the NEPA Process -

  4. DOE Zero Energy Ready Home National Program Requirements (Rev. 05) |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy National Program Requirements (Rev. 05) DOE Zero Energy Ready Home National Program Requirements (Rev. 05) U.S. Department of Energy Zero Energy Ready Home National Program Requirements (Rev. 05), May, 11, 2015. DOE Zero Energy Ready Home National Program Requirements Rev05 - Final.pdf (522.94 KB) More Documents & Publications California DOE ZERH Program Requiremets DOE Zero Energy Ready Home National Program Requirements (Rev. 04) Zero Energy Ready Home Newsletter:

  5. DOE NEPA Guidance and Requirements - Search Index - List of Contents |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy List of Contents DOE NEPA Guidance and Requirements - Search Index - List of Contents Return to Download Page The NEPA Guidance and Requirements - Search Index includes: A Brief Guide - DOE-wide Contracts For NEPA Documentation [DOE][2003] A Citizen's Guide to the NEPA - Having Your Voice Heard [CEQ][2007] A Resource Handbook on DOE Transportation Risk Assessment [DOE][2002] Actions During the NEPA Process - Interim Actions [DOE][2003] Administrative Record Guidance

  6. DOE - NNSA/NFO -- National Security Template

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    DOE-CIRC NNSANFO Language Options U.S. DOENNSA - Nevada Field Office Department of Energy Cyber Incident Response Capability Department of Energy Cyber Incident Response ...

  7. Sandia Cyber Omni Tracker

    Energy Science and Technology Software Center (OSTI)

    2014-07-02

    SCOT cyber security team enhancement tool that coordinates activities, captures knowledge, and serves as a platform to automate time-consuming tasks that a cyber security team needs to perform in its daily operations.

  8. Cyber Incidents Involving Control Systems

    SciTech Connect (OSTI)

    Robert J. Turk

    2005-10-01

    The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to

  9. U.S. Department of Energy Cyber Strategy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    CYBER STRATEGY | 1 U.S. DEPARTMENT OF ENERGY CYBER STRATEGY DOE CYBER STRATEGY | 2 TABLE OF CONTENTS Message from the Deputy Secretary Message from the CIO Introduction Vision Principles Strategic Goals and Objectives The Way Forward Appendix: Applicable Mandates p. 3 p. 4 p. 5 p. 7 p. 8 p. 9 p. 15 p. 16 DOE CYBER STRATEGY | 3 Across the Department of Energy, our diverse missions are enabled by digital technolo- gies. We rely on these technologies to gather, share, store, and use information.

  10. Silver Spring Networks comments on DOE NBP RFI: Comms Requirements...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Comms Requirements Silver Spring Networks comments on DOE NBP RFI: Comms Requirements Comments of Silver Spring Networks on Implementing the National Broadband Plan by Studying the ...

  11. DOE RFI 2010-11129 NBP RFI: Communications Requirements Titled...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Plan by Studying the Communications Requirements of Electric Utilities to Inform Federal Smart Grid Policy Silver Spring Networks comments on DOE NBP RFI: Comms Requirements

  12. Programmatic Elements - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    the Operational Emergency Base Program Supersedes: DOE G 151.1-1 V5-4, Training and Drills on Jul 11, 2007 DOE G 151.1-1 V5-1, Program Administration on Jul 11, 2007 DOE G...

  13. Justification Memo DOE - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    DOE by Diane Johnson Justification for the creation or modification of a directive where the Office of Primary Interest is outside NNSA. Upload File Upload the file here JM-NonNNSA 5-25-16.doc - 37 KB Short Name justification_memo_doe

  14. May 3 PSERC Webinar: Physical and Cyber Infrastructure Supporting the

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Future Grid | Department of Energy May 3 PSERC Webinar: Physical and Cyber Infrastructure Supporting the Future Grid May 3 PSERC Webinar: Physical and Cyber Infrastructure Supporting the Future Grid April 26, 2016 - 4:03pm Addthis The DOE-funded Power Systems Engineering Research Center (PSERC) is offering a free public webinar that will address the final report summarizing findings from the PSERC/NSF Executive Forum and Workshop on Physical and Cyber Infrasture to Support the Future Grid,

  15. Directives Requiring Additional Documentation - DOE Directives,

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Delegations, and Requirements Requiring Additional Documentation by Website Administrator PDF document icon DirectivesRequiringAdditionalDocumentation (1).pdf - PDF document, 35 KB (36219

  16. Radiological Control - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    98-2008, Change Notice 1, Radiological Control by Diane Johnson The Department of Energy (DOE) has developed this Standard to assist line managers in meeting their responsibilities...

  17. Fire Protection - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    are not comprehensively or adequately addressed in national consensus standards or other design criteria. DOE-STD-1062-2012: Fire Protection Type: Invoked Technical Standards OPI:...

  18. NERSC/DOE HEP Requirements Workshop Presentations

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    | DOE HEP Overview November 12, 2009 | Author(s): Amber Boehnlein | Workshop Logistics November 12, 2009 | Author(s): Harvey Wasserman | NERSC Role in High Energy Physics...

  19. Facility Safety - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    0.1C Chg 1, Facility Safety by Pranab Guha Functional areas: DNFSB, Defense Nuclear Facility Safety and Health Requirement, Facility Safety, Requires Crosswalk When Revised,...

  20. Facility Safety - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    O 420.1C Chg 1, Facility Safety by Pranab Guha Functional areas: DNFSB, Defense Nuclear Facility Safety and Health Requirement, Facility Safety, Requires Crosswalk When Revised, ...

  1. DPC List - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    INL - Advanced Mixed Waste Treatment Project Gail Brown browgl@amwtp.inl.gov 208-557-0913 INL-ICP-EM Carla Campbell carla.campbell@icp.doe.gov 208-533-0829 Oak Ridge Office-EM ...

  2. DRB Liaison - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    DRB Liaison by Website Administrator Emily Jackson Directives Review Board Liaison 202-287-5641 Portals III Building, Suite 500 Emily.Jackson@hq.doe.gov Chris Tirado 202-586-4967...

  3. Department of Energy Cyber Security Program

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2012-12-06

    Modifications correct changes to the composition of Senior DOE Management organizations, name change from DOE Cyber Incident Response Capability to Joint Cybersecurity Coordination Center and transfer of responsibility for communications security and TEMPEST to the Office of Health, Safety and Security.

  4. DOE Responses to DOE Challenge Home (formerly Builders Challenge) National Program Requirements Public Comments

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    - Responses to Draft Specification Comments 1 Updated 4/9/2012 DOE Responses to DOE Challenge Home (formerly Builders Challenge) National Program Requirements Public Comments DOE received comments on the draft DOE Challenge Home specifications and requirements from December 15, 2011 through January 31, 2012. This document summarizes the comments received, DOE's responses, and the resulting policy change, if any. All comments were reviewed. Similar comments were grouped together in the responses.

  5. Understanding and Implementing DOE Quality Requirements and ASME...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Requirements and ASME NQA-1 in DOE Nuclear Projects, A Management Overview and Introduction, May 14, ... The class will be held May 14, 2015. Agenda Training Materials Training ...

  6. DOE Issues Request for Information for Scope Requirements Planning...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Information for Scope Requirements Planning at Los Alamos National Laboratory DOE Issues ... Completion Project Bridge Contract," reference number DE-SOL-0007781, for which a ...

  7. Staffing and Placement - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    DRAFT DOE O 325.3, Staffing and Placement by Tiffany M Wheeler Functional areas: Staffing, Placement, Recruiting, Excepted Service The Order establishes requirements and...

  8. Application of Engineering and Technical Requirements for DOE...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Application of Engineering and Technical Requirements for DOE Nuclear Facilities Standard Review Plan (SRP) This Standard Review Plan (SRP), Application of Engineering and ...

  9. DOE SC Exascale Requirements Reviews: High Energy Physics

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    computational domain scientists, DOE planners and administrators, and experts in computer science and applied mathematics to determine the requirements for an exascale ecosystem ...

  10. POLICY GUIDANCE MEMORANDUM #33 - Requirements for DOE Delegated...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    PDF icon Policy Guidance Memorandum 33 - Requirements for DOE Delegated Examining Procedures Responsible Contacts Tiffany Wheeler Human Resources Specialist E-mail ...

  11. References - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    References by Website Administrator This page provides information and links to references. Technical Standards Technical Standards Program Technical Standards Home RevCom for Technical Standards Technical Standards Crosswalk NNSA Directives National Nuclear Security Administration (NNSA) Supplemental Directives NNSA Policies (NAPs) FAR Federal Acquisition Regulations Federal Acquisition Regulations (FAR) DOE Acquisition Regulations (DEAR) CFR Code of Federal Regulations CFR (annual edition) 10

  12. Health - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Programs » Headquarters Accommodation Program Headquarters Accommodation Program The Headquarters Accommodation Program Manager works with DOE managers, employees and visitors to provide information and assistance related to persons with disabilities. Areas of assistance include: Auxiliary services, such as sign language interpreting services, readers for the blind, or personal assistants for the physically challenged Guidance and information regarding accommodations, as well as laws and

  13. NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Finalizes Initial Set of Smart Grid Cyber Security Guidelines NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines September 2, 2010 - 3:15pm Addthis WASHINGTON, D.C. - The National Institute of Standards and Technology (NIST) issued today its first Guidelines for Smart Grid Cyber Security, which includes high-level security requirements, a framework for assessing risks, an evaluation of privacy issues at personal residences, and additional information for

  14. Biosafety Facilities - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    5, Biosafety Facilities by David Freshwater Functional areas: Defense Nuclear Facility Safety and Health Requirement, Safety and Security, The Guide assists DOENNSA field elements...

  15. Directives - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible...

  16. Delegation Procedures - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible...

  17. Delegations - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible...

  18. Help - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible...

  19. Physical Protection - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    2A, Physical Protection by jcronin Functional areas: Security, This Manual establishes requirements for the physical protection of interests under the U.S. Department of Energys...

  20. Finance - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Finance & Accounting Finance & Accounting The mission of the Office of Finance and Accounting (CF-10) is to provide Department-wide central accounting and financial management services to the Department of Energy; to provide accurate and timely financial reporting and produce auditable financial statements; and to provide financial management support to DOE Headquarters program offices. Functions: Implement Departmental accounting and financial policies as well as general procedural

  1. News - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    News by Website Administrator Site News New - DOE O 430.1C, Real Property Asset Management - by Patricia Greeson - last modified Aug 23, 2016 02:37 PM The directive establishes an integrated corporate-level, performance based approach to the life-cycle management of our real property assets. It links real property asset planning, programming, budgeting and evaluation to the Department's multi-faceted missions. Successful implementation of this order will enable the Department to carry out

  2. DPC Resources - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    DPC Resources by Website Administrator This section contains DPC Resources and Responsibilities DPC Contact Directives Points of Contact Updated listing of contact information for DOE Headquarters, field, and contractor DPCs. DPC Responsibility DPC Responsibilities All DPCs are responsible for: Serving as a liaison between their organization and the Directives Program Disseminating changes in the Directives Program Assigning subject matter experts to review and comment on directives Creating a

  3. Evaluation Report on The Department's Unclassified Cyber Security Program

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2002, DOE/IG-0567 | Department of Energy Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 Evaluation Report on The Department's Unclassified Cyber Security Program 2002, DOE/IG-0567 As agencies strive to meet the President's goal of significantly increasing electronic government, the potential for disruption or damage to critical systems by malicious users continues to increase. In response to increasing threats to the Government's computer networks and

  4. POLICY GUIDANCE MEMORANDUM #33 - Requirements for DOE Delegated Examining

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Procedures | Department of Energy 3 - Requirements for DOE Delegated Examining Procedures POLICY GUIDANCE MEMORANDUM #33 - Requirements for DOE Delegated Examining Procedures The purpose of this guidance is to establish the Department of Energy's (DOE's) Delegated Examining policy and procedures in order to ensure an effective competitive examining program that supports mission accomplishments and is in accordance with merit system principles and applicable laws and regulations. Policy

  5. Battery Pack Requirements and Targets Validation FY 2009 DOE Vehicle

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Technologies Program | Department of Energy Battery Pack Requirements and Targets Validation FY 2009 DOE Vehicle Technologies Program Battery Pack Requirements and Targets Validation FY 2009 DOE Vehicle Technologies Program 2009 DOE Hydrogen Program and Vehicle Technologies Program Annual Merit Review and Peer Evaluation Meeting, May 18-22, 2009 -- Washington D.C. es_01_santini.pdf (714.34 KB) More Documents & Publications Well-to-Wheels Analysis of Energy Use and Greenhouse Gas

  6. Cyber Insurance

    Office of Environmental Management (EM)

    Office of Policy, OAPM | Department of Energy Current Trends in Policy - What's new? - Berta Schreiber, Director, Office of Policy, OAPM Current Trends in Policy - What's new? - Berta Schreiber, Director, Office of Policy, OAPM New Uniform Financial Assistance Regulations DOE's financial assistance regulatory framework and environment have changed. In December, OMB issued new uniform regulations for financial assistance that combined previous OMB circulars under one set of regulations. Key

  7. Home - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages

    Personal tools Log in Site Map | Contact Us | Help U.S. Department of Energy Office of Management Current Documents Archived Documents Entire Site Search Site Search only in current section Advanced Search Home Directives Delegations Other Requirements RevCom DPC Resources Directives Tools References Delegation Procedures Archives help Help Directives, Delegations, and Other Requirements Directives Directives All current, archived and draft Directives Delegations Delegations Legal instrument

  8. Obama's Call for Public-Private Cyber Security Collaboration Reflected in

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    DOE's Priorities | Department of Energy Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities Obama's Call for Public-Private Cyber Security Collaboration Reflected in DOE's Priorities May 29, 2009 - 4:08pm Addthis In releasing the results of his Administration's 60-day cyber security review, President Barack Obama today emphasized that partnering with the private sector will be paramount for agencies working to secure the power grid and other critical

  9. DOE Special Requirements | U.S. DOE Office of Science (SC)

    Office of Science (SC) Website

    DOE Special Requirements Human Subjects Protection Program (HSPP) HSPP Home About Institutional Review Boards (IRBs) Education and Resources Regulations and Requirements Ethical Principles Federal Regulations DOE Special Requirements Health Insurance Portability and Accountability Act (HIPAA) Glossary Abbreviations Contact BER Home Contact Information Human Subjects Protection Program U.S. Department of Energy SC-23/Germantown Building 1000 Independence Ave., SW Washington, DC 20585 Regulations

  10. Directives - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Directives Current Directives List Directives are the Department of Energy's primary means of establishing policies, requirements, responsibilities, and procedures for Departmental elements and contractors Current Draft Archives by Website Administrator More filters Less filters Directive Type Order Guide Manual Policy Notice Cancellation Notice HQ Order Sec of Energy Notice Justification Memorandum Certification Memo 0 Series Series All 0000 Subject Classification 100 Leadership/Management

  11. DOE Proposes Requirement for Certification of Admissibility for Covered

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Products and Equipment | Department of Energy Proposes Requirement for Certification of Admissibility for Covered Products and Equipment DOE Proposes Requirement for Certification of Admissibility for Covered Products and Equipment February 22, 2016 - 6:26pm Addthis DOE has issued a Notice of Proposed Rulemaking (NOPR) in which it proposes to require that a person importing into the United States any covered product or equipment subject to an applicable energy conservation standard provide,

  12. DPC Resources - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible and usable, working in accordance with the Web Content Accessibility Guidelines (WCAG v1.0). If there is anything on this site - accessibility or validation related - that is not according to the standard, please contact the Site Administration, and not the Plone Team. Access keys Access keys are a navigation device

  13. Directives Tools - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible and usable, working in accordance with the Web Content Accessibility Guidelines (WCAG v1.0). If there is anything on this site - accessibility or validation related - that is not according to the standard, please contact the Site Administration, and not the Plone Team. Access keys Access keys are a navigation device

  14. Rescinded Delegations - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible and usable, working in accordance with the Web Content Accessibility Guidelines (WCAG v1.0). If there is anything on this site - accessibility or validation related - that is not according to the standard, please contact the Site Administration, and not the Plone Team. Access keys Access keys are a navigation device

  15. Browse Designations - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible and usable, working in accordance with the Web Content Accessibility Guidelines (WCAG v1.0). If there is anything on this site - accessibility or validation related - that is not according to the standard, please contact the Site Administration, and not the Plone Team. Access keys Access keys are a navigation device

  16. Security and Cyber Guidance | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Security and Cyber Guidance Security and Cyber Guidance Appraisal Process Guides Security Evaluations Appraisal Process Guide - April 2008 Cyber Security Evaluations Appraisal ...

  17. Alliance Project: Cyber-Physical Security Unified Access Solution

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Alliance Project: Cyber-Physical Security Unified Access Solution Unified cyber-physical security to protect energy sector control systems and facilities Background The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards require utility operators to control, monitor, and record physical access to cybersecurity assets and establish physical security perimeters (PSPs). Many operators engage security contractors to provide access controls,

  18. Help for the Developers of Control System Cyber Security Standards

    SciTech Connect (OSTI)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  19. DOE Recovery Act Reporting Requirements for the State Energy Program |

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Department of Energy Recovery Act Reporting Requirements for the State Energy Program DOE Recovery Act Reporting Requirements for the State Energy Program U.S. Department of Energy (DOE) Office of Energy Efficiency and Renewable Energy (EERE) State Energy Program (SEP) reporting requirements for states and U.S. territories receiving SEP grants under the 2009 Recovery Act. sep_arra_reporting_requirements.pdf (228.32 KB) More Documents & Publications EECBG Program Notice 10-07A WPN 10-13a:

  20. DOE RFI 2010-11129 NBP RFI: Communications Requirements Titled

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    "Implementing the National Broadband Plan by Studying the Communications Requirements of Electric Utilities to Inform Federal Smart Grid Policy" | Department of Energy RFI 2010-11129 NBP RFI: Communications Requirements Titled "Implementing the National Broadband Plan by Studying the Communications Requirements of Electric Utilities to Inform Federal Smart Grid Policy" DOE RFI 2010-11129 NBP RFI: Communications Requirements Titled "Implementing the National Broadband

  1. SECURITY AND CYBER REPORTS | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    SECURITY AND CYBER REPORTS SECURITY AND CYBER REPORTS Office of Security Assessments Office of Security Assessments - Report Titles

  2. Strengthening Cyber Security

    Energy Savers [EERE]

    Cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple ...

  3. Metaphors for cyber security.

    SciTech Connect (OSTI)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  4. DOE Zero Energy Ready Home PV-Ready Checklist DOE Zero Energy Ready Home National Program Requirements Mandatory Requirement 7

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Zero Energy Ready Home PV-Ready Checklist DOE Zero Energy Ready Home National Program Requirements Mandatory Requirement 7 (Renewable Ready) shall be met by any home certified under the DOE Zero Energy Ready Home program, only where all three conditions of the following conditions are met. If any of these three conditions is not met, the home is exempt from requirements contained in the PV- Ready checklist. 1. Location, based on zip code has at least 5 kWh/m 2 /day average daily solar radiation

  5. Headquarters Facilities Master Security Plan - Chapter 14, Cyber...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    4, Cyber Security Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security 2016 Headquarters Facilities Master Security Plan - Chapter 14, Cyber Security HQ cyber ...

  6. Departmental Cyber Security Management Policy

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-05-08

    The Departmental Cyber Security Management (DCSM) Policy was developed to further clarify and support the elements of the Integrated Safeguards and Security Management (ISSM) Policy regarding cyber security. Certified 9-23-10. No cancellation.

  7. Cyber Dynamic Impact Modeling Engine

    Energy Science and Technology Software Center (OSTI)

    2014-07-01

    As the rate, sophistication, and potential damage of cyber attacks continue to grow, the latency of human-speed analysis and response is becoming increasingly costly. Intelligent response to detected attacks and other malicious activity requires both knowledge of the characteristics of the attack as well as how resources involved in the attack related to the mission of the organization. Cydime fills this need by estimating a key component of intrusion detection and response automation: the relationshipmore » type and strength between the target organization and the potential attacker.« less

  8. Continuous Monitoring And Cyber Security For High Performance Computing

    Office of Scientific and Technical Information (OSTI)

    (Conference) | SciTech Connect Conference: Continuous Monitoring And Cyber Security For High Performance Computing Citation Details In-Document Search Title: Continuous Monitoring And Cyber Security For High Performance Computing Authors: Malin, Alex B. [1] ; Van Heule, Graham K. [1] + Show Author Affiliations Los Alamos National Laboratory Publication Date: 2013-08-02 OSTI Identifier: 1089452 Report Number(s): LA-UR-13-21921 DOE Contract Number: AC52-06NA25396 Resource Type: Conference

  9. Remediation of DOE hazardous waste sites: Planning and integration requirements

    SciTech Connect (OSTI)

    Geffen, C.A.; Garrett, B.A.; Cowan, C.E.; Siegel, M.R.; Keller, J.F. )

    1989-09-01

    The US Department of Energy (DOE) is faced with a immense challenge in effectively implementing a program to mitigate and manage the environmental impacts created by current operations and from past activities at its facilities. The current regulatory framework and public interest in the environmental arena have made operating DOE facilities in an environmentally responsible manner a compelling priority. This paper provides information on the results of a project funded by DOE to obtain a better understanding of the regulatory and institutional drivers in the hazardous waste market and the costs and timeframes required for remediation activities. Few realize that before remediating a hazardous waste site, a comprehensive planning process must be conducted to characterize the nature and extent of site contamination, calculate the risk to the public, and assess the effectiveness of various remediation technologies. The US Environmental Protection Agency (EPA) and others have found that it may take up to 7 years to complete the planning process at an average cost of $1.0 million per site. While cost information is not yet available for DOE sites, discussions with hazardous waste consulting firms indicate that average characterization and assessment costs will be 5 to 10 times this amount for DOE sites. The higher costs are expected because of the additional administrative requirements placed on DOE sites, the need to handle mixed wastes, the amount and extent of contamination at many of these sites, and the visibility of the sites. 15 refs., 1 fig., 2 tabs.

  10. Personnel Selection, Qualification, and Training Requirements for DOE Nuclear Facilities

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2001-07-12

    To establish selection, qualification, and training requirements for management and operating (M&O) contractor personnel involved in the operation, maintenance, and technical support of Department of Energy and National Nuclear Security Administration Category A and B reactors and non-reactor nuclear facilities. Canceled by DOE O 426.2

  11. Cyber threat metrics.

    SciTech Connect (OSTI)

    Frye, Jason Neal; Veitch, Cynthia K.; Mateski, Mark Elliot; Michalski, John T.; Harris, James Mark; Trevino, Cassandra M.; Maruoka, Scott

    2012-03-01

    Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.

  12. Requirements Crosswalk of DOE-STD-1104-2014 | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Requirements Crosswalk of DOE-STD-1104-2014 Requirements Crosswalk of DOE-STD-1104-2014 February 5, 2015 Requirements Crosswalk from DOE-STD-1104-2009 going to DOE-STD-1104-2014. This document provides a requirements Crosswalk from DOE-STD-1104-2009 going to DOE-STD-1104-2014. Requirements Crosswalk of DOE-STD-1104-2014 (339.11 KB) More Documents & Publications DOE-STD-1104-2014 Training Crosswalk of DOE-STD-1104 Bases of Approval DOE-STD-1104-2014 Master Acronym List

  13. FINAL DOE IG Semiannl Rpt

    Energy Savers [EERE]

    ... was required to address problems with certification and accreditation, contingency planning, and various cyber ... Control and Accountability of Emergency Communication ...

  14. Cyber Friendly Fire

    SciTech Connect (OSTI)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2011-09-01

    Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public. The

  15. UVI Cyber-security Workshop Workshop Analysis.

    SciTech Connect (OSTI)

    Kuykendall, Tommie G.; Allsop, Jacob Lee; Anderson, Benjamin Robert; Boumedine, Marc; Carter, Cedric; Galvin, Seanmichael Yurko; Gonzalez, Oscar; Lee, Wellington K.; Lin, Han Wei; Morris, Tyler Jake; Nauer, Kevin S.; Potts, Beth A.; Ta, Kim Thanh; Trasti, Jennifer; White, David R.

    2015-07-08

    The cybersecurity consortium, which was established by DOE/NNSA’s Minority Serving Institutions Partnerships Program (MSIPP), allows students from any of the partner schools (13 HBCUs, two national laboratories, and a public school district) to have all consortia options available to them, to create career paths and to open doors to DOE sites and facilities to student members of the consortium. As a part of this year consortium activities, Sandia National Laboratories and the University of Virgin Islands conducted a week long cyber workshop that consisted of three courses; Digital Forensics and Malware Analysis, Python Programming, and ThunderBird Cup. These courses are designed to enhance cyber defense skills and promote learning within STEM related fields.

  16. DOE-STD-6002-96; DOE Standard Safety of Magnetic Fusion Facilities: Requirements

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    2-96 May 1996 DOE STANDARD SAFETY OF MAGNETIC FUSION FACILITIES: REQUIREMENTS U.S. Department of Energy AREA SAFT Washington, D.C. 20585 DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. This document has been reproduced directly from the best available copy. Available to DOE and DOE contractors from the Office of Scientific and Technical Information, P.O. Box 62, Oak Ridge, TN 37831; (423) 576-8401. Available to the public from the U.S. Department of Commerce,

  17. PACIFIC NORTHWEST CYBER SUMMIT

    SciTech Connect (OSTI)

    Lesperance, Ann M.; Matlock, Gordon W.; Becker-Dippmann, Angela S.; Smith, Karen S.

    2013-08-07

    On March 26, 2013, the Snohomish County Public Utility District (PUD) and the U.S. Department of Energy’s (DOE’s) Pacific Northwest National Laboratory (PNNL) jointly hosted the Pacific Northwest Cyber Summit with the DOE’s Office of Electricity Delivery and Energy Reliability, the White House, Washington State congressional delegation, Washington State National Guard, and regional energy companies.

  18. Katrin Heitmann DOE HEP/ASCR Exascale Requirements Review

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Katrin Heitmann DOE HEP/ASCR Exascale Requirements Review June 10, 2015 Computational Cosmology Katrin Heitmann, Los Alamos National Laboratory Benasque Cosmology Workshop, August 2010 Roles of Cosmological Simulations in DE Survey Science * First part of end-to-end simulation * Control of systematics (1) Cosmology simulations and the survey (2) Solving the Inverse Problem from the LSST Science Book Cosmology Mock catalogs Athmosphere Optics Detector Images * Exploring fundamental physics *

  19. Understanding and Implementing DOE Quality Requirements and ASME NQA-1 in

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    DOE Nuclear Projects, A Management Overview and Introduction, May 14, 2015 | Department of Energy Understanding and Implementing DOE Quality Requirements and ASME NQA-1 in DOE Nuclear Projects, A Management Overview and Introduction, May 14, 2015 Understanding and Implementing DOE Quality Requirements and ASME NQA-1 in DOE Nuclear Projects, A Management Overview and Introduction, May 14, 2015 Understanding and Implementing DOE Quality Requirements and ASME NQA-1 in DOE Nuclear Projects, A

  20. DOE Cyber—An Enterprise Approach: Excellence Through Innovation & Integration

    Broader source: Energy.gov [DOE]

    In alignment with the DOE Cyber Strategy, the Office of the Chief Information Officer (OCIO) will host the DOE Cyber Conference, September 19-22, 2016 in Atlanta, Georgia. 

  1. Modeling Cyber Conflicts Using an Extended Petri Net Formalism

    SciTech Connect (OSTI)

    Zakrzewska, Anita N; Ferragut, Erik M

    2011-01-01

    When threatened by automated attacks, critical systems that require human-controlled responses have difficulty making optimal responses and adapting protections in real- time and may therefore be overwhelmed. Consequently, experts have called for the development of automatic real-time reaction capabilities. However, a technical gap exists in the modeling and analysis of cyber conflicts to automatically understand the repercussions of responses. There is a need for modeling cyber assets that accounts for concurrent behavior, incomplete information, and payoff functions. Furthermore, we address this need by extending the Petri net formalism to allow real-time cyber conflicts to be modeled in a way that is expressive and concise. This formalism includes transitions controlled by players as well as firing rates attached to transitions. This allows us to model both player actions and factors that are beyond the control of players in real-time. We show that our formalism is able to represent situational aware- ness, concurrent actions, incomplete information and objective functions. These factors make it well-suited to modeling cyber conflicts in a way that allows for useful analysis. MITRE has compiled the Common Attack Pattern Enumera- tion and Classification (CAPEC), an extensive list of cyber attacks at various levels of abstraction. CAPEC includes factors such as attack prerequisites, possible countermeasures, and attack goals. These elements are vital to understanding cyber attacks and to generating the corresponding real-time responses. We demonstrate that the formalism can be used to extract precise models of cyber attacks from CAPEC. Several case studies show that our Petri net formalism is more expressive than other models, such as attack graphs, for modeling cyber conflicts and that it is amenable to exploring cyber strategies.

  2. Cyber security best practices for the nuclear industry

    SciTech Connect (OSTI)

    Badr, I.

    2012-07-01

    When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

  3. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  4. Implementation of DOE NPH Requirements at the Thomas Jefferson...

    Office of Environmental Management (EM)

    Facility (TJNAF), a Non-Nuclear DOE Lab David Luke, DOE, Thomas Jefferson Site Office Stephen McDuffie, DOE, Office of the Chief of Nuclear Safety PDF icon Implementation of DOE...

  5. The Cyber Security Crisis

    ScienceCinema (OSTI)

    Spafford, Eugene [Purdue University, West Lafayette, Indiana, United States

    2009-09-01

    Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'

  6. Cyber Securing Control Systems

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Industrial Control Systems Integration into the DoD Networks A Briefing in Response to House Report 113-102, Accompanying the FY14 National Defense Authorization Act Unclassified - Distribution Statement A August, 2015 Cyber Securing Control Systems Acquisition, Technology and Logistics 2 DoD Scope of Platform IT & Control Systems * Acquisitions / Weapon Systems - H,M & E (ships / subs, missiles, UVs, etc.) - Training Simulators, 3D printing, etc. * EI&E - Buildings & linear

  7. IDENTIFICATION OF DOE'S POST-CLOSURE MONITORING NEEDS AND REQUIREMENTS

    SciTech Connect (OSTI)

    M.A. Ebadian, Ph.D.

    1999-01-01

    The 2006 plan sets an ambitious agenda for the U.S. Department of Energy (DOE), Office of Environmental Management (EM) and the remediation of sites contaminated by decades of nuclear weapons production activities. The plan's primary objective is to reduce overall clean up costs by first eliminating the environmental problems that are most expensive to control and safely maintain. In the context of the 2006 Plan, closure refers to the completion of area or facility specific cleanup projects. The cleanup levels are determined by the planned future use of the site or facility. Use restrictions are still undecided for most sites but are highly probable to exclude residential or agricultural activities. Most of the land will be remediated to ''industrial use'' levels with access restrictions and some areas will be closed-off through containment. Portions of the site will be reserved for waste disposal, either as a waste repository or the in-situ immobilization of contaminated soil and groundwater, and land use will be restricted to waste disposal only. The land used for waste disposal will require monitoring and maintenance activities after closure. Most of the land used for industrial use may also require such postclosure activities. The required postclosure monitoring and maintenance activities will be imposed by regulators and stakeholders. Regulators will not approve closure plans without clearly defined monitoring methods using approved technologies. Therefore, among all other more costly and labor-intensive closure-related activities, inadequate planning for monitoring and lack of appropriate monitoring technologies can prevent closure. The purpose of this project is to determine, document, and track the current and evolving postclosure monitoring requirements at DOE-EM sites. This information will aid CMST-CP in guiding its postclosure technology development and deployment efforts.

  8. Comparison of selected DOE and non-DOE requirements, standards, and practices for Low-Level Radioactive Waste Disposal

    SciTech Connect (OSTI)

    Cole, L.; Kudera, D.; Newberry, W.

    1995-12-01

    This document results from the Secretary of Energy`s response to Defense Nuclear Facilities Safety Board Recommendation 94--2. The Secretary stated that the US Department of Energy (DOE) would ``address such issues as...the need for additional requirements, standards, and guidance on low-level radioactive waste management. `` The authors gathered information and compared DOE requirements and standards for the safety aspects Of low-level disposal with similar requirements and standards of non-DOE entities.

  9. International inspection activity impacts upon DOE safeguards requirements

    SciTech Connect (OSTI)

    Zack, N.R.; Crawford, D.W.

    1995-09-01

    The US has placed certain special nuclear materials declared excess to their strategic needs under international safeguards through the International Atomic Energy Agency (IAEA). This Presidential initiative has obligated materials at several Department of Energy (DOE) facilities for these safeguards activities to demonstrate the willingness of the US to ban production or use of nuclear materials outside of international safeguards. However, IAEA inspection activities generally tend to be intrusive in nature and are not consistent with several domestic safeguards procedures implemented to reduce worker radiation exposures and increase the cost-effectiveness and efficiency of accounting for and storing of special nuclear materials. To help identify and provide workable solutions to these concerns, the Office of Safeguards and Security has conducted a program to determine possible changes to the DOE safeguards and security requirements designed to help facilities under international safeguards inspections more easily comply with domestic safeguards goals during international inspection activities. This paper will discuss the impact of international inspection activities on facility safeguards operations and departmental safeguards procedures and policies.

  10. EVMS Training Snippet: 1.1 DOE Order 413.3B EVM Requirements...

    Energy Savers [EERE]

    1 DOE Order 413.3B EVM Requirements EVMS Training Snippet: 1.1 DOE Order 413.3B EVM Requirements This EVMS Training Snippet, sponsored by the Office of Project Management (PM), ...

  11. Cyber Security Evaluation Tool

    Energy Science and Technology Software Center (OSTI)

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization’s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied tomore » enhance cybersecurity controls.« less

  12. Cyber Security Evaluation Tool

    SciTech Connect (OSTI)

    2009-08-03

    CSET is a desktop software tool that guides users through a step-by-step process to assess their control system network security practices against recognized industry standards. The output from CSET is a prioritized list of recommendations for improving the cyber security posture of your organization?¢????s ICS or enterprise network. CSET derives the recommendations from a database of cybersecurity standards, guidelines, and practices. Each recommendation is linked to a set of actions that can be applied to enhance cybersecurity controls.

  13. Jefferson Lab - Cyber Physical Systems Summit

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Events > Cyber Physical Systems Summit Privacy and Security Notice PREX - Credit:NASA LINKS Circular Cyber Virginia & Agenda Registration Lodging Travel Click poster to download Cyber Poster print version Cyber Physical Systems Summit September 20-22, 2016 Thomas Jefferson National Accelerator Facility Newport News, VA Circular On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary

  14. DOE Order 458.1 Property Clearance Requirements and Factors Considered...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    58.1 Property Clearance Requirements and Factors Considered to Update Its Clearance Limits DOE Order 458.1 Property Clearance Requirements and Factors Considered to Update Its ...

  15. Cyber and physical infrastructure interdependencies.

    SciTech Connect (OSTI)

    Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

    2008-09-01

    The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

  16. Process Control System Cyber Security Standards - An Overview

    SciTech Connect (OSTI)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  17. Notice of Intent to Develop DOE O 470.6, Integrating Existing Technical Security Program Requirements

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2013-08-21

    This memorandum provides justification for the development of one integrated and consolidated set of requirements for the Department of Energy (DOE) Technical Security Program (TSP). This Order will combine the existing necessary requirements from DOE Manual (M) 205.1-3, Telecommunications Security Manual, dated 4-17-2006 and DOE M 470.4-4A chg.1, Information Security Manual, dated 10-12-2010; Section D -Technical Surveillance Countermeasures, into a single DOE Order defining the DOE TSP.

  18. DOE TRANSCOM Technical Support Services DE-EM0002903 SECTION J - LIST OF ATTACHMENTS

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    1 LIST OF APPLICABLE DOE DIRECTIVES The Contractor shall comply with the requirements of the DOE Directives identified below. DOE directives may be found at http://www.directives.doe.gov/. Regulation and Number Regulation Title DOE O 150.1 Continuity Programs DOE O 200.1A Information Technology Management DOE O 203.1 Limited Personal use of Government Office Equipment including Information Technology DOE O 205.1B Chg 2 Department of Energy Cyber Security Program DOE O 206.1 Department of Energy

  19. INL@Work Cyber Security

    SciTech Connect (OSTI)

    Chaffin, May

    2010-01-01

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  20. INL@Work Cyber Security

    ScienceCinema (OSTI)

    Chaffin, May

    2013-05-28

    May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks. Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

  1. DOE NEPA Guidance and Requirements - Search Index - List of Contents...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    the NEPA Process - Interim Actions DOE2003 Administrative Record Guidance DOJ1991 Aligning the NEPA Process with EMS CEQ2007 Alternative Actions For Analysis in ...

  2. DOE Proposes Requirement for Certification of Admissibility for...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    February 22, 2016 - 6:26pm Addthis DOE has issued a Notice of Proposed Rulemaking (NOPR) ... to an applicable energy conservation standard provide, prior to importation, a ...

  3. Visualizing Cyber Security: Usable Workspaces

    SciTech Connect (OSTI)

    Fink, Glenn A.; North, Christopher L.; Endert, Alexander; Rose, Stuart J.

    2009-10-11

    An environment that supports cyber analytics work should enable multiple, simultaneous investigations, information foraging, and provide a solution space for organizing data. We describe our study of cyber security professionals and visualizations in a large, high-resolution display work environment. We discuss the tasks and needs of analysts that such an environment can support and present several prototypes designed to support these needs. We conclude with a usability evaluation of the prototypes and additional lessons learned.

  4. National Security and Cyber Security

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    National Security and Cyber Security National Security and Cyber Security National security depends on science and technology. The United States relies on Los Alamos National Laboratory for the best of both. No place on Earth pursues a broader array of world-class scientific endeavors. Contact thumbnail of Business Development Business Development Richard P. Feynman Center for Innovation (505) 665-9090 Email National security and weapons science at the laboratory spans essentially all the

  5. DOE Requires Manufacturers to Halt Sales of Heat Pumps and Air...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Media contact(s): (202) 586-4940 Addthis Related Articles DOE Requires Manufacturers to Halt Sales of Heat Pumps and Air Conditioners Violating Minimum Appliance Standards DOE Orders ...

  6. DOE Zero Energy Ready Home National Program Requirements

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    ... Location does not have significant natural shading (e.g., trees, tall buildings on the south-facing roof). d. Home as designed has adequate free roof area within +- 45 of true ...

  7. Tensions in collaborative cyber security and how they affect incident detection and response

    SciTech Connect (OSTI)

    Fink, Glenn A.; McKinnon, Archibald D.; Clements, Samuel L.; Frincke, Deborah A.

    2009-12-01

    Security often requires collaboration, but when multiple stakeholders are involved, it is typical for their priorities to differ or even conflict with one another. In todays increasingly networked world, cyber security collaborations may span organizations and countries. In this chapter, we address collaboration tensions, their effects on incident detection and response, and how these tensions may potentially be resolved. We present three case studies of collaborative cyber security within the U.S. government and discuss technical, social, and regulatory challenges to collaborative cyber security. We suggest possible solutions, and present lessons learned from conflicts. Finally, we compare collaborative solutions from other domains and apply them to cyber security collaboration. Although we concentrate our analysis on collaborations whose purpose is to achieve cyber security, we believe that this work applies readily to security tensions found in collaborations of a general nature as well.

  8. Risk Assessment Tool - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Risk Assessment Technical Experts Working Group Risk Assessment Technical Experts Working Group The Risk Assessment Technical Experts Working Group (RWG) is established to assist DOE in the appropriate and effective use of quantitative risk assessment in nuclear safety related activities. The activities of the group will help DOE ensure that risk assessments supporting nuclear safety decisions are conducted in a consistent manner, of appropriate quality, properly tailored to the needs of the

  9. Audits and Inspections - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    DOE-OIG-16-15 Audit Report: DOE-OIG-16-15 August 18, 2016 National Nuclear Security Administration's Management of the B61-12 Life Extension Program The primary mission of the National Nuclear Security Administration's (NNSA) Defense Programs is to ensure the safety, reliability, and performance of the Nation's nuclear weapons stockpile. One of the oldest nuclear weapon systems in the stockpile is the B61. NNSA has raised serious concerns regarding its future reliability. To address these

  10. Strengthening Cyber Security | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Strengthening Cyber Security Strengthening Cyber Security Describes the goals and activities of the National SCADA Test Bed program to secure control systems in the energy sector from cyber attack Strengthening Cyber Security (587.96 KB) More Documents & Publications Considering Cumulative Effects Under the National Environmental Policy Act (CEQ, 1997) Vision for 2025: A Framework for Change ITP Aluminum: Technical Working Group on Inert Anode Technologies

  11. WPN 10-13: ARRA Reporting Requirements: OMB Quarterly and DOE Monthly

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Reporting Requirements Under the American Recovery and Reinvestment Act of 2009 for the Weatherization Assistance Program | Department of Energy : ARRA Reporting Requirements: OMB Quarterly and DOE Monthly Reporting Requirements Under the American Recovery and Reinvestment Act of 2009 for the Weatherization Assistance Program WPN 10-13: ARRA Reporting Requirements: OMB Quarterly and DOE Monthly Reporting Requirements Under the American Recovery and Reinvestment Act of 2009 for the

  12. WPN 10-13a: ARRA Reporting Requirements: OMB Quarterly and DOE Monthly

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Reporting Requirements under the American Recovery and Reinvestment Act of 2009 for the Weatherization Assistance Program | Department of Energy a: ARRA Reporting Requirements: OMB Quarterly and DOE Monthly Reporting Requirements under the American Recovery and Reinvestment Act of 2009 for the Weatherization Assistance Program WPN 10-13a: ARRA Reporting Requirements: OMB Quarterly and DOE Monthly Reporting Requirements under the American Recovery and Reinvestment Act of 2009 for the

  13. ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Assessment at National SCADA Test Bed | Department of Energy and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed ABB and Energy Utilities Form Consortium to Fund SCADA/EMS Cyber Security Assessment at National SCADA Test Bed Twelve utilities have formed a consortium with ABB, a supervisory control and data acquisition (SCADA) system vendor, to privately fund advanced research and testing through the U.S. Department of Energy's (DOE)

  14. DOE Requires Air-Con International to Cease Sales of Inefficient...

    Energy Savers [EERE]

    Air-Con International to Cease Sales of Inefficient Air Conditioners and Proposes Penalties DOE Requires Air-Con International to Cease Sales of Inefficient Air Conditioners and ...

  15. Cyber Threats to Nuclear Infrastructures

    SciTech Connect (OSTI)

    Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

    2010-07-01

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  16. Review Policy / Proposal Guidelines / Reporting Requirements| U.S. DOE

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Office of Science (SC) Review Policy / Proposal Guidelines / Reporting Requirements High Energy Physics (HEP) HEP Home About Research Facilities Science Highlights Benefits of HEP Funding Opportunities Closed Funding Opportunity Announcements (FOAs) Closed Lab Announcements Award Search / Public Abstracts HEP Early Career Opportunities Review Policy / Proposal Guidelines / Reporting Requirements Additional Requirements and Guidance for Digital Data Management Acknowledgements of Federal

  17. Enforcement handbook: Enforcement of DOE nuclear safety requirements

    SciTech Connect (OSTI)

    1995-06-01

    This Handbook provides detailed guidance and procedures to implement the General Statement of DOE Enforcement Policy (Enforcement Policy or Policy). A copy of this Enforcement Policy is included for ready reference in Appendix D. The guidance provided in this Handbook is qualified, however, by the admonishment to exercise discretion in determining the proper disposition of each potential enforcement action. As discussed in subsequent chapters, the Enforcement and Investigation Staff will apply a number of factors in assessing each potential enforcement situation. Enforcement sanctions are imposed in accordance with the Enforcement Policy for the purpose of promoting public and worker health and safety in the performance of activities at DOE facilities by DOE contractors (and their subcontractors and suppliers) who are indemnified under the Price-Anderson Amendments Act. These indemnified contractors, and their suppliers and subcontractors, will be referred to in this Handbook collectively as DOE contractors. It should be remembered that the purpose of the Department`s enforcement policy is to improve nuclear safety for the workers and the public, and this goal should be the prime consideration in exercising enforcement discretion.

  18. Types of Directives - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    at least two Departmental elements. The requirements identify the results needed in the performance of a job or a subject matter expert area. Details on how to fulfill...

  19. DOE Requires Manufacturer and Labeler to Cease Sale of Incandescent...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    of Non-Compliance Determination to Westinghouse Lighting Corporation and Fuzhou Sunlight Lighting Electrical Appliance Company requiring that they halt the sale of 8 basic...

  20. Cyber Security Evaluation of II&C Technologies

    SciTech Connect (OSTI)

    Ken Thomas

    2014-11-01

    The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a

  1. Microsoft Word - OE AMI-SEC Requirements Document.doc

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Utility Task Force Partners with DOE to Develop Cyber Security Requirements for Advanced Metering Infrastructure March 16, 2009 The Advanced Metering Infrastructure Security (AMI-SEC) Task Force announces the release of the AMI System Security Requirements, a first-of-its-kind for the utility industry that will help utilities procure and implement secure components and systems using a common set of security requirements. The utility industry recognizes that AMI changes the face of traditional

  2. Cyber Security Standards.PDF

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1 I N S P E C T I O N R E P O R T U.S. DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL OFFICE OF INSPECTIONS INSPECTION OF CYBER SECURITY STANDARDS FOR SENSITIVE PERSONAL INFORMATION NOVEMBER 2001 . DEPARTMENT OF ENERGY OFFICE OF INSPECTOR GENERAL U.S. DEPARTMENT OF ENERGY Washington, DC 20585 November 13, 2001 MEMORANDUM FOR THE SECRETARY FROM: Gregory H. Friedman /s/ Inspector General SUBJECT: INFORMATION: Report on "Inspection of Cyber Security Standards for Sensitive Personal

  3. Enforcement Guidance Supplement 99-02, DOE Enforcement Activities of Internal Dosimetry Program Requirements

    Office of Environmental Management (EM)

    EGS 99-02 Appendix E - Operational Procedures for Enforcement Department of Energy Washington, DC 20585 July 16, 1999 MEMORANDUM FOR DOE PAAA COORDINATORS CONTRACTOR PAAA COORDINATORS FROM: R. KEITH CHRISTOPHER DIRECTOR OFFICE OF ENFORCEMENT AND INVESTIGATION SUBJECT: Enforcement Guidance Supplement 99-02: DOE Enforcement Activities of Internal Dosimetry Program Requirements Section 1.3 of the Operational Procedure entitled Enforcement of DOE Nuclear Safety Requirements under Price-Anderson

  4. DOE Issues Request for Information for Scope Requirements Planning at Los

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Alamos National Laboratory | Department of Energy Information for Scope Requirements Planning at Los Alamos National Laboratory DOE Issues Request for Information for Scope Requirements Planning at Los Alamos National Laboratory December 10, 2014 - 4:00pm Addthis Media Contact Lynette Chafin, 513-246-0461, Lynette.Chafin@emcbc.doe.gov Cincinnati - The U.S. Department of Energy (DOE) Environmental Management Consolidated Business Center (EMCBC) today issued a Sources Sought/Request for

  5. RevCom - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    RevCom by Jim McDonald RevCom is the online review, comment, and approval system for draft DOE directives. For access to RevCom, contact your local Directives Point of Contact (DPC) or contact Technical Support. Login to RevCom To set up a RevCom login account, contact Technical Support. For information about how to use RevCom, see the RevCom User Guide and Tutorials. Choose your user role to login. Directives Point of Contact and Delegates Subject Matter Experts and Reviewers Writers Monitors

  6. DOE Testing Reveals Samsung Refrigerator Does Not Meet Energy Star Requirements

    Broader source: Energy.gov [DOE]

    DOE-initiated testing has revealed that a Samsung refrigerator (model RF26VAB), which the company had claimed was Energy Star compliant, consumed more energy than permitted by the Energy Star...

  7. Recommended Practice: Creating Cyber Forensics Plans for Control Systems

    SciTech Connect (OSTI)

    Eric Cornelius; Mark Fabro

    2008-08-01

    Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are not comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these

  8. DOE Order 458.1 Property Clearance Requirements and Factors Considered to

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Update Its Clearance Limits | Department of Energy 58.1 Property Clearance Requirements and Factors Considered to Update Its Clearance Limits DOE Order 458.1 Property Clearance Requirements and Factors Considered to Update Its Clearance Limits Carlos Corredor, U.S. Department of Energy ;Gustavo Vasquez*, U.S. Department of Energy; Derek Favret, U.S. Department of Energy Abstract: This presentation will provide an explanation of the property clearance requirements contained in DOE O 458.1,

  9. DOE SC Exascale Requirements Review: High Energy Physics

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    SC Exascale Requirements Review: High Energy Physics Bethesda Hyatt, June 10, 2015 Jim Siegrist Associate Director for High Energy Physics Office of Science, U.S. Department of Energy HEP Computing and Data Challenges * What's new? * In May 2014, the U.S. particle physics community updated its vision for the future - The P5 (Particle Physics Project Prioritization Panel) report presents a strategy for the next decade and beyond that enables discovery and maintains our position as a global leader

  10. Browse Draft Directives - DOE Directives, Delegations, and Requirements

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Accessibility Text size: (Requires JavaScript) Large Normal Small This site uses the Open Source Content Management System Plone and has been designed to be completely accessible and usable, working in accordance with the Web Content Accessibility Guidelines (WCAG v1.0). If there is anything on this site - accessibility or validation related - that is not according to the standard, please contact the Site Administration, and not the Plone Team. Access keys Access keys are a navigation device

  11. DOE Issues Energy Sector Cyber Organization NOI

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    the federal government and energy sector stakeholders to protect the bulk power electric grid and aid the integration of smart grid technology to enhance the security of the grid. ...

  12. 21 Steps to Improve Cyber Security of SCADA Networks | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    1 Steps to Improve Cyber Security of SCADA Networks 21 Steps to Improve Cyber Security of SCADA Networks Supervisory control and data acquisition (SCADA) networks contain computers and applications that perform key functions in providing essential services and commodities (e.g., electricity, natural gas, gasoline, water, waste treatment, transportation) to all Americans. As such, they are part of the nation's critical infrastructure and require protection from a variety of threats that exist in

  13. Requirements for shipment of DOE radioactive mixed waste

    SciTech Connect (OSTI)

    Gablin, K.; No, Hyo; Herman, J.

    1993-08-01

    There are several sources of radioactive mixed waste (RMW) at Argonne National Laboratory which, in the past, were collected at waste tanks and/or sludge tanks. They were eventually pumped out by special pumps and processed in an evaporator located in the waste operations area in Building No. 306. Some of this radioactive mixed waste represents pure elementary mercury. These cleaning tanks must be manually cleaned up because the RMW material was too dense to pump with the equipment in use. The four tanks being discussed in this report are located in Building No. 306. They are the Acid Waste Tank, IMOX/FLOC Tanks, Evaporation Feed Tanks, and Waste Storage Tanks. All of these tanks are characterized and handled separately. This paper discusses the process and the requirements for characterization and the associated paperwork for Argonne Waste to be shipped to Westinghouse Hanford Company for storage.

  14. Office of Cyber Assessments - Report Titles | Department of Energy

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Assessments - Report Titles Office of Cyber Assessments - Report Titles 2016 Independent Assessment of the Cyber Security Program at the Special Technologies Laboratory Field Intelligence Element, March 2016 (OUO) Independent Assessment of the Classified Cyber Security Program at the Pantex Plant, April 2016 (OUO) Independent Assessment of the Cyber Security Program at the Pantex Plant Field Intelligence Element, April 2016 (OUO) Independent Assessment of the Cyber Security Program of the

  15. Application of Engineering and Technical Requirements for 30, 60, and 90% Design of DOE Nuclear Facilities

    Office of Energy Efficiency and Renewable Energy (EERE)

    This Standard Review Plan (SRP), Application of Engineering and Technical Requirements for 30, 60 and 90% Design of DOE Nuclear Facilities, was developed by the Office of Chief of Nuclear Safety (CNS), Office of the Environmental Management. The SRP is designed to help strengthen the technical rigor of line management oversight and federal monitoring of the design process of DOE nuclear facilities.

  16. DOE Requires Manufacturer and Labeler to Cease Sale of Incandescent Reflector Lamps

    Broader source: Energy.gov [DOE]

    DOE has issued Notices of Non-Compliance Determination to Westinghouse Lighting Corporation and Fuzhou Sunlight Lighting Electrical Appliance Company requiring that they halt the sale of 8 basic...

  17. Version Tracking Document for DOE Challenge Homes, National Program Requirements (Rev. 03)

    Broader source: Energy.gov [DOE]

    Version Tracking Document for DOE Challenge Homes, National Program Requirements (Rev. 03), 4/17/2013, from the U.S. Department of Energy's Office of Energy Efficiency and Renewable Energy website.

  18. Report of the Cyber Security Research Needs for Open Science...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    the Cyber Security Research Needs for Open Science Workshop Report of the Cyber Security Research Needs for Open Science Workshop Protecting systems and users, while maintaining ...

  19. NNSA Seeking Comments on Consolidated IT and Cyber Security Support...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft NNSA Seeking Comments on Consolidated IT and Cyber Security Support Services Draft July 17, 2013...

  20. Control Systems Cyber Security: Defense in Depth Strategies ...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Cyber Security: Defense in Depth Strategies Control Systems Cyber Security: Defense in ... strategies for organizations that use control system networks while maintaining a ...

  1. Lessons Learned from Cyber Security Assessments of SCADA and...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems ...

  2. Lessons Learned from Cyber Security Assessments of SCADA and...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems...

  3. Before the House Subcommittee on Emerging Threats, Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Subcommittee on Emerging Threats, Cyber Security and Science and Technology Committee on Homeland Security Before the House Subcommittee on Emerging Threats, Cyber Security and ...

  4. Sandia Energy - Cyber Research Facility Opens at Sandia's California...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Site Home Energy Assurance Cyber Energy Surety Facilities News News & Events Cybersecurity Technologies Research Laboratory Cyber Research Facility Opens at Sandia's...

  5. Guide to Critical Infrastructure Protection Cyber Vulnerability...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June ...

  6. Information Security: Coordination of Federal Cyber Security...

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    GAO also recommends that the Office of Management and Budget (OMB) issue guidance to agencies for providing cyber security research data to repositories. In commenting on a draft ...

  7. Sandia Energy Cyber Engineering Research Laboratory (CERL...

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    wins-funding-for-programming-in-situ-data-analysisvisualizationfeed 0 Sandia Cyber Engineering Research Laboratory (CERL) Formally Opens http:energy.sandia.gov...

  8. Validating Cyber Security Requirements: A Case Study

    SciTech Connect (OSTI)

    Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

    2011-01-01

    Vulnerabilities in a system may have widely varying impacts on system security. In practice, security should not be defined as the absence of vulnerabilities. In practice, security should not be quantified by the number of vulnerabilities. Security should be managed by pursuing a policy that leads us first to the highest impact vulnerabilities. In light of these observations, we argue in favor of shifting our focus from vulnerability avoidance/removal to measurable security attributes. To this effect, we recommend a logic be used for system security, which captures/represents security properties in quantifiable, verifiable, measurable terms so that it is possible to reason about security in terms of its observable/perceptible effects rather than its hypothesized causes. This approach is orthogonal to existing techniques for vulnerability avoidance, removal, detection, and recovery, in the sense that it provides a means to assess, quantify, and combine these techniques.

  9. Grid Cyber Vulnerability & Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber Vulnerability & Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Energy Defense Waste Management Programs

  10. Cyber-Based Vulnerability Assessments

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Cyber-Based Vulnerability Assessments - Sandia Energy Energy Search Icon Sandia Home Locations Contact Us Employee Locator Energy & Climate Secure & Sustainable Energy Future Stationary Power Energy Conversion Efficiency Solar Energy Wind Energy Water Power Supercritical CO2 Geothermal Natural Gas Safety, Security & Resilience of the Energy Infrastructure Energy Storage Nuclear Power & Engineering Grid Modernization Battery Testing Nuclear Energy Defense Waste Management Programs

  11. Application of Engineering and Technical Requirements for DOE Nuclear Facilities Standard Review Plan (SRP)

    Office of Energy Efficiency and Renewable Energy (EERE)

    This Standard Review Plan (SRP), Application of Engineering and Technical Requirements for DOE Nuclear Facilities, was developed by the Chief of Nuclear Safety (CNS)1, Office of the Under Secretary for Nuclear Security, to help strengthen the technical rigor of line management oversight and federal monitoring of DOE nuclear facilities. This SRP (hereafter refers to as the Engineering SRP) provides consistent review guidance to assure that engineering and technical requirements are appropriately applied for the design, operations and disposition2 of DOE nuclear facilities. It is one of a series of three SRPs developed by the CNS. The other two SRPs address: 1) nuclear safety basis program review; and 2) application of requirements of DOE O 413.3B, Program and Project Management for the Acquisition of Capital Assets, and DOE-STD-1189, Integration of Safety into the Design Process, for DOE Critical Decision (CD) review and approval. These SRPs may be revised in the future to reflect changes in the DOE requirements, lessons learned, and experience/insights from nuclear facility design, operations, and disposition.

  12. Microgrid cyber security reference architecture.

    SciTech Connect (OSTI)

    Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

    2013-07-01

    This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

  13. TA-55 Final Safety Analysis Report Comparison Document and DOE Safety Evaluation Report Requirements

    SciTech Connect (OSTI)

    Alan Bond

    2001-04-01

    This document provides an overview of changes to the currently approved TA-55 Final Safety Analysis Report (FSAR) that are included in the upgraded FSAR. The DOE Safety Evaluation Report (SER) requirements that are incorporated into the upgraded FSAR are briefly discussed to provide the starting point in the FSAR with respect to the SER requirements.

  14. Microsoft Word - CIP_CyberAssessmentGuide.doc

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Guide to CIP Cyber Vulnerability Assessment Executive Summary The North American Electric Reliability Corporation adopted Critical Infrastructure Protection standards in 2006. The standards establish the minimum requirements needed to ensure the security of electronic exchange of information needed to support the reliability and the bulk power system. Industry feedback at conferences and meetings indicate uncertainty about implementation of the standards. Sandia National Labs Center for Control

  15. Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

    SciTech Connect (OSTI)

    Ondrej Linda; Todd Vollmer; Jim Alves-Foss; Milos Manic

    2011-08-01

    Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL provides a basis for robust anomaly detection and cyber security state awareness. In addition, the proposed algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental cyber-security test-bed.

  16. Gamification for Measuring Cyber Security Situational Awareness

    SciTech Connect (OSTI)

    Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

    2013-03-01

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

  17. Extension of DOE Directives

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-02-12

    The following directives are extended until 8-12-04. DOE N 205.2, Foreign National Access to DOE Cyber Systems, dated 11/1/99. DOE N 205.3, Password Generation, Protection, and Use, dated 11/23/99.

  18. Extension of DOE Directives

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2003-02-24

    This Notice extends the following directives until 2/16/04: DOE N 205.2, Foreign National Access to DOE Cyber Systems, and DOE N 205.3, Password Generation, Protection, and Use, dated 11/23/99-7/1/00.

  19. Extension of DOE Directives

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2004-08-12

    The following directives are extended until 8-12-05: DOE N 205.2, Foreign National Access to DOE Cyber Security Systems, dated 11-1-99 and DOE N 205.3, Password Generation, Protection, and Use, dated 11-23-99. No cancellations.

  20. Extension of DOE Directives

    Broader source: Directives, Delegations, and Requirements [Office of Management (MA)]

    2005-09-15

    Effective immediately, DOE N 205.2, Foreign National Access to DOE Cyber Systems, dated 11-1-99, and DOE N 205.3, Password Generation, Protection, and Use, dated 11-23-99, are extended until 9-30-06, unless sooner rescinded.

  1. Additional Requirements and Guidance for Digital Data Management | U.S. DOE

    Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

    Office of Science (SC) Additional Requirements and Guidance for Digital Data Management Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) SBIR/STTR Home About Funding Opportunity Announcements (FOAs) Applicant and Awardee Resources Quick Links DOE SBIR Online Learning Center External link DOE Phase 0 Small Business Assistance External link Protecting your Trade Secrets, Commercial, and Financial Information Preparing and Submitting a Phase I Letter of

  2. What do the DOE Zero Energy Ready Home Program Specs Actually Require?

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Alternate HVAC Systems & the Need to Use a Credentialed HVAC Contractor What do the DOE Zero Energy Ready Home Program Specs Actually Require? The DOE Zero Energy Ready Home program frequently receives inquiries about the need for qualifying projects to use an HVAC contractor who is certified by an H-QUITO 1 . The DOE Zero Energy Ready Home program incorporates all of the ENERGY STAR Homes provisions. While commissioning is important for all HVAC systems, Versions 3 and 3.1 of the ENERGY

  3. Defense on the Move: Ant-Based Cyber Defense

    SciTech Connect (OSTI)

    Fink, Glenn A.; Haack, Jereme N.; McKinnon, Archibald D.; Fulp, Errin W.

    2014-04-15

    Many common cyber defenses (like firewalls and IDS) are as static as trench warfare allowing the attacker freedom to probe them at will. The concept of Moving Target Defense (MTD) adds dynamism to the defender side, but puts the systems to be defended themselves in motion, potentially at great cost to the defender. An alternative approach is a mobile resilient defense that removes attackers ability to rely on prior experience without requiring motion in the protected infrastructure itself. The defensive technology absorbs most of the cost of motion, is resilient to attack, and is unpredictable to attackers. The Ant-Based Cyber Defense (ABCD) is a mobile resilient defense providing a set of roaming, bio-inspired, digital-ant agents working with stationary agents in a hierarchy headed by a human supervisor. The ABCD approach provides a resilient, extensible, and flexible defense that can scale to large, multi-enterprise infrastructures like the smart electric grid.

  4. Automatic Labeling for Entity Extraction in Cyber Security

    SciTech Connect (OSTI)

    Bridges, Robert A; Jones, Corinne L; Iannacone, Michael D; Testa, Kelly M; Goodall, John R

    2014-01-01

    Timely analysis of cyber-security information necessitates automated information extraction from unstructured text. While state-of-the-art extraction methods produce extremely accurate results, they require ample training data, which is generally unavailable for specialized applications, such as detecting security related entities; moreover, manual annotation of corpora is very costly and often not a viable solution. In response, we develop a very precise method to automatically label text from several data sources by leveraging related, domain-specific, structured data and provide public access to a corpus annotated with cyber-security entities. Next, we implement a Maximum Entropy Model trained with the average perceptron on a portion of our corpus (~750,000 words) and achieve near perfect precision, recall, and accuracy, with training times under 17 seconds.

  5. Action Recommendation for Cyber Resilience

    SciTech Connect (OSTI)

    Choudhury, Sutanay; Rodriguez, Luke R.; Curtis, Darren S.; Oler, Kiri J.; Nordquist, Peter L.; Chen, Pin-Yu; Ray, Indrajit

    2015-09-01

    This paper presents an unifying graph-based model for representing the infrastructure, behavior and missions of an enterprise. We describe how the model can be used to achieve resiliency against a wide class of failures and attacks. We introduce an algorithm for recommending resilience establishing actions based on dynamic updates to the models. Without loss of generality, we show the effectiveness of the algorithm for preserving latency based quality of service (QoS). Our models and the recommendation algorithms are implemented in a software framework that we seek to release as an open source framework for simulating resilient cyber systems.

  6. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect (OSTI)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  7. Integrating total quality management principles with the requirements of DOE Order 5700.6C

    SciTech Connect (OSTI)

    Hedges, D.

    1993-03-01

    The Department of Energy has recently required its field offices, contractors, and subcontractors to implement DOE Order 5700.6C, ``Quality Assurance,`` for all work on waste management contracts. The order restructures the 18 criteria of NQA-1 and focuses on the role of management in achieving and assuring quality, performance of activities to achieve and assure quality, and management`s assessment of its performance for the purpose of identifying improvements to be made. The DOE order also introduces elements of the total quality management (TQM) philosophy, which were not present in DOE Order 5700.6B. The research community within DOE has recently issued a document entitled DOE Order 5700.6C Implementation Guide, which is more explicit about the integration of TQM principles with the implementation of DOE Order 5700.6C in research facilities. The Environmental Protection Agency is sponsoring a quality assurance standard (ANSI/ASQC E-4) to replace EPA`s QAMS 005/80. The new standard is consistent with DOE Order 5700.6C, and it also stresses the integration of TQM principles within the quality assurance process. This paper discusses the intent and philosophy of the 10 criteria of the new DOE order, the status of ANSI/ASQC E-4, and how to effectively integrate TQM principles into the quality assurance process as the conversion is made from NQA-1 to DOE Order 5700.6C. The purpose and value of DOE Order 5700.6C Implementation Guide for research will also be discussed.

  8. Comparative Analysis Between US NRC Requirements and US DOE Orders - 13402

    SciTech Connect (OSTI)

    Chakraborti, Sayan; Stone, Lynn; Hyatt, Jeannette

    2013-07-01

    Small modular reactor (SMR) is a nuclear reactor design approach that is expected to herald in a new era of clean energy in the U.S. These reactors are less than one-third the size of conventional large nuclear power reactors, and have factory-fabricated components that may be transported by rail or truck to a site selected to house a small nuclear reactor. To facilitate the licensing of these smaller nuclear reactor designs, the Nuclear Regulatory Commission (NRC) is in the process of developing a regulatory infrastructure to support licensing review of these unique reactor designs. As part of these activities, the NRC has been meeting with the Department of Energy (DOE) and with individual SMR designers to discuss potential policy, licensing, and key technical differences in SMR designs. It is anticipated by the NRC that such licensing interaction and guidance early in the design process will contribute towards minimizing complexity while adding stability and predictability in the licensing and subsequent regulation of new reactor designs such as SMRs. In conjunction with the current NRC initiative of developing the SMR licensing process, early communication and collaboration in the identification and resolution of any potential technical and licensing differences between NRC requirements and similar requirements applicable at DOE sites would help to expedite demonstration and implementation of SMR technology in the US. In order to foster such early communication, Savannah River Nuclear Solutions (SRNS) has begun taking the first steps in identifying and evaluating potential licensing gaps that may exist between NRC and DOE requirements in siting SMRs at DOE sites. A comparison between the existing NRC regulations for Early Site Permits and the DOE Orders was undertaken to establish the degree of correlation between NRC requirements and compliance methods in place at DOE sites. The ability to use existing data and information to expedite the development of the

  9. DOE Requires Air-Con International to Cease Sales of Inefficient Air

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Conditioners and Proposes Penalties | Department of Energy Air-Con International to Cease Sales of Inefficient Air Conditioners and Proposes Penalties DOE Requires Air-Con International to Cease Sales of Inefficient Air Conditioners and Proposes Penalties September 21, 2010 - 6:43pm Addthis The Department has issued a Notice of Noncompliance Determination and Proposed Civil Penalty to Air-Con, International, requiring Air-Con to cease the sale of certain air-conditioning systems in the

  10. DOE Requires Manufacturers to Halt Sales of Heat Pumps and Air Conditioners

    Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

    Violating Minimum Appliance Standards | Department of Energy Requires Manufacturers to Halt Sales of Heat Pumps and Air Conditioners Violating Minimum Appliance Standards DOE Requires Manufacturers to Halt Sales of Heat Pumps and Air Conditioners Violating Minimum Appliance Standards June 3, 2010 - 12:00am Addthis Washington, DC - Today, the Department of Energy announced that three manufacturers -- Aspen Manufacturing, Inc., Summit Manufacturing, and Advanced Distributor Products -- must