In This Issue...
NIST Announces Plan to Sponsor First Cybersecurity FFRDC
To help the National Cybersecurity Center of Excellence (NCCoE) address industry's needs most efficiently, the National Institute of Standards and Technology (NIST) today announced its intention to sponsor its first Federally Funded Research and Development Center (FFRDC).
The FFRDC mechanism will allow a nonprofit organization to support the NCCoE, which was established in partnership with the state of Maryland and Montgomery County in February 2012. Today's announcement in the Federal Register* is the first of three required, and will be followed by a solicitation for proposals to manage the FFRDC in the fall of 2013. This will be the first FFRDC solely dedicated to enhancing the security of the nation's information systems.
The NCCoE is a public-private collaboration that helps businesses secure their data and digital infrastructure by bringing together experts from industry, government and academia to find practical solutions for today's most pressing cybersecurity needs. Last week, the center announced formal partnerships with 11 private industries.**
FFRDCs are independent nonprofit organizations that operate in the public interest and provide a highly efficient way to leverage and rapidly assemble physical resources and scientific and engineering talent, both public and private. By design, they have beyond normal access to government and supplier data, and as nonprofits, they have no bias toward any particular company, technology or product—key attributes, given the NCCoE's collaborative nature.
"The FFRDC model is the most effective way the center can work with private companies to accelerate industry's adoption of integrated tools and technologies to protect IT assets," said Under Secretary of Commerce for Standards and Technology and NIST Director Patrick Gallagher. "NIST has a long history of successful collaboration with industry, and this approach leverages our top cybersecurity experts while allowing the center to be as nimble as possible."
U.S. Senator Barbara Mikulski has been a strong supporter of the NCCoE and participated in last week's signing ceremony for new industry partners, along with Director Gallagher, Maryland Governor Martin O'Malley, and other state and federal partners. "Reorganizing with an FFRDC will help the National Cybersecurity Center of Excellence achieve its mission to protect America's ideas and innovations from cyber terrorists, spies and thieves," she said. "The NCCoE unites the knowledge of the government with the know-how of the private sector to improve our nation's cybersecurity and create jobs. I am so proud to put money in the federal checkbook so this center will ensure Maryland continues to lead the way in cyber technology and cyber jobs."
FFRDCs can have a number of structures that reflect various balances of contractor/government control and ownership. In the case of the NCCoE, federal staff will provide overall management of the center, and the FFRDC will provide various types of support to its mission, including research, development, engineering and technical support to devise, test, and demonstrate integrated technical solutions to difficult cybersecurity challenges; program and project management of FFRDC collaborative efforts; and management and operations of the NCCoE facility.
Comments on the proposed FFRDC are due by 5 p.m. Easter time on July 22, 2013, and must be submitted to Keith Bubar, at firstname.lastname@example.org or National Institute of Standards and Technology, 100 Bureau Drive, Mailstop 1640, Gaithersburg, MD 20899. For more information on FFRDCs, see the Federal Acquisition Regulation at https://acquisition.gov/far/97-06/pdf/35.pdf.
* The Federal Register announcement, "Proposed Establishment of a Federally Funded Research and Development Center-First Notice," is available at https://federalregister.gov/a/2013-09376.
** See the April 15, 2013, NIST news announcement, "Industry Partners Join the National Cybersecurity Center of Excellence" at www.nist.gov/itl/csd/nccoe-041513.cfm
Media Contact: Jennifer Huergo, email@example.com, 301-975-6343
New Manufacturing Extension Centers Planned for Arizona and Rhode Island
The National Institute of Standards and Technology’s (NIST) Hollings Manufacturing Extension Partnership (MEP) program has awarded cooperative agreements to the Arizona Commerce Authority and the University of Rhode Island Research Foundation to serve the small and mid-size manufacturers in their respective states.
Media Contact: Jennifer Huergo, firstname.lastname@example.org, 301-975-6343
NIST Demonstrates Transfer of Ultraprecise Time Signals over a Wireless Optical Channel
By bouncing eye-safe laser pulses off a mirror on a hillside, researchers at the National Institute of Standards and Technology (NIST) have transferred ultraprecise time signals through open air with unprecedented precision equivalent to the "ticking" of the world's best next-generation atomic clocks.
Described in Nature Photonics,* the demonstration shows how next-generation atomic clocks at different locations could be linked wirelessly to improve geodesy (altitude mapping), distribution of time and frequency information, satellite navigation, radar arrays and other applications. Clock signals of this type have previously been transferred by fiber-optic cable, but a wireless channel offers greater flexibility and the eventual possibility of transfer to and from satellites.
