Other

Automation Support for Control Assessments – Project Update and Vision

December 6, 2023

Author(s)

Eduardo Takamura, Jeremy Licata, Victoria Yan Pillitteri

In 2017, NIST published a methodology for supporting the automation of SP 800-53 control assessments in the form of IR 8011. IR 8011 is a multi-volume series

Security Segmentation in a Small Manufacturing Environment

April 6, 2023

Author(s)

Michael Powell, John Hoyt, Aslam Sherule, Lynette Wilcox

Manufacturers are increasingly targeted in cyber-attacks. Small manufacturers are particularly vulnerable due to limitations in staff and resources to operate

The Language of Trustworthy AI: An In-Depth Glossary of Terms

March 29, 2023

Author(s)

Daniel Atherton, Reva Schwartz, Peter Fontana, Patrick Hall

The NIST (National Institute of Standards and Technology) glossary of terms related to trustworthy and responsible artificial intelligence (AI) and machine

Handbook for VVSG 2.0 Usability and Accessibility Test Strategies

January 25, 2023

Author(s)

Whitney Quesenbery, Sharon J. Laskowski

This document provides guidance and resources for how to test voting systems against the usability and accessibility requirements in the Voluntary Voting System

Administering Accessible Vote by Mail Systems

January 25, 2023

Author(s)

Lynn Baumeister, Whitney Quesenbery, Sharon J. Laskowski

Accessible vote by mail (AVBM) provides options for voters with disabilities to complete their absentee or vote by mail ballots independently and privately

Cybersecurity Framework Profile for Hybrid Satellite Networks (HSN): Final Annotated Outline

November 3, 2022

Author(s)

James McCarthy, Joseph Brule, Dan Mamula, Karri Meldorf

The objective of this Cybersecurity Profile is to identify an approach to assess the cybersecurity posture of Hybrid Satellite Networks (HSN) that provide

Letter Report to U.S. Consumer Product Safety Commission: CONTAM Simulations of Extended Generator Run Time Supplementing NIST Technical Note 2202

July 18, 2022

Author(s)

Steven Emmerich, Brian Polidoro

The purpose of this report is to document additional simulations that staff of the U.S. National Institute of Standards and Technology (NIST) performed, at the

Ordered t-way Combinations for Testing State-based Systems

June 13, 2022

Author(s)

D. Richard Kuhn, M S Raunak, Raghu N. Kacker

Fault detection often depends on the specific order of inputs that establish states which eventually lead to a failure. However, beyond basic structural

Initial Summary Analysis of Responses to the Request for Information Evaluating and Improving Cybersecurity Resources: The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management

June 3, 2022

Author(s)

Cherilyn Pascoe

On February 22, 2022, NIST issued a public Request for Information (RFI), "Evaluating and Improving NIST Cybersecurity Resources: The Cybersecurity Framework

A Data Structure for Integrity Protection with Erasure Capability

May 20, 2022

Author(s)

D. Richard Kuhn

This document describes a data structure, referred to as a data block matrix, that supports the ongoing addition of hash-linked records while also allowing for

Planning a Zero Trust Architecture: A Starting Guide for Federal Administrators

May 6, 2022

Author(s)

Scott Rose

NIST Special Publication 800-207 defines zero trust is a set of cybersecurity principles used when planning and implementing an enterprise architecture. These

Getting Started with Cybersecurity Risk Management Ransomware

February 23, 2022

Author(s)

Bill Fisher, William Barker, Karen Scarfone

Quick start guide for NISTIR 8374.

Recommended Criteria for Cybersecurity Labeling of Consumer Software

February 4, 2022

Author(s)

Michael Ogata, Amy Phelps, Julie Haney

Executive Order (EO) 14028, "Improving the Nation's Cybersecurity," tasks the National Institute of Standards and Technology (NIST), in coordination with the

Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards

September 29, 2021

Author(s)

Jeffrey Marron, Avi Gopstein, Daniel Bogle

This white paper highlights a recent mapping effort between the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP)

Filing Rate and Transfer Rate at NIST: An examination of invention disclosures, patent applications, and invention licenses

May 28, 2021

Author(s)

Michael J. Hall

This paper applies technology-transfer efficiency metrics—filing rate and transfer rate— proposed in the academic literature on technology transfer to data on

Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms

April 28, 2021

Author(s)

Murugiah Souppaya, Tim Polk, William Barker

Cryptographic technologies are used throughout government and industry to authenticate the source and protect the confidentiality and integrity of information

NIST-NOAA Survey Instrument for Business Disruption and Recovery Associated With Extreme Events: General Instrument Applied to the Greater Charleston, SC Small- and Medium-Sized Business Community Post-Hurricane Irma

September 30, 2020

Author(s)

Jennifer F. Helgeson, Eleanor D. Pierel, Kirstin Dow

To gather more in-depth information about how disasters affect businesses, the National Institute of Standards and Technology (NIST) and the National Oceanic

Eliciting Lessons from Small- and Medium-Sized Enterprises (SMEs) for Natural Disaster Resilience Planning and Recovery During the COVID-19 Pandemic: SME Complex Event Resilience

September 30, 2020

Author(s)

Jennifer F. Helgeson, Juan F. Fung, Yating Zhang, Alfredo R. Roa Henriquez, Ariela Zycherman, Claudia Nierenberg, David T. Butry, Donna H. Ramkissoon

Small and medium-sized enterprises (SMEs) make up 44% of U.S. economic activities and are the lifeline for many local economies, employing 59 million people in

On the nature of the non-equilibrium phase transition in the non-Markovian driven Dicke model

September 23, 2020

Author(s)

Rex Lundgren, Alexey Gorshkov, Mohammad Maghrebi

The Dicke model famously exhibits a phase transition to a superradiant phase with a macroscopic population of photons and is realized in multiple settings in

Overview of the TREC 2019 Deep Learning Track

July 27, 2020

Author(s)

Ellen M. Voorhees, Nick Craswell, Bhaskar Mitra, Daniel Campos, Emine Yilmaz

The Deep Learning Track is a new track for TREC 2019, with the goal of studying ad hoc ranking in a large data regime. It is the first track with large human

Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)

April 23, 2020

Author(s)

Donna F. Dodson, Murugiah Souppaya, Karen Scarfone

Few software development life cycle (SDLC) models explicitly address software security in detail, so secure software development practices usually need to be