Government/Industry Partnership on the Security of Radioactive Sources

International Nuclear Information System (INIS)

Cefus, Greg; Colhoun, Stefan C.; Freier, Keith D.; Wright, Kyle A.; Herdes, Gregory A.

2006-01-01

In the past, industry radiation protection programs were built almost exclusively around radiation safety and the minimization of radiation dose exposure to employees. Over the last decade, and especially the last few years, the emphasis has shifted to include the physical security and enhanced control of radioactive materials. The threat of nuclear and radiological terrorism is a genuine international security concern. In May 2004, the U.S. Department of Energy/U.S. National Nuclear Security Administration unveiled the Global Threat Reduction Initiative (GTRI) to respond to a growing international concern for the proper control and security of radioactive and nuclear materials. An integral part of the GTRI, the International Radiological Threat Reduction (IRTR) Program, was established in February 2002, originally as a Task Force. The IRTR Program is foremost a government-to-government cooperative program with the mission to reduce the risk posed by vulnerable radioactive materials that could be used in a Radioactive Dispersal Device (RDD). However, governments alone cannot prevent the misuse and illicit trafficking of radioactive sources. By expanding the role of private industry as a partner, existing government regulatory infrastructures can be enhanced by formulating and adopting industry self-regulation and self-policing measures. There is international concern regarding the security and control of the vast number of well-logging sources used during oil exploration operations. The prevalence of these sources, coupled with their portability, is a legitimate security concern. The energy exploration industry has well established safety and security protocols and the IRTR Program seeks to build on this foundation. However, the IRTR Program does not have sufficient resources to address the issue without industry assistance, so it is looking to the oil and gas industry to help identify alternative means for accomplishing our mutual objectives. This paper describes

49 CFR 8.31 - Industrial security.

Science.gov (United States)

2010-10-01

... 49 Transportation 1 2010-10-01 2010-10-01 false Industrial security. 8.31 Section 8.31.../ACCESS Access to Information § 8.31 Industrial security. (a) Background. The National Industrial Security... industrial security services for the Department of Transportation. Regulations prescribed by the Secretary of...

Department of Defense: Observations on the National Industrial Security Program

National Research Council Canada - National Science Library

Barr, Ann C; Denomme, Thomas J; Booth, Brandon; Krump, John; Sloan, Karen; Slodkowski, Lillian; Sterling, Suzanne

2008-01-01

.... In terms of facility oversight, DSS maintained files on contractor facilities security programs and their security violations, but it did not analyze this information to determine, for example...

CERN tests reveal security flaws with industrial network devices

CERN Document Server

Lüders, Stefan

2006-01-01

The CERN high energy particle physics facility at Geneva, Switzerland will incorporate a wide range of COTS industrial control systems within its next generation particle collider, the LHC. In particular, the Internet will be used to facilitate the remote access for accelerator and particle physicists and system experts based at several hundred locations around the globe. The integration of Industrial Ethernet and COTS PLCs within the LHC program focuses extreme attention on the industrial network cyber-security requirement. CERN's response has been to conduct operational research on the security resilience of networked industrial devices. As test team lead Stefan Lüders reports here, industrial networked devices put through the organisation's test procedures have generally shown up unexpected vulnerabilities.

48 CFR 225.870-8 - Industrial security.

Science.gov (United States)

2010-10-01

... 48 Federal Acquisition Regulations System 3 2010-10-01 2010-10-01 false Industrial security. 225... Coordination 225.870-8 Industrial security. Industrial security for Canada shall be in accordance with the U.S.-Canada Industrial Security Agreement of March 31, 1952, as amended. ...

Best Practices for Operating Government-Industry Partnerships in Cyber Security

Directory of Open Access Journals (Sweden)

Larry Clinton

2015-12-01

Full Text Available Since the publication of the first National Strategy to Secure Cyber Space in 2003 the US federal government has realized that due to the interconnected nature of the Internet, securing the system would require an industry-government partnership. However, defining exactly what that new partnership would look like and how it would operate has been unclear. The ramifications of this ambiguous strategy have been noted elsewhere including the 2011 JSS article “A Relationship on the Brink” which described the dysfunctional state of public private partnerships with respect to cyber security. Subsequently, a joint industry-government study of partnership programs has generated a consensus list of “best practices” for operating such programs successfully. Moreover, subsequent use of these principles seems to confirm their ability to enhance the partnership and hopefully helps ameliorate, to some degree, the growing cyber threat. This article provides a brief history of the evolution of public-private partnerships in cyber security, the joint study to assess them and the 12 best practices generated by that analysis.

Security of the data transmission in the industrial control system

Directory of Open Access Journals (Sweden)

Marcin Bednarek

2015-12-01

Full Text Available The theme of this paper is to present the data transmission security system between the stations of the industrial control system. The possible options for secure communications between process stations, as well as between process and operator station are described. Transmission security mechanism is based on algorithms for symmetric and asymmetric encryption. The authentication process uses a software token algorithm and a one-way hash function. The algorithm for establishing a secured connection between the stations, including the authentication process and encryption of data transmission is given. The process of securing the transmission consists of 4 sub-processes: (I authentication; (II asymmetric, public keys transmission; (III symmetric key transmission; (IV data transmission. The presented process of securing the transmission was realized in the industrial controller and emulator. For this purpose, programming languages in accordance with EN 61131 were used. The functions were implemented as user function blocks. This allows us to include a mixed code in the structure of the block (both: ST and FBD. Available function categories: support of the asymmetric encryption; asymmetric encryption utility functions; support of the symmetric encryption; symmetric encryption utility functions; support of the hash value calculations; utility functions of conversion.[b]Keywords[/b]: transmission security, encryption, authentication, industrial control system

Offices of Industrial Security International: A Review

National Research Council Canada - National Science Library

Sands, W

1998-01-01

The Defense Security Service (DSS), formerly the Defense Investigative Service (DIS), handles many of its overseas industrial security issues through its Offices of Industrial Security International...

33 CFR 101.125 - Approved Alternative Security Programs.

Science.gov (United States)

2010-07-01

... 106 of this subchapter, as applicable: (a) American Gaming Association Alternative Security Program..., and Towboats and Barges, dated September 24, 2003. (c) Passenger Vessel Association Industry Standards...

Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292)

NARCIS (Netherlands)

Dacer, Marc; Kargl, Frank; König, Hartmut; Valdes, Alfonso

2014-01-01

This report documents the program and the outcomes of Dagstuhl Seminar 14292 “Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures”. The main objective of the seminar was to discuss new approaches and ideas for securing industrial control systems. It

Enhanced security in the nuclear industry

International Nuclear Information System (INIS)

Frappier, G.

2007-01-01

This article describes the security in the nuclear industry. After 9/11, Canada's nuclear regulator - the Canadian Nuclear Safety Commission (CNSC) - determined that the entire industry (including its own organization) faced a need for significant enhancements in their approach to security.

Security of radioactive sources in industrial radiography

International Nuclear Information System (INIS)

Popp, Andrew; Murray, Allan

2010-01-01

This paper describes the need and new requirements to ensure the security of radioactive sources used in the practice of industrial radiography. We describe the discussions and issues arising during the september 2010 regional workshop held in Sydney on the application of security measures to industrial radiography practices. The workshop provided the perspectives of both radiation regulators and industry practitioners, including those from the Philippines. We describe the outputs of the workshop, and how they were developed, and make suggestions for further consideration and applications of security measures in the practice of industrial radiography. (author)

Study on Nuclear Facility Cyber Security Awareness and Training Programs

International Nuclear Information System (INIS)

Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon

2016-01-01

Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

Study on Nuclear Facility Cyber Security Awareness and Training Programs

Energy Technology Data Exchange (ETDEWEB)

Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

17 CFR 229.801 - Securities Act industry guides.

Science.gov (United States)

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Securities Act industry guides... AND CONSERVATION ACT OF 1975-REGULATION S-K List of Industry Guides § 229.801 Securities Act industry... claims and claim adjustment expenses of property-casualty insurance underwriters. (g) Guide 7...

Security Transition Program Office 1994 fiscal year work plan WBS 6.11

International Nuclear Information System (INIS)

Brogdon, R.C. Jr.

1993-10-01

The Security Transition Program Office (STPO) will change the Hanford Safeguards and Security Protection Program from one that supported the national defense program to one that supports environmental restoration and waste management. A Successful Safeguards and Security Protection Program transition will have an industrial security foundation supplemented to protect material interests and information resources. The transition will change the current approaches to protection philosophy to ones that will provide the Hanford Site with the following: consolidation, reduction, and elimination of safeguards and security interests and targets; greater open Site access; maximum application of technology and automation; interpretation of security policies and procedures in light of the Hanford Site's environmental mission; coexistence with other emergency services; streamlined operations; and protection of employees and the public from health, safety, fire, security, and safeguards risks. This report describes the 1994 program objectives, the technical base, schedule baseline, cost, funding, manpower, and the 1993 program workscope

48 CFR 2804.470 - Contractor Personnel Security Program.

Science.gov (United States)

2010-10-01

... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Contractor Personnel Security Program. 2804.470 Section 2804.470 Federal Acquisition Regulations System DEPARTMENT OF JUSTICE General ADMINISTRATIVE MATTERS Safeguarding Classified Information Within Industry 2804.470 Contractor...

Physical security technology base programs for physical security

International Nuclear Information System (INIS)

Jacobs, J.

1986-01-01

Sandia National Laboratories is the US Department of Energy's lead laboratory for physical security research and development (R and D). In support of this mission, Sandia has maintained for several years an R and D program in each of the following technology areas: Intrusion Detection, Entry Control, CCTV Assessment, Access Delay, Alarm Display, and Guard Equipment and Training. The purpose of the technology base programs is to maintain cognizance of the capabilities of the commercial market, identify improvements and transfer technology to industry and facilities. The output of these programs supports the development of new equipment and advanced system concepts, demonstrations of proof-of-principles and system implementation. This paper will review the status of current developments and discuss trends in new technologies which are being explored for future applications, i.e., artificial intelligence, expert systems, robotics, and more automated systems

Methodology for evaluation of economic security of industrial enterprises

OpenAIRE

Kopytko Marta Ivanovna

2014-01-01

This paper investigates the features of evaluation of ensuring economic security of industrial enterprises and the algorithm of complex evaluation of the economic security of industrial enterprises over time and the system of criteria and their limit values ​​and the dynamics of change to determine the level of economic security industrial enterprise in terms of its components.

Development of an industrial complex for ensuring national competitiveness and economic security

Directory of Open Access Journals (Sweden)

A. V. Kalach

2016-01-01

Full Text Available Living standards depends on the state of the country’s industrial complex. In a message to Russian President Vladimir Putin's Federal Assembly was asked to implement in 2015 a national technological initiative, the development of industries of the new technological order. As a result of the predominance of the industry of the sixth technological order should occur major changes in the structure of production factors and significance. It follows the inevitability of structural changes in the system of economic institutions and mechanisms of economic security and competitiveness of the state achieve the main goal of the state program “The development of industry and increase its competitiveness” is carried out through the following the directions of sub-programs: investment goods (chemical complex development composite materials, industrial biotechnology, power engineering, machine tool industry, agricultural machinery, machinery specialized production, transport engineering; goods (light industry, children;s products industry, the automotive industry; military-industrial complex; infrastructure (development of engineering activities, industrial parks; semi-finished goods and materials (timber industry, metallurgy, industrial development of rare-earth metals. At the current pace of technological and economic development, the 6 th technological structure will come into proliferation phase in 2010–2020, and in the phase of maturity – 40-ies of XXI century. At the same time in 2020–2025 there will be a new scientific-technical and technological revolution, which will become the basis for developing, synthesizing advances in the above basic technologies. In this paper, we proposed as a tool to ensure the economic security of the state to use the acceleration system of technical development of the industrial complex.

Cyber security best practices for the nuclear industry

International Nuclear Information System (INIS)

Badr, I.

2012-01-01

When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

Cyber security best practices for the nuclear industry

Energy Technology Data Exchange (ETDEWEB)

Badr, I. [Rational IBM Software Group, IBM Corporation, Evanston, IL 60201 (United States)

2012-07-01

When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

Creation of security engineering programs by the Southwest Surety Institute

Science.gov (United States)

Romero, Van D.; Rogers, Bradley; Winfree, Tim; Walsh, Dan; Garcia, Mary Lynn

1998-12-01

The Southwest Surety Institute includes Arizona State University (ASU), Louisiana State University (LSU), New Mexico Institute of Mining and Technology (NM Tech), New Mexico State University (NMSU), and Sandia National Laboratories (SNL). The universities currently offer a full spectrum of post-secondary programs in security system design and evaluation, including an undergraduate minor, a graduate program, and continuing education programs. The programs are based on the methodology developed at Sandia National Laboratories over the past 25 years to protect critical nuclear assets. The programs combine basic concepts and principles from business, criminal justice, and technology to create an integrated performance-based approach to security system design and analysis. Existing university capabilities in criminal justice (NMSU), explosives testing and technology (NM Tech and LSU), and engineering technology (ASU) are leveraged to provide unique science-based programs that will emphasize the use of performance measures and computer analysis tools to prove the effectiveness of proposed systems in the design phase. Facility managers may then balance increased protection against the cost of implementation and risk mitigation, thereby enabling effective business decisions. Applications expected to benefit from these programs include corrections, law enforcement, counter-terrorism, critical infrastructure protection, financial and medical care fraud, industrial security, and border security.

48 CFR 225.872-7 - Industrial security for qualifying countries.

Science.gov (United States)

2010-10-01

... 48 Federal Acquisition Regulations System 3 2010-10-01 2010-10-01 false Industrial security for... Agreements and Coordination 225.872-7 Industrial security for qualifying countries. The required procedures... qualifying country sources are in the DoD Industrial Security Regulation DoD 5220.22-R (implemented for the...

78 FR 24161 - Bureau of Industry and Security

Science.gov (United States)

2013-04-24

... DEPARTMENT OF COMMERCE Bureau of Industry and Security Materials Technical Advisory Committee; Notice of Partially Closed Meeting The Materials Technical Advisory Committee will meet on May 9, 2013... of Industry and Security senior management. 4. Discussion on General Technology Note as it applies to...

It Security Issues Within the Video Game Industry

OpenAIRE

STEPHEN MOHR; SYED (SHAWON) RAHMAN,

2011-01-01

IT security issues are an important aspect for each and every organization within the video game industry. Within the video game industry alone, you might not normally think of security risks being an issue. But as we can and have seen in recent news, no company is immune to security risks no matter how big or how small. While each of these organizations will never be exactly the same as the next, there are common security issues that can and do affect each and every video game company. In or...

Securing the energy industry : perspectives in security risk management

Energy Technology Data Exchange (ETDEWEB)

Hurd, G.L. [Anadarko Canada Corp., Calgary, AB (Canada)

2003-07-01

This presentation offered some perspectives in security risk management as it relates to the energy sector. Since the events of September 11, 2001 much attention has been given to terrorism and the business is reviewing protection strategies. The paper made reference to each of the following vulnerabilities in the energy sector: information technology, globalization, business restructuring, interdependencies, political/regulatory change, and physical/human factors. The vulnerability of information technology is that it can be subject to cyber and virus attacks. Dangers of globalization lie in privacy and information security, forced nationalization, organized crime, and anti-globalization efforts. It was noted that the Y2K phenomenon provided valuable lessons regarding interdependencies and the effects of power outages, water availability, transportation disruption, common utility corridor accidents, and compounding incidents. The paper also noted the conflict between the government's desire to have a resilient infrastructure that can withstand and recover from attacks versus a company's ability to afford this capability. The physical/human factors that need to be considered in risk management include crime, domestic terrorism, and disasters such as natural disasters, industrial disasters and crisis. The energy industry has geographically dispersed vulnerable systems. It has done a fair job of physical security and has good emergency management practices, but it was noted that the industry cannot protect against all threats. A strategy of vigilance and awareness is needed to deal with threats. Other strategies include contingency planning, physical security, employee communication, and emergency response plans. tabs., figs.

Coping with Security in Programming

OpenAIRE

Frank Schindler

2006-01-01

This article deals with importance of security issues in computer programming.Secure software can only be designed with security as a primary goal. To achieve that wewould have to redesign our computer systems with security in our mind including entirecomputer environment, e.g. hardware, programming languages and, of course, operatingsystems. In software development process the quality of resulting computer code should bethe most important aspect during the whole program development process. ...

Army Industrial Fund Rate Stabilization Program.

Science.gov (United States)

1986-11-01

orders. Most cost reimbursable orders fall outside of the four exclusions authorized by the revised DA policy on fixed rate orders. Of the cost reimbur ... reimbursable programs. , . 20 DISTRIBUTION/AVAILABILITY OF ABSTRArT 21 ABSTRACT SECURITY CLASSIFICATION M UNCLASSIFIED/UNLIMITED 0 SAME AS RPT - DTIC USERS...customers who reimburse the fund. Industrial funds are intended to be self-sustaining. Department of Defense (DOD) policy as enumerated in DOD

Industrial Security – a Component of the Production Operational Management

OpenAIRE

Ilie GHEORGHE; Roxana STEFANESCU

2005-01-01

The problem of the industrial objectives security imposes as a fundamental condition of economic efficiency. This is why is necessary the elaboration of a new concept regarding industrial security. This concept must integrate quality problems, with technological and ecological characteristics of the industrial objective with the security problems of the business environment and to protect physical and informational objective against fires or natural calamities. Another role of the new industr...

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Industrial Control System Cyber Security: Questions And Answers Relevant To Nuclear Facilities, Safeguards And Security

International Nuclear Information System (INIS)

Anderson, Robert S.; Schanfein, Mark; Bjornard, Trond; Moskowitz, Paul

2011-01-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

6 CFR 27.235 - Alternative security program.

Science.gov (United States)

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Alternative security program. 27.235 Section 27.235 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.235 Alternative security program. (a) Covered...

Center for Coastline Security Technology, Year-2

Science.gov (United States)

2007-05-01

cinematic film industry . For the port security application there are several research issues being addressed under this program, specifically...being the cinematic film industry . For the port security application there are several research issues being addressed under this program...the primary customers being the film industry . For the port security application there are several research issues being addressed under this program

Development of Financial Security of Agro-Industrial Enterprises

OpenAIRE

Iryna Kryukova

2012-01-01

The concept of 'financial security' has been covered in the article. The theoretical basis of agro-industrial factories financial security development has been considered. In particular, the author has done an overview of different methodological approaches to determining the content of financial security and its components. The indicators of financial security of enterprise have been defined. Summing up the methodological aspects of providing business financial security the author proposes t...

Process Control Systems in the Chemical Industry: Safety vs. Security

Energy Technology Data Exchange (ETDEWEB)

Jeffrey Hahn; Thomas Anderson

2005-04-01

Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

How the Office of Safeguards and Security Technology development program facilitates safeguarding and securing the DOE complex

International Nuclear Information System (INIS)

Smoot, W.

1995-01-01

The technology development program's (TDP's) mission is to provide technologies or methodologies that address safeguards and security requirements throughout the U.S. DOE complex as well as to meet headquarters' policy needs. This includes developing state-of-the-art technologies or modifying existing technologies in physical security, material control and accountability, information security, and integrated safeguards systems. The TDP has an annual process during which it solicits user requirements from the field. These requirements are analyzed by DOE headquarters and laboratory personnel for technical merit. The requirements are then prioritized at headquarters, and the highest priorities are incorporated into our budget. Although this user-needs process occurs formally once a year, user requirements are accepted at any time. The status of funded technologies is communicated through briefings, programs reviews, and various documents that are available to all interested parties. Participants in several interagency groups allows our program to benefit from what others are doing and to prevent duplications of efforts throughout the federal community. Many technologies are transferred to private industry

On Pre-deployment Assessment and Security Bootstrapping of Industrial Communication Networks

OpenAIRE

Ray, Apala

2017-01-01

The severity of cyber threats towards existing and future industrial systems has resulted in an increase of security awareness in the industrial automation domain. Compared to traditional information systems, industrial communication systems have different performance and reliability requirements. The safety and availability requirements can also sometimes conflict with the system security design of plants. For instance, it is not acceptable to create a secure system that may take up addition...

Comprehensive Assessment of Industries Economic Security: Regional Aspect

Directory of Open Access Journals (Sweden)

Viktoriya Viktorovna Akberdina

2017-12-01

Full Text Available The article investigates the interaction of the forms of network integration and the development of complimentary production networks in terms of economic security. Currently, the most developed countries are occurring a transition from the industrial society to the information society. The industry 4.0 as the continuous communication at all levels and characterizes the production processes, in which technologies and devices interact automatically in the value-added chain. Under these new conditions, the former types of organizational structures of economic entities are not sufficiently effective. Therefore, there is a need to create new, modern types of organizational structures. One of these types is network structures. Currently, they are becoming characteristic features of the new economy. Regional economic security depends on internal and external threats, which lead to unstable situations. Regional crisis situations are influenced by both macroeconomic crisis processes and local features of economic and social development, as well as the resource potential, geographical location, national and other peculiarities. The article defines the specific characteristics of the regions of the Ural Federal District, as well as the current situation of the regional economy and threats to the region. The authors have evaluated the economic security of complimentary production networks at the regional level. This evaluation has revealed the interconnection between complimentary production networks and the construction industry in the national economy. We have defined the economic security of complimentary production networks and specified the concept of complimentary production networks. The research findings may be applied by organizations as a new perspective of industry using network forms related to economic security

Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

Directory of Open Access Journals (Sweden)

Erdal IRMAK

2017-12-01

Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

A survey of approaches combining safety and security for industrial control systems

International Nuclear Information System (INIS)

Kriaa, Siwar; Pietre-Cambacedes, Ludovic; Bouissou, Marc; Halgand, Yoran

2015-01-01

The migration towards digital control systems creates new security threats that can endanger the safety of industrial infrastructures. Addressing the convergence of safety and security concerns in this context, we provide a comprehensive survey of existing approaches to industrial facility design and risk assessment that consider both safety and security. We also provide a comparative analysis of the different approaches identified in the literature. - Highlights: • We raise awareness of safety and security convergence in numerical control systems. • We highlight safety and security interdependencies for modern industrial systems. • We give a survey of approaches combining safety and security engineering. • We discuss the potential of the approaches to model safety and security interactions

IAEA nuclear security program

Energy Technology Data Exchange (ETDEWEB)

Ek, D. [International Atomic Energy Agency, Vienna (Austria)

2006-07-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

IAEA nuclear security program

International Nuclear Information System (INIS)

Ek, D.

2006-01-01

Although nuclear security is a State responsibility, it is nevertheless an international concern, as the consequences of a nuclear security incident would have worldwide impact. These concerns have resulted in the development of numerous international instruments on nuclear security since the terrorist events in the USA on September 11, 2001. The IAEA Office of Nuclear Security has been charged to assist Member States to improvement their nuclear security and to meet the intent of these international obligations in order to ensure a cohesive thread of nuclear security protects the global community. The programs underway and planned by the Office of Nuclear Security will be discussed in this paper. (author)

On Business-Driven IT Security Management and Mismatches between Security Requirements in Firms, Industry Standards and Research Work

Science.gov (United States)

Frühwirth, Christian

Industry managers have long recognized the vital importance of information security for their businesses, but at the same time they perceived security as a technology-driven rather then a business-driven field. Today, this notion is changing and security management is shifting from technology- to business-oriented approaches. Whereas there is evidence of this shift in the literature, this paper argues that security standards and academic work have not yet taken it fully into account. We examine whether this disconnect has lead to a misalignment of IT security requirements in businesses versus industry standards and academic research. We conducted 13 interviews with practitioners from 9 different firms to investigate this question. The results present evidence for a significant gap between security requirements in industry standards and actually reported security vulnerabilities. We further find mismatches between the prioritization of security factors in businesses, standards and real-world threats. We conclude that security in companies serves the business need of protecting information availability to keep the business running at all times.

FINANCIAL SECURITY OF FOOD INDUSTRY ENTERPRISES IN POLAND

Directory of Open Access Journals (Sweden)

Anna Bieniasz

2016-06-01

Full Text Available The aim of the study was to evaluate the fi nancial security of food industry enterprises in Poland in 2009–2013, with particular emphasis on the processing industry of milk and cheese production, including those operating in the form of dairy cooperatives. The analysis was conducted using unpublished data of GUS, as well as individual fi nancial data on dairy cooperatives. The study indicates that the manufacturing sector of food and beverage production, as well as milk processing and cheese making, according to the established measures of fi nancial security, can be considered safe. This assessment, however, is varied and results from the specifi c industries, especially in relation to capital management.

Building an intelligence-led security program

CERN Document Server

Liska, Allan

2014-01-01

As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective. Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented inte

32 CFR 2400.45 - Information Security Program Review.

Science.gov (United States)

2010-07-01

... 32 National Defense 6 2010-07-01 2010-07-01 false Information Security Program Review. 2400.45... SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45 Information Security Program Review. (a) The Director, OSTP, shall require an annual formal review of the OSTP...

The security analyzer: A security analyzer program written in Prolog

International Nuclear Information System (INIS)

Zimmerman, B.D.; Densley, P.J.

1986-09-01

The Security Analyzer is a software tool capable of analyzing the effectiveness of a facility's security system. It is written in the Prolog logic programming computer language, using entity-relationship data modeling techniques. The program performs the following functions: (1) provides descriptive, locational and operational status information about intrusion detectors and assessment devices (i.e., ''sensors'' and ''cameras'') upon request; (2) provides for storage and retrieval of maintenance history information for various components of the security system (including intrusion detectors), and allows for changing that information as desired; (3) provides a ''search'' mode, wherein all paths are found from any specified physical location to another specified location which satisfy user chosen ''intruder detection'' probability and elapsed time criteria (i.e., the program finds the ''weakest paths'' from a security point of view). The first two of these functions can be provided fairly easily with a conventional database program; the third function could be provided using Fortran or some similar language, though with substantial difficulty. In the Security Analyzer program, all these functions are provided in a simple and straight-forward manner. This simplicity is possible because the program is written in the symbolic (as opposed to numeric) processing language Prolog, and because the knowledge base is structured according to entity-relationship modeling principles. Also, the use of Prolog and the entity-relationship modeling technique allows the capabilities of the Security analyzer program, both for knowledge base interrogation and for searching-type operations, to be easily expanded in ways that would be very difficult for a numeric and more algorithmically deterministic language such as Fortran to duplicate. 4 refs

Management of Ecological and Economic Security of Industrial Enterprises

Directory of Open Access Journals (Sweden)

Ivantsova Elena Anatolyevna

2014-11-01

Full Text Available The purpose of this study was the modeling of ecological and economic security of production processes in an industrial plant using methods of fuzzy logic. The subject of the research – methods of modeling systems of ecological and economic security of industrial enterprises, based on the adaptation of fuzzy set theory to solve this problem. In the research process the following scientific methods and techniques were applied: scientific abstraction, analysis, synthesis, methods of grouping, comparison, etc. Along with the traditional methods the authors used the tools for simulation modeling, fuzzy sets systems, computer simulation MatLab. The informational and empirical basis of the research was formed on the basis of the data of the Federal service of state statistics and its territorial subdivisions of the Ministry of economic development of the Russian Federation, e-resources of the Internet, the research by Russian and foreign scientists, experts’ assesments. The article presents the author’s method of ensuring ecological and economic security in the enterprise by means of fuzzy logic, based on the quantitative assessment of indicators of threats in MatLab and results of visualization of fuzzy-multiple modeling of ecological and economic security. The algorithm of calculation of the conditional environmental pressures on water resources and the atmosphere, allowed to determine the dependence between the cost of wastewater treatment and economic damage from pollution and to evaluate the effectiveness of various conservation programs, and to analyze their impact on environmental sustainability. The authors also develop complex fuzzy models and implemented their software in the MatLab Fuzzy Logic Toolbox, which allowed to obtain an integrated assessment of the state of the enterprise environmental safety and comparisons of the values of these threats based on assessment. The author presents the author’s methodology and the evaluation

76 FR 1521 - Security Zone: Fleet Industrial Supply Center Pier, San Diego, CA

Science.gov (United States)

2011-01-11

...-AA87 Security Zone: Fleet Industrial Supply Center Pier, San Diego, CA AGENCY: Coast Guard, DHS. ACTION... Diego, CA. The existing security zone is around the former Fleet Industrial Supply Center Pier. The security zone encompasses all navigable waters within 100 feet of the former Fleet Industrial Supply Center...

Improving industrial process control systems security

CERN Document Server

Epting, U; CERN. Geneva. TS Department

2004-01-01

System providers are today creating process control systems based on remote connectivity using internet technology, effectively exposing these systems to the same threats as corporate computers. It is becoming increasingly difficult and costly to patch/maintain the technical infrastructure monitoring and control systems to remove these vulnerabilities. A strategy including risk assessment, security policy issues, service level agreements between the IT department and the controls engineering groups must be defined. In addition an increased awareness of IT security in the controls system engineering domain is needed. As consequence of these new factors the control system architectures have to take into account security requirements, that often have an impact on both operational aspects as well as on the project and maintenance cost. Manufacturers of industrial control system equipment do however also propose progressively security related solutions that can be used for our active projects. The paper discusses ...

HITACHI security concept for industrial control systems

International Nuclear Information System (INIS)

Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

2012-01-01

Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

Cyber security in nuclear power plants and its portability to other industrial infrastructures

International Nuclear Information System (INIS)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl

2017-01-01

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

6 CFR 7.10 - Authority of the Chief Security Officer, Office of Security.

Science.gov (United States)

2010-01-01

...) Direct and administer DHS implementation and compliance with the National Industrial Security Program in... 6 Domestic Security 1 2010-01-01 2010-01-01 false Authority of the Chief Security Officer, Office of Security. 7.10 Section 7.10 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE...

The research on information security technology for the industrial control system of special equipment

International Nuclear Information System (INIS)

Chen Ligang; Liu Hongye; Zhang Wei; Sun Jianying; Lan Peng; Dai Sidan

2014-01-01

With the rapid development of information technology in enterprise application, industrial control network and management network is becoming more and more closely linked. Development and application of special equipment control system from the traditional industrial control system, not considered when designing communication security problem mainly, therefore, the industrial control system opened at the same time, isolation control system and the outside was weakened, the safety problems of industrial control system had become more and more serious. The practical application combined with the special equipment control system, analysis and elaboration in view of security problems for the control network, also, provide appropriate security solutions for professional characteristics of industrial control network, design on process control system specially, provide security partition protection scheme, in order to improve security ability of industrial control system information. (authors)

Cyber security in nuclear power plants and its portability to other industrial infrastructures

Energy Technology Data Exchange (ETDEWEB)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl [AREVA GmbH, Erlangen (Germany)

2017-06-15

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

Energy Technology Data Exchange (ETDEWEB)

Robert P. Evans

2005-09-01

Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

A tainted trade? Moral ambivalence and legitimation work in the private security industry.

Science.gov (United States)

Thumala, Angélica; Goold, Benjamin; Loader, Ian

2011-06-01

The private security industry is often represented - and typically represents itself - as an expanding business, confident of its place in the world and sure of its ability to meet a rising demand for security. But closer inspection of the ways in which industry players talk about its past, present and future suggests that this self-promotion is accompanied by unease about the industry's condition and legitimacy. In this paper, we analyse the self-understandings of those who sell security - as revealed in interviews conducted with key industry players and in a range of trade materials - in order to highlight and dissect the constitutive elements of this ambivalence. This analysis begins by describing the reputational problems that are currently thought to beset the industry and the underlying fears about its status and worth that these difficulties disclose. We then examine how security players seek to legitimate the industry using various narratives of professionalization. Four such narratives are identified - regulation, education, association and borrowing - each of which seeks to justify private security and enhance the industry's social worth. What is striking about these legitimation claims is that they tend not to justify the selling of security in market terms. In conclusion we ask why this is the case and argue that market justifications are 'closed-off' by a moral ambivalence that attaches to an industry trading in products which cannot guarantee to deliver the condition that its consumers crave. © London School of Economics and Political Science 2011.

Nuclear regulation. NRC's security clearance program can be strengthened

International Nuclear Information System (INIS)

Fultz, Keith O.; Kruslicky, Mary Ann; Bagnulo, John E.

1988-12-01

that this policy is waived for about 99 percent of new employees. Waivers have become routine because waiting for background investigation results would adversely affect hiring and recruiting, according to NRC staff. NRC policies do not require reinvestigation of the backgrounds of nearly 50 percent of its clearance holders. Therefore, NRC does not know whether circumstances in some employees' lifestyles have changed, making them security risks. NRC security staff cited financial reasons for not requiring reinvestigations for all other employees. Further, NRC does not have accurate clearance information, for example, data to determine when reinvestigations are needed to effectively manage its program. In addition, for over a decade, NRC has debated the need for regulations to ensure that nuclear power plant employees requiring unescorted access to power plants do not pose a threat of radiological sabotage. NRC still has not decided whether it will issue a regulation or endorse industry-developed guidelines

33 CFR 106.270 - Security measures for delivery of stores and industrial supplies.

Science.gov (United States)

2010-07-01

... stores and industrial supplies. (a) General. The OCS facility owner or operator must ensure that security...). These additional security measures may include: (1) Intensifying inspection of the stores or industrial... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for delivery of...

Advanced Industrial Materials Program

Science.gov (United States)

Stooksbury, F.

1994-06-01

The mission of the Advanced Industrial Materials (AIM) program is to commercialize new/improved materials and materials processing methods that will improve energy efficiency, productivity, and competitiveness. Program investigators in the DOE national laboratories are working with about 100 companies, including 15 partners in CRDA's. Work is being done on intermetallic alloys, ceramic composites, metal composites, polymers, engineered porous materials, and surface modification. The program supports other efforts in the Office of Industrial Technologies to assist the energy-consuming process industries. The aim of the AIM program is to bring materials from basic research to industrial application to strengthen the competitive position of US industry and save energy.

Resource industries and security issues in northern Alberta

Energy Technology Data Exchange (ETDEWEB)

Flanagan, T. [Calgary Univ., AB (Canada). Dept. of Political Science

2009-06-15

Public concern over global warming has led to many political attacks on the oil industry, particularly Alberta's tar sand industry. This document focused on security issues in northern Alberta and reviewed past incidences of security threats. The likelihood of sabotage to wells, pipelines, buildings, and other industry facilities was assessed. Five potential sources of opposition were identified, notably individual saboteurs, eco-terrorists, mainstream environmentalists, First Nations, and the Metis people. All except the Metis have at various times used some combination of litigation, blockades, boycotts, sabotage, and violence against economic development projects. This report stated that although such incidents will likely continue in the future, it is unlikely that extra-legal obstruction will become widespread unless these various groups cooperate with each other. Since these groups have different social characteristics and conflicting political interests, it is unlikely that such cooperation will occur. 34 refs.

Secure Execution of Distributed Session Programs

Directory of Open Access Journals (Sweden)

Nuno Alves

2011-10-01

Full Text Available The development of the SJ Framework for session-based distributed programming is part of recent and ongoing research into integrating session types and practical, real-world programming languages. SJ programs featuring session types (protocols are statically checked by the SJ compiler to verify the key property of communication safety, meaning that parties engaged in a session only communicate messages, including higher-order communications via session delegation, that are compatible with the message types expected by the recipient. This paper presents current work on security aspects of the SJ Framework. Firstly, we discuss our implementation experience from improving the SJ Runtime platform with security measures to protect and augment communication safety at runtime. We implement a transport component for secure session execution that uses a modified TLS connection with authentication based on the Secure Remote Password (SRP protocol. The key technical point is the delicate treatment of secure session delegation to counter a previous vulnerability. We find that the modular design of the SJ Runtime, based on the notion of an Abstract Transport for session communication, supports rapid extension to utilise additional transports whilst separating this concern from the application-level session programming task. In the second part of this abstract, we formally prove the target security properties by modelling the extended SJ delegation protocols in the pi-calculus.

12 CFR 568.3 - Security program.

Science.gov (United States)

2010-01-01

... opening and closing for business and for the safekeeping of all currency, negotiable securities, and... law enforcement officers; (iv) The cost of the security devices; (v) Other security measures in effect... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Security program. 568.3 Section 568.3 Banks and...

12 CFR 326.3 - Security program.

Science.gov (United States)

2010-01-01

... for opening and closing for business and for the safekeeping of all currency, negotiable securities... enforcement officers; (iv) The cost of the security devices; (v) Other security measures in effect at the... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Security program. 326.3 Section 326.3 Banks and...

Neoindustrialization as a factor in improving economic security of old-industrial regions

Directory of Open Access Journals (Sweden)

Ol’ga Aleksandrovna Romanova

2012-06-01

Full Text Available This paper proves that the paradigm of the world of the XXIcentury is neoindustrialization on the basis of alternativestrategic goals of the global economy associated with the formation of post-industrial society and financialization neoindustrialization. A systematic proposal for the driving forces and mechanisms for its implementation is suggested. It is shown that target-oriented approach can be successfully used at the regional level as a mechanism for economic neoindustrialization of an old-industrial region. Conceptual approach to developing comprehensive program of industrial development in the industrial region that implements the ideas of neoindustrialization in relation to industry of Sverdlovsk region is presented. It was found that the regional technology platform can be an effective tool for combining the interests of territorial and sectoral development. It is proved that the idea of neoindustrialization can be realized only as a result of wise industrial policy and road map formation for the movement to an entirely new high-tech based industrial development. In the process of forming, the problem of neoindustrialization of a «pure» market as a factor in increasing the economic security is actualized.

Implementing an Information Security Program

Energy Technology Data Exchange (ETDEWEB)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.; O' Neil, Lori Ross; Leitch, Rosalyn; Johnson, Christopher; Lewis, John G.; Rodger, Robert M.

2017-11-01

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to cover information security best practices, planning for an information security management system, and implementing security controls for information security.

76 FR 10262 - Information Security Program

Science.gov (United States)

2011-02-24

... FEDERAL MARITIME COMMISSION 46 CFR Part 503 [Docket No. 11-01] RIN 3072-AC40 Information Security... (FMC or Commission) amends its regulations relating to its Information Security Program to reflect the changes implemented by Executive Order 13526--Classified National Security Information--that took effect...

The process matters: cyber security in industrial control systems

NARCIS (Netherlands)

Hadziosmanovic, D.

2014-01-01

An industrial control system (ICS) is a computer system that controls industrial processes such as power plants, water and gas distribution, food production, etc. Since cyber-attacks on an ICS may have devastating consequences on human lives and safety in general, the security of ICS is important.

The strategic measures for the industrial security of small and medium business.

Science.gov (United States)

Lee, Chang-Moo

2014-01-01

The competitiveness of companies increasingly depends upon whether they possess the cutting-edge or core technology. The technology should be protected from industrial espionage or leakage. A special attention needs to be given to SMB (small and medium business), furthermore, because SMB occupies most of the companies but has serious problems in terms of industrial security. The technology leakages of SMB would account for more than 2/3 of total leakages during last five years. The purpose of this study is, therefore, to analyze the problems of SMB in terms of industrial security and suggest the strategic solutions for SMB in South Korea. The low security awareness and financial difficulties, however, make it difficult for SMB to build the effective security management system which would protect the company from industrial espionage and leakage of its technology. The growing dependence of SMB on network such as internet, in addition, puts the SMB at risk of leaking its technology through hacking or similar ways. It requires new measures to confront and control such a risk. Online security control services and technology deposit system are suggested for such measures.

The Strategic Measures for the Industrial Security of Small and Medium Business

Directory of Open Access Journals (Sweden)

Chang-Moo Lee

2014-01-01

Full Text Available The competitiveness of companies increasingly depends upon whether they possess the cutting-edge or core technology. The technology should be protected from industrial espionage or leakage. A special attention needs to be given to SMB (small and medium business, furthermore, because SMB occupies most of the companies but has serious problems in terms of industrial security. The technology leakages of SMB would account for more than 2/3 of total leakages during last five years. The purpose of this study is, therefore, to analyze the problems of SMB in terms of industrial security and suggest the strategic solutions for SMB in South Korea. The low security awareness and financial difficulties, however, make it difficult for SMB to build the effective security management system which would protect the company from industrial espionage and leakage of its technology. The growing dependence of SMB on network such as internet, in addition, puts the SMB at risk of leaking its technology through hacking or similar ways. It requires new measures to confront and control such a risk. Online security control services and technology deposit system are suggested for such measures.

An Analysis of China's Fertilizer Policies: Impacts on the Industry, Food Security, and the Environment.

Science.gov (United States)

Li, Yuxuan; Zhang, Weifeng; Ma, Lin; Huang, Gaoqiang; Oenema, Oene; Zhang, Fusuo; Dou, Zhengxia

2013-07-01

China has made remarkable strides in recent decades to grow enough food to feed 20% of the world's population with only 9% of the world's arable land. Meanwhile, the nation is experiencing exacerbated air and water pollution problems. Agricultural growth and the pollution aggravation are closely linked with policies affecting fertilizer production and use. Essentially nonexistent in 1950, China's fertilizer industry is now a robust conglomerate producing fertilizers in amounts that not only meet domestic demand but also contribute to international trade. The industry's growth stemmed from a series of policy progressions, featuring (i) a total control system with state ownership and central planning (1949-1984), (ii) a dual system of central planning and market adjustment (1985-1997), (iii) a market-driven system with government-mandated price caps (1998-2009), and (iv) a complete market-oriented system (since 2009). In conjunction with the policy changes were massive subsidy programs totaling more than $18 billion in 2010. The support policies and subsidies helped grow the industry and safeguard an adequate supply of fertilizers at affordable costs to farmers, but the artificially low-priced fertilizers also contributed to a nationwide trend of fertilizer overuse, leading to nutrient pollution. China needs innovative policies and programs to address food security and sustainability challenges. In this study, we review and analyze policies and programs related to China's fertilizer production and use in a 60-yr span (1950-2010) and discuss its impact on the development of the industry, food security, and pressing environmental issues. Finally, our study analyzes long-term trends in fertilizer use in China and offers some key viewpoints to stimulate debates among all stakeholders. Copyright © by the American Society of Agronomy, Crop Science Society of America, and Soil Science Society of America, Inc.

7 CFR 772.7 - Leasing minor program loan security.

Science.gov (United States)

2010-01-01

... 7 Agriculture 7 2010-01-01 2010-01-01 false Leasing minor program loan security. 772.7 Section 772..., DEPARTMENT OF AGRICULTURE SPECIAL PROGRAMS SERVICING MINOR PROGRAM LOANS § 772.7 Leasing minor program loan security. (a) Eligibility. The Agency may consent to the borrower leasing all or a portion of security...

On BAN logics for industrial security protocols

NARCIS (Netherlands)

Agray, N.; Hoek, van der W.; Vink, de E.P.; Dunin-Keplicz, B.; Nawarecki, E.

2002-01-01

This paper reports on two case-studies of applying BAN logic to industrial strength security protocols. These studies demonstrate the flexibility of the BAN language, as it caters for the addition of appropriate constructs and rules. We argue that, although a semantical foundation of the formalism

IAEA Nuclear Security Human Resource Development Program

International Nuclear Information System (INIS)

Braunegger-Guelich, A.

2009-01-01

The IAEA is at the forefront of international efforts to strengthen the world's nuclear security framework. The current Nuclear Security Plan for 2006-2009 was approved by the IAEA Board of Governors in September 2005. This Plan has three main points of focus: needs assessment, prevention, detection and response. Its overall objective is to achieve improved worldwide security of nuclear and other radioactive material in use, storage and transport, and of their associated facilities. This will be achieved, in particular, through the provision of guidelines and recommendations, human resource development, nuclear security advisory services and assistance for the implementation of the framework in States, upon request. The presentation provides an overview of the IAEA nuclear security human resource development program that is divided into two parts: training and education. Whereas the training program focuses on filling gaps between the actual performance of personnel working in the area of nuclear security and the required competencies and skills needed to meet the international requirements and recommendations described in UN and IAEA documents relating to nuclear security, the Educational Program in Nuclear Security aims at developing nuclear security experts and specialists, at fostering a nuclear security culture and at establishing in this way sustainable knowledge in this field within a State. The presentation also elaborates on the nuclear security computer based learning component and provides insights into the use of human resource development as a tool in achieving the IAEA's long term goal of improving sustainable nuclear security in States. (author)

Secure Dynamic Program Repartitioning

DEFF Research Database (Denmark)

Hansen, Rene Rydhoff; Probst, Christian

2005-01-01

Secure program partitioning has been introduced as a language-based technique to allow the distribution of data and computation across mutualy untrusted hosts, while at the same time guaranteeing the protection of confidential data. Programs that have been annotated with security types......, but the partitioning compiler becomes a part of the network and can recompile applications, thus alowing hosts to enter or leave the framework. We contend that this setting is superior to static partitioning, since it allows redistribution of data and computations. This is especialy beneficial if the new host alows...... data and computations to better fulfil the trust requirements of the users. Erasure Policies ensure that the original host of the redistributed data or computation does not store the data any longer....

Security risk assessment and protection in the chemical and process industry

OpenAIRE

Reniers, Genserik; van Lerberghe, Paul; van Gulijk, Coen

2014-01-01

This article describes a security risk assessment and protection methodology that was developed for use in the chemical- and process industry in Belgium. The approach of the method follows a risk-based approach that follows desing principles for chemical safety. That approach is beneficial for workers in the chemical industry because they recognize the steps in this model from familiar safety models .The model combines the rings-of-protection approach with generic security practices including...

The Office of Safeguards and Security Nonproliferation Support Program

International Nuclear Information System (INIS)

Desmond, W.J.

1996-01-01

The Nonproliferation Support Program was established in the Department of Energy, Office of Safeguards and Security on october 1, 1995. its mission includes providing assistance to Departmental efforts for improved international material protection, control and accounting programs by coordinating and leveraging domestic safeguards and security policy, practice and experience into the international arena. A major objective of the program is to balance US national security requirements with global support of the nonproliferation objectives. This paper describes the organization of the Office of Safeguards and Security and the Nonproliferation Support Program role and responsibility, and presents some of the current areas of program emphasis and activity

The DOE safeguards and security technology development program

International Nuclear Information System (INIS)

Cherry, R.C.; Wheelock, A.J.

1991-01-01

This paper reports that strategic planning for safeguards and security within the Department of Energy emphasizes the contributions of advanced technologies to the achievement of Departmental protection program goals. The Safeguards and Security Technology Development Program provides state-of-the-art technologies, systems and technical services in support of the policies and programmatic requirements for the protection of Departmental assets. The Program encompasses research and development in physical security, nuclear material control and accountability, information security and personnel security, and the integration of these disciplines in advanced applications. Technology development tasks serve goals that range from the maintenance of an effective technology base to the development, testing and evaluation of applications to meet field needs. A variety of factors, from the evolving threat to reconfiguration of the DOE complex and the technical requirements of new facilities, are expected to influence safeguards and security technology requirements and development efforts. Implementation of the Program is based on the systematic identification, prioritization and alignment of technology development tasks and needs. Initiatives currently underway are aimed at enhancing technology development project management. Increased management attention is also being placed on efforts to promote the benefits of the Program through technology transfer and interagency liaison

Payment card industry data security standard : readiness project

OpenAIRE

Βεργέτης, Μιχαήλ

2015-01-01

This paper is my thesis as part of my studies at the Department of Informatics, at University of Piraeus for the Postgraduate Programme in “Techno-economic Management & Security of Digital Systems”. Scope of this paper is to introduce to the reader with the basics of PCI DSS and to guide and provide any sort of assistance to organizations willing to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS). As for its practical section, a PCI DSS readiness project has...

49 CFR 1552.23 - Security awareness training programs.

Science.gov (United States)

2010-10-01

... employee to identify— (i) Uniforms and other identification, if any are required at the flight school, for... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY FLIGHT SCHOOLS Flight School Security Awareness Training § 1552.23 Security awareness training programs. (a) General. A flight...

Nuclear Security Education Program at the Pennsylvania State University

International Nuclear Information System (INIS)

Uenlue, Kenan; Jovanovic, Igor

2015-01-01

The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

Nuclear Security Education Program at the Pennsylvania State University

Energy Technology Data Exchange (ETDEWEB)

Uenlue, Kenan [The Pennsylvania State University, Radiation Science and Engineering Center, University Park, PA 16802-2304 (United States); The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States); Jovanovic, Igor [The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304 (United States)

2015-07-01

The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basis of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale

Evaluation Report on The Department's Unclassified Cyber Security Program - 2009

International Nuclear Information System (INIS)

Anon

2009-01-01

Industry experts report that security challenges and threats are continually evolving as malicious activity has become more web-based and attackers are able to rapidly adapt their attack methods. In addition, the number of data breaches continues to rise. In an effort to mitigate and address threats and protect valuable information, the Department of Energy anticipated spending about $275 million in Fiscal Year (FY) 2009 to implement cyber security measures necessary to protect its information technology resources. These systems and data are designed to support the Department's mission and business lines of energy security, nuclear security, scientific discovery and innovation, and environmental responsibility. The Federal Information Security Management Act of 2002 (FISMA) provides direction to agencies on the management and oversight of information security risks, including design and implementation of controls to protect Federal information and systems. As required by FISMA, the Office of Inspector General conducts an annual independent evaluation to determine whether the Department's unclassified cyber security program adequately protects its information systems and data. This memorandum and the attached report present the results of our evaluation for FY 2009. The Department continued to make incremental improvements in its unclassified cyber security program. Our evaluation disclosed that most sites had taken action to address weaknesses previously identified in our FY 2008 evaluation report. They improved certification and accreditation of systems; strengthened configuration management of networks and systems; performed independent assessments; and, developed and/or refined certain policies and procedures. In addition, the Department instituted a centralized incident response organization designed to eliminate duplicative efforts throughout the Department. As we have noted in previous reports, the Department continued to maintain strong network perimeter

Managing Security Risks in an Industrial Investment – Analysis Directions

Directory of Open Access Journals (Sweden)

Stefan Dragomir

2016-05-01

Full Text Available This paper achieved an analysis of some important management strategies for an investment, in correlation with index of global pollution. Environmental security assessment shall be determined taking into account the workplace security and effects on health, safety of workers in an industry investment. It is necessary to observe and collect a larger number of data generated by the development of an industrial process, so as to make a deep analysis on global pollution index and how it is affected industrial investment environment. This research shows how can the substances that infest the environment to produce much damage and influence the environmental factors (air, water, soil, landscape, fauna and flora. When we know the risks that characterize the plant equipment, we can protect the life and we can protect the environment for a sustainable development in the future.

Information security of industrial control systems: possible attack vectors and protection methods

Directory of Open Access Journals (Sweden)

Ignatiy A. Grachkov

2018-03-01

obtaining unauthorized access to industrial control systems using the Shodan search engine is described and recommendations how to ensure information security of the industrial control system are given.

Implementing the Payment Card Industry (PCI Data Security Standard (DSS

Directory of Open Access Journals (Sweden)

John O' Raw

2011-08-01

Full Text Available Underpinned by the rise in online criminality, the payment card industry (PCI data security standards (DSS were introduced which outlines a subset of the core principals and requirements that must be followed, including precautions relating to the software that processes credit card data. The necessity to implement these requirements in existing software applications can present software owners and developers with a range of issues. We present here a generic solution to the sensitive issue of PCI compliance where aspect orientated programming (AOP can be applied to meet the requirement of masking the primary account number (PAN. Our architecture allows a definite amount of code to be added which intercepts all the methods specified in the aspect, regardless of future additions to the system thus reducing the amount of work required to the maintain aspect. We believe that the concepts here will provide an insight into how to approach the PCI requirements to undertake the task. The software artefact should also serve as a guide to developers attempting to implement new applications, where security and design are fundamental elements that should be considered through each phase of the software development lifecycle and not as an afterthought.

76 FR 46907 - Ammonium Nitrate Security Program

Science.gov (United States)

2011-08-03

... Maritime Transportation Security Act NAICS North American Industrial Classification System NPRM Notice of.... Commenters noted, for example, that equipment used for transporting bulk ammonium nitrate, such as hoppers...

From patronage to partnership: Toward a new industrial policy for the fusion program

International Nuclear Information System (INIS)

Miller, B.

1992-01-01

The genesis of the overall assessment can be found in a February 1992 letter to the Department's Director of Research from the Fusion Energy Advisory Committee (FEAC) which suggested that the current level of industrial involvement in the fusion program is less than that needed to keep it actively involved for the long term. Specifically, FEAC recommended that open-quotes[in order] to provide U.S. industry with knowledge of fusion requirements and to secure the maximum benefit from industrial involvement, DOE should develop a plan that deliberately includes a broader and more integral industrial participation in the fusion program.close quotes This is another way of expressing the generally felt concern that after 30 years of waiting for some signal of a national commitment to the program, industry interest in it is flagging. Consider the following evidence. There is not significant investor-owner or public utility interest in the program at this time. The Electric Power Research Institute (EPRI), which once was committed to the idea of fusion as the long-term solution to our energy needs, now sees it playing no part in meeting the nation's long-term electrical energy demand. In its most recent annual report, it makes no mention of fusion as a future utility option, effectively consigning it to the role of perennial bridesmaid. Things are little better on the vendor side of industry that has provided the bulk of all industrial involvement in the program. In the final analysis they are profit making entities and must pay attention to the bottom-line of even their speculative research and development efforts or eventually abandon them. In short, there is no operative government policy on industrial involvement in the fusion program, only an unwritten guideline that industry growth will follow growth in the laboratory or core programs in good times and industry contraction will precede core contraction in bad times

33 CFR 165.1121 - Security Zone: Fleet Supply Center Industrial Pier, San Diego, CA.

Science.gov (United States)

2010-07-01

... Guard District § 165.1121 Security Zone: Fleet Supply Center Industrial Pier, San Diego, CA. (a... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security Zone: Fleet Supply Center Industrial Pier, San Diego, CA. 165.1121 Section 165.1121 Navigation and Navigable Waters COAST...

TRANSPETRO gas security of supply program; Programa de confiabilidade de suprimento de gas natural da TRANSPETRO

Energy Technology Data Exchange (ETDEWEB)

Faertes, Denise [PETROBRAS Transporte S.A. (TRANSPETRO), Rio de Janeiro, RJ (Brazil)

2005-07-01

The purpose of this paper is to present the Gas Security of Supply Program that is being implemented at TRANSPETRO since 2002. It includes the application of the state of the art techniques and models related to reliability engineering. The main objective of the program is to evaluate and optimize overall gas network performance and to provide gas to different consumers (industrial, residential, thermo-plants and vehicles) in compliance with stated reliability levels. Heavy fines will be applied to PETROBRAS in case of occurrence of shortfalls. We hope that this paper can contribute to a wider discussion about this subject of performance indicators involving security of supply, safety and environment preservation. (author)

48 CFR 52.204-2 - Security Requirements.

Science.gov (United States)

2010-10-01

... Agreement (DD Form 441), including the National Industrial Security Program Operating Manual (DOD 5220.22-M... 48 Federal Acquisition Regulations System 2 2010-10-01 2010-10-01 false Security Requirements. 52....204-2 Security Requirements. As prescribed in 4.404(a), insert the following clauses: Security...

Cyber security. Compliance to the new CSA 290.7 standard

Energy Technology Data Exchange (ETDEWEB)

Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D. [Canadian Nuclear Laboratories, Chalk River, Ontario (Canada)

2015-12-15

Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self- assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities', released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

Cyber security - compliance to the new CSA 290.7 standard

Energy Technology Data Exchange (ETDEWEB)

Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D., E-mail: Matthew.Daley@cnl.ca [Canadian Nuclear Laboratories, Chalk River, ON, (Canada)

2015-07-01

Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self-assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities' [1], released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

Cyber security. Compliance to the new CSA 290.7 standard

International Nuclear Information System (INIS)

Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D.

2015-01-01

Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self- assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities', released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

Cyber security - compliance to the new CSA 290.7 standard

International Nuclear Information System (INIS)

Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D.

2015-01-01

Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self-assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities' [1], released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

The North West cyber security industry : export potential assessment

OpenAIRE

Prince, Daniel David Campbell; Fitton, Oliver James

2016-01-01

Cyber Security businesses in the North West of England form an industry which is growing. This study has taken an in depth analysis of the industry to determine its size, make up and readiness to export and is the first of its kind classifying business within the framework identified by the UKTI cyber export strategy. This report presents the findings of the research undertaken independently by Lancaster University commissioned by the UKTI.

On sustainable development of uranium mining industry in China based on the concept of ecological security

International Nuclear Information System (INIS)

Wu Shali; Tai Kaixuan

2011-01-01

Ecological security is an important issue for sustainable development of mining industry, on which the development of nuclear industry and nuclear power is based. But uranium mining and processing has larger effect on ecological environment which mainly include tailings, waste rock, waste water, and radiation effects. In this paper, the dialectical relationship between ecological security and sustainable relationship is analyzed, the ecological safety concept at home and abroad is compared and the role that ecological safety plays in the sustainable development of uranium mining based on analysis of restricting factors on uranium mining in China from the perspective of ecological security is also probed into. To achieve sustainable development of the uranium mining industry in China, an ecological security concept from four aspects must be established: 1) the concept of ecological security management; 2) the scientific concept of ecological security; 3) the concept of ecological security investment; and 4) the concept of ecological security responsibility. (authors)

Blockchains as security-enabler for industrial IoT-applications

Directory of Open Access Journals (Sweden)

Volker Skwarek

2017-12-01

Full Text Available Purpose - This paper aims to describe a method for Internet-of-Things-devices to achieve industrial grade reliability for information transfer from wireless sensor systems to production systems using blockchain technologies. Design/methodology/approach - An increased security and reliability of submitted data within the sensor network could be achieved on an application level. Therefore, a lightweight, high-level communication protocol based on blockchain principles was designed. Findings - Blockchain mechanisms can secure the wireless communication of Internet-of-Things-devices in a lightweight and scalable manner. Originality/value - The innovation of this research is the successful application of general blockchain mechanisms to increase security of a wireless sensor system without binding to a dedicated blockchain technology.

Resilience of chemical industrial areas through attenuation-based security

International Nuclear Information System (INIS)

Reniers, G.L.L.; Sörensen, K.; Khan, F.; Amyotte, P.

2014-01-01

This paper investigates the possibility of attenuation-based security within chemical industrial areas. Representing chemical industrial areas as mathematical networks, we prove by case-study that the resilience to disaster of such areas may follow a power-law distribution. Furthermore, we examine what happens to the network when highly hazardous installations would be intelligently protected against malicious acts: the network disintegrates into separate smaller networks. Hence, islands are formed with no escalation danger in between. We conclude that it is possible to protect chemical industrial areas in such a way that they are more resilient against terrorism

Department of Energy security program needs effective information systems

International Nuclear Information System (INIS)

1991-10-01

Although security is an important, nearly billion-dollar-a-year function in the Department of Energy (DOE), key information systems that hold important data about security weaknesses and incidents have limited analytical capabilities and contain unreliable information. The resultant difficulty in identifying patterns and trends reduces managers' ability to ensure the effectiveness of the security program. Resources are also wasted because DOE has deployed incompatible systems that are unable to electronically share or transfer data, often forcing employees to manually re-enter data that are already stored in computers elsewhere. Finally, continuing data problems with other important security information systems, such as those used to track security clearances and classified documents, indicate that information system deficiencies are extensive. A major reason for these problems is that DOE has not done a comprehensive, strategic assessment of its information and information technology needs of the security program. DOE's efforts are fragmented because it has not assigned to any organization the leadership responsibility to determine security information needs and to plan and manage security information resources Department-wide. This paper reports that a number of changes are needed to correct these problems and take advantage of information technology to help strengthen the security program

Industrial Assessment Center Program Impact Evaluation

Energy Technology Data Exchange (ETDEWEB)

Martin, M.A.

2000-01-26

This report presents the results of an evaluation of the U.S. Department of Energy's Industrial Assessment Center (IAC) Program. The purpose of this program is to conduct energy, waste, and productivity assessments for small to medium-sized industrial firms. Assessments are conducted by 30 university-based industrial assessment centers. The purpose of this project was to evaluate energy and cost savings attