Science.gov

Sample records for facility security system

  1. Information security management system planning for CBRN facilities

    SciTech Connect

    Lenaeu, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

  2. Helicopter acoustic alerting system for high-security facilities

    NASA Astrophysics Data System (ADS)

    Steadman, Robert L.; Hansen, Scott; Park, Chris; Power, Dennis

    2009-05-01

    Helicopters present a serious threat to high security facilities such as prisons, nuclear sites, armories, and VIP compounds. They have the ability to instantly bypass conventional security measures focused on ground threats such as fences, check-points, and intrusion sensors. Leveraging the strong acoustic signature inherent in all helicopters, this system would automatically detect, classify, and accurately track helicopters using multi-node acoustic sensor fusion. An alert would be generated once the threat entered a predefined 3-dimension security zone in time for security personnel to repel the assault. In addition the system can precisely identify the landing point on the facility grounds.

  3. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  4. Cold Vacuum Dryer (CVD) Facility Security System Design Description (SYS 54)

    SciTech Connect

    WHITEHURST, R.

    2000-09-11

    This system design description (SDD) addresses the Cold Vacuum Drying (CVD) Facility security system. The system's primary purpose is to provide reasonable assurance that breaches of security boundaries are detected and assessment information is provided to protective force personnel. In addition, the system is utilized by Operations to support reduced personnel radiation goals and to provide reasonable assurance that only authorized personnel are allowed to enter designated security areas.

  5. Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities

    PubMed Central

    Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min

    2012-01-01

    Objectives The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. Methods The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. Results From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. Conclusions This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another. PMID:22844648

  6. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    SciTech Connect

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  7. Alarm communication and display systems for high security department of energy facilities

    SciTech Connect

    Williams, J.S.

    1987-01-01

    An Alarm Communication and Display System collects alarm data, presents information to security operators, and enables the operators to enter commands affecting security operations; the ultimate goal of the system is to provide rapid assessment of alarms. This paper presents an overview of the architecture and operating principles used for alarm communication and display systems developed for application at several Department of Energy facilities. Although facilities have unique requirements and procedures, the architecture and operating principles of the ACDS presented in this paper have allowed site-specific implementations at several Department of Energy facilities. In addition, this technology has been transferred to other DOE facilities for adaptation to their requirements. Further efforts to enhance ACDS technology include the use of local area network technology to assist in peripheral switching, a distributed CCTV video switching system, and state-of-the-art hardware changes which improve system performance and effectiveness.

  8. Using vulnerability assessments to design facility safeguards and security systems

    SciTech Connect

    Snell, M.; Jaeger, C.

    1994-08-01

    The Weapons Complex Reconfiguration (WCR) Program is meant to prepare the Department of Energy (DOE) weapons complex to meet the needs of the next century through construction of now facilities or upgrades-in-place at existing facilities. This paper describes how a vulnerability (VA) was used to identify potential S&S features for the conceptual design for a plutonium storage facility as part of the WCR Program. We distinguish those features of the design that need to be investigated at the conceptual stage from those that can be evaluated later. We also examined what protection features may allow reduced S&S operating costs, with the main focus on protective force costs. While some of these concepts hold the promise for significantly reducing life-cycle protective force costs, their use depends on resolving long-standing tradeoffs between S&S and safety, which are discussed in the study.

  9. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  10. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  11. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  12. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  13. 33 CFR 106.255 - Security systems and equipment maintenance.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance....

  14. Regional Radiological Security Partnership in Southeast Asia – Increasing the Sustainability of Security Systems at the Site-Level by Using a Model Facility Approach

    SciTech Connect

    Chamberlain, Travis L.; Dickerson, Sarah; Ravenhill, Scott D.; Murray, Allan; Morris, Frederic A.; Herdes, Gregory A.

    2009-10-07

    In 2004, Australia, through the Australian Nuclear Science and Technology Organisation (ANSTO), created the Regional Security of Radioactive Sources (RSRS) project and partnered with the U.S. Department of Energy’s Global Threat Reduction Initiative (GTRI) and the International Atomic Energy Agency (IAEA) to form the Southeast Asian Regional Radiological Security Partnership (RRSP). The intent of the RRSP is to cooperate with countries in Southeast Asia to improve the security of their radioactive sources. This Southeast Asian Partnership supports objectives to improve the security of high risk radioactive sources by raising awareness of the need and developing national programs to protect and control such materials, improve the security of such materials, and recover and condition the materials no longer in use. The RRSP has utilized many tools to meet those objectives including: provision of physical protection upgrades, awareness training, physical protection training, regulatory development, locating and recovering orphan sources, and most recently - development of model security procedures at a model facility. This paper discusses the benefits of establishing a model facility, the methods employed by the RRSP, and three of the expected outcomes of the Model Facility approach. The first expected outcome is to increase compliance with source security guidance materials and national regulations by adding context to those materials, and illustrating their impact on a facility. Second, the effectiveness of each of the tools above is increased by making them part of an integrated system. Third, the methods used to develop the model procedures establishes a sustainable process that can ultimately be transferred to all facilities beyond the model. Overall, the RRSP has utilized the Model Facility approach as an important tool to increase the security of radioactive sources, and to position facilities and countries for the long term secure management of those sources.

  15. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  16. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  17. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  18. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  19. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  20. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  1. 33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Assessment (FSA) § 106.305 Facility Security Assessment (FSA)...

  2. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  3. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  4. 33 CFR 106.210 - OCS Facility Security Officer (FSO).

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.210 OCS Facility Security Officer (FSO). (a)...

  5. 78 FR 7334 - Port Authority Access to Facility Vulnerability Assessments and the Integration of Security Systems

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-02-01

    ...This notice requests comments from facility owners and operators, State and local law enforcement agencies, port authorities, relevant security industry participants, and all other interested members of the public regarding how to best implement Section 822 of the Coast Guard Authorization Act of 2010. In particular, this notice discusses the Coast Guard's preliminary thoughts on how owners or......

  6. Secure Chemical Facilities Act

    THOMAS, 113th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2013-01-23

    01/23/2013 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  7. Secure Chemical Facilities Act

    THOMAS, 112th Congress

    Sen. Lautenberg, Frank R. [D-NJ

    2011-03-31

    03/31/2011 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  8. Security system

    DOEpatents

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  9. Composite Data Products (CDPs) from the Hydrogen Secure Data Center (HSDC) at the Energy Systems Integration Facility (ESIF), NREL

    DOE Data Explorer

    The Hydrogen Secure Data Center (HSDC) at NREL's Energy Systems Integration Facility (ESIF) plays a crucial role in NREL's independent, third-party analysis of hydrogen fuel cell technologies in real-world operation. NREL partners submit operational, maintenance, safety, and cost data to the HSDC on a regular basis. NREL's Technology Validation Team uses an internal network of servers, storage, computers, backup systems, and software to efficiently process raw data, complete quarterly analysis, and digest large amounts of time series data for data visualization. While the raw data are secured by NREL to protect commercially sensitive and proprietary information, individualized data analysis results are provided as detailed data products (DDPs) to the partners who supplied the data. Individual system, fleet, and site analysis results are aggregated into public results called composite data products (CDPs) that show the status and progress of the technology without identifying individual companies or revealing proprietary information. These CDPs are available from this NREL website: 1) Hydrogen Fuel Cell Vehicle and Infrastructure Learning Demonstration; 2) Early Fuel Cell Market Demonstrations; 3) Fuel Cell Technology Status [Edited from http://www.nrel.gov/hydrogen/facilities_secure_data_center.html].

  10. Waste Receiving and Processing (WRAP) Facility PMS Test Report For Data Management System (DMS) Security Test DMS-Y2K

    SciTech Connect

    PALMER, M.E.

    1999-09-21

    Test Plan HNF-4351 defines testing requirements for installation of a new server in the WRAP Facility. This document shows the results of the test reports on the DMS-Y2K and DMS-F81 (Security) systems.

  11. Securing robust control in systems for closed-loop control of inertial thermal power facilities

    NASA Astrophysics Data System (ADS)

    Kovrigo, Yu. M.; Bagan, T. G.; Bunke, A. S.

    2014-03-01

    We consider two approaches to achieving the necessary stability margin in systems for closed-loop control of inertial thermal power facilities under the conditions of a variable operating mode of process equipment. Structural solutions for these systems are proposed, and tuning procedures are given. Transients in the synthesized systems are simulated, and the control quality indicators are calculated and compared. Application of the proposed procedures makes it possible to obtain a sufficient stability margin with preserving highquality performance of the closed-loop control systems.

  12. System Security Authorization Agreement (SSAA) for the WIRE Archive and Research Facility

    NASA Technical Reports Server (NTRS)

    2002-01-01

    The Wide-Field Infrared Explorer (WIRE) Archive and Research Facility (WARF) is operated and maintained by the Department of Physics, USAF Academy. The lab is located in Fairchild Hall, 2354 Fairchild Dr., Suite 2A103, USAF Academy, CO 80840. The WARF will be used for research and education in support of the NASA Wide Field Infrared Explorer (WIRE) satellite, and for related high-precision photometry missions and activities. The WARF will also contain the WIRE preliminary and final archives prior to their delivery to the National Space Science Data Center (NSSDC). The WARF consists of a suite of equipment purchased under several NASA grants in support of WIRE research. The core system consists of a Red Hat Linux workstation with twin 933 MHz PIII processors, 1 GB of RAM, 133 GB of hard disk space, and DAT and DLT tape drives. The WARF is also supported by several additional networked Linux workstations. Only one of these (an older 450 Mhz PIII computer running Red Hat Linux) is currently running, but the addition of several more is expected over the next year. In addition, a printer will soon be added. The WARF will serve as the primary research facility for the analysis and archiving of data from the WIRE satellite, together with limited quantities of other high-precision astronomical photometry data from both ground- and space-based facilities. However, the archive to be created here will not be the final archive; rather, the archive will be duplicated at the NSSDC and public access to the data will generally take place through that site.

  13. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Assessment (FSA) § 105.305 Facility Security Assessment (FSA) requirements. (a) Background. The facility owner or operator must...

  14. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Assessment (FSA) § 105.305 Facility Security Assessment (FSA) requirements. (a) Background. The facility owner or operator must...

  15. 33 CFR 127.701 - Security on existing facilities.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... (CONTINUED) WATERFRONT FACILITIES WATERFRONT FACILITIES HANDLING LIQUEFIED NATURAL GAS AND LIQUEFIED HAZARDOUS GAS Waterfront Facilities Handling Liquefied Natural Gas Security § 127.701 Security on...

  16. 33 CFR 105.205 - Facility Security Officer (FSO).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Facility Security Officer (FSO... MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.205 Facility Security...) The same person may serve as the FSO for more than one facility, provided the facilities are in...

  17. Security systems engineering overview

    SciTech Connect

    Steele, B.J.

