Publications

Displaying 1 - 25 of 56

Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171

February 9, 2021

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri, Gary Guissanie, Ryan Wagner, Richard Graubart, Deborah Bodeau

The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations [including updates as of 01-28-2021]

January 28, 2021

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri, Kelley L. Dempsey, Mark Riddle, Gary Guissanie

The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and

Control Baselines for Information Systems and Organizations

December 11, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri

This publication provides security and privacy control baselines for the Federal Government. There are three security control baselines (one for each system

Security and Privacy Controls for Information Systems and Organizations

December 10, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri

This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets

Control Baselines for Information Systems and Organizations

October 29, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri

This publication provides security and privacy control baselines for the Federal Government. There are three security control baselines (one for each system

Security and Privacy Controls for Information Systems and Organizations

September 23, 2020

Author(s)

Ronald S. Ross

This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

February 21, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri, Kelley L. Dempsey, Mark Riddle, Gary Guissanie

The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and

Developing Cyber Resilient Systems: A Systems Security Engineering Approach

November 27, 2019

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri, Richard Graubart, Deborah Bodeau, Rosalie McQuaid

This publication is used in conjunction with ISO/IEC/IEEE 15288:2015, Systems and software engineering--Systems life cycle processes, NIST Special Publication

Guide for Security-Focused Configuration Management of Information Systems

October 11, 2019

Author(s)

Arnold Johnson, Kelley L. Dempsey, Ronald S. Ross, Sarbari Gupta, Dennis Bailey

[Includes updates as of October 10, 2019] Guide for Security-Focused Configuration Management of Information Systems provides guidelines for organizations

Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

December 20, 2018

Author(s)

Ronald S. Ross

This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF

Assessing Security Requirements for Controlled Unclassified Information

June 13, 2018

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Victoria Y. Pillitteri

The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations [including updates as of 06-07-2018]

June 7, 2018

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Patrick Viscuso, Mark Riddle, Gary Guissanie

[Superseded by SP 800-171 Rev. 2 (February 2020): https://doi.org/10.6028/NIST.SP.800-171r2] The protection of Controlled Unclassified Information (CUI)

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems [including updates as of 3-21-2018]

March 21, 2018

Author(s)

Ronald S. Ross, Michael McEvilley, Janet C. Oren

With the continuing frequency, intensity, and adverse consequences of cyber-attacks, disruptions, hazards, and other threats to federal, state, and local

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations [including updates as of 02-20-2018]

February 20, 2018

Author(s)

Ronald S. Ross, Patrick Viscuso, Gary Guissanie, Kelley L. Dempsey, Mark Riddle

[Superseded by SP 800-171 Rev. 1 (December 2016, updated 06/07/2018): https://doi.org/10.6028/NIST.SP.800-171r1] The protection of Controlled Unclassified

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems [including updates as of 1-03-2018]

January 3, 2018

Author(s)

Ronald S. Ross, Michael McEvilley, Janet C. Oren

With the continuing frequency, intensity, and adverse consequences of cyber-attacks, disruptions, hazards, and other threats to federal, state, and local

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations [including updates as of 11-28-2017]

November 28, 2017

Author(s)

Ronald S. Ross, Patrick Viscuso, Gary Guissanie, Kelley L. Dempsey, Mark Riddle

[Superseded by SP 800-171 Rev. 1 (December 2016, updated 02/20/2018): https://doi.org/10.6028/NIST.SP.800-171r1] The protection of Controlled Unclassified

Rethinking Security through Systems Security Engineering

December 21, 2016

Author(s)

Ronald S. Ross, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in NIST SP 800-160: Systems Security Engineering: Considerations for a Multidisciplinary Approach in the

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

December 20, 2016

Author(s)

Ronald S. Ross, Patrick Viscuso, Gary Guissanie, Kelley L. Dempsey, Mark Riddle

[Superseded by SP 800-171 Rev. 1 (December 2016, updated 11/28/2017): https://doi.org/10.6028/NIST.SP.800-171r1] The protection of Controlled Unclassified

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems

November 14, 2016

Author(s)

Ronald S. Ross, Michael McEvilley, Janet C. Oren

[Superseded by NIST SP 800-160 (November 2016, including updates as of 01-03-2016)] With the continuing frequency, intensity, and adverse consequences of cyber

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations [including updates as of 01-14-2016]

January 21, 2016

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Patrick Viscuso, Mark Riddle, Gary Guissanie

[Superseded by SP 800-171 Rev. 1 (December 2016): https://www.nist.gov/publications/protecting- controlled-unclassified-information-nonfederal-systems-and

Protection of Controlled Unclassified Information

October 19, 2015

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in NIST SP 800-171: Protecting Controlled Unclassified Information in Nonfederal Information Systems and

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations [including updates as of 09-03-2015]

October 1, 2015

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Patrick Viscuso, Mark Riddle, Gary Guissanie

[Supersedes SP 800-171 (June 2015, updated 1/14/2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920191] The protection of Controlled

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations

June 18, 2015

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Patrick Viscuso, Mark Riddle, Gary Guissanie

[Superseded by SP 800-171 (June 2015, w/updates through 09/03/2015): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=919562] The protection of

Security and Privacy Controls for Federal Information Systems and Organizations [including updates as of 1/22/2015]

January 22, 2015

Author(s)

Ronald S. Ross

[Rev. 4 was superseded by Rev. 5 on 9/23/2020; Rev. 4 will be withdrawn one year from that date, on 9/23/2019] This publication provides a catalog of security

Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans

December 11, 2014

Author(s)

Ronald S. Ross

This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems

Advanced communications
-Optical communications
-Quantum communications
-Wireless (RF)
Bioscience
-Biomaterials
-Biomolecular characterization
-Bioprocessing
-Cell biology
-Engineering / synthetic biology
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Resilient buildings
-Structural engineering
-Sustainable buildings
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Energy efficiency
-Fuels
-Sustainability
Environment
-Air / water / soil quality
-Environmental health
-Greenhouse gas measurements
-Marine science
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Ballistics
-Digital evidence
-DNA and biological evidence
-Drugs and toxicology
-Fingerprints and pattern evidence
-Trace evidence
Health
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Medical imaging
-Pharmaceuticals
-Precision medicine
-Regenerative medicine
Information technology
-Artificial intelligence
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Configuration and vulnerability management
--Cryptography
--Cybersecurity education and workforce development
--Risk management
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Data enry
-Federal information standards (FIPS)
-Health IT
-Identity and access management
-Internet of Things (IoT)
-Interoperability testing
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software assurance
--Software performance
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Biomanufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Quality assurance
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Industrial autonomous vehicles
--Mobile manipulators
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Magnetic properties
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and Statistics
-Experiment design
-Image and signal processing
-Mathematical knowledge management
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Acoustic / vibration metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Physical security
-Public safety communications research
-Response robots
--Aerial
--Aquatic and underwater
--Ground
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Reference data
-Reference instruments
-Reference materials
-Standards education
Transportation
-Aerospace
-Automotive
-Rail

Search Publications by Ronald S. Ross