The stability of the transferred infrared signal matched that of NIST's best experimental atomic clock, which operates at optical frequencies.** Infrared light is very close to the frequencies used by these clocks, and both are much higher than the microwave frequencies in conventional atomic clocks currently used as national time standards. Operating frequency is one of the most important factors in the precision of optical atomic clocks, which have the potential to provide a 100-fold improvement in the accuracy of future time standards. But the signals need to be distributed with minimal loss of precision and accuracy.
The signal transfer demonstration was performed outdoors over a two-way wireless link using two laser frequency combs. A frequency comb generates a steady stream of ultrashort optical pulses with a spacing that can be synchronized perfectly with the "ticks" of an optical atomic clock.*** In the experiment, the two combs were synchronized to the same stable optical cavity, which serves as a stand-in for an optical atomic clock. Each comb pulse was sent from one of two locations on NIST's campus in Boulder, Colo., reflected off a mirror on a mesa behind the campus, and returned to the other site, traveling a total distance of two kilometers.
Researchers measured travel times for pulses traveling in opposite directions between the two sites. The cumulative timing differences and frequency instabilities were infinitesimal, just one million-billionths of a second per hour, a performance level sufficient for transferring optical clock signals.
The transfer technique overcomes typical wireless signal problems such as turbulence in the atmosphere—the phenomenon that makes images shimmer when it's very hot outside. Because turbulence affects both directions equally, it can be cancelled out. The transfer technique can also withstand signal losses due to temporary obstruction of the light path. The method should be able to operate at much longer distances, possibly even over future ground-to-satellite optical communication links as an added timing channel, researchers say.
The combs potentially could be made portable, and the low-power infrared light is safe for eyes. The research is funded in part by the Defense Advanced Research Projects Agency.
* F.R. Giorgetta, W.C. Swann, L.C. Sinclair, E. Baumann, I. Coddington, N.R. Newbury. Optical two-way time and frequency transfer over free-space. Nature Photonics. Published online April 28.
** See 2010 NIST press release, "NIST Pair of Aluminum Atomic Clocks Reveal Einstein's Relativity at a Personal Scale," at http://www.nist.gov/public_affairs/releases/aluminum-atomic-clock_092310.cfm.
*** For more on how frequency combs work, see www.nist.gov/public_affairs/releases/frequency_combs.cfm.
Media Contact: Laura Ost, email@example.com, 303-497-4880
Shaking Things Up: NIST Researchers Propose New Old Way to Purify Carbon Nanotubes
An old, somewhat passé, trick used to purify protein samples based on their affinity for water has found new fans at the National Institute of Standards and Technology (NIST), where materials scientists are using it to divvy up solutions of carbon nanotubes, separating the metallic nanotubes from semiconductors. They say it's a fast, easy and cheap way to produce high-purity samples of carbon nanotubes for use in nanoscale electronics and many other applications.*
Carbon nanotubes are formed from rolled-up sheets of carbon atoms arranged in a hexagonal pattern resembling chicken wire. One of the amazing features of nanotubes is that, depending on just how the sheet rolls up, a quality called chirality, the resulting tube can behave either like a semiconductor, with various properties, or like a metal, with electrical conductance up to 10 times better than copper. One big issue in creating commercially viable electronics based on nanotubes is being able to efficiently sort out the kind you want.
Thinking about how to do this, says NIST researcher Constantine Khripin, brought up the subject of biochemists and so-called "two-phase liquid extraction." "Biologists used this to separate proteins, even viruses," says Khripin, "It's an old technique, it was popular in the 70s, but then HPLC [high-performance liquid chromatography] replaced a lot of those techniques." People use HPLC to partition carbon nanotubes as well, he says, but it's less successful. HPLC divides things by exploiting differences in the mobility of the desired molecules as they travel small columns loaded with tiny spheres, but carbon nanotubes tend to stick to the spheres, reducing yield and eventually clogging the equipment.
The concept of liquid extraction is relatively straightforward. You make a mixture in water of two polymers that you've selected to be just slightly different in their "hydrophobicity," or tendency to mix with water. Add in your sample of stuff to be separated, stir vigorously and wait. The polymer solutions will gradually separate into two distinct portions or "phases," the lighter one on top. And they'll bring along with them those molecules in your sample that share a similar degree of hydrophobicity.
It turns out that this works pretty well with nanotubes because of differences in their electronic structure—the semiconductor forms, for example, are more hydrophobic than the metallic forms. It's not perfect, of course, but a few sequential separations ends up with a sample where the undesired forms are essentially undetectable.
Be honest. It's not that easy. "No," agrees, Khripin, "People tried this before and it didn't work. The breakthrough was to realize that you need a very subtle difference between the two phases. The difference in hydrophobity between nanotubes is tiny, tiny, tiny." But you can engineer that with careful addition of salts and surfactants.
"This technique uses some vials and a bench-top centrifuge worth a couple hundred dollars, and it takes under a minute," observes team member Jeffrey Fagan. "The other techniques people use require an HPLC on the order of $50,000 and the yields are relatively low, or an ultracentrifuge that takes 12 to 20 hours to separate out the different metals from semiconductors, and it's tricky and cumbersome."
"The nanotube metrology project at NIST has been around for a quite a number of years," says senior team member Ming Zheng. "It has been a constant interest of ours to develop new ways to separate nanotubes, cheaper ways, that industry can use in the development of nanoelectronics and other applications. We really think we have a method here that fits all the criteria that people are looking for. It's easy, it's scalable, it's high resolution—all the good attributes put together."
* C.Y. Khripin , J.A. Fagan and M. Zheng. Spontaneous partition of carbon nanotubes in polymer-modified aqueous phases. J. Am. Chem. Soc., Article ASAP April 22, 2013 (web publication). DOI: 10.1021/ja402762e
Media Contact: Michael Baum, firstname.lastname@example.org, 301-975-2763
New NIST Measurement Tool Is On Target for the Fast-Growing MEMS Industry
As markets for miniature, hybrid machines known as MEMS grow and diversify, the National Institute of Standards and Technology (NIST) has introduced a long-awaited measurement tool that will help growing numbers of device designers, manufacturers and customers to see eye to eye on eight dimensional and material property measurements that are key to device performance.
The NIST-developed test chips (Reference Materials 8096 and 8097) are quality assurance tools that enable accurate, reliable comparisons of measurements on MEMS (MicroElectroMechanical Systems) devices made with different equipment and by different labs or companies. These capabilities will make it easier to characterize and troubleshoot processes, calibrate instruments and communicate among partners.
MEMS were once considered a stepchild of the semiconductor industry and largely confined to automotive uses—primarily as accelerometers in airbag systems. But the devices have branched out into an array of applications, especially in consumer electronics markets. A high-end smart phone, for example, contains about 10 such devices, including microphones, accelerometers and gyroscopes. MEMS devices also are important components of tablet computers, game consoles, lab-on-a-chip diagnostic systems, displays and implantable medical devices.
Global MEMS industry revenues are projected to grow from about $10 billion in 2011 to $21 billion in 2017, according to the June 2012 forecast by the technology consulting firm Yole Développement.
Widely used reference materials and standardized measurement methods can help to improve process efficiency and to reduce the cost and time devoted to testing and inspecting MEMS devices. Industry-accepted measurements also can promote greater interoperability among devices made by different manufacturers.
The new NIST reference materials are micromachined and further processed to contain miniature cantilevers, beams, stair-like step heights, microscale rulers and test structures for measuring surface-layer thickness. Specifically, the NIST test chips can be used to check customer conformity with internationally established standards for measuring elasticity (Young’s modulus), residual strain (and stress), strain (and stress) gradient, as well as thickness, step height and length. All dimensional and material-property measurements that NIST used to characterize the reference devices conform with SEMI and ASTM International standard test methods. These standard methods are consensus best practices developed by industry committees.
“Reference materials and best-practice test methods provide industry-wide benefits,” explains NIST electronics engineer Janet Cassard. “Typically, these tools are prohibitively expensive for a single company to develop on its own. We will work with the MEMS community to facilitate widespread adoption and consistent usage of these standard test methods and reference materials.”
One test chip (RM 8096) is manufactured in an integrated circuit (IC) process; the other (RM 8097) in a MEMS process. The test chips are supported by a user’s guide, data analysis sheets for each measurement, and other materials accessible via the NIST Data Gateway with the keyword “MEMS Calculator.”
For more information, go to: http://www.nist.gov/srm/index.cfm.
Media Contact: Mark Bello, email@example.com, (301) 975-3776
New Guide Details Steps from A-to-Z for Preserving Biological Evidence
A new handbook by the National Institute of Standards and Technology (NIST) and the Department of Justice’s National Institute of Justice (NIJ) provides forensic laboratories, law enforcement agencies and the judicial system with state-of-the-art guidelines and recommended best practices for preserving biological evidence so that it is available at any time to solve “cold cases,” confirm the guilt of criminals or exonerate the innocent.
Biological evidence refers to two types of evidence commonly recovered from crime scenes or collected during criminal investigations: samples of biological material—blood, semen and other bodily fluids; hair; tissue; bones and teeth—or items containing biological material such as a bloody T-shirt. The Biological Evidence Preservation Handbook: Best Practices for Evidence Handlers (NIST Interagency/Internal Report 7928) is designed to help ensure that this evidence has been properly stored to avoid contamination, premature destruction or degradation, and accurately tracked to prevent loss. It was authored and edited by the Technical Working Group on Biological Evidence Preservation, a group of 20 experts from various forensic, law enforcement and scientific disciplines, as well as legal scholars, medical personnel and representatives of relevant professional organizations.
The handbook is divided into five main sections that explain the issues, offer guidelines and make recommendations related to:
While most of its recommendations concern the physical storing, preserving and tracking of evidence at a specific storage facility, the handbook also covers transferring material between a storage facility and other locations and discusses how evidence should be handled at these different sites.
Complementing the five main sections of the handbook are a summary of all recommendations made, a table showing the functions and capabilities of evidence tracking and management systems, a state-by-state listing of evidence retention laws, a sample chain-of-custody report and a glossary.
NISTIR 7928 may be downloaded at http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7928.pdf.
Edited on June 11, 2013, to remove a contact point for printed copies of the guide, which are not currently available.
Media Contact: Michael E. Newman, firstname.lastname@example.org, (301) 975-3025
Dehmer to Head NIST Physical Measurement LabDr. Joseph L. Dehmer, a 40-year veteran of federal science research and administration, has been named Director of the Physical Measurement Laboratory (PML) of the National Institute of Standards and Technology (NIST). Dehmer is a physicist who served most recently as director of the Division of Physics and Senior Advisor for Strategic Planning at the National Science Foundation (NSF). He takes office on April 22, 2013.
Dehmer received his Ph.D. from the University of Chicago—where his adviser was the celebrated physicist Ugo Fano, the first theoretical physicist hired on staff by the National Bureau of Standards. He was a researcher at Argonne National Laboratory before spending two years at NIST as the head of the Optical Sensor Group in what was then the Physics Laboratory. Thereafter, Dehmer went to NSF, where he served for 14 years as Director of the Division of Physics.
“I have had a long and constructive relationship with NIST, as a collaborator, consultant and group leader at various times,” Dehmer says. “While at the National Science Foundation, I was proud to support JILA and the creation of the Joint Quantum Institute, both in collaboration with NIST.
“NIST is a unique and essential component of the national innovation ecosystem, and it is an international leader across the full spectrum of metrology, from the keeper of standards to extending the frontiers of measurement science.
“I have always had a great respect and affection for the NIST community and its accomplishments, and I am very excited about the opportunity to return. While getting reacquainted with today’s NIST, with its four major Laboratories, world-class facilities, and diverse array of programs, I have been particularly impressed by the technical capabilities, creative talent and range of expertise within PML. I can’t think of a more interesting place to work. I look forward to contributing to NIST’s mission and to the abundant benefits it brings to the industry, commerce, and the American people.”
Dehmer succeeds Katharine Gebbie, who directed the PML and its predecessor, the NIST Physics Laboratory, since the latter’s inception in 1991. Gebbie is now the Senior Advisor for Interdisciplinary Technologies in the office of Willie May, NIST’s Associate Director for Laboratory Programs.
Media Contact: Jennifer Huergo, email@example.com, 301-975-6343
NIST Issues Major Revision of Core Computer Security Guide: SP 800-53
The National Institute of Standards and Technology (NIST) has published the fourth revision of the government's foundational computer security guide, Security and Privacy Controls for Federal information Systems and Organizations. Better known to the federal computer security and contractor community as "SP (Special Publication) 800-53," this fourth revision is the most comprehensive update to the security controls catalog since the document's inception in 2005.
"This update was motivated by the expanding threats we all face," explained Project Leader and NIST Fellow Ron Ross, "These include the increasing sophistication of cyber attacks and the fact that we are being challenged more frequently and more persistently."
State-of-the-practice security controls and control enhancements have been integrated into the new revision to address the evolving technology and threat space. Examples include issues particular to mobile and cloud computing; insider threats; applications security; supply chain risks; advanced persistent threat; and trustworthiness, assurance, and resilience of information systems. The revision also features eight new families of privacy controls that are based on the internationally accepted Fair Information Practice Principles.
SP 800-53, Revision 4 also takes a more holistic approach to information security and risk management. The publication calls for maintaining "cybersecurity hygiene"—the routine best practices that help reduce information security risks—but also appeals for hardening those systems by applying state-of-the-practice architecture and engineering principles to minimize the impacts of cyber attacks and other threats.
"This 'Build It Right' strategy, coupled with security controls for continuous monitoring, provide organizations with near real-time information that leaders can use to make ongoing risk-based decisions to protect their critical missions and business functions," said Ross.
To provide organizations with greater flexibility and agility in building information security programs, the baseline set of security controls can be tailored for specific needs according to the organization's missions, environments of operation, and technologies used. Specific lists of controls and implementation guidance, or overlays, focus on a variety of missions, including space operations, military tactical operations and health care applications. Overlays also support specific technologies such as cloud computing and mobile devices.
"This specialization approach to security control selection is important as the number of threat-driven controls and control enhancements increases and organizations develop specific risk management strategies," Ross said.
The new revision of SP 800-53, Security and Privacy Controls for Federal information Systems and Organizations, was developed by NIST, the Department of Defense, the Intelligence Community and the Committee on National Security Systems as part of the Joint Task Force, which was formed in 2009. It can be obtained at http://dx.doi.org/10.6028/NIST.SP.800-53r4.
Media Contact: Evelyn Brown, firstname.lastname@example.org, 301-975-5661
Second Cybersecurity Infrastructure Framework Workshop Gathers May 29-31, 2013
The National Institute of Standards and Technology (NIST) is holding the second of four planned workshops to develop a voluntary framework to reduce cybersecurity risks for critical infrastructure from May 29-31, 2013, at Carnegie Mellon University in Pittsburgh, Pa. The hands-on workshop is open to cybersecurity industry experts in all sectors—such as energy, finance, transportation and communications—as well as government and academic stakeholders.
In February 2013, the President issued the "Improving Critical Infrastructure Cybersecurity" Executive Order, which gave NIST the responsibility to develop the cybersecurity framework with industry input. NIST first issued a Request for Information (RFI) on this topic and received hundreds of comments* in April, 2013.
The first Cybersecurity Framework Workshop in early April brought together stakeholders to hear perspectives from industry leaders, reviews of the threat environment from Information Sharing and Analysis Centers in critical infrastructure fields, and to learn about government partnerships with the Department of Homeland Security and NIST. Streaming video of the workshop** is available online.
During the spring and summer workshops, attendees will be asked to roll up their sleeves to identify, refine and guide the many interrelated considerations, challenges and efforts needed to build the framework. Participants in the working sessions will analyze and discuss the framework's initial inputs, including the RFI responses and preliminary analysis conducted by NIST.
Participants in the May 29-31 event are requested to review the RFI comments and NIST analysis, which will be available on the workshop event page,*** before attending the meeting. Plenary sessions will be webcast; participants should check the event Web page in late May for information. Reports on breakout sessions will be available on the event page after the workshop.
The workshop is limited to 500 attendees due to space constraints, so early registration is suggested at https://www-s.nist.gov/CRS/conf_disclosure.cfm?conf_id=6269.
* For comments on the NIST RFI see http://csrc.nist.gov/cyberframework/rfi_comments.html.
** For streaming video of the first workshop, see http://www.nist.gov/itl/csd/cybersecurity-framework-webcast.cfm.
*** The workshop event page is at www.nist.gov/itl/csd/cybersecurity-framework-workshop-may-29-31-2013.cfm.
Media Contact: Evelyn Brown, email@example.com, 301-975-5661
NIST Scientists Wineland and Nesbitt Elected to American Academy of Arts and Sciences
Two National Institute of Standards and Technology (NIST) scientists, David Wineland and David Nesbitt, have been elected members of the American Academy of Arts and Sciences.
Wineland, a NIST fellow and group leader, shared the 2012 Nobel Prize in Physics. Wineland leads research with trapped ions (electrically charged atoms) for atomic clocks and experimental quantum computing. Nesbitt is a fellow of both NIST and JILA, a joint institute of NIST and the University of Colorado Boulder. Nesbitt leads research in chemical physics and biochemistry at JILA, focusing on topics such as quantum dots and RNA folding.
The academy is one of the nation’s most prestigious honorary societies and a leading center for independent policy research. Since its founding in 1780, the academy has elected leading “thinkers and doers” from each generation, including George Washington and Benjamin Franklin in the eighteenth century, Daniel Webster and Ralph Waldo Emerson in the nineteenth, and Albert Einstein and Winston Churchill in the twentieth.
The new members will be inducted at a ceremony on October 12, 2013, at the Academy’s headquarters in Cambridge, Mass.
For more, see https://www.amacad.org/content/members/members.aspx.
Media Contact: Laura Ost, firstname.lastname@example.org, (303) 497-4880