    1996-12-31

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.).

  18. Security systems engineering overview

    NASA Astrophysics Data System (ADS)

    Steele, Basil J.

    1997-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

  19. Perimeter security for Minnesota correctional facilities

    SciTech Connect

    Crist, D.; Spencer, D.D.

    1996-12-31

    For the past few years, the Minnesota Department of Corrections, assisted by Sandia National Laboratories, has developed a set of standards for perimeter security at medium, close, and maximum custody correctional facilities in the state. During this process, the threat to perimeter security was examined and concepts about correctional perimeter security were developed. This presentation and paper will review the outcomes of this effort, some of the lessons learned, and the concepts developed during this process and in the course of working with architects, engineers and construction firms as the state upgraded perimeter security at some facilities and planned new construction at other facilities.

  20. 33 CFR 105.205 - Facility Security Officer (FSO).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Facility Security Officer (FSO). 105.205 Section 105.205 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.205 Facility Security Officer (FSO). (a) General. (1) The...

  1. 33 CFR 105.205 - Facility Security Officer (FSO).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Facility Security Officer (FSO). 105.205 Section 105.205 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.205 Facility Security Officer (FSO). (a) General. (1) The...

  2. Physical security technologies for weapons complex reconfiguration facilities

    SciTech Connect

    Jaeger, C.D.

    1994-07-01

    Sandia National Laboratories was a member of the Weapons Complex Reconfiguration (WCR) Safeguards and Security (S&S) team providing assistance to the Department of Energy`s (DOE) Office of Weapons Complex Reconfiguration. The physical security systems in the new and upgraded facilities being considered for the WCR had to meet DOE orders and other requirements set forth in the WCR Programmatic Design Criteria (PDC), incorporate the latest physical security technologies using proven state-of-the-art systems and meet fundamental security principles. The outcome was to avoid costly retrofits and provide effective and comprehensive protection against current and projected threats with minimal impact on operations, costs and schedule. Physical security requirements for WCR facilities include: (1) reducing S&S life-cycle costs, (2) where feasible automating S&S functions to minimize operational costs, access to critical assets and exposure of people to hazardous environments, (3) increasing the amount of delay to outsider adversary attack, (4) compartmentalizing the facility to minimize the number of personnel requiring access to critical areas and (5) having reliable and maintainable systems. To be most effective against threats physical security must be integrated with facility operations, safety and other S&S activities, such as material control and accountability, nuclear measurements and computer and information security. This paper will discuss the S&S issues, requirements, technology opportunities and needs. Physical security technologies and systems considered in the design effort of the Weapons Complex Reconfiguration facilities will be reviewed.

  3. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  4. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  5. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  6. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator...

  7. Assessing the security vulnerabilities of correctional facilities

    NASA Astrophysics Data System (ADS)

    Spencer, Debra D.; Morrison, G. Steve

    1998-12-01

    The National Institute of Justice has tasked their satellite facility at Sandia National Laboratories and their Southeast Regional Technology Center in Charleston, South Carolina to devise new procedures and tools for helping correctional facilities to assess their security vulnerabilities. Thus, a team is visiting selected correctional facilities and performing vulnerability assessments. A vulnerability assessment helps identify the easiest paths for inmate escape, for introduction of contraband such as drugs or weapons, for unexpected intrusion from outside of the facility, and for the perpetration of violent acts on other inmates and correctional employees. In addition, the vulnerability assessment helps to quantify the security risks for the facility. From these assessments will come better procedures for performing vulnerability assessments in general at other correctional facilities, as well as the development of tools to assist with the performance of such vulnerability assessments.

  8. Assessing the Security Vulnerabilities of Correctional Facilities

    SciTech Connect

    Morrison, G.S.; Spencer, D.S.

    1998-10-27

    The National Institute of Justice has tasked their Satellite Facility at Sandia National Laboratories and their Southeast Regional Technology Center in Charleston, South Carolina to devise new procedures and tools for helping correctional facilities to assess their security vulnerabilities. Thus, a team is visiting selected correctional facilities and performing vulnerability assessments. A vulnerability assessment helps to identi~ the easiest paths for inmate escape, for introduction of contraband such as drugs or weapons, for unexpected intrusion fi-om outside of the facility, and for the perpetration of violent acts on other inmates and correctional employees, In addition, the vulnerability assessment helps to quantify the security risks for the facility. From these initial assessments will come better procedures for performing vulnerability assessments in general at other correctional facilities, as well as the development of tools to assist with the performance of such vulnerability assessments.

  9. 33 CFR 127.705 - Security systems.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security systems. 127.705 Section... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall... manned television monitoring system is used, to detect— (a) Unauthorized personnel; (b) Fires; and...

  10. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... 49 Transportation 9 2010-10-01 2010-10-01 false Security of aircraft and facilities. 1544.225... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Operations § 1544.225 Security of aircraft and facilities....

  11. Security Systems Consideration: A Total Security Approach

    NASA Astrophysics Data System (ADS)

    Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

    2007-12-01

    The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

  12. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  13. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  14. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  15. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  16. 33 CFR 106.220 - Security training for all other OCS facility personnel.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Requirements § 106.220 Security training for all...

  17. How to implement security controls for an information security program at CBRN facilities

    SciTech Connect

    Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.; Glantz, Clifford S.; Landine, Guy P.; Bryant, Janet L.; Lewis, John; Mathers, Gemma; Rodger, Robert; Johnson, Christopher

    2015-12-01

    This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in an easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.

  18. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  19. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  20. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  1. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  2. 10 CFR 1016.12 - Termination of security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be...

  3. Computer Security Systems Enable Access.

    ERIC Educational Resources Information Center

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  4. Secure video communications system

    DOEpatents

    Smith, Robert L.

    1991-01-01

    A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  5. Network systems security analysis

    NASA Astrophysics Data System (ADS)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  6. Systems security and functional readiness

    SciTech Connect

    Bruckner, D.G.

    1988-01-01

    In Protective Programming Planning, it is important that every facility or installation be configured to support the basic functions and mission of the using organization. This paper addresses the process of identifying the key functional operations of our facilities in Europe and providing the security necessary to keep them operating in natural and man-made threat environments. Functional Readiness is important since many of our existing facilities in Europe were not constructed to meet the demands of today's requirements. There are increased requirements for real-time systems with classified terminals and stringent access control, tempest and other electronic protection devices. One must prioritize the operations of these systems so that essential functions are provided even when the facilities are affected by overt or covert hostile activities.

  7. 33 CFR 127.701 - Security on existing facilities.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security on existing facilities. 127.701 Section 127.701 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) WATERFRONT FACILITIES WATERFRONT FACILITIES HANDLING LIQUEFIED NATURAL GAS AND LIQUEFIED HAZARDOUS GAS Waterfront Facilities...

  8. Secure videoconferencing equipment switching system and method

    DOEpatents

    Hansen, Michael E.

    2009-01-13

    A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

  9. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 49 Transportation 9 2014-10-01 2014-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL...

  10. Secure video communications systems

    SciTech Connect

    Smith, R.L.

    1991-10-08

    This patent describes a secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

  11. A secure open system?

    NASA Astrophysics Data System (ADS)

    Crowe, James A.

    1993-08-01

    The notion of a large distributed computing system in support of a program like EOSDIS, carries with it the requirement that the system provide the user with guarantees about the integrity of the data and certain assurances about the security of the network of computing systems. This paper examines the challenges of providing a `secure' open system and how these challenges may be addressed from both an architectural as well as functional viewpoint. The role of discretionary access control, mandatory access control, and detection and control of computer viruses is discussed. It has often been observed that the role of the security engineer is one of restricting access to data, whereas the role of the system architect, of an open system that is encouraging research, should make data easy to obtain and utilize. This paradox is manifest in a system such a EOSDIS where to be useful, the systems data must be easy to obtain, but to ensure the integrity of the data it must exercise some level of security. This paper address the use and role of the Security Services of the OSF Distributed Computing Environment in support of networked applications, such as those that may be used in the implementation of the EOS Science Network. It further examines the role of mandatory access control mechanisms to provide data integrity guarantees. The paper further discusses how a system like EOSDIS may prevent computer viruses using a system of automated detection mechanisms and configuration control.

  12. Cyber Security and Resilient Systems

    SciTech Connect

    Robert S. Anderson

    2009-07-01

    next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.

  13. 77 FR 61771 - Facility Security Officer Training Requirements

    Federal Register 2010, 2011, 2012, 2013, 2014

    2012-10-11

    ... public dockets in the January 17, 2008, issue of the Federal Register (73 FR 3316). Information on... SECURITY Coast Guard Facility Security Officer Training Requirements AGENCY: Coast Guard, DHS. ACTION... receive comments on the development of a Facility Security Officer training program, with the...

  14. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  15. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  16. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  17. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Processing security facility approval. 1016.9 Section 1016.9 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.9 Processing security facility approval. The following receipt of an acceptable request...

  18. Security System Software

    NASA Technical Reports Server (NTRS)

    1993-01-01

    C Language Integration Production System (CLIPS), a NASA-developed expert systems program, has enabled a security systems manufacturer to design a new generation of hardware. C.CURESystem 1 Plus, manufactured by Software House, is a software based system that is used with a variety of access control hardware at installations around the world. Users can manage large amounts of information, solve unique security problems and control entry and time scheduling. CLIPS acts as an information management tool when accessed by C.CURESystem 1 Plus. It asks questions about the hardware and when given the answer, recommends possible quick solutions by non-expert persons.

  19. Variable contour securing system

    NASA Technical Reports Server (NTRS)

    Zebus, P. P.; Packer, P. N.; Haynie, C. C. (Inventor)

    1978-01-01

    A variable contour securing system has a retaining structure for a member whose surface contains a variable contour. The retaining mechanism includes a spaced array of adjustable spindles mounted on a housing. Each spindle has a base member support cup at one end. A vacuum source is applied to the cups for seating the member adjacent to the cups. A locking mechanism sets the spindles in a predetermined position once the member has been secured to the spindle support cups.

  20. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 48 Federal Acquisition Regulations System 7 2012-10-01 2012-10-01 false Security requirements for access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470 Section 3004.470 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR)...

  1. 48 CFR 3004.470 - Security requirements for access to unclassified facilities, Information Technology resources...

    Code of Federal Regulations, 2014 CFR

    2014-10-01

    ... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Security requirements for access to unclassified facilities, Information Technology resources, and sensitive information. 3004.470 Section 3004.470 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR)...

  2. Argonne's performance assessment of major facility systems to support semiconductor manufacturing by the National Security Agency/R Group, Ft. Meade, Maryland

    SciTech Connect

    Harrison, W.; Miller, G.M.

    1990-12-01

    The National Security Agency (NSA) was authorized in 1983 to construct a semiconductor and circuit-board manufacturing plant at its Ft. Meade, Maryland, facility. This facility was to become known as the Special Process Laboratories (SPL) building. Phase I construction was managed by the US Army Corps of Engineers, Baltimore District (USACE/BD) and commenced in January 1986. Phase I construction provided the basic building and support systems, such as the heating, ventilating, and air-conditioning system, the deionized-water and wastewater-treatment systems, and the high-purity-gas piping system. Phase II construction involved fitting the semiconductor manufacturing side of the building with manufacturing tools and enhancing various aspects of the Phase I construction. Phase II construction was managed by NSA and commenced in April 1989. Argonne National Laboratory (ANL) was contracted by USACE/BD midway through the Phase I construction period to provide quality-assured performance reviews of major facility systems in the SPL. Following completion of the Phase I construction, ANL continued its performance reviews under NSA sponsorship, focusing its attention on the enhancements to the various manufacturing support systems of interest. The purpose of this document is to provide a guide to the files that were generated by ANL during its term of technical assistance to USACE/BD and NSA and to explain the quality assurance program that was implemented when ANL conducted its performance reviews of the SPL building's systems. One set of the ANL project files is located at NSA, Ft. Meade, and two sets are at Argonne, Illinois. The ANL sets will be maintained until the year 2000, or for the 10-year estimated life of the project. 1 fig.

  3. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2013 CFR

    2013-10-01

    ... 49 Transportation 9 2013-10-01 2013-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR...

  4. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... 49 Transportation 9 2011-10-01 2011-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR...

  5. 49 CFR 1544.225 - Security of aircraft and facilities.

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... 49 Transportation 9 2012-10-01 2012-10-01 false Security of aircraft and facilities. 1544.225 Section 1544.225 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR...

  6. Dynamic security assessment processing system

    NASA Astrophysics Data System (ADS)

    Tang, Lei

    The architecture of dynamic security assessment processing system (DSAPS) is proposed to address online dynamic security assessment (DSA) with focus of the dissertation on low-probability, high-consequence events. DSAPS upgrades current online DSA functions and adds new functions to fit into the modern power grid. Trajectory sensitivity analysis is introduced and its applications in power system are reviewed. An index is presented to assess transient voltage dips quantitatively using trajectory sensitivities. Then the framework of anticipatory computing system (ACS) for cascading defense is presented as an important function of DSAPS. ACS addresses various security problems and the uncertainties in cascading outages. Corrective control design is automated to mitigate the system stress in cascading progressions. The corrective controls introduced in the dissertation include corrective security constrained optimal power flow, a two-stage load control for severe under-frequency conditions, and transient stability constrained optimal power flow for cascading outages. With state-of-the-art computing facilities to perform high-speed extended-term time-domain simulation and optimization for large-scale systems, DSAPS/ACS efficiently addresses online DSA for low-probability, high-consequence events, which are not addressed by today's industrial practice. Human interference is reduced in the computationally burdensome analysis.

  7. Public eye security system

    NASA Astrophysics Data System (ADS)

    Aviv, David G.

    1999-01-01

    The recently patented system is a software engine that is connected to a television camera that is used for security applications. It will detect in near real time any physical criminal acts occurring within the field of view of the camera. It then instantaneously transmits an alarm to law enforcement and turns on a VCR and other crime deterrent systems, without human involvement.

  8. Adaptive security systems -- Combining expert systems with adaptive technologies

    SciTech Connect

    Argo, P.; Loveland, R.; Anderson, K.

    1997-09-01

    The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting.

  9. 14. Topside facility, interior of security office, view towards south. ...

    Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

    14. Topside facility, interior of security office, view towards south. Lyon - Whiteman Air Force Base, Oscar O-1 Minuteman Missile Alert Facility, Southeast corner of Twelfth & Vendenberg Avenues, Knob Noster, Johnson County, MO

  10. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... Facility Security Plan (FSP). 105.405 Section 105.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Plan (FSP) § 105.405 Format and content of the Facility Security Plan (FSP). (a) A facility owner or operator...

  11. Subsurface Facility System Description Document

    SciTech Connect

    Eric Loros

    2001-07-31

    The Subsurface Facility System encompasses the location, arrangement, size, and spacing of the underground openings. This subsurface system includes accesses, alcoves, and drifts. This system provides access to the underground, provides for the emplacement of waste packages, provides openings to allow safe and secure work conditions, and interfaces with the natural barrier. This system includes what is now the Exploratory Studies Facility. The Subsurface Facility System physical location and general arrangement help support the long-term waste isolation objectives of the repository. The Subsurface Facility System locates the repository openings away from main traces of major faults, away from exposure to erosion, above the probable maximum flood elevation, and above the water table. The general arrangement, size, and spacing of the emplacement drifts support disposal of the entire inventory of waste packages based on the emplacement strategy. The Subsurface Facility System provides access ramps to safely facilitate development and emplacement operations. The Subsurface Facility System supports the development and emplacement operations by providing subsurface space for such systems as ventilation, utilities, safety, monitoring, and transportation.

  12. Building a Secure Library System.

    ERIC Educational Resources Information Center

    Benson, Allen C.

    1998-01-01

    Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

  13. 10 CFR 1016.9 - Processing security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Processing security facility approval. 1016.9 Section 1016... § 1016.9 Processing security facility approval. The following receipt of an acceptable request for... granted pursuant to § 1016.6 of this part....

  14. Photovoltaic systems test facility

    NASA Technical Reports Server (NTRS)

    1979-01-01

    Facility provides broad and flexible capability for evaluating photovoltaic systems and design concepts. As 'breadboard' system, it can be used to check out complete systems, subsystems, and components before installation in actual service.

  15. Computer security in DOE distributed computing systems

    SciTech Connect

    Hunteman, W.J.

    1990-01-01

    The modernization of DOE facilities amid limited funding is creating pressure on DOE facilities to find innovative approaches to their daily activities. Distributed computing systems are becoming cost-effective solutions to improved productivity. This paper defines and describes typical distributed computing systems in the DOE. The special computer security problems present in distributed computing systems are identified and compared with traditional computer systems. The existing DOE computer security policy supports only basic networks and traditional computer systems and does not address distributed computing systems. A review of the existing policy requirements is followed by an analysis of the policy as it applies to distributed computing systems. Suggested changes in the DOE computer security policy are identified and discussed. The long lead time in updating DOE policy will require guidelines for applying the existing policy to distributed systems. Some possible interim approaches are identified and discussed. 2 refs.

  16. Cyberspace security system

    DOEpatents

    Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

    2014-06-24

    A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

  17. Secure Repayable Storage System

    NASA Astrophysics Data System (ADS)

    Alkharobi, T. M.

    This paper proposes a method to create a system that allows data to be stored in several locations in secure and reliable manner. The system should create several shares from the data such that only pre-specified subsets of these shares can be used to retrieve the original data. The shares then will be distributed to shareholders over a local and/or wide area network. The system should allow requesting some/all shares from shareholders and using them to rebuild the data.

  18. Information Systems, Security, and Privacy.

    ERIC Educational Resources Information Center

    Ware, Willis H.

    1984-01-01

    Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

  19. Physical security and vulnerability modeling for infrasturcture facilities.

    SciTech Connect

    Nozick, Linda Karen; Jones, Dean A.; Davis, Chad Edward; Turnquist, Mark Alan

    2006-07-01

    A model of malicious intrusions in infrastructure facilities is developed, using a network representation of the system structure together with Markov models of intruder progress and strategy. This structure provides an explicit mechanism to estimate the probability of successful breaches of physical security, and to evaluate potential improvements. Simulation is used to analyze varying levels of imperfect information on the part of the intruders in planning their attacks. An example of an intruder attempting to place an explosive device on an airplane at an airport gate illustrates the structure and potential application of the model.

  20. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  1. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  2. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  3. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  4. 33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ..., DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility Security Plan (FSP) § 106.405 Format and content of the...

  5. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information regarding security risk for a chemical facility. (a) Information to determine security risk. In order...

  6. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 6 Domestic Security 1 2014-01-01 2014-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information regarding security risk for a...

  7. Security system signal supervision

    SciTech Connect

    Chritton, M.R. ); Matter, J.C. )

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

  8. Insider threat to secure facilities: data analysis

    SciTech Connect

    Not Available

    1980-05-09

    Three data sets drawn from industries that have experienced internal security breaches are analyzed. The industries and the insider security breaches are considered analogous in one or more respects to insider threats potentially confronting managers in the nuclear industry. The three data sets are: bank fraud and embezzlement (BF and E), computer-related crime, and drug theft from drug manufacturers and distributors. A careful analysis by both descriptive and formal statistical techniques permits certain general conclusions on the internal threat to secure industries to be drawn. These conclusions are discussed and related to the potential insider threat in the nuclear industry. 49 tabs.

  9. Chemical Facility Security Improvement Act of 2013

    THOMAS, 113th Congress

    Rep. Jackson Lee, Sheila [D-TX-18

    2013-01-03

    02/12/2013 Referred to the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  10. 78 FR 48029 - Improving Chemical Facility Safety and Security

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    .... [FR Doc. 2013-19220 Filed 8-6-13; 8:45 am] Billing code 3295-F3 ... Documents#0;#0; ] Executive Order 13650 of August 1, 2013 Improving Chemical Facility Safety and Security By... departments and agencies (agencies) with regulatory authority to further improve chemical facility safety...

  11. VISA-2 - a general, vulnerability-oriented method for evaluating the performance of integrated safeguards/security systems at nuclear facilities

    SciTech Connect

    Harris, L.; Owel, W.R.

    1981-01-01

    This paper discusses the VISA (Vulnerability of Integrated Safeguards Analysis) method, developed in 1976-77 for the Nuclear Regulatory Commission, and which has been adapted more recently to a broader range of uses. The performance of VISA systems is evaluated in terms of how they perform as an integrated safeguards/security system. The resulting method has been designated VISA-2. 7 refs.

  12. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200...

  13. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 6 Domestic Security 1 2011-01-01 2011-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200...

  14. Security system helps utility stay competitive

    SciTech Connect

    1995-04-01

    Atlantic Electric is saving more than $750,000 annually in security costs by using an innovative closed-circuit television (CCTV) system to guard its remote sites electronically. Today, a single guard in the central security control room at Atlantic Electric`s headquarters electronically surveys and controls some 20 remote sites such as combustion turbine sites, material storage, administrative facilities and operating centers. Protecting these sites are CCTV cameras mounted around each yard, floodlighting, and a motion detection and signal transmission system called Adpro SiteWatch by vsion Systems Inc. The SiteWatch system automatically displays to the central guard any intrusion at a site, and captures and replays the intrusion events similar to an instant replay in a televised sporting event. Over the five year transition, Atlantic Electric saved nearly $2 million in security costs.

  15. Advantages of redeployable security systems

    SciTech Connect

    Birch, A.

    1993-12-31

    Security systems must be proven dependable, cost effective, easily installed and maintained. Further, these technologies should not require skilled technicians to install, align, maintain and/or repair during the project`s life cycle. These new priorities and financial demands have to be addressed utilizing various existing and proven technologies that have been developed and are currently being applied. One of these technologies directly relates to the development and application of rapid deployment and redeployable sensor systems that permit flexible asset protection and smaller perimeters within a given complex, rather than intrusion detection systems for an entire facility. Both Rapid Deployment Intrusion Detection System (RDIDS), and Redeployable Intrusion Detection System (RIDS) technologies can be designed for operation in any weather conditions, impervious to salt air, chemical and most explosive environments, as well as highly resistant to false alarms. These systems utilize photovoltaic power with 12-hour battery backup as their primary source of energy. Sensor systems can be integrated with Radio Frequency (RF) polling transceivers operating in the VHF or UHF frequencies. This enhancement offers extensive flexibility and substantial cash savings Is compared to hard wired installations. RDIDS and RIDS can be deployed for limited areas and be operational in a fraction of the time required for conventional systems. The result affords a fully warranted long life RIDS, modular in design, flexible in application, false alarm free, self-diagnostic, and impervious to most environmental conditions. Further, RIDS can be engineered to interface with fiber optic technology thereby ensuring quality transmission in rural environments. Fiber optic integration proves even more effective when using CCTV cameras. The fiber optic module can be used for monitoring the tamper and alarm circuits as well as video transmission.

  16. Aviation security: A system's perspective

    SciTech Connect

    Martin, J.P.

    1988-01-01

    For many years the aviation industry and airports operated with security methods and equipment common to most other large industrial complexes. At that time, the security systems primarily provided asset and property protection. However, soon after the first aircraft hijacking the focus of security shifted to emphasize the security requirements necessary for protecting the traveling public and the one feature of the aviation industry that makes it unique---the airplane. The airplane and its operation offered attractive opportunities for the homesick refugee, the mentally unstable person and the terrorist wanting to make a political statement. The airport and its aircraft were the prime targets requiring enhanced security against this escalated threat. In response, the FAA, airport operators and air carriers began to develop plans for increasing security and assigning responsibilities for implementation.

  17. Information Security and Integrity Systems

    NASA Technical Reports Server (NTRS)

    1990-01-01

    Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

  18. Computer/information security design approaches for Complex 21/Reconfiguration facilities

    SciTech Connect

    Hunteman, W.J.; Zack, N.R.; Jaeger, C.D.

    1993-08-01

    Los Alamos National Laboratory and Sandia National Laboratories have been designated the technical lead laboratories to develop the design of the computer/information security, safeguards, and physical security systems for all of the DOE Complex 21/Reconfiguration facilities. All of the automated information processing systems and networks in these facilities will be required to implement the new DOE orders on computer and information security. The planned approach for a highly integrated information processing capability in each of the facilities will require careful consideration of the requirements in DOE Orders 5639.6 and 1360.2A. The various information protection requirements and user clearances within the facilities will also have a significant effect on the design of the systems and networks. Fulfilling the requirements for proper protection of the information and compliance with DOE orders will be possible because the computer and information security concerns are being incorporated in the early design activities. This paper will discuss the computer and information security addressed in the integrated design effort, uranium/lithium, plutonium, plutonium high explosive/assembly facilities.

  19. 33 CFR 106.215 - Company or OCS facility personnel with security duties.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Company or OCS facility personnel with security duties. 106.215 Section 106.215 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility...

  20. 33 CFR 106.215 - Company or OCS facility personnel with security duties.

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Company or OCS facility personnel with security duties. 106.215 Section 106.215 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental Shelf (OCS) Facility...

  1. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Pt. 105, App. A Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  2. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Pt. 105, App. A Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  3. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    DOEpatents

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  4. Power Systems Development Facility

    SciTech Connect

    Southern Company Services

    2009-01-31

    In support of technology development to utilize coal for efficient, affordable, and environmentally clean power generation, the Power Systems Development Facility (PSDF), located in Wilsonville, Alabama, has routinely demonstrated gasification technologies using various types of coals. The PSDF is an engineering scale demonstration of key features of advanced coal-fired power systems, including a Transport Gasifier, a hot gas particulate control device, advanced syngas cleanup systems, and high-pressure solids handling systems. This final report summarizes the results of the technology development work conducted at the PSDF through January 31, 2009. Twenty-one major gasification test campaigns were completed, for a total of more than 11,000 hours of gasification operation. This operational experience has led to significant advancements in gasification technologies.

  5. 75 FR 5609 - Privacy Act of 1974; Department of Homeland Security/ALL-024 Facility and Perimeter Access...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-02-03

    ...In accordance with the Privacy Act of 1974 the Department of Homeland Security proposes to update and reissue Department of Homeland Security/ALL--024 Facility and Perimeter Access Control and Visitor Management System of Records to include record systems within the Federal Protective Service. Categories of individuals, categories of records, purpose and routine uses of this system have been......

  6. A demonstration of a low cost approach to security at shipping facilities and ports

    NASA Astrophysics Data System (ADS)

    Huck, Robert C.; Al Akkoumi, Mouhammad K.; Herath, Ruchira W.; Sluss, James J., Jr.; Radhakrishnan, Sridhar; Landers, Thomas L.

    2010-04-01

    Government funding for the security at shipping facilities and ports is limited so there is a need for low cost scalable security systems. With over 20 million sea, truck, and rail containers entering the United States every year, these facilities pose a large risk to security. Securing these facilities and monitoring the variety of traffic that enter and leave is a major task. To accomplish this, the authors have developed and fielded a low cost fully distributed building block approach to port security at the inland Port of Catoosa in Oklahoma. Based on prior work accomplished in the design and fielding of an intelligent transportation system in the United States, functional building blocks, (e.g. Network, Camera, Sensor, Display, and Operator Console blocks) can be assembled, mixed and matched, and scaled to provide a comprehensive security system. The following functions are demonstrated and scaled through analysis and demonstration: Barge tracking, credential checking, container inventory, vehicle tracking, and situational awareness. The concept behind this research is "any operator on any console can control any device at any time."

  7. Knowledge-based system for computer security

    SciTech Connect

    Hunteman, W.J.

    1988-01-01

    The rapid expansion of computer security information and technology has provided little support for the security officer to identify and implement the safeguards needed to secure a computing system. The Department of Energy Center for Computer Security is developing a knowledge-based computer security system to provide expert knowledge to the security officer. The system is policy-based and incorporates a comprehensive list of system attack scenarios and safeguards that implement the required policy while defending against the attacks. 10 figs.

  8. Towards an Experimental Testbed Facility for Cyber-Physical Security Research

    SciTech Connect

    Edgar, Thomas W.; Manz, David O.; Carroll, Thomas E.

    2012-01-07

    Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

  9. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  10. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  11. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  12. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  13. 10 CFR 76.119 - Security facility approval and safeguarding of National Security Information and Restricted Data.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security facility approval and safeguarding of National Security Information and Restricted Data. 76.119 Section 76.119 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.119 Security...

  14. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  15. 10 CFR 95.21 - Withdrawal of requests for facility security clearance.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Withdrawal of requests for facility security clearance. 95.21 Section 95.21 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Physical Security § 95.21 Withdrawal...

  16. 36 CFR Appendix A to Part 1234 - Minimum Security Standards for Level III Federal Facilities

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 36 Parks, Forests, and Public Property 3 2014-07-01 2014-07-01 false Minimum Security Standards... FACILITIES Pt. 1234, App. A Appendix A to Part 1234—Minimum Security Standards for Level III Federal Facilities Recommended Standards Chart Level III Perimeter Security Parking: Control of facility...

  17. It Security and EO Systems

    NASA Astrophysics Data System (ADS)

    Burnett, M.

    2010-12-01

    One topic that is beginning to influence the systems that support these goals is that of Information Technology (IT) Security. Unsecure systems are vulnerable to increasing attacks and other negative consequences; sponsoring agencies are correspondingly responding with more refined policies and more stringent security requirements. These affect how EO systems can meet the goals of data and service interoperability and harmonization through open access, transformation and visualization services. Contemporary systems, including the vision of a system-of-systems (such as GEOSS, the Global Earth Observation System of Systems), utilize technologies that support a distributed, global, net-centric environment. These types of systems have a high reliance on the open systems, web services, shared infrastructure and data standards. The broader IT industry has developed and used these technologies in their business and mission critical systems for many years. Unfortunately, the IT industry, and their customers have learned the importance of protecting their assets and resources (computing and information) as they have been forced to respond to an ever increasing number and more complex illegitimate “attackers”. This presentation will offer an overview of work done by the CEOS WGISS organization in summarizing security threats, the challenges to responding to them and capturing the current state of the practice within the EO community.

  18. System and method for secure group transactions

    DOEpatents

    Goldsmith, Steven Y.

    2006-04-25

    A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

  19. Power Systems Development Facility

    SciTech Connect

    2003-07-01

    This report discusses Test Campaign TC12 of the Kellogg Brown & Root, Inc. (KBR) Transport Gasifier train with a Siemens Westinghouse Power Corporation (SW) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The Transport Gasifier is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or a gasifier using a particulate control device (PCD). While operating as a gasifier, either air or oxygen can be used as the oxidant. Test run TC12 began on May 16, 2003, with the startup of the main air compressor and the lighting of the gasifier start-up burner. The Transport Gasifier operated until May 24, 2003, when a scheduled outage occurred to allow maintenance crews to install the fuel cell test unit and modify the gas clean-up system. On June 18, 2003, the test run resumed when operations relit the start-up burner, and testing continued until the scheduled end of the run on July 14, 2003. TC12 had a total of 733 hours using Powder River Basin (PRB) subbituminous coal. Over the course of the entire test run, gasifier temperatures varied between 1,675 and 1,850 F at pressures from 130 to 210 psig.

  20. Multimedia Security System for Security and Medical Applications

    ERIC Educational Resources Information Center

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  1. Power Systems Development Facility

    SciTech Connect

    Southern Company Services

    2004-04-30

    This report discusses Test Campaign TC15 of the Kellogg Brown & Root, Inc. (KBR) Transport Gasifier train with a Siemens Power Generation, Inc. (SPG) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The Transport Gasifier is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or gasifier using a particulate control device (PCD). While operating as a gasifier, either air or oxygen can be used as the oxidant. Test run TC15 began on April 19, 2004, with the startup of the main air compressor and the lighting of the gasifier startup burner. The Transport Gasifier was shutdown on April 29, 2004, accumulating 200 hours of operation using Powder River Basin (PRB) subbituminous coal. About 91 hours of the test run occurred during oxygen-blown operations. Another 6 hours of the test run was in enriched-air mode. The remainder of the test run, approximately 103 hours, took place during air-blown operations. The highest operating temperature in the gasifier mixing zone mostly varied from 1,800 to 1,850 F. The gasifier exit pressure ran between 200 and 230 psig during air-blown operations and between 110 and 150 psig in oxygen-enhanced air operations.

  2. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 6 Domestic Security 1 2010-01-01 2010-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  3. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 6 Domestic Security 1 2011-01-01 2011-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  4. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 6 Domestic Security 1 2012-01-01 2012-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  5. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 6 Domestic Security 1 2014-01-01 2014-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  6. 6 CFR 37.43 - Physical security of DMV production facilities.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 6 Domestic Security 1 2013-01-01 2013-01-01 false Physical security of DMV production facilities. 37.43 Section 37.43 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REAL ID DRIVER'S LICENSES AND IDENTIFICATION CARDS Security at DMVs and Driver's License...

  7. POWER SYSTEMS DEVELOPMENT FACILITY

    SciTech Connect

    Unknown

    2002-11-01

    This report discusses test campaign GCT4 of the Kellogg Brown & Root, Inc. (KBR) transport reactor train with a Siemens Westinghouse Power Corporation (Siemens Westinghouse) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The transport reactor is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or a gasifier using one of two possible particulate control devices (PCDs). The transport reactor was operated as a pressurized gasifier during GCT4. GCT4 was planned as a 250-hour test run to continue characterization of the transport reactor using a blend of several Powder River Basin (PRB) coals and Bucyrus limestone from Ohio. The primary test objectives were: Operational Stability--Characterize reactor loop and PCD operations with short-term tests by varying coal-feed rate, air/coal ratio, riser velocity, solids-circulation rate, system pressure, and air distribution. Secondary objectives included the following: Reactor Operations--Study the devolatilization and tar cracking effects from transient conditions during transition from start-up burner to coal. Evaluate the effect of process operations on heat release, heat transfer, and accelerated fuel particle heat-up rates. Study the effect of changes in reactor conditions on transient temperature profiles, pressure balance, and product gas composition. Effects of Reactor Conditions on Synthesis Gas Composition--Evaluate the effect of air distribution, steam/coal ratio, solids-circulation rate, and reactor temperature on CO/CO{sub 2} ratio, synthesis gas Lower Heating Value (LHV), carbon conversion, and cold and hot gas efficiencies. Research Triangle Institute (RTI) Direct Sulfur Recovery Process (DSRP) Testing--Provide syngas in support of the DSRP commissioning. Loop Seal Operations--Optimize loop seal operations and investigate increases to previously achieved maximum solids-circulation rate.

  8. Information technology security system engineering methodology

    NASA Technical Reports Server (NTRS)

    Childs, D.

    2003-01-01

    A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

  9. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 2 2010-01-01 2010-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.49 Security of automatic data processing (ADP)...

  10. Energy Systems Integration Facility Overview

    ScienceCinema

    Arvizu, Dan; Chistensen, Dana; Hannegan, Bryan; Garret, Bobi; Kroposki, Ben; Symko-Davies, Martha; Post, David; Hammond, Steve; Kutscher, Chuck; Wipke, Keith

    2014-06-10

    The U.S. Department of Energy's Energy Systems Integration Facility (ESIF) is located at the National Renewable Energy Laboratory is the right tool, at the right time... a first-of-its-kind facility that addresses the challenges of large-scale integration of clean energy technologies into the energy systems that power the nation.

  11. Energy Systems Integration Facility Overview

    SciTech Connect

    Arvizu, Dan; Chistensen, Dana; Hannegan, Bryan; Garret, Bobi; Kroposki, Ben; Symko-Davies, Martha; Post, David; Hammond, Steve; Kutscher, Chuck; Wipke, Keith

    2014-02-28

    The U.S. Department of Energy's Energy Systems Integration Facility (ESIF) is located at the National Renewable Energy Laboratory is the right tool, at the right time... a first-of-its-kind facility that addresses the challenges of large-scale integration of clean energy technologies into the energy systems that power the nation.

  12. Securing the Global Airspace System Via Identity-Based Security

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  13. Internetting tactical security sensor systems

    NASA Astrophysics Data System (ADS)

    Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

    1998-08-01

    The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control

  14. 36 CFR Appendix A to Part 1234 - Minimum Security Standards for Level III Federal Facilities

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 36 Parks, Forests, and Public Property 3 2013-07-01 2012-07-01 true Minimum Security Standards for.... 1234, App. A Appendix A to Part 1234—Minimum Security Standards for Level III Federal Facilities Recommended Standards Chart Level III Perimeter Security Parking: Control of facility parking...

  15. 3 CFR 13650 - Executive Order 13650 of August 1, 2013. Improving Chemical Facility Safety and Security

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... Chemical Facility Safety and Security 13650 Order 13650 Presidential Documents Executive Orders Executive Order 13650 of August 1, 2013 EO 13650 Improving Chemical Facility Safety and Security By the authority... and implemented numerous programs aimed at reducing the safety risks and security risks...

  16. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  17. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  18. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  19. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  20. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  1. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  2. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  3. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  4. 10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility...

  5. 10 CFR 1016.11 - Cancellation of requests for security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When...

  6. Managing secure computer systems and networks.

    PubMed

    Von Solms, B

    1996-10-01

    No computer system or computer network can today be operated without the necessary security measures to secure and protect the electronic assets stored, processed and transmitted using such systems and networks. Very often the effort in managing such security and protection measures are totally underestimated. This paper provides an overview of the security management needed to secure and protect a typical IT system and network. Special reference is made to this management effort in healthcare systems, and the role of the information security officer is also highlighted. PMID:8960921

  7. DOE Integrated Security System (DISS) preliminary communication security analysis

    SciTech Connect

    Sweeney, D.J.

    1993-10-01

    The purpose of this analysis is to document a technical approach to improve DOE Integrated Security System (DISS) dial-up communications security and the requirements to address them. This document is not intended as a comprehensive analysis of the security aspects of the DISS computer system but rather as an analysis of the dial-up communications security as it pertains to the use of the DISS database in the new DOE Automated Visitors Access Control System (DAVACS) procedures. Current access controls into the DISS will be discussed with emphasis on the DAVACS procedures. Recommendations will be provided for increasing the dial-up communications security into DISS as it relates to the automated visit procedures. Finally a design for an encrypted dial-up communication link to DISS will be given.

  8. POWER SYSTEMS DEVELOPMENT FACILITY

    SciTech Connect

    Unknown

    2002-05-01

    This report discusses test campaign GCT3 of the Halliburton KBR transport reactor train with a Siemens Westinghouse Power Corporation (Siemens Westinghouse) particle filter system at the Power Systems Development Facility (PSDF) located in Wilsonville, Alabama. The transport reactor is an advanced circulating fluidized-bed reactor designed to operate as either a combustor or a gasifier using one of two possible particulate control devices (PCDs). The transport reactor was operated as a pressurized gasifier during GCT3. GCT3 was planned as a 250-hour test run to commission the loop seal and continue the characterization of the limits of operational parameter variations using a blend of several Powder River Basin coals and Bucyrus limestone from Ohio. The primary test objectives were: (1) Loop Seal Commissioning--Evaluate the operational stability of the loop seal with sand and limestone as a bed material at different solids circulation rates and establish a maximum solids circulation rate through the loop seal with the inert bed. (2) Loop Seal Operations--Evaluate the loop seal operational stability during coal feed operations and establish maximum solids circulation rate. Secondary objectives included the continuation of reactor characterization, including: (1) Operational Stability--Characterize the reactor loop and PCD operations with short-term tests by varying coal feed, air/coal ratio, riser velocity, solids circulation rate, system pressure, and air distribution. (2) Reactor Operations--Study the devolatilization and tar cracking effects from transient conditions during transition from start-up burner to coal. Evaluate the effect of process operations on heat release, heat transfer, and accelerated fuel particle heat-up rates. Study the effect of changes in reactor conditions on transient temperature profiles, pressure balance, and product gas composition. (3) Effects of Reactor Conditions on Syngas Composition--Evaluate the effect of air distribution, steam

  9. Survey of holographic security systems

    NASA Astrophysics Data System (ADS)

    Kontnik, Lewis T.; Lancaster, Ian M.

    1990-04-01

    The counterfeiting of products and financial instruments is a major problem throughout the world today. The dimensions of the problem are growing, accelerated by the expanding availability of production technologies to sophisticated counterfeiters and the increasing capabilities of these technologies. Various optical techniques, including holography, are beingused in efforts to mark authentic products and to distinguish them from copies. Industry is recognizing that the effectiveness of these techniques depends on such factors as the economics of the counterfeiting process and the distribution channels for the products involved, in addition to the performance of the particular optical security technologies used. This paper surveys the nature of the growing counterfeit market place and reviews the utility of holographic optical security systems. In particular, we review the use of holograms on credit cards and other products; and outline certain steps the holography industry should take to promote these application.

  10. Threats to financial system security

    SciTech Connect

    McGovern, D.E.

    1997-06-01

    The financial system in the United States is slowly migrating from the bricks and mortar of banks on the city square to branch banks, ATM`s, and now direct linkage through computers to the home. Much work has been devoted to the security problems inherent in protecting property and people. The impact of attacks on the information aspects of the financial system has, however, received less attention. Awareness is raised through publicized events such as the junk bond fraud perpetrated by Milken or gross mismanagement in the failure of the Barings Bank through unsupervised trading activities by Leeson in Singapore. These events, although seemingly large (financial losses may be on the order of several billion dollars), are but small contributors to the estimated $114 billion loss to all types of financial fraud in 1993. Most of the losses can be traced to the contribution of many small attacks perpetrated against a variety of vulnerable components and systems. This paper explores the magnitude of these financial system losses and identifies new areas for security to be applied to high consequence events.

  11. Security Encryption Scheme for Communication of Web Based Control Systems

    NASA Astrophysics Data System (ADS)

    Robles, Rosslin John; Kim, Tai-Hoon

    A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

  12. Food security practice in Kansas schools and health care facilities.

    PubMed

    Yoon, Eunju; Shanklin, Carol W

    2007-02-01

    This pilot study investigated perceived importance and frequency of specific preventive measures, and food and nutrition professionals' and foodservice directors' willingness to develop a food defense management plan. A mail questionnaire was developed based on the US Department of Agriculture document, Biosecurity Checklist for School Foodservice Programs--Developing a Biosecurity Management Plan. The survey was sent to food and nutrition professionals and foodservice operators in 151 acute care hospitals, 181 long-term-care facilities, and 450 school foodservice operations. Chemical use and storage was perceived as the most important practice to protect an operation and was the practice implemented most frequently. Results of the study indicate training programs on food security are needed to increase food and nutrition professionals' motivation to implement preventive measures. PMID:17258972

  13. Security Equipment and Systems Certification Program (SESCP)

    SciTech Connect

    Steele, B.J.; Papier, I.I.

    1996-06-20

    Sandia National Laboratories (SNL) and Underwriters Laboratories, Inc., (UL) have jointly established the Security Equipment and Systems Certification Program (SESCP). The goal of this program is to enhance industrial and national security by providing a nationally recognized method for making informed selection and use decisions when buying security equipment and systems. The SESCP will provide a coordinated structure for private and governmental security standardization review. Members will participate in meetings to identify security problems, develop ad-hoc subcommittees (as needed) to address these identified problems, and to maintain a communications network that encourages a meaningful exchange of ideas. This program will enhance national security by providing improved security equipment and security systems based on consistent, reliable standards and certification programs.

  14. A Security Audit Framework to Manage Information System Security

    NASA Astrophysics Data System (ADS)

    Pereira, Teresa; Santos, Henrique

    The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

  15. LANSCE radiation security system (RSS)

    SciTech Connect

    Gallegos, F.R.

    1996-12-31

    The Radiation Security System (RSS) is an engineered safety system which automatically terminates transmission of accelerated ion beams in response to pre-defined abnormal conditions. It is one of the four major mechanisms used to protect people from radiation hazards induced by accelerated pulsed ion beams at the Los Alamos Neutron Science Center (LANSCE). The others are shielding, administrative policies and procedures, and qualified, trained personnel. Prompt radiation hazards at the half-mile long LANSCE accelerator exist due to average beam intensities ranging from 1 milli-amp for H{sup +} beam to 100 micro-amps for the high intensity H{sup {minus}} beam. Experimental programs are supplied with variable energy (maximum 800 MeV), pulse-width (maximum 1 msec), and pulse frequency (maximum 120 Hz) ion beams. The RSS includes personnel access control systems, beam spill monitoring systems, and beam current level limiting systems. It is a stand-alone system with redundant logic chains. A fault of the RSS will cause the insertion of fusible beam plugs in the accelerator low energy beam transport. The design philosophy, description, and operation of the RSS are described in this paper.

  16. Cyberspace Security Econometrics System (CSES)

    SciTech Connect

    2012-07-27

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement.

  17. Cyberspace Security Econometrics System (CSES)

    Energy Science and Technology Software Center (ESTSC)

    2012-07-27

    Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for themore » criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variance that may exist among the stakes one attaches to meeting each requirement.« less

  18. Computer access security code system

    NASA Technical Reports Server (NTRS)

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  19. Secure resource management: Specifying and testing secure operating systems

    SciTech Connect

    Archer, M.; Frincke, D.A.; Levitt, K. . Div. of Computer Science)

    1990-04-10

    Much work has been devoted to methods for reasoning about the specifications of operating system specifications, the goal being to develop specifications for an operating system that are verified to be secure. Before the verification should be attempted, the specifications should be tested. This paper presents tools that can assist in the security testing of specifications. The first tool is based on the final Algebra Specification and Execution (FASE) system, and would be used to test specifications with real input values. FASE is an executable specification language which is operational in style, in which entities are represented in terms of their observable behavior. To facilitate the testing of an operating system (and its specification), use FASE we have specified a Secure Resource Manager (SRM), a generic template of an operating system. The SRM specification can be specialized to a specification of a particular operating system; the SRM is quite general and handles most features of modern nondistributed operating systems. The second tool, called the PLANNER, is used to derive a sequence of operations that exhibits a security flaw, most often a covert channel for information flow. The PLANNER is based on classical methods of AI planning, specialized to achieve goals concerned with information flow. The tools are demonstrated with respect to a simple operating system specification develop by Millen.

  20. Improving Security in Schools. Managing School Facilities, Guide 4.

    ERIC Educational Resources Information Center

    Department for Education and Employment, London (England).

    This booklet offers guidance on how to improve school security, including advice on the management of security and the roles of local education authorities, school governors, and headteachers. The guide describes how schools can carry out their own security surveys, assess themselves in terms of risk, and then consider security measures…

  1. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  2. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Facility Vulnerability and Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST... Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  3. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  4. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Facility Vulnerability and Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST... Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  5. 33 CFR Appendix A to Part 105 - Facility Vulnerability and Security Measures Summary (Form CG-6025)

    Code of Federal Regulations, 2013 CFR

    2013-07-01

    ... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Facility Vulnerability and Security Measures Summary (Form CG-6025) A Appendix A to Part 105 Navigation and Navigable Waters COAST... Appendix A to Part 105—Facility Vulnerability and Security Measures Summary (Form CG-6025)...

  6. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  7. 33 CFR 105.405 - Format and content of the Facility Security Plan (FSP).

    Code of Federal Regulations, 2014 CFR

    2014-07-01

    ... Vulnerability and Security Measures Summary (Form CG-6025) in appendix A to part 105-Facility Vulnerability and... resubmission of the FSP. (c) The Facility Vulnerability and Security Measures Summary (Form CG-6025) must be completed using information in the FSA concerning identified vulnerabilities and information in the...

  8. Cyber Security Testing and Training Programs for Industrial Control Systems

    SciTech Connect

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  9. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 4 2011-01-01 2011-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  10. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 4 2013-01-01 2013-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  11. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 4 2012-01-01 2012-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  12. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 4 2014-01-01 2014-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  13. 10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security...

  14. Radio frequency security system, method for a building facility or the like, and apparatus and methods for remotely monitoring the status of fire extinguishers

    DOEpatents

    Runyon, Larry; Gunter, Wayne M.; Gilbert, Ronald W.

    2006-07-25

    A system for remotely monitoring the status of one or more fire extinguishers includes means for sensing at least one parameter of each of the fire extinguishers; means for selectively transmitting the sensed parameters along with information identifying the fire extinguishers from which the parameters were sensed; and means for receiving the sensed parameters and identifying information for the fire extinguisher or extinguishers at a common location. Other systems and methods for remotely monitoring the status of multiple fire extinguishers are also provided.

  15. Implementing Improved Security and Encryption for Balloon Flight Systems

    NASA Astrophysics Data System (ADS)

    Denney, Andrew; Stilwell, Bryan D.

    The Columbia Scientific Balloon Facility uses a broad array of communication techniques be-tween its balloon-borne flight systems and ground command and control systems. These com-munication mediums vary from commercially available routing such as e-mail and IP based TCP/UDP protocols to military grade proprietary line-of-sight configurations; each with their own unique benefits and shortfalls. While each new advancement in technology improves secu-rity in some capacity, it does not always address the limitation of older, less advanced security or encryption capabilities. As the proliferation of newer, more commercially viable technologies become common place, safeguarding mission critical applications from unauthorized access and improve data integrity in the process becomes ever more necessary. Therefore, this paper will evaluate several security measures and methods of data encryption; including formalizing a standardized security philosophy that improves and addresses the mixture of established and emerging technologies.

  16. 33 CFR 105.210 - Facility personnel with security duties.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... must have knowledge, through training or equivalent job experience, in the following, as appropriate: (a) Knowledge of current security threats and patterns; (b) Recognition and detection of dangerous... control techniques; (f) Security related communications; (g) Knowledge of emergency procedures...

  17. Safeguards and security considerations for automated and robotic systems

    SciTech Connect

    Jordan, S.E.; Jaeger, C.D.

    1994-09-01

    Within the reconfigured Nuclear Weapons Complex there will be a large number of automated and robotic (A&R) systems because of the many benefits derived from their use. To meet the overall security requirements of a facility, consideration must be given to those systems that handle and process nuclear material. Since automation and robotics is a relatively new technology, not widely applied to the Nuclear Weapons Complex, safeguards and security (S&S) issues related to these systems have not been extensively explored, and no guidance presently exists. The goal of this effort is to help integrate S&S into the design of future A&R systems. Towards this, the authors first examined existing A and R systems from a security perspective to identify areas of concern and possible solutions of these problems. They then were able to develop generalized S&S guidance and design considerations for automation and robotics.

  18. The NASA personnel security processing expert system

    SciTech Connect

    Silberberg, D.; Thomas, R.

    1996-12-31

    The NASA Personnel Security Processing Expert System is a tool that automatically determines the appropriate personnel background investigation required for a civil servant or contractor occupying a position of national security or public trust. It also instructs the personnel security processing staff to perform special checks based on a specific position. The system is implemented using a rule-based expert system and a World Wide Web interface. The system design separates the user interface, knowledge base and control structure to simplify system evolution. When one subsystem is modified, the others are impacted minimally. This system provides many benefits to the NASA Personnel Security Program. First, it frees the agency personnel security specialist from trouble-shooting and correcting all investigative problems. It also provides a learning tool for security processing staff at each installation. The system ensures that each installation security office is in compliance with all applicable laws, regulations and policies. Finally, eliminating overlapping, inappropriate and duplicative efforts to process employees saves many resources. The system was deployed less than a year ago. To date, it saved $1.2 million of the $1.5 million agency-wide personnel security budget.

  19. 36 CFR Appendix A to Part 1234 - Minimum Security Standards for Level III Federal Facilities

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... 36 Parks, Forests, and Public Property 3 2012-07-01 2012-07-01 false Minimum Security Standards for Level III Federal Facilities A Appendix A to Part 1234 Parks, Forests, and Public Property NATIONAL ARCHIVES AND RECORDS ADMINISTRATION RECORDS MANAGEMENT FACILITY STANDARDS FOR RECORDS STORAGE FACILITIES Pt. 1234, App. A Appendix A to Part...

  20. Secure Internet video conferencing for assessing acute medical problems in a nursing facility.

    PubMed Central

    Weiner, M.; Schadow, G.; Lindbergh, D.; Warvel, J.; Abernathy, G.; Dexter, P.; McDonald, C. J.

    2001-01-01

    Although video-based teleconferencing is becoming more widespread in the medical profession, especially for scheduled consultations, applications for rapid assessment of acute medical problems are rare. Use of such a video system in a nursing facility may be especially beneficial, because physicians are often not immediately available to evaluate patients. We have assembled and tested a portable, wireless conferencing system to prepare for a randomized trial of the system s influence on resource utilization and satisfaction. The system includes a rolling cart with video conferencing hardware and software, a remotely controllable digital camera, light, wireless network, and battery. A semi-automated paging system informs physicians of patient s study status and indications for conferencing. Data transmission occurs wirelessly in the nursing home and then through Internet cables to the physician s home. This provides sufficient bandwidth to support quality motion images. IPsec secures communications. Despite human and technical challenges, this system is affordable and functional. Images Figure 1 PMID:11825286

  1. 33 CFR 105.210 - Facility personnel with security duties.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ...: (a) Knowledge of current security threats and patterns; (b) Recognition and detection of dangerous substances and devices; (c) Recognition of characteristics and behavioral patterns of persons who are...

  2. High Assurance Models for Secure Systems

    ERIC Educational Resources Information Center

    Almohri, Hussain M. J.

    2013-01-01

    Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

  3. Recommended Practice for Securing Control System Modems

    SciTech Connect

    James R. Davidson; Jason L. Wright

    2008-01-01

    This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

  4. [Security Management in Clinical Laboratory Departments and Facilities: Current Status and Issues].

    PubMed

    Ishida, Haku; Nakamura, Junji; Yoshida, Hiroshi; Koike, Masaru; Inoue, Yuji

    2014-11-01

    We conducted a questionnaire survey regarding the current activities for protecting patients' privacy and the security of information systems (IS) related to the clinical laboratory departments of university hospitals, certified training facilities for clinical laboratories, and general hospitals in Yamaguchi Prefecture. The response rate was 47% from 215 medical institutions, including three commercial clinical laboratory centers. The results showed that there were some differences in management activities among facilities with respect to continuing education, the documentation or regulation of operational management for paper records, electronic information, remaining samples, genetic testing, and laboratory information for secondary use. They were suggested to be caused by differences in functions between university and general hospitals, differences in the scale of hospitals, or whether or not hospitals have received accreditation or ISO 15189. Regarding the IS, although the majority of facilities had sufficiently employed the access control to IS, there was some room for improvement in the management of special cases such as VIPs and patients with HIV infection. Furthermore, there were issues regarding the login method for computers shared by multiple staff, the showing of the names of personnel in charge of reports, and the risks associated with direct connections to systems and the Internet and the use of portable media such as USB memory sticks. These results indicated that further efforts are necessary for each facility to continue self-assessment and make improvements. PMID:27509732

  5. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2010 CFR

    2010-07-01

    ... stores operations; (7) Response capability to security incidents; (8) Threat assessments, including the... collect the information required in paragraph (a) of this section. (c) Analysis and recommendations. In... to establish and prioritize the security measures that should be included in the FSP. The...

  6. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2012 CFR

    2012-07-01

    ... stores operations; (7) Response capability to security incidents; (8) Threat assessments, including the... collect the information required in paragraph (a) of this section. (c) Analysis and recommendations. In... to establish and prioritize the security measures that should be included in the FSP. The...

  7. 33 CFR 105.305 - Facility Security Assessment (FSA) requirements.

    Code of Federal Regulations, 2011 CFR

    2011-07-01

    ... stores operations; (7) Response capability to security incidents; (8) Threat assessments, including the... collect the information required in paragraph (a) of this section. (c) Analysis and recommendations. In... to establish and prioritize the security measures that should be included in the FSP. The...

  8. Situated Usability Testing for Security Systems

    SciTech Connect

    Greitzer, Frank L.

    2011-03-02

    While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused on matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.

  9. Post 9-11 Security Issues for Non-Power Reactor Facilities

    SciTech Connect

    Zaffuts, P. J.

    2003-02-25

    This paper addresses the legal and practical issues arising out of the design and implementation of a security-enhancement program for non power reactor nuclear facilities. The security enhancements discussed are derived from the commercial nuclear power industry's approach to security. The nuclear power industry's long and successful experience with protecting highly sensitive assets provides a wealth of information and lessons that should be examined by other industries contemplating security improvements, including, but not limited to facilities using or disposing of nuclear materials. This paper describes the nuclear industry's approach to security, the advantages and disadvantages of its constituent elements, and the legal issues that facilities will need to address when adopting some or all of these elements in the absence of statutory or regulatory requirements to do so.

  10. Secure videoconferencing equipment switching system and method

    DOEpatents

    Dirks, David H; Gomes, Diane; Stewart, Corbin J; Fischer, Robert A

    2013-04-30

    Examples of systems described herein include videoconferencing systems having audio/visual components coupled to a codec. The codec may be configured by a control system. Communication networks having different security levels may be alternately coupled to the codec following appropriate configuration by the control system. The control system may also be coupled to the communication networks.

  11. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... 10 Energy 2 2012-01-01 2012-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  12. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2014 CFR

    2014-01-01

    ... 10 Energy 2 2014-01-01 2014-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  13. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2013 CFR

    2013-01-01

    ... 10 Energy 2 2013-01-01 2013-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  14. 10 CFR 95.49 - Security of automatic data processing (ADP) systems.

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 10 Energy 2 2011-01-01 2011-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND... automatic data processing (ADP) systems. Classified data or information may not be processed or produced...

  15. CS2SAT: THE CONTROL SYSTEMS CYBER SECURITY SELF-ASSESSMENT TOOL

    SciTech Connect

    Kathleen A. Lee

    2008-01-01

    The Department of Homeland Security National Cyber Security Division has developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) that provides users with a systematic and repeatable approach for assessing the cyber-security posture of their industrial control system networks. The CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology. The CS2SAT is a desktop software tool that guides users through a step-by-step process to collect facility-specific control system information and then makes appropriate recommendations for improving the system’s cyber-security posture. The CS2SAT provides recommendations from a database of industry available cyber-security practices, which have been adapted specifically for application to industry control system networks and components. Each recommendation is linked to a set of actions that can be applied to remediate-specific security vulnerabilities.

  16. Control Systems Cyber Security Standards Support Activities

    SciTech Connect

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  17. 78 FR 77606 - Security Requirements for Facilities Storing Spent Nuclear Fuel

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-12-24

    ... SECY-07- 0148, to strengthen security requirements at ISFSIs. On December 16, 2009 (74 FR 66589), the... COMMISSION 10 CFR Parts 72 and 73 RIN 3150-AI78 Security Requirements for Facilities Storing Spent Nuclear... known as the technical basis] document for a proposed rulemaking that would revise the...

  18. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  19. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  20. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  1. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  2. 21 CFR 1301.77 - Security controls for freight forwarding facilities.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Security controls for freight forwarding facilities. 1301.77 Section 1301.77 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS, DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security...

  3. 10 CFR 1016.39 - Termination, suspension, or revocation of security facility approval.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... 10 Energy 4 2010-01-01 2010-01-01 false Termination, suspension, or revocation of security facility approval. 1016.39 Section 1016.39 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Control of Information § 1016.39 Termination, suspension, or revocation of security...

  4. Anchor Toolkit - a secure mobile agent system

    SciTech Connect

    Mudumbai, Srilekha S.; Johnston, William; Essiari, Abdelilah

    1999-05-19

    Mobile agent technology facilitates intelligent operation insoftware systems with less human interaction. Major challenge todeployment of mobile agents include secure transmission of agents andpreventing unauthorized access to resources between interacting systems,as either hosts, or agents, or both can act maliciously. The Anchortoolkit, designed by LBNL, handles the transmission and secure managementof mobile agents in a heterogeneous distributed computing environment. Itprovides users with the option of incorporating their security managers.This paper concentrates on the architecture, features, access control anddeployment of Anchor toolkit. Application of this toolkit in a securedistributed CVS environment is discussed as a case study.

  5. Secure and Efficient Routable Control Systems

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  6. Security for safety critical space borne systems

    NASA Technical Reports Server (NTRS)

    Legrand, Sue

    1987-01-01

    The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

  7. Securing iris recognition systems against masquerade attacks

    NASA Astrophysics Data System (ADS)

    Galbally, Javier; Gomez-Barrero, Marta; Ross, Arun; Fierrez, Julian; Ortega-Garcia, Javier

    2013-05-01

    A novel two-stage protection scheme for automatic iris recognition systems against masquerade attacks carried out with synthetically reconstructed iris images is presented. The method uses different characteristics of real iris images to differentiate them from the synthetic ones, thereby addressing important security flaws detected in state-of-the-art commercial systems. Experiments are carried out on the publicly available Biosecure Database and demonstrate the efficacy of the proposed security enhancing approach.

  8. Birds of a Feather: Supporting Secure Systems

    SciTech Connect

    Braswell III, H V

    2006-04-24

    Over the past few years Lawrence Livermore National Laboratory has begun the process of moving to a diskless environment in the Secure Computer Support realm. This movement has included many moving targets and increasing support complexity. We would like to set up a forum for Security and Support professionals to get together from across the Complex and discuss current deployments, lessons learned, and next steps. This would include what hardware, software, and hard copy based solutions are being used to manage Secure Computing. The topics to be discussed include but are not limited to: Diskless computing, port locking and management, PC, Mac, and Linux/UNIX support and setup, system imaging, security setup documentation and templates, security documentation and management, customer tracking, ticket tracking, software download and management, log management, backup/disaster recovery, and mixed media environments.

  9. National Ignition Facility system design requirements conventional facilities SDR001

    SciTech Connect

    Hands, J.

    1996-04-09

    This System Design Requirements (SDR) document specifies the functions to be performed and the minimum design requirements for the National Ignition Facility (NIF) site infrastructure and conventional facilities. These consist of the physical site and buildings necessary to house the laser, target chamber, target preparation areas, optics support and ancillary functions.

  10. CORBA security services for health information systems.

    PubMed

    Blobel, B; Holena, M

    1998-01-01

    The structure of healthcare systems in developed countries is changing to 'shared care', enforced by economic constraints and caused by a change in the basic conditions of care. That development results in co-operative health information systems across the boundaries of organisational, technological, and policy domains. Increasingly, these distributed and, as far as their domains are concerned, heterogeneous systems are based on middleware approaches, such as CORBA. Regarding the sensitivity of personal and medical data, such open, distributed, and heterogeneous health information systems require a high level of data protection and data security, both with respect to patient information and with respect to users. This paper, relying on experience gained through our activities in CORBAmed, describes the possibilities the CORBA middleware provides to achieve application and communication security. On the background of the overall CORBA architecture, it outlines the different security services previewed in the adopted CORBA specifications which are discussed in the context of the security requirements of healthcare information systems. Security services required in the healthcare domain but not available at the moment are mentioned. A solution is proposed, which on the one hand allows to make use of the available CORBA security services and additional ones, on the other hand remains open to other middleware approaches, such as DHE or HL7. PMID:9848400

  11. 6 CFR 27.200 - Information regarding security risk for a chemical facility.

    Code of Federal Regulations, 2012 CFR

    2012-01-01

    ... to complete and submit a Top-Screen process, which may be completed through a secure Department Web... submit a Top-Screen in accordance with the schedule provided in § 27.210, the calculation provisions in... Department requests that a facility complete and submit a Top-Screen, the facility must designate a...

  12. Security model for picture archiving and communication systems.

    PubMed

    Harding, D B; Gac, R J; Reynolds, C T; Romlein, J; Chacko, A K

    2000-05-01

    The modern information revolution has facilitated a metamorphosis of health care delivery wrought with the challenges of securing patient sensitive data. To accommodate this reality, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). While final guidance has not fully been resolved at this time, it is up to the health care community to develop and implement comprehensive security strategies founded on procedural, hardware and software solutions in preparation for future controls. The Virtual Radiology Environment (VRE) Project, a landmark US Army picture archiving and communications system (PACS) implemented across 10 geographically dispersed medical facilities, has addressed that challenge by planning for the secure transmission of medical images and reports over their local (LAN) and wide area network (WAN) infrastructure. Their model, which is transferable to general PACS implementations, encompasses a strategy of application risk and dataflow identification, data auditing, security policy definition, and procedural controls. When combined with hardware and software solutions that are both non-performance limiting and scalable, the comprehensive approach will not only sufficiently address the current security requirements, but also accommodate the natural evolution of the enterprise security model. PMID:10847401

  13. Secure Video Surveillance System (SVSS) for unannounced safeguards inspections.

    SciTech Connect

    Galdoz, Erwin G. , Rio de Janeiro, Brazil); Pinkalla, Mark

    2010-09-01

    The Secure Video Surveillance System (SVSS) is a collaborative effort between the U.S. Department of Energy (DOE), Sandia National Laboratories (SNL), and the Brazilian-Argentine Agency for Accounting and Control of Nuclear Materials (ABACC). The joint project addresses specific requirements of redundant surveillance systems installed in two South American nuclear facilities as a tool to support unannounced inspections conducted by ABACC and the International Atomic Energy Agency (IAEA). The surveillance covers the critical time (as much as a few hours) between the notification of an inspection and the access of inspectors to the location in facility where surveillance equipment is installed. ABACC and the IAEA currently use the EURATOM Multiple Optical Surveillance System (EMOSS). This outdated system is no longer available or supported by the manufacturer. The current EMOSS system has met the project objective; however, the lack of available replacement parts and system support has made this system unsustainable and has increased the risk of an inoperable system. A new system that utilizes current technology and is maintainable is required to replace the aging EMOSS system. ABACC intends to replace one of the existing ABACC EMOSS systems by the Secure Video Surveillance System. SVSS utilizes commercial off-the shelf (COTS) technologies for all individual components. Sandia National Laboratories supported the system design for SVSS to meet Safeguards requirements, i.e. tamper indication, data authentication, etc. The SVSS consists of two video surveillance cameras linked securely to a data collection unit. The collection unit is capable of retaining historical surveillance data for at least three hours with picture intervals as short as 1sec. Images in .jpg format are available to inspectors using various software review tools. SNL has delivered two SVSS systems for test and evaluation at the ABACC Safeguards Laboratory. An additional 'proto-type' system remains

  14. 41 CFR 102-81.20 - Are the security standards for new Federally owned and leased facilities the same as the...

    Code of Federal Regulations, 2011 CFR

    2011-01-01

    ... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false Are the security standards for new Federally owned and leased facilities the same as the standards for existing Federally owned and leased facilities? 102-81.20 Section 102-81.20 Public Contracts and Property Management Federal Property Management Regulations System...

  15. Continuing Chemical Facilities Antiterrorism Security Act of 2011

    THOMAS, 112th Congress

    Sen. Collins, Susan M. [R-ME

    2011-03-03

    10/20/2011 By Senator Lieberman from Committee on Homeland Security and Governmental Affairs filed written report. Report No. 112-90. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

  16. 78 FR 48076 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    ... Information (75 FR 707; January 5, 2010), before derivatively classifying information and at least once every... standardize the frequency of required security education training for employees of NRC licensees possessing... uniformity in the frequency of licensee security education and training programs and enhances the...

  17. 78 FR 48037 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

    Federal Register 2010, 2011, 2012, 2013, 2014

    2013-08-07

    ... National Security Information, which was published in the Federal Register on January 5, 2010 (75 FR 707... implementation of the Executive Order, issued a final rule (75 FR 37254; June 28, 2010) amending 32 CFR parts... Executive Order 13526, Classified National Security Information (75 FR 707; January 5, 2010) (the...

  18. Design tools for complex dynamic security systems.

    SciTech Connect

    Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III; Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

    2007-01-01

    The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

  19. Security for decentralized health information systems.

    PubMed

    Bleumer, G

    1994-02-01

    Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit). PMID:8188407

  20. Selecting RMF Controls for National Security Systems

    SciTech Connect

    Witzke, Edward L.

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  1. Primer Control System Cyber Security Framework and Technical Metrics

    SciTech Connect

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  2. A Highly Secure Mobile Agent System Architecture

    NASA Astrophysics Data System (ADS)

    Okataku, Yasukuni; Okutomi, Hidetoshi; Yoshioka, Nobukazu; Ohgishi, Nobuyuki; Honiden, Shinichi

    We propose a system architecture for mobile agents to improve their security in the environments of insecure networks and non-sophisticated terminals such as PDAs. As mobile agents freely migrate onto their favorite terminals through insecure networks or terminals, it is not appropriate for them to store some secret information for authentication and encryption/decryption. We introduce one and more secure nodes(OASIS NODE) for securely generating and verifying authentication codes. The each agent’s data are encrypted by a pseudo-chaos cipher mechanism which doesn’t need any floating processing co-processor. We’ve constructed a prototype system on a Java mobile agent framework, “Bee-gent" which implements the proposed authentication and cipher mechanisms, and evaluated their performances and their applicability to business fields such as an auction system by mobile agents.

  3. Simulation of the effectiveness evaluation process of security systems

    NASA Astrophysics Data System (ADS)

    Godovykh, A. V.; Stepanov, B. P.; Sheveleva, A. A.; Sharafieva, K. R.

    2016-06-01

    The paper is devoted to issues of creation of cross-functional analytical complex for simulation of the process of operation of the security system elements. Basic objectives, a design concept and an interrelation of main elements of the complex are described. The proposed conception of the analytical complex provides an opportunity to simulate processes for evaluating the effectiveness of physical protection system of a nuclear facility. The complex uses models, that take into account features of the object, parameters of technical means and tactics of adversaries. Recommendations were made for applying of this conception for training specialists in the field of physical protection of nuclear materials.

  4. Blue Rose perimeter defense and security system

    NASA Astrophysics Data System (ADS)

    Blackmon, F.; Pollock, J.

    2006-05-01

    An in-ground perimeter security system has been developed by the Naval Undersea Warfare Center Division Newport based upon fiber optic sensor technology. The system, called Blue Rose, exploits the physical phenomenon of Rayleigh optical scattering, which occurs naturally in optical fibers used traditionally for Optical Time Domain Reflectometry techniques to detect sound and vibration transmitted by intruders such as people walking or running and moving vehicles near the sensor. The actual sensor is a single-mode optical fiber with an elastomeric coating that is buried in the ground. A long coherence length laser is used to transmit encoded light down the fiber. Minute changes in the fiber in response to the intrusion produce phase changes to the returning backscattered light signal. The return light signal contains both the actual intrusion sound and the location information of where along the fiber the intrusion has occurred. A digital, in-ground, Blue Rose system has been built and is now operational at NUWC. Due to the low cost of the optical fiber sensor and unique benefits of the system, the Blue Rose system provides an advantage in long perimeter or border security applications and also reduces security manning requirements and therefore overall cost for security.

  5. A voice password system for access security

    SciTech Connect

    Birnbaum, M.; Cohen, L.A.; Welsh, F.X.

    1986-09-01

    A voice password system for access security using speaker verification technology has been designed for use over dial-up telephone lines. The voice password system (VPS) can provide secure access to telephone networks, computers, rooms, and buildings. It also has application in office automation systems, electric funds transfer, and ''smart cards'' (interactive computers embedded in credit-card-sized packages). As increasing attention is focused on access security in the public, private, and government sectors, the voice password system can provide a timely solution to the security dilemma. The VPS uses modes of communication available to almost everyone (the human voice and the telephone). A user calls the VPS, enters his or her identification number (ID) by touch-tone telephone, and then speaks a password. This is usually a phrase or a sentence of about seven syllables. On initial calls, the VPS creates a model of the user's voice, called a reference template, and labels it with the caller's unique user ID. To gain access later, the user calls the system, enters the proper user ID, and speaks the password phrase. The VPS compares the user's stored reference template with the spoken password and produces a distance score.

  6. Secure Control Systems for the Energy Sector

    SciTech Connect

    Smith, Rhett; Campbell, Jack; Hadley, Mark

    2012-03-31

    Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use this technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.

  7. The Secure, Transportable, Autonomous Reactor System

    SciTech Connect

    Brown, N.W.; Hassberger, J.A.; Smith, C.; Carelli, M.; Greenspan, E.; Peddicord, K.L.; Stroh, K.; Wade, D.C.; Hill, R.N.

    1999-05-27

    The Secure, Transportable, Autonomous Reactor (STAR) system is a development architecture for implementing a small nuclear power system, specifically aimed at meeting the growing energy needs of much of the developing world. It simultaneously provides very high standards for safety, proliferation resistance, ease and economy of installation, operation, and ultimate disposition. The STAR system accomplishes these objectives through a combination of modular design, factory manufacture, long lifetime without refueling, autonomous control, and high reliability.

  8. Comparison of Routable Control System Security Approaches

    SciTech Connect

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  9. Biosensor Systems for Homeland Security

    SciTech Connect

    Bruckner-Lea, Cindy J.

    2004-05-30

    The detection of biological agents is important to minimize the effects of pathogens that can harm people, livestock, or plants. In addition to pathogens distributed by man, there is a need to detect natural outbreaks. Recent outbreaks of SARS, mad cow disease, pathogenic E. coli and Salmonella, as well as the discovery of letters filled with anthrax spores have highlighted the need for biosensor systems to aid in prevention, early warning, response, and recovery. Rapid detection can be used to prevent exposure; and detection on a longer timescale can be used to minimize exposure, define treatment, and determine whether contaminated areas are clean enough for reuse. The common types of biological agents of concern include bacteria, spores, and viruses (Figure 1). From a chemist’s point of view, pathogens are essentially complex packages of chemicals that are assembled into organized packages with somewhat predictable physical characteristics such as size and shape. Pathogen detection methods can be divided into three general approaches: selective detection methods for specific identification such as nucleic acid analysis and structural recognition, semi-selective methods for broad-spectrum detection (e.g. physical properties, metabolites, lipids), and function-based methods (e.g. effect of the pathogen on organisms, tissues, or cells). The requirements for biodetection systems depend upon the application. While detect to warn sensors may require rapid detection on the order one minute, detection times of many minutes or hours may be suitable for determining appropriate treatments or for forensic analysis. Of course ideal sensor systems will meet the needs of many applications, and will be sensitive, selective, rapid, and simultaneously detect all agents of concern. They will also be reliable with essentially no false negatives or false positives, small, easy to use, and low cost with minimal consumables.

  10. Enhancing Multilateral Security in and by Reputation Systems

    NASA Astrophysics Data System (ADS)

    Steinbrecher, Sandra

    With the increasing possibilities for interaction between Internet users exceeding pure communication, in multilateral security the research question arises to rethink and extend classical security requirements. Reputation systems are a possible solution to assist new security requirements. But naturally also reputation systems have to be designed in a multilateral secure way. In this paper we discuss both multilateral security by and in reputation systems. An overview on the possibilities how such systems could be realised is given.