Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Tech Beat - April 22, 2014

Tech Beat Archives

Submit an email address to receive news from NIST:

Editor: Michael Baum
Date created: April 22, 2014
Date Modified: April 22, 2014 
Contact: inquiries@nist.gov

NIST Helps Cancer Treatment Drugs Get Past Their Sticking Point

Potentially valuable drugs slowed down by sticky molecules may get another shot at success. Joint research by the National Institute of Standards and Technology (NIST), Genentech, the University of Delaware and Institut Laue-Langevin (ILL) has revealed the reason why a certain class of proteins tends to form clusters that lead to high viscosity in drug solutions.

mAb proteins
Increasing the concentration of MAb proteins in solution makes them pair off, forming clusters of two MAb molecules. This recent discovery could help scientists deal with these proteins’ high viscosity, which is commonly a barrier to drug development.
Credit: NIST
high resolution image

The newly published results* could help drug companies create a variety of cancer and autoimmune disease treatments based on monoclonal antibodies, whose stickiness can make them difficult to administer through thin needles.

Monoclonal antibodies (mAbs) are Y-shaped protein molecules that hold great promise for disease treatment. In principle, the tip region of two of their "arms" can be engineered to deliver attacks on tumor cells without harming surrounding tissue, making mAbs less dangerous to the body than standard chemotherapy, that kills both healthy and cancerous cells. However, a roadblock in the way of their bright pharmaceutical future as a subcutaneous injection—the preferred delivery technique—is their high viscosity: in solution, some mAbs become so viscous at required high concentrations that they are nearly impossible to inject.

MAbs with low enough viscosity can be injected, but pharmaceutical firms—which commonly spend billions of dollars to bring individual drugs to market—still don't know why some other mAbs stick together so tightly, meaning they can't be injected. So when Yun Liu of the NIST Center for Neutron Research (NCNR) published results in 2010 about why some globular proteins form clusters in solution, he attracted the attention of Genentech, a company that already had mAb-based drugs on the market.

"With the neutron beams at the NCNR, we essentially can take a picture of protein motions at a timescale of less than half a microsecond, which is fast enough to see how they change their orientations and move together in solution," Liu says. "When you put these mAbs in water, they twist around and stick to one another. We wanted to explore the fundamentals of viscosity by understanding the molecular structure as it develops, so we can model it better."

Genentech scientists had learned a few things about their mAbs already: Adding salt to the solution reduced its viscosity, for example. But using the neutron spin echo instruments at NCNR and ILL, Liu and scientists from several institutions found out something more fundamental. In the high concentrations needed in drug solutions, these mAbs partner up, forming very strongly bounded clusters made primarily of two protein molecules at a time, with an arm from one molecule linked by electrical attraction to a different arm on another.

"We believe that this is a key insight that explains the company's findings, as well as the behavior of possibly some other mAbs," Liu says. "Knowing that much will allow us to model these protein clusters, so we can do simulations about their behavior based on their sequence. It offers a guide for drug companies to formulate similar types of proteins in the future."

The operation of the neutron spin echo instrument at NIST is funded in part by the National Science Foundation.

*E.J. Yearley, P.D. Godfrin, T. Perevozchikova, H. Zhang, P. Falus, L. Porcar, M. Nagao, J.E. Curtis, P. Gawande, R. Taing, I.E. Zarraga, N.J. Wagner and Y. Liu. Observation of small cluster formation in concentrated monoclonal antibody solutions and its implications to solution viscosity. Biophysical Journal, doi:10.1016/j.bpj.2014.02.036, April 16, 2014.

Media Contact: Chad Boutin, boutin@inst.gov, 301-975-4261

back to top

NIST Removes Cryptography Algorithm from Random Number Generator Recommendations

Following a public comment period and review, the National Institute of Standards and Technology (NIST) has removed a cryptographic algorithm from its draft guidance on random number generators. Before implementing the change, NIST is requesting final public comments on the revised document, Recommendation for Random Number Generation Using Deterministic Random Bit Generators (NIST Special Publication 800-90A, Rev. 1).

The revised document retains three of the four previously available options for generating pseudorandom bits needed to create secure cryptographic keys for encrypting data. It omits an algorithm known as Dual_EC_DRBG, or Dual Elliptic Curve Deterministic Random Bit Generator. NIST recommends that current users of Dual_EC_DRBG transition to one of the three remaining approved algorithms as quickly as possible.

In September 2013, news reports prompted public concern about the trustworthiness of Dual_EC_DRBG. As a result, NIST immediately recommended against the use of the algorithm and reissued SP 800-90A for public comment.

Some commenters expressed concerns that the algorithm contains a weakness that would allow attackers to figure out the secret cryptographic keys and defeat the protections provided by those keys. Based on its own evaluation, and in response to the lack of public confidence in the algorithm, NIST removed Dual_EC_DRBG from the Rev. 1 document.

The revised SP 800-90A is available at http://csrc.nist.gov/news_events/index.html#apr21 along with instructions for submitting comments. The public comment period closes on May 23, 2014. NIST will take those comments into consideration in making any revisions to SP 800-90A.

NIST recommends that vendors currently using Dual_EC_DRBG who want to remain in compliance with federal guidance, and who have not yet made the previously recommended changes to their cryptographic modules, should select an alternative algorithm and not wait for further revision of the Rev. 1 document.

NIST advises federal agencies and other buyers of cryptographic products to ask vendors if their cryptographic modules rely on Dual_EC_DRBG, and if so, to ask their vendors to reconfigure those products to use alternative algorithms.

A list of cryptographic modules that include Dual_EC_DRBG can be found at http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgval.html. Most of these modules implement more than one random number generator. In some cases, the Dual_EC_DRBG algorithm may be listed as included in a product, but another approved algorithm may be used by default. If a product uses Dual_EC_DRBG as the default random number generator, it may be possible to reconfigure the product to use a different default algorithm.

Draft versions of related guidance, 800-90 B: Recommendation for the Entropy Sources Used for Random Bit Generation and 800-90 C: Recommendation for Random Bit Generator (RBG) Constructions, were also released for comment in September 2013 and are still under development.

The concerns raised over the development of SP 800-90 and the inclusion of Dual_EC_DRBG prompted NIST to review its cryptographic standards development process. In February 2014, NIST released NIST IR7977: DRAFT NIST Cryptographic Standards and Guidelines Development Process for public comment. The public comment period on NIST IR 7977 closed on April 18, 2014.

NIST's primary federal advisory committee, the Visiting Committee on Advanced Technology, has also been asked to review NIST's cryptographic standards process, and the committee plans to produce a public report of its findings and recommendations.

Media Contact: Jennifer Huergo, jennifer.huergo@nist.gov, 301-975-6343

back to top

New Online Course Based on NIST Research Highlights Insights on Modern Firefighting

A new, free, online course offered by the UL Firefighter Safety Research Institute (FSRI) highlights the tactical application of nearly two decades of research at the National Institute of Standards and Technology (NIST) and UL on how best to fight modern fires.

NYC fire test composite
The New York City Fire Department, NIST and Underwriters Laboratories set fire to 20 abandoned townhouses on Governors Island, New York, in a series of experiments to test the conventional wisdom on, and new tactics for, controlling fires and rescuing occupants inside burning homes.
Credit: FDNY Photo
high resolution image

NIST fire researcher Dan Madrzykowski explains that work going back to the 1990s, ranging from small-scale lab tests up through computational fluid dynamic simulations on computers and full-scale controlled "burns," has been directed at better understanding how to fight a modern fire.

"Dwellings have changed since the 1950s and 60s," says Madrzykowski. "They burn differently. Floor plans are more open, there's much more use of plastics and other synthetics. Fire departments need to know how to change their standard operating procedures to better fight the fire and protect the safety of both firefighters and any victims in the building."

The focal point of the FSRI course is the results from a series of live fire experiments conducted by NIST, UL and the Fire Department City of New York (FDNY) in 2012 on Governor's Island, New York.*

The insights gained from that history of research are distilled in "Scientific Research for the Development of More Effective Tactics," the new online course offered by FSRI. Designed for firefighters of all grades, the course, according to FSRI,

… brings science to the streets by examining two main groups of tactical considerations. The first group looks at the impact of controlling ventilation and flow paths. The second explores the use of exterior fire attack as a means to rapidly reduce the fire hazard inside the structure in order to facilitate interior fire operations.

Read more about the course in the UL news announcement, "UL FSRI Launches New Online Training Program" at http://ulfirefightersafety.com/news_blog/ul-fsri-launches-new-online-training-program/. View the course at www.firecompanies.com/modernfirebehavior/governors%20island%20online%20course/story.html.

*See the 2012 NIST Tech Beat story, "Live Fire Tests with FDNY Will Guide Improvements in Fire Department Tactics" at http://www.nist.gov/el/fire_research/fire-071112.cfm.

Media Contact: Mark Bello, mark.bello@nist.gov, 301-975-3776

back to top

NIST Seeks Applicants to Join Forensic Science Committees

The National Institute of Standards and Technology (NIST) is accepting applications from members of the forensic science, criminal justice and academic research communities to serve on a new organization whose goal is to develop national standards and guidelines for forensic science practitioners and improve forensic science in the United States.

forensic lab

NIST is seeking more than 600 experts from the forensic science, criminal justice and academic research communities to serve in the new Organization of Scientific Area Committees that will develop national standards and guidelines for forensic science practitioners and improve forensic sciencein the U.S.

Credit: Anthony Pidgeon/National Library of Medicine
View hi-resolution image

The Organization of Scientific Area Committees (OSAC) will include a Forensic Science Standards Board, three resource committees, five scientific area committees and 23 discipline-specific subcommittees. NIST needs more than 600 subject matter experts to fill the open positions. Nearly 400 applications have been received since the process opened on April 11.

The organization is part of NIST's commitment to support forensic science through an initiative launched in partnership with the Department of Justice in February 2013. The department established the National Commission on Forensic Science, whose membership was announced in January 2014, to provide policy guidance to the U.S. Attorney General and help set priorities for forensic science research.

NIST has responsibility for setting up what were originally termed "guidance groups," now referred to as Scientific Area Committees. Working with an existing community of forensic science scientific working groups (SWGs), and after receiving more than 80 comments on a proposed plan for a new organization, NIST developed the OSAC structure.

The organization will provide a framework for long-term coordination across disciplines to produce consensus documentary standards and guidelines to improve quality and consistency in forensic science. Its activities will incorporate much of the work currently conducted by the SWGs, which are funded by a variety of agencies and have different sizes, structures and output. The OSAC's findings and publications will be freely available to the public.

Information on the OSAC structure and applying to serve can be found at http://www.nist.gov/forensics/osacapplication_news.cfm. Applications are due May 11, 2014.

Media Contact: Jennifer Huergo, jennifer.huergo@nist.gov, 301-975-6343

back to top

Free NIST Web-Based Program Manages the App Vetting Workflow

AppVet logoThe first open source web application for managing the mobile app vetting process is available for free from the National Institute of Standards and Technology (NIST).

Because mobile "apps" on smart phones and tablets can be just as big a hazard to an organization's data security and information system integrity as untrusted or malicious desktop computer programs, corporations and government agencies develop lists of mobile apps that are approved for use on internal networks. But testing mobile apps is a complex task. An organization must use multiple software tools to test mobile apps for compatibility with its enterprise system because no tool can test for everything. App testing typically involves manually testing apps using multiple tools, a complex and time-consuming process, especially with a large number of tools. NIST's AppVet can help by managing the software assurance workflow process for you.

"AppVet aims to simplify the complexity of manually testing apps through multiple test tools," explains Steve Quirolgico, a computer scientist at NIST and a member of the team developing AppVet.

The application manages app vetting workflow that involves submitting apps to testing tools—for virus-detection and reliability, for example—receiving reports and risk assessments from tools, and combining risk assessments from these tools into a single risk assessment. Human analysts from the organization review the reports and risk assessments and decide whether to approve or reject the app according the organization's requirements.

AppVet does not do any testing itself, it manages third-party test programs. One advantage of AppVet is that it provides specifications, Applications Programming Interfaces, and requirements that facilitate easy integration with third-party test tools as well as clients, including app stores. For example, AppVet defines a simple API and requirements for submitting apps to, and receiving reports from, third-party test tools.

AppVet grew out of work NIST performed for the Defense Advanced Research Projects Agency (DARPA). That work used an early version of AppVet to vet apps before being deployed on mobile devices for military field use.

Although AppVet can be used by anyone for testing apps, it was designed to support organizations that test a large number of apps such as app stores. AppVet can support apps from different platforms, including Android, iOS and Windows, depending on tool availability for those platforms. NIST does not provide the testing tools, instead it provides an interface to manage the test results of multiple commercial and open source testing tools.

NIST is working with a number of government agencies, including the departments of Homeland Security and Justice, the Defense Information Systems Agency and others, to develop testing requirements and processes to help with mobile app software assurance needs.

AppVet can be downloaded at http://csrc.nist.gov/projects/appvet/.

Media Contact: Evelyn Brown, evelyn.brown@nist.gov, 301-975-5661

back to top

Baldrige Program Named Top Leadership Developer in Government

The Baldrige Performance Excellence Program has received the first place award in the government and military category of the Leadership 500 Excellence Awards, an annual recognition of the world's best leadership development programs and initiatives. The success and impact of both the Baldrige Executive Fellows Program and Baldrige examiner training were acknowledged as major reasons for the honor.

Given out by Leadership Excellence magazine for the past 30 years, the Leadership 500 Excellence Awards rank the top leadership development programs in each of the following organizational types: small, midsize, large, government/military, nonprofits, international, educational, small partners/providers, midsize partners/providers, large partners/providers and international partners/providers. The judges use applications, survey responses and interviews to evaluate each candidate's programs, ranking them on seven criteria: vision/mission, involvement/participation, accountability/measurement, design/content/curriculum, presenters/presentations/delivery, take-home value and outreach.

Since 2010, the Baldrige Performance Excellence Program has placed three times in the top 10 of the Leadership 500 Excellence Award's government/military rankings. In last year's competition, the program was ranked eighth.

The Baldrige Executive Fellows Program is a one-year leadership development experience for direct reports to the most senior leader in the organization or business-unit leaders. Baldrige examiners are part of an elite volunteer group of more than 400 professionals each year who commit their knowledge, skills and time to help evaluate applicants for the Malcolm Baldrige National Quality Award, the nation's highest honor for organizational innovation and performance excellence.

For the complete list of the Leadership 500 Excellence award winners, please see http://design.hr.com/excellenceessentials/le/leadershipexcellence_april2014/index.html#/6. For more information on the Baldrige Performance Excellence Program, go to www.nist.gov/baldrige.

Media Contact: Michael E. Newman, michael.newman@nist.gov, 301-975-3025

back to top

NIST Requests Comments on Smart Grid Framework Update

The primary guiding document for creating the next-generation "smart" energy grid is getting its first major update in two years. The National Institute of Standards and Technology (NIST) is requesting public comment on a draft of the NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 3.0.

The new document builds upon and updates the February 2012 Framework Release 2.0,* NIST's outline of the plan to transform the nation's aging electric power system into an interoperable smart grid—a network that will integrate information and communication technologies with the power-delivery infrastructure, enabling bidirectional flows of energy as well as two-way communication and control.

The Energy Independence and Security Act of 2007 established a goal to modernize the nation's electricity system and assigned to NIST the primary responsibility to coordinate development of a framework to achieve interoperability of smart grid devices and systems. This revised framework furthers the goals of the Act.

"There have been many remarkable advances in smart grid infrastructure since the release of the last edition," says Chris Greer, director of NIST's Smart Grid Program Office. "By 2015, nearly a third of the 144 million meters in the U.S. will be smart meters. Through the Green Button effort, more than 45 electricity suppliers nationwide have committed to providing 59 million homes and businesses with access to their energy usage data. This new edition embraces this remarkable progress and provides a foundation for working together for the smart grid of the future."

Important new elements in this revision are international smart grid activities, revised guidelines for cybersecurity, advances in testing and certification frameworks, and discussion of smart grid research and development needs.

Another update is to the reference model of the smart grid, adding clearer definitions and a methodological approach. These are found in Chapter 5 and Appendices B and C. This model, which offers a broad picture of how the fundamental elements of the smart grid connect and communicate, now incorporates "distributed energy resources," a concept that includes energy production from nontraditional sources such as customer-owned solar and wind power systems.

"We worked closely with the European Union to harmonize the NIST conceptual model with the one the EU is developing," says NIST's Paul Boynton. "We want both models to reflect each other, which is important so that manufacturers on both sides of the Atlantic will be able to sell devices overseas."

NIST is planning to host a webinar to present the new draft framework to the public on May 2, 2014. Attendance information is available at https://cc.readytalk.com/cc/s/registrations/new?cid=vbz1164cprha.

The Framework 3.0 document is posted to the Federal Register (https://federalregister.gov/a/2014-08513) and will be open for public comment until Friday, May 30.

*See the 2012 NIST Tech Beat article, "NIST Releases Final Smart Grid 'Framework 2.0' Document" at www.nist.gov/public_affairs/tech-beat/tb20120306.cfm#framework.

Media Contact: Chad Boutin, boutin@nist.gov, 301-975-4261

back to top

NIST Brings ASEAN Leaders Together to Focus on Standards and Conformity Assessment

On March 24-27, 2014, leaders in standards and conformity assessment from the Association of Southeast Asian Nations (ASEAN) came to the National Institute of Standards and Technology (NIST) in Gaithersburg, Md., for intensive training sessions on U.S. standards and conformity assessment principles and practices affecting electrical and electronic equipment.

ASEAN Group Photo
Delegates representing Cambodia, Indonesia, Laos, Malaysia, Myanmar, the Philippines, Thailand and Vietnam, member of the Association of Southeast Asian Nations, came to NIST for training on U.S. standards and conformity assessment principles and practices.
Credit: NIST
high resolution image

This event was part of NIST's Standards in Trade (SIT) program, which has provided a venue for discussing standards issues between leaders in U.S. business and government and their international counterparts since 1995.

"The ASEAN region is America's fourth-largest export market and the largest destination for U.S. investment in Asia, so it is appropriate that the United States and ASEAN work together to identify standards and conformity assessment needs," says Gordon Gillerman, head of NIST's Standards Services, which organized this conference in cooperation with the International Trade Administration (ITA).

NIST and ITA collaborated on this SIT event because testing and approvals for regulated products can affect the cost and timeliness of product shipments and influence global supply chains and investment decisions. Standards cooperation is a key element of the White House E3 Initiative (Expanded Economic Engagement) with ASEAN.

Conference attendees included delegates representing Cambodia, Indonesia, Laos, Malaysia, Myanmar, the Philippines, Thailand and Vietnam. They were joined by more than 60 U.S. officials from business, manufacturing, government and the nonprofit sector. U.S. embassy staff working in the represented nations also attended.

Drawing on the expertise of industry and government leaders, the conference presentations included an overview of U.S. standards and conformity assessment infrastructure and practices. The attendees presented a detailed overview of standards and conformity assessment regimes in their countries and their progress towards regional regulatory cooperation.

Speakers included representatives from leading global testing and standards organizations, industry leaders from the information and communication and electrical components sectors, executives in the U.S. standards community and government standards and intellectual property rights experts.

Participants toured a local big-box store to see firsthand how electronic consumer products incorporate conformity assessment markings indicating product safety and energy efficiency. Attendees also toured Washington Laboratories, a Maryland-based electronics testing laboratory, to observe the importance of standards to product testing.

Hamzaini Hashim, senior assistant director of accreditation at the Department of Standards in Malaysia and chairman of one of the ASEAN Consultative Committee on Standards and Quality (ACCSQ) working groups, appreciated the opportunity to learn more about how standards relate to liability for defective products.

"Thank you for an excellent conference," says Hashim. "It was well organized and the content covered topics of great interest to ASEAN, and especially the ACCSQ. I hope we can build on this event and work together in the future."

See NIST's Global Standards Information website for the latest global standards news, events, resources, key contacts and more.

Media Contact: Mark Esser, mark.esser@nist.gov, 301-975-8735

back to top

NIST Conference Will Explore the Role of New Information Systems in Organizations, May 22, 2014

Computers were once "just" tools to improve worker productivity, now information systems are recognized as an essential component of a successful organization. The best example is the rise of former computer department managers to the "C" suite. But just how do you organize and integrate information systems into a company for best results? The National Institute of Standards and Technology (NIST), in cooperation with the IEEE Computer Society, will examine that question at the conference "Challenges in Information Systems" on May 22, 2014, at its Gaithersburg, Md., headquarters.

Information systems often are a critical element of corporate strategy, enabling efficiency and competitive advantage. But new approaches and strategies are needed in order for organizations to reap the benefits. It calls for new approaches, needs, and strategies for organizations to understand and apply. Management must take into account available resources, costs and benefits, priorities, risk, and the ability of the organization to absorb change.

The complexity is amplified by the need to secure intellectual assets and safeguard personal and financial information and the critical infrastructure.

"Challenges in Information Systems" brings together leaders from industry, government and academia to examine the new challenges facing information systems, and to explore how they can be successfully addressed.

They will discuss:

  • Gaining the most value from investments in information technology while delivering successful projects and reliable information systems,
  • Securing critical systems while keeping pace with advances in technology,
  • Sharing approaches that successful organizations use to deal with these challenges now,
  • Determining areas that technology and business leaders need to anticipate,
  • Improving information systems and applications to be smarter, resilient, reliable and secure, and
  • Understanding new methods of management.

Attendance is free. However, attendees must register no later than May 12, 2014. To register, see www.nist.gov/itl/csd/it-professional-conference.cfm.

Those attending will also receive copies of the IEEE Computer Society's IT Professional magazine that highlights NIST's almost 50 years of contributions to the IT field.

Edited on April 23, 2014, to correct the conference title.


Media Contact: Evelyn Brown, evelyn.brown@nist.gov, 301-975-5661

back to top

NIST Researchers Honored with Presidential Award

Three National Institute of Standards and Technology (NIST) researchers were among those honored April 14, 2014, at a White House reception as winners of Presidential Early Career Awards. The award is the highest honor bestowed by the United States government on science and engineering professionals in the early stages of their independent research careers.

PECASE winners
NIST's Associate Director for Laboratory Programs Willie May joined NIST PECASE winners Joseph Kline, Ana Maria Rey and Gretchen Campbell (L-R) at a breakfast before the White House ceremony in Washington, D.C.
Credit: Photo by Peter Cutts
high-resolution version

Gretchen Campbell, a Fellow of the NIST/University of Maryland Joint Quantum Institute, was recognized for pioneering research in "atomtronics" that proved the feasibility of technological applications in this new field by demonstrating the first controllable atom circuit, and for mentoring young scientists through coursework, laboratory research and sponsorship of a women-in-physics group.

Joseph Kline, a materials scientist in NIST's Material Measurement Laboratory, was recognized for pioneering the use of grazing-incidence X-ray diffraction for the characterization of molecular factors critical to the performance of organic electronics; mentoring a new generation of scientists in this field; and building collaborations across NIST and with industry.

Ana Maria Rey, a physicist and associate researcher in the NIST Physical Measurement Laboratory and Fellow at JILA, a joint research institute of NIST and Colorado University-Boulder, was recognized for advancing theoretical understanding of the complex interactions between atoms and light; guiding and explaining experiments involving ultracold atoms and molecules, quantum information processing, atomic clocks, and quantum magnetism; and outstanding mentoring of young scientists.

For more information on the awards and a full list of the 102 winners, see the December news release from the White House and the Office of Science and Technology Policy's blog.

Media Contact: Jennifer Huergo, jennifer.huergo@nist.gov, 301-975-6343

back to top