Search Publications

NIST Authors in Bold

Displaying 226 - 250 of 1521

Development and Evaluation of Bluetooth Low-Energy Device for Electronic Encounter Metrics

January 20, 2022

Author(s)

Katy Keenan, Joe Aumentado, Harold Booth, Kimberly Briggman, Mikail Kraft-Molleda, Michele Martin, Rene Peralta, Angela Robinson, Krister Shalm, Michelle Stephens, Emily Townsend, Sae Woo Nam

The coronavirus disease 2019 (COVID-19) pandemic led to the need for tracking of physical contacts and potential exposure to disease. Traditional contact tracing can be augmented by electronic tools called "electronic contact tracing" or "exposure

IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements

November 29, 2021

Author(s)

Michael Fagan, Katerina N. Megas, Jeffrey Marron, Kevin Gerard Brady, Barbara Bell Cuthill, Rebecca Herold, David Lemire, Noel Hoehn

Organizations will increasingly use Internet of Things (IoT) devices for the mission benefits they can offer, but care must be taken in the acquisition and implementation of IoT devices. This publication contains background and recommendations to help

IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog

November 29, 2021

Author(s)

Katerina N. Megas, Michael Fagan, Jeffrey Marron, Kevin Gerard Brady, Barbara Bell Cuthill, Rebecca Herold, David Lemire, Noel Hoehn

This publication provides a catalog of internet of things (IoT) device cybersecurity capabilities (i.e., features and functions needed from a device to support security controls) and non-technical supporting capabilities (i.e., actions and support needed

Security for IEEE P1451.0-Based IoT Sensor Networks

November 13, 2021

Author(s)

Eugene Song, Kang B. Lee, Ke Zhou, Jun Wu

The challenges of the Internet of Things (IoT) sensor networks include connectivity, interoperability, security, and privacy. The Institute of Electrical and Electronics Engineers (IEEE) P1451.0 standard is being revised based on these challenges and

Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management

November 12, 2021

Author(s)

Kevin Stine, Stephen Quinn, Nahla Ivy, Matthew Barrett, Greg Witte, Larry Feldman, Robert Gardner

This document supplements NIST Interagency or Internal Report 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM), by providing additional detail regarding risk guidance, identification, and analysis. This report offers examples and

User Perceptions & Preferences for Smart Home Device Updates

November 5, 2021

Author(s)

Susanne M. Furman, Julie Haney

IoT smart home updates are a critical mechanism by which manufacturers can remediate security vulnerabilities and one of the few tools users have to secure their devices. Yet, security professionals view difficulties in patching IoT devices as a major

Privacy-enhancing cryptography to complement differential privacy

November 3, 2021

Author(s)

Luis Brandao, Rene Peralta

In this post, we illustrate how various techniques from privacy-enhancing cryptography, coupled with differential privacy protection, can be used to protect data privacy while enabling data utility. Of notable interest is the setting where there are

Parenting Digital Natives in a Tech World: Research Findings of Children's and Parents' Password Knowledge & Practices

October 25, 2021

Author(s)

Yee-Yin Choong

n/a

Security Auditing of Internet of Things Devices in a Smart Home

October 15, 2021

Author(s)

Suryadipta Mazumdar, Daniel Bostos, Anoop Singhal

Attacks on the Internet of Things are increasing. Unfortunately, transparency and accountability that are paramount to securing Internet of Things devices are either missing or implemented in a questionable manner. Security auditing is a promising solution

Encryption is Futile: Reconstructing 3D-Printed Models using the Power Side-Channel

October 6, 2021

Author(s)

Jacob Gatlin, Sofia Belikovetsky, Yuval Elovici, Anthony Skjellum, Joshua Lubell, Paul Witherell, Mark Yampolskiy

Outsourced Additive Manufacturing (AM) exposes sensitive design data to external malicious actors. Even with end-to-end encryption between the design owner and 3D-printer, side-channel attacks can be used to bypass cyber-security measures and obtain the

Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards

September 29, 2021

Author(s)

Jeffrey Marron, Avi Gopstein, Daniel Bogle

This white paper highlights a recent mapping effort between the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards and the NIST Cybersecurity Framework. Mappings of these two frameworks have been

Model-Based Risk Analysis Approach for Network Vulnerability and Security of the Critical Railway Infrastructure

September 29, 2021

Author(s)

Himanshu Neema, Leqiang Wang, CheeYee Tang, Keith A. Stouffer, Xenofon Koutsoukos

This study focuses on threat modeling, vulnerability analysis, and risk management within the critical railway transportation infrastructure. The Railway Transportation System is a highly complex, national critical infrastructure and its cybersecurity

