A National Secure-by-Design Strategy
S&T Accomplishment Report
·
OSTI ID:1970004
- Idaho National Laboratory
- West Yost
The US National Cybersecurity Strategy published March 2, 2023 uses plain language to communicate that the US is calling for a major change in how we prioritize the security of software systems used in critical infrastructure. It acknowledges that our current approach, which is essentially, “let the buyer beware,” leaves entities who are least able to assess or defend vulnerable software responsible for the impacts of designed-in weaknesses while the makers of the technology bear no liability. The strategy recommends a security-by-design approach, recommending that software vendors be held liable to uphold a “duty of care” to consumers and for systems to be designed to “fail safely and recover quickly” . For energy infrastructure, the strategy calls out the need to implement the National Cyber-Informed Engineering Strategy to achieve higher confidence security for energy infrastructures. The Idaho National Laboratory, a pioneer in cyber-informed engineering concepts, is at the forefront of organizations educating others in industry, academia, and government on how to apply these concepts to real-world challenges. In this brief, we'll outline some of the basic principles of security-by-design and offer examples of how, in a water sector context, they're being put into successful practice.
- Research Organization:
- Idaho National Laboratory (INL), Idaho Falls, ID (United States)
- Sponsoring Organization:
- USDOE Office of Energy Efficiency and Renewable Energy (EERE)
- DOE Contract Number:
- AC07-05ID14517
- OSTI ID:
- 1970004
- Report Number(s):
- INL/MIS-23-71831-Rev000
- Country of Publication:
- United States
- Language:
- English
Similar Records
Building Blocks for Secure and Prosperous Defense Critical Supply Chains: A Case Study from Microelectronics
Assessment of ROI for Workforce Development Efforts National & Homeland Security
Guided Resilience Self Assessment Application
S&T Accomplishment Report
·
Thu Dec 29 23:00:00 EST 2022
·
OSTI ID:2204408
Assessment of ROI for Workforce Development Efforts National & Homeland Security
S&T Accomplishment Report
·
Mon Jul 29 00:00:00 EDT 2024
·
OSTI ID:2426930
Guided Resilience Self Assessment Application
S&T Accomplishment Report
·
Thu Jul 29 00:00:00 EDT 2021
·
OSTI ID:1812887
Related Subjects
42 ENGINEERING
97 MATHEMATICS AND COMPUTING
CCE
CIE
Consequence-Driven Cyber-Informed Engineering
Consequence-based Targeting
Cyber
Cyber Risk
Cyber Supply Chain Risk
Cyber Threat and Vulnerability
Cyber-Informed Engineering
Cyber-Resilience
Cybersecurity Resilience
Energy Transition
Integrating Cybersecurity
97 MATHEMATICS AND COMPUTING
CCE
CIE
Consequence-Driven Cyber-Informed Engineering
Consequence-based Targeting
Cyber
Cyber Risk
Cyber Supply Chain Risk
Cyber Threat and Vulnerability
Cyber-Informed Engineering
Cyber-Resilience
Cybersecurity Resilience
Energy Transition
Integrating Cybersecurity