CHIPS Data Governance

METROLOGICAL TRACEABILITY AND PROVENANCE

NIST provides several data services critical to the measurement infrastructure of the United States and the world. These services include:

• Standard Reference Data, that is, data that have been evaluated for validity by experts in the particular field with stated uncertainties;
• Values of physical constants measured by NIST researchers and published in peer-reviewed literature with stated uncertainties;
• Measurements of properties that result from various NIST research programs, which may or may not have complete uncertainty evaluations;
• Collections of unevaluated data compiled by NIST scientists for various research and development purposes.

Great effort is made to clearly describe the data type in NIST electronic and printed data collections. Usually, data from NIST are qualified with uncertainties evaluated in accordance with the Joint Committee for Guides in Metrology (JCGM) Evaluation of Measurement Data — Guide to the Expression of Uncertainty in Measurement.

When data are evaluated, the scientific basis for such evaluation is well documented, and the data are labeled as NIST Standard Reference Data. The suitability of using these data as “stated references” depends on the type of collection (Standard Reference Data, values of physical constants, etc.), the date of the most recent evaluation or compilation, and the direct relevance of the data to the physical measurement for which traceability is needed. Suppose the data are not part of a NIST compilation of evaluated data. In that case, care should be taken to assess the expressed uncertainty, and the literature checked for additional or updated values for comparison.

Per NIST’s Metrological Traceability Policy, NIST asserts that providing support for a claim of metrological traceability of a measurement result is the responsibility of the provider of that result, whether that provider is NIST or another organization, and that assessing the validity of such a claim is the responsibility of the user of that result.

NIST does not define, specify, assure, or certify metrological traceability of measurement results other than those that NIST provides, either directly or through an official NIST program or collaboration.

Copyright, Fair Use, and Licensing of Data and Code

NIST Data

Extramural Data 

NIST Software/Code

SOURCES OF DATA AND CODE AVAILABLE FROM NIST

CHIPS data and code/software can come from one of several sources, each with its own associated requirements.

1. NIST Researcher(s) or NIST Researcher(s) + NIST Associate(s)

In both cases, these researchers would be responsible for creating a data management plan (DMP) in METIS and making their data and code publicly available in compliance with NIST Policy 5700.00 and according to NIST Order 5701.00. If the data or code cannot be made public (e.g., because it is a type of  Controlled Unclassified Information (CUI that should not be publicly available such as Personally Identifiable Information or Business Identifiable Information), the DMP must reflect that. When they are ready to upload their final data to METIS, the researcher will indicate whether the data will be public, restricted public, or non-public. (Public means it may be disseminated to the general public at large, restricted public means access will be controlled to authorized users, and non-public means the data will only be internally accessible to authorized users).  NIST conducts a review of data and code to ensure that NIST’s quality management objectives are met before releasing information to the public; the researcher’s division chief is responsible for the final approval of that process

2. NIST Researcher(s)+ Extramural Collaborator(s) Without NIST Funding Agreement

In cases where a NIST employee collaborates with an external researcher without an underlying funding agreement, expectations for generating a DMP and providing public access to resulting data or code should be discussed at the outset of the collaboration as stated in NIST Order 5701.00.  If NIST has a greater role in the project, the DMP should be generated by NIST by NIST policies.  If the data or code cannot be made public (e.g., labeled as Controlled Unclassified Information (CUI) and is Personally Identifiable Information or Business Identifiable Information) the DMP must reflect that. If the external researcher has a greater role and/or has intellectual property rights over the data or code, generation of the DMP and provision of public access to the data or code should follow their institution’s requirements.

If the external researcher does not intend to provide public access but is agreeable to NIST providing access, NIST management decides whether NIST will do so.  This agreement should be obtained in writing.  For more information, see NIST Guidance 5702.01, Guidance for Making Non-NIST Data Available Through NIST’s Data Management Infrastructure. NIST conducts a review of data and code to ensure that NIST’s quality management objectives are met before releasing information to the public; the researcher’s division chief is responsible for the final approval of that process

3. NIST Researcher(s) + External Researcher(s) with NIST Funding Agreement (Grant, Contract, Other Agreement)

If a NIST researcher is conducting research with a collaborator who is a recipient of a NIST funding award, the NIST researcher, as a federal employee, must follow NIST Policy 5700.00 and make their CHIPS data publicly available unless the data cannot be made public (e.g., labeled as  Controlled Unclassified Information (CUI) and is Personally Identifiable Information or Business Identifiable Information)  the DMP must reflect that. Unless the terms and conditions of the award say otherwise, it is the NIST researcher’s responsibility to ensure that the data is available through METIS if the data can be made public. NIST conducts a review of data and code to ensure that NIST’s quality management objectives are met prior to releasing information to the public; the NIST researcher’s division chief is responsible for the final approval in that process.

4. External Researchers with NIST Funding (Grant, Contract, Other Agreement):

Institutions receiving NIST funds ("awardees") for the conduct of scientific research must meet the public access requirements for scientific research data and publications described in the terms and conditions of their agreements (see the Rights in Data clause of a contract). NIST may choose to make extramural data available to the public. NIST conducts a review of data and code to ensure that NIST’s quality management objectives are met prior to releasing information to the public; the division chief of the NIST Point of Contact in METIS is responsible for the final approval in that process.

What Data and Code Can Be Made Public?

To the extent feasible and consistent with law, agency mission, resource constraints, and U.S. national, homeland, and economic security, it is NIST Policy to promote the deposit of scientific data arising from unclassified research and programs, funded wholly or in part by NIST, except for Standard Reference Data, free of charge in publicly accessible databases. Therefore, terms and conditions of agreements may require that you make your data publicly available.

NIST uses a Research Security Framework to manage risks associated with international research collaborations, including those related to dissemination of research results. NIST may make some data and code available to the public at large while other information may require permission for access.  The label of Controlled Unclassified Information (CUI) indicates that there may be information that requires some access controls in place to be in compliance with the laws and regulations listed below. Categories of CUI are numerous. The CUI Registry is available at https://www.archives.gov/cui . The registry explains the types of information for which laws, regulations, or Government-wide policies require or permit federal agencies to control the dissemination of information. NIST adheres to the Department of Commerce CUI Policy and the Department of Commerce PA, PII, and BII Breach Notification Plan.  Some principal reasons for restricting access include:

• Personally identifiable information (PII) - 5 USC 552a
• Confidential business information, including trade secrets and proprietary information - 19 CFR 201.6 and 5 USC 552
• Export control - H.R. 5040
• Defense articles and services - 22 CFR Part 120

Information categorized as CUI Basic must be treated at a FISMA confidentiality level of ‘moderate’ at minimum. While some CUI is FISMA high, as specified in the CUI Registry,  this falls outside of the scope of NIST METIS systems.  For all CHIPS data, the researcher will indicate in METIS whether the data will be public, restricted public, or non-public.