2020 Cybersecurity and Privacy Annual Report

September 28, 2021

Author(s)

Patrick D. O'Reilly, Kristina Rigopoulos, Larry Feldman, Greg Witte

During Fiscal Year 2020 (FY 2020), from October 1, 2019 through September 30, 2020, the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy Program successfully responded to numerous challenges and opportunities in security and privacy

Classifying Memory Bugs Using Bugs Framework Approach

September 9, 2021

Author(s)

Irena Bojanova, Carlos Galhardo

In this work, we present an orthogonal classification of memory corruption bugs, allowing precise structured descriptions of related software vulnerabilities. The Common Weakness Enumeration (CWE) is a well-known and used list of software weaknesses

Summary Report for the Virtual Workshop Addressing Public Comment on NIST Cybersecurity for IoT Guidance

September 9, 2021

Author(s)

Michael Fagan, Katerina N. Megas, David Lemire

This report summarizes the feedback received on the work of the NIST Cybersecurity for IoT program on device cybersecurity at a virtual workshop conducted April 22, 2021. NIST conducted the "Workshop Addressing Public Comment on NIST Cybersecurity for IoT

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Portuguese translation)

September 8, 2021

Author(s)

Kevin Stine, Matthew Barrett

Translated courtesy of the US Chamber of Commerce and the Brazil-US Business Council. Not an official U.S. Government translation.

Basic Recommendations For HVAC Cybersecurity

September 1, 2021

Author(s)

Michael Galler

Cybersecurity has been a topic of increasing importance for several years. While fully securing a large system can be very complicated, there are some basic precautions that can easily be applied to any system. The purpose of this document is to briefly

Neural Networks Based Domain Name Generation

September 1, 2021

Author(s)

Zheng Wang, Yang Guo

Domain generation algorithm (DGA) is commonly used to dynamically produce a large number of random domain names and select a small subset for actual use. DGA provides a method to make DNS mapping elusive and thereby make countermeasures ineffective. Modern

NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0 (Indonesian translation)

September 1, 2021

Author(s)

Naomi Lefkovitz, Katie Boeckl

NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0 (Portuguese translation)

September 1, 2021

Author(s)

Naomi Lefkovitz, Katie Boeckl

NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0 (Spanish translation)

September 1, 2021

Author(s)

Naomi Lefkovitz, Katie Boeckl

IoT Non-Technical Supporting Capability Core Baseline

August 25, 2021

Author(s)

Michael Fagan, Katerina N. Megas, Jeffrey Marron, Kevin Gerard Brady, Barbara Bell Cuthill, Rebecca Herold

Non-technical supporting capabilities are actions a manufacturer or third-party organization performs in support of the cybersecurity of an IoT device. This publication defines an Internet of Things (IoT) device manufacturers' non-technical supporting

Mobile Application Single Sign-On: Improving Authentication for Public Safety FirstResponders

August 25, 2021

Author(s)

Bill Fisher, Paul A. Grassi

On-demand access to public safety data is critical to ensuring that public safety and first responders (PSFRs) can protect life and property during an emergency. This public safety information, often needing to be accessed via mobile or portable devices

Approaches for Federal Agencies to Use the Cybersecurity Framework

August 17, 2021

Author(s)

Jeffrey Marron, Victoria Yan Pillitteri, Jon M. Boyens, Stephen Quinn, Gregory Witte

The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a manner that complements the use of other NIST security and privacy risk management standards

'Passwords Keep Me Safe' - Understanding What Children Think about Passwords

August 11, 2021

Author(s)

Mary Theofanos, Yee-Yin Choong

Children use technology from a very young age, and often have to authenticate. The goal of this study is to explore children's practices, perceptions, and knowledge regarding passwords. Given the limited work to date and that the world's cyber posture and

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Artificial intelligence
-AI measurement and evaluation
-Autonomous systems
--Automated vehicles
--Autonomous laboratories
-Applied AI
-Fundamental AI
-Hardware for AI
-Machine learning
-Trustworthy and responsible AI
Bioscience
-Bioeconomy
--Biological data
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Biometrology
-Biosecurity
--Biosurveillance
--Genomic cybersecurity
--Nucleic acid sequence screening
-Cell measurements
-Engineering / synthetic biology
--Biofabrication
--Cell-free systems
--Genome engineering
--Protein engineering
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate Measurements
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
--Cancer
--Medical imaging
-Food and nutrition
-Human microbiome
-Precision medicine
-Regenerative medicine and advanced therapy
--Flow cytometry
Information technology
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity and privacy
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Digital twins
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
--Recovery
--Resilience metrics
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive