Search Publications

NIST Authors in Bold

Displaying 176 - 200 of 2210

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0 (Polish translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

(This is a direct translation of Version 1.0 of the Cybersecurity Framework produced by the Government Centre for Security (Poland).)

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Arabic translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

Translated by Ali A. AlHasan, PMP, CISSP,CISA, CGEIT, CRISC, CISM and Ali AlHajj. Reviewed by Schreiber Translations, INC (STI). Not an official U.S. Government translation.

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Bulgarian translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

Translated by Professor Vladimir Dimitrov, University of Sofia, Bulgaria. Reviewed by Global Language Translation and Consulting (GLTac). Not an official U.S. Government translation.

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Spanish translation)

February 23, 2022

Author(s)

Kevin Stine, Matthew Barrett

This Spanish language Cybersecurity Framework Version 1.1 was translated under government contract.

Ransomware Risk Management: A Cybersecurity Framework Profile

February 23, 2022

Author(s)

Bill Fisher, Murugiah Souppaya, William Barker, Karen Scarfone

Ransomware is a type of malicious attack where attackers encrypt an organization's data and demand payment to restore access. In some instances, attackers may also steal an organization's information and demand an additional payment in return for not

Making Semantic Structures Explicit: Developing and Evaluating Tools and Techniques to Support Understanding of Large Cybersecurity Corpora

February 4, 2022

Author(s)

Ira Monarch, Jacob Collard, Sangjin Shin, Eswaran Subrahmanian, Talapady N. Bhat, Ram D. Sriram

This report describes the adaptation, composition and use of natural language processing, machine learning and other computational tools to help make implicit informational structures in very large technical corpora explicit. The tools applied to the

Recommended Criteria for Cybersecurity Labeling of Consumer Software

February 4, 2022

Author(s)

Michael Ogata, Amy Phelps, Julie Haney

Executive Order (EO) 14028, "Improving the Nation's Cybersecurity," tasks the National Institute of Standards and Technology (NIST), in coordination with the Federal Trade Commission (FTC) and other agencies, to initiate pilot programs for cybersecurity

Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities

February 3, 2022

Author(s)

Karen Scarfone, Murugiah Souppaya, Donna Dodson

Few software development life cycle (SDLC) models explicitly address software security in detail, so secure software development practices usually need to be added to each SDLC model to ensure that the software being developed is well-secured. This

Personal Identity Verification (PIV) of Federal Employees and Contractors

January 24, 2022

Author(s)

Hildegard Ferraiolo, Andrew Regenscheid, Salvatore Francomacaro, David Cooper, Ketan Mehta, Annie W. Sokol, David Temoshok, Gregory Fiumara, Justin Richer, James L. Fenton, Johnathan Gloster, nabil anwer

FIPS 201 establishes a standard for a Personal Identity Verification (PIV) system (Standard) that meets the control and security objectives of Homeland Security Presidential Directive-12 (HSPD-12). It is based on secure and reliable forms of identity

Advantage of Machine Learning over Maximum Likelihood in Limited-Angle Low-Photon X-Ray Tomography

January 20, 2022

Author(s)

Zhen Guo, Jungki Song, George Barbastathis, Michael Glinsky, Courtenay Vaughan, Kurt Larson, Bradley Alpert, Zachary H. Levine

Limited-angle X-ray tomography reconstruction is an ill-posed inverse problem in general. Especially when the projection angles are limited and the measurements are taken in a photon-limited condition, reconstructions from classical algorithms such as

Guide to Bluetooth Security

January 19, 2022

Author(s)

John Padgette, John Bahr, Mayank Batra, Rhonda Smithbey, Lily Chen, Karen Scarfone

Bluetooth wireless technology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and has been integrated into many types of business and consumer devices. This publication

Identifying Tactics of Advanced Persistent Threats with Limited Attack Traces

December 16, 2021

Author(s)

Khandakar Ashrafi Akbar, Yigong Wang, Md Islam, Anoop Singhal, Latifur Khan, Bhavani Thuraisingham1

The cyberworld being threatened by continuous imposters needs the development of intelligent methods for identifying threats while keeping in mind all the constraints that can be encountered. Advanced persistent threats (APT) have become an emerging issue

Input/Output Check Bugs Taxonomy: Injection Errors in Spotlight

November 17, 2021

Author(s)

Irena Bojanova, Carlos Eduardo Cardoso Galhardo, Sara Moshtari

In this work, we present an orthogonal classification of input/output check bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define two language-independent classes that

Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management

November 12, 2021

Author(s)

Kevin Stine, Stephen Quinn, Nahla Ivy, Matthew Barrett, Greg Witte, Larry Feldman, Robert Gardner

This document supplements NIST Interagency or Internal Report 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM), by providing additional detail regarding risk guidance, identification, and analysis. This report offers examples and

Parenting Digital Natives in a Tech World: Research Findings of Children's and Parents' Password Knowledge & Practices

October 25, 2021

Author(s)

Yee-Yin Choong

n/a

(DRAFT) Promoting Access to Voting: Recommendations for Addressing Barriers to Private and Independent Voting for People with Disabilities

October 21, 2021

Author(s)

Kerrianne Buchanan, Kevin C. Mangold, Sharon J. Laskowski, Karen Reczek

The Executive Summary is not available in this Draft but is provided in the final version of the Report: https://doi.org/10.6028/NIST.SP.1273

Security Auditing of Internet of Things Devices in a Smart Home

October 15, 2021

Author(s)

Suryadipta Mazumdar, Daniel Bostos, Anoop Singhal

Attacks on the Internet of Things are increasing. Unfortunately, transparency and accountability that are paramount to securing Internet of Things devices are either missing or implemented in a questionable manner. Security auditing is a promising solution

Voices of First Responders-Nationwide Public Safety Communication Survey Findings: Day to Day Technology, Phase 2, Volume 3

October 15, 2021

Author(s)

Shanee Dawkins, Kerrianne Buchanan, Sandra Spickard Prettyman

The Nationwide Public Safety Broadband Network (NPSBN) is being developed to provide a dedicated network for first responders' use during incident response. A wave of new communication technologies compatible with the NPSBN is on the horizon, as major

Calculating Voxel-Polyhedron Intersections for Meshing Images

October 9, 2021

Author(s)

Stephen A. Langer, Andrew C.E. Reid

Finite element meshes constructed from 3D images are useful in materials science and medical applications when it is necessary to model the actual geometry of a sample, rather than an idealized approximation of it. Constructing the mesh involves computing

Metamorphic Testing for Hybrid Simulation Validation

October 5, 2021

Author(s)

Mohammed Farhan, Caroline Krejci, Megan Olsen, M S Raunak

Proper validation of a simulation model is essential to have confidence on its accuracy and credibility. However, many of the most effective approaches for simulation validation require access to data that may not always be available. Metamorphic Testing

2020 Cybersecurity and Privacy Annual Report

September 28, 2021

Author(s)

Patrick D. O'Reilly, Kristina Rigopoulos, Larry Feldman, Greg Witte

During Fiscal Year 2020 (FY 2020), from October 1, 2019 through September 30, 2020, the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy Program successfully responded to numerous challenges and opportunities in security and privacy

Closing the gap between engineering practice and augmented reality

September 27, 2021

Author(s)

William Z. Bernstein, Christine Perey

Machine Learning for Access Control Policy Verification

September 16, 2021

Author(s)

Vincent C. Hu

Access control policy verification ensures that there are no faults within the policy that leak or block access privileges. As a software test, access control policy verification relies on methods such as model proof, data structure, system simulation, and

BGP Secure Routing Extension (BGP-SRx): Reference Implementation and Test Tools for Emerging BGP Security Standards

September 15, 2021

Author(s)

Oliver Borchert, Kyehwan Lee, Kotikalapudi Sriram, Douglas Montgomery, Patrick Gleichmann

In this paper, we first describe the problem space. Following that, we describe the design and implementation of the NIST reference implementation for RPKI-based route origin validation (BGP-OV) and BGPsec path validation (BGP-PV) within a BGP router. The

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Portuguese translation)

September 8, 2021

Author(s)

Kevin Stine, Matthew Barrett

Translated courtesy of the US Chamber of Commerce and the Brazil-US Business Council. Not an official U.S. Government translation.

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Cell-free systems
-Engineering / synthetic biology
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
-Sequence screening
-Transcriptomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Human microbiome
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive