Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Tech Beat - July 25, 2012

Tech Beat Archives

Submit an email address to receive news from NIST:

Editor: Michael Baum
Date created: July 25, 2012
Date Modified: July 25, 2012 
Contact: inquiries@nist.gov

NIST Measurement Advance Could Speed Innovation in Solar Devices

A new versatile measurement system devised by researchers at the National Institute of Standards and Technology (NIST) accurately and quickly measures the electric power output of solar energy devices, capabilities useful to researchers and manufacturers working to develop and make next-generation solar energy cells.

LED plate
Sections of the new NIST measurement system's LED plate are shown. A water-coolant system on the back (a) keeps the operating temperature constant. Collectively, the different-colored LEDs (b) generate light in wavelengths covering much of the solar spectrum. LEDs in the second row from the bottom emit most of their radiation in the near infrared region and appear very faint to the human eye. Light from the last row of LEDs is completely invisible.
Credit: NIST
View hi-resolution image

Innovative devices that convert sunlight to electric power more efficiently and cost effectively than the current generation of solar cell technology are the objects of a global pursuit—means to reducing fossil-fuel consumption and to securing pole position in the competition for fast-growing international markets for clean energy sources.

As reported in the journal Applied Optics,* the NIST team has combined 32 LEDs—each generating light from different segments of the solar spectrum—and other off-the-shelf equipment with their custom-made technologies to build a system that measures the wavelength-dependent quantum efficiency of solar devices over a relatively large area.

Anticipated advantages over current approaches—most of which use incandescent lamps or xenon arc and other types of discharge lamps—are greater speed and ease of operation, more uniform illumination, and a service life that is about 10 times longer.

The new NIST system for measuring spectral response easily accommodates two unique but complementary methods for determining how much electric current a solar, or photovoltaic (PV), device generates when hit by a standard amount of sunlight. Both methods are straightforward, and they use the same hardware setup.

With either method, the automated system produces measurements more rapidly than current instruments used to simulate solar radiation and characterize how efficiently a device converts light energy to electric energy.

One method, which activates the LED lights sequentially, is less subject to interference than the other technique, and yields a spectral response measurement in about 6 minutes. With the other method, all 32 LEDs are activated simultaneously, but each generates pulses of light at a different rate. The solar response of a PV device over the entire LED-blended spectrum can be determined in about 4 seconds.

Though more susceptible to interference, the faster method has potential for in-line manufacturing tests for ensuring quality, the researchers write.

The new system represents a major stride toward a technical goal set by a group of solar energy experts convened by NIST in late 2010.** "To accelerate all types of PV development and lower costs through more accurate assessment of performance," these experts set the goal to achieve spectral response measurements in fewer than 10 minutes.

While the new system beats the time requirement, the NIST team must push their technology further to match related targets that are part of the goal. Their to-do list includes matching or exceeding the energy intensity of the sun, broadening the LED-synthesized spectrum to include the infrared portion of the sun's output, and consistently achieving measurement results with uncertainties of less than 1 percent.

With their work to date, however, the NIST researchers have demonstrated that LEDs are now "technologically viable" for use in solar simulators and for characterizing PV and other photoelectric devices, says NIST physicist Behrang Hamadani.

* B. H. Hamadani, J. Roller, B. Dougherty and H. W. Yoon. Versatile Light-Emitting-Diode-based Spectral Response Measurement System for Photovoltaic Device Characterization. Applied Optics Vol. 51, No. 19, July 1, 2102.
**Foundations for Innovation: Photovoltaic Technologies for the 21st Century (Report of the Steering Committee for Advancing Solar Photovoltaic Technologies). Available at: http://events.energetics.com/NISTGrandChallenges2010/index.html.

Media Contact: Mark Bello, mark.bello@nist.gov, 301-975-3776

Comment  Comment on this article.back to top

NIST Updates Guidance on Network Attacks and Malware

Detecting and stopping malicious attacks on computer networks is a central focus of computer security these days. The National Institute of Standards and Technology (NIST) is asking for comments on two updated guides on malicious computer attacks: one on preventing, detecting, and responding to attacks and one on preventing and mitigating the effects of malware, a potent tool in an attacker's arsenal.

The publications are being revised to reflect the changes in threats and incidents.

Malware, also known as malicious code, is a common tool that attackers use to breach computer networks today, causing damage and disruption, and often requiring extensive recovery efforts. "Malware threats in the past tended to spread quickly and were easy to discover," explains co-author Karen Scarfone, "but today's malware threats are stealthier, specifically designed to quietly, slowly spread, gathering information over extended time frames and eventually leading to loss of sensitive data and other problems."

The updated Guide to Intrusion Detection and Prevention Systems describes software that has become a necessary addition to the security infrastructure of many organizations.

Intrusion detection and prevention systems (IDPSs) record information about observed security-related events, notify security administrators of the events that should be analyzed further and produce reports for evaluation. Many IDPSs respond to and try to stop detected threats by using a variety of techniques.

The guidance describes the characteristics of IDPS technologies and provides recommendations for designing, implementing, configuring, securing, monitoring and maintaining them. The publication discusses four types of IDPS technologies: network-based, wireless, network behavior analysis and host-based.

"IDPS for wireless is an important type for all organizations to have because of the growth of mobile devices and employees' desire to use their own wireless device for work," says Scarfone.

While many agencies and companies are going mobile, it is still critical to protect desktops and laptops. The Guide to Malware Incident Prevention and Handling for Desktops and Laptops is a supplement to another draft document, Computer Security Incident Handling Guide (SP 800-61).* It gives background information on the major categories of malware that afflict desktop and laptop computers and provides practical guidance on how to prevent malware incidents and on what to do when a system is infected. The revised version of SP 800-61 is expected to be published later this summer.

Recommended measures include developing prevention plans based on the attacks that are most likely to be used now and in the near future, using defensive architecture methods to reduce the impact of malware incidents, and including malware incident prevention in employee awareness and training programs.

The Guide to Intrusion Detection and Prevention Systems (Special Publication 800-94, Rev. 1) can be found at http://csrc.nist.gov/publications/drafts/800-94-rev1/draft_sp800-94-rev1.pdf. Comments should be sent to 800-94comments@nist.gov by August 31.

The Guide to Malware Incident Prevention and Handling for Desktops and Laptops (Special Publications 800-83, Rev. 1) can be found at http://csrc.nist.gov/publications/drafts/800-83-rev1/draft_sp800-83-rev1.pdf. Comments should be sent to 800-83comments@nist.gov by August 31.

* The Computer Security Incident Handling Guide (SP 800-61, Rev. 2) is available at http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-61-Rev.%202.

Media Contact: Evelyn Brown, evelyn.brown@nist.gov, 301-975-5661

Comment  Comment on this article.back to top

University, Industry Experts Recommend Steps to 'Invigorate' U.S. Manufacturing

A new report by a national committee of U.S. industry and university leaders details 16 recommendations "aimed at reinventing manufacturing in a way that ensures U.S. competitiveness, feeds into the nation's innovation economy, and invigorates the domestic manufacturing base."

The report was prepared by the 18-member steering committee of the Advanced Manufacturing Partnership (AMP) that was launched by President Obama in June 2011 and co-chaired by Susan Hockfield, now president emerita of the Massachusetts Institute of Technology, and Andrew Liveris, president, chairman and chief executive officer of The Dow Chemical Company.

The AMP Steering Committee Report to the President on Capturing Competitive Advantage in Advanced Manufacturing was formally adopted today by the President's Council of Advisors on Science and Technology.

It addresses needs in three broad categories:

  • enabling innovation,
  • securing the talent pipeline, and
  • improving the business climate.

The recommendations include a call to establish a national network of manufacturing innovation institutes; an emphasis on investment in community college training of the advanced manufacturing workforce; an approach to evaluate platform manufacturing technologies for collaborative investment; a plan to reinvigorate the image of manufacturing in America; and proposals for trade, tax, regulatory, and energy policies that would level the global playing field for domestic manufacturers.

The Administration has already begun taking action on strong-consensus recommendations, many of them consistent with those put forward by a wide range of other experts and organizations.

For example, an interagency Advanced Manufacturing National Program Office (AMNPO) has been established to coordinate federal manufacturing resources and programs and to foster the creation of private-public partnerships focused on manufacturing innovation.

The new office, which is hosted by the National Institute of Standards and Technology, is acting on the AMP Steering Committee recommendation to establish a national network of manufacturing innovation institutes.  In his budget for fiscal year 2013, President Obama proposed a one-time, $1 billion investment to build the National Network for Manufacturing Innovation, consisting of up to 15 regional innovation institutes.  Through regional workshops and other means, the AMNPO is now gathering public input on the design of the proposed network.

A key goal of the envisioned network is to close the gap between U.S. research-and-development (R&D) efforts and the scale-up of R&D-spawned technological innovations in domestic production of goods.

To access the new report and supporting documents, go to: www.whitehouse.gov/administration/eop/ostp/pcast. Read the White House news release, "Report to President Outlines Approaches to Spur Domestic Manufacturing Investment and Innovation" at www.whitehouse.gov/the-press-office/2012/07/17/report-president-outlines-approaches-spur-domestic-manufacturing-investm and the related fact sheet, "White House Advanced Manufacturing Initiatives to Drive Innovation and Encourage Companies to Invest in the United States" at www.whitehouse.gov/the-press-office/2012/07/17/fact-sheet-white-house-advanced-manufacturing-initiatives-drive-innovati.

Media Contact: Mark Bello, mark.bello@nist.gov, 301-975-3776

Comment  Comment on this article.back to top

Software Features and Inherent Risks: NIST's Guide to Rating Software Vulnerabilities from Misuse

A new guide from the National Institute of Standards and Technology (NIST) describes a "scoring system" that computer security managers can use to assess the severity of security risks arising from software features that, while beneficial to accomplishing a task, are at least partially designed under an assumption that users are operating these features as intended.

NIST's Common Misuse Scoring System (CMSS) provides a systematic way for organizations to determine the severity of software feature misuse—dangerous or illicit email practices, for example—so that the organization can determine how to handle the problem.

"No system is 100 percent secure: every system has vulnerabilities," according to the report. While attention often focuses on software flaws, for example system crashes, software features also introduce vulnerabilities because intentional or accidental misuses of software features have the potential to leak sensitive information, corrupt data, or reduce system availability.

NIST categorizes software vulnerabilities in three general categories. Software flaws—coding errors that allow security breaches—are an obvious problem. Configuration vulnerabilities come from setting the software up improperly—allowing a program access to data it shouldn't see, for instance. But software feature misuse is more subtle. With feature misuse, savvy attackers violate the trust assumptions that are inherent in software features to subvert a system's security.

For example, malicious users may undermine the security of email software. "Two common problems are social engineering and insider threats," explained Karen Scarfone, one of the publication's authors. When users open up a bad email attachment or link, the hackers who sent the email can access the organization's computer network to steal valuable information or bring it down. Malicious users can use email attachments to send out valuable company data or documents to outsiders. Both problems can be very expensive, costing a company money, exposing valuable data and hurting the company's reputation.

The CMSS specification allows the risk assessment manager to determine a vulnerability's potential impact on the network and then take remediation steps to secure the system.

The CMSS specification is designed to work with existing scoring systems developed by NIST to categorize software flaw vulnerabilities* and security configuration issues.**

The new guide, The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities, (NISTIR 7864) is available at http://csrc.nist.gov/publications/nistir/ir7864/nistir-7864.pdf.

 * The Common Vulnerability Scoring System (CVSS) and Its Applicability to Federal Agency Systems (NISTIR 7435) is available at http://csrc.nist.gov/publications/PubsNISTIRs.html.
** The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities (NISTIR 7502) is available at http://csrc.nist.gov/publications/PubsNISTIRs.html.

Media Contact: Evelyn Brown, evelyn.brown@nist.gov, 301-975-5661

back to top

NIST Study of Hazard to Firefighters Leads to Safety Alert

Results of "live burn" studies and laboratory tests conducted by National Institute of Standards and Technology (NIST) fire researchers helped to prompt a safety alert warning of heat-caused damage to facepiece lenses on widely used firefighter self-contained breathing apparatus (SCBA), a factor implicated in several first-responder fatalities and injuries.

burned firefighter equipment
Faceplate of a fire fighter breathing apparatus damaged by high temperatures in NIST tests Pressure sensor (brass fitting that was mounted on the face of the headform) is visible through the hole in the lens.
Credit: NIST
View hi-resolution image

Issued by the National Fire Protection Association (NFPA), the alert notes that fires in modern buildings and houses burn hotter and faster than those in older structures, resulting in temperatures high enough to melt or otherwise damage the SCBA facepiece lens. Damage to the lens can breach the respiratory protection, exposing the wearer to superheated air and toxic combustion products.

NFPA, a consensus standards organization, is considering relevant tests and other requirements for firefighter personal protective equipment and clothing as part of its code revision process. In the interim, NFPA recommends five steps that fire departments and training academies should take to prevent lens failures.

NIST-led research "validated the adverse consequences to firefighters when lens degradation occurs in extreme thermal conditions and developed and provided new testing and performance methodologies to the NFPA Technical Committee on Respiratory Protection Equipment," the safety alert explains.

In 2010, NIST, NFPA, the National Institute for Occupational Safety and Health and the Fire Protection Research Foundation hosted a research-planning workshop on evaluating and addressing concerns regarding the thermal performance of SCBA facepiece lenses. Subsequently, NIST conducted research* at live burn tests in the Chicago area and at its own laboratories. It concluded that existing testing methods do not "capture the conditions of temperature, heat flux and duration that a firefighter might experience."

The NIST-developed test methods and performance criteria are proposed to be included into the next edition of NFPA 1981, Standard on Open-Circuit Self-Contained Breathing Apparatus (SCBA) for Emergency Services, which NFPA expects to issue later this year.

The U.S. Fire Administration and the Science and Technology Directorate of the Department of Homeland Security provided funding for this research to improve the performance of fire fighter protective equipment.

* See the Dec. 6, 2011, Tech Beat story, "Study Finds Failure Points in Firefighter Protective Equipment" at www.nist.gov/public_affairs/tech-beat/tb20111206.cfm#scba.

Media Contact: Mark Bello, mark.bello@nist.gov, 301-975-3776

Comment  Comment on this article.back to top

NIST Official Testifies on Threat Detection Science for National Security

On July 19, 2012, Richard Cavanagh, Director of the Office of Special Programs at the National Institute of Standards and Technology (NIST), testified before the House Committee on Science, Space, and Technology as part of a panel addressing the topic “Keeping America Secure: The Science Supporting the Development of Threat Detection Technologies.”

Dr. Richard Cavanagh
Dr. Richard Cavanaugh
Credit: NIST
View hi-resolution image

Cavanagh addressed the role of measurement science and technology in improving the speed, sensitivity and accuracy of detection systems meant to deal with chemical, biological and nuclear threats.

NIST works with a spectrum of agencies, including the Department of Homeland Security, the Department of Defense, the Department of Justice, the National Nuclear Security Administration and the Environmental Protection Agency as well as key private sector organizations like the American National Standards Institute (ANSI) and the Institute of Electrical and Electronics Engineers (IEEE). Its work ranges from developing methods and standards to validate the performance of radioactive materials detectors to establishing standard protocols for collecting suspicious biological samples.

“Standards play an important role in reliable threat detection, as they establish the reproducibility of the measurement, the comparability of measurements made at different locations with different technologies, and the comparability of historical data to the data available today,” Cavanagh said, “Standards are important in quantifying the level of confidence that can be placed in the data.”

Other speakers at the hearing included Dr. Huban Gowadia, Acting Director, Domestic Nuclear Detection Office, Department of Homeland Security; Dr. Anthony Peurrung, Associate Laboratory Director, National Security Directorate, Pacific Northwest National Laboratory; and Dr. Thomas Peterson, Assistant Director, Directorate for Engineering, National Science Foundation.

The full prepared testimony of all four is available on the committee’s website at http://science.house.gov/hearing/full-committee-hearing-keeping-america-secure-science-supporting-development-threat.

Media Contact: Michael Baum, michael.baum@nist.gov, 301-975-2763

Comment  Comment on this article.back to top

Three NIST Researchers Earn Presidential Honor

The White House has announced that three researchers at the National Institute of Standards and Technology (NIST) will receive the 2011 Presidential Early Career Award for Scientists and Engineers (PECASE). PECASE is the highest honor bestowed by the U.S. government on outstanding scientists and engineers beginning their independent research careers. Winners receive up to a five-year research grant to further their study in support of critical government missions.

The scientists are recognized not only for their innovative research, but also their demonstrated commitment to community service.

Jayne Billmayer Morrow, an environmental engineer in the Material Measurement Laboratory, is being honored for pioneering research on the properties of microbial systems, in particular the characterization of bacteria-surface interactions and the fate and transport of microbial pathogens in environmental matrices, and for commitment to preparing the next generation of young scientists through the NIST Summer Undergraduate Internship Program.

Ian Coddington, a physicist in the Physical Measurement Laboratory, will receive the award for developing rapid, low-cost, spectroscopic measurement tools based on optical fibers and frequency combs that enable accurate detection of airborne chemicals and measurement of absolute distance over kilometers with nanometer precision, and for contributions to early child development and science enrichment programs in his community.

Frank W. DelRio, a mechanical engineer in the Material Measurement Laboratory, is being recognized for pioneering research in measuring the mechanical properties of microelectronic and micro- and nano-electromechanical systems (MEMS and NEMS), and for volunteer work for local science fairs and for the Idaho Diabetes Youth Program.

For additional information, see the July 23 news announcement at www.whitehouse.gov/the-press-office/2012/07/23/president-obama-honors-outstanding-early-career-scientists.

Jayne Billmayer Morrow
Jayne Billmayer Morrow
Credit: NIST
View hi-resolution image
Ian Coddington
Ian Coddington
Credit: NIST
View hi-resolution image
Frank W. DelRio
Frank W. DelRio
Credit: NIST
View hi-resolution image

Media Contact: Jennifer Huergo, jennifer.huergo@nist.gov, 301-975-6343

Comment  Comment on this article.back to top

Three at NIST Honored by ANSI

Three staff members of the National Institute of Standards and Technology (NIST) are among the 17 recipients of the 2012 Leadership and Service Awards presented by the American National Standards Institute (ANSI). The internationally known standards development organization makes the awards annually to recognize individuals "for their significant contributions to national and international standardization activities, as well as an ongoing commitment to their industry, their nation, and the enhancement of the global voluntary consensus standards system."

This year's recipients include:

Patrick Gallagher, Undersecretary of Commerce for Standards and Technology and Director of NIST, will receive the Chairman's Award, which honors outstanding accomplishments by any group or individual on behalf of ANSI or the ANSI Federation.

Gordon Gillerman, chief of NIST's Standards Services Group, will receive the Gerald H. Ritterbusch Conformity Assessment Medal, which honors distinguished service in promoting the understanding and application of conformity assessment methods as a means of providing confidence in standards compliance for the marketplace.

Elham Tabassi, an electronics engineer in NIST's Information Technology Laboratory, will receive one of three Next Generation Awards, which honor individuals who have been engaged in standardization or conformity assessment activities for less than eight years and who have, during that time, demonstrated vision, leadership, dedication, and significant contributions to their chosen field of activity.

ANSI will honor the seventeen distinguished award recipients during an October 10 ceremony in Washington, D.C., held in conjunction with World Standards Week 2012.

Read the July 23, 2012, ANSI news announcement, "ANSI Announces Recipients of the 2012 Leadership and Service Awards" at http://www.ansi.org/news_publications/news_story.aspx?menuid=7&articleid=3313&source=whatsnew072312.

Media Contact: Michael Baum, michael.baum@nist.gov, 301-975-2763

Comment  Comment on this article.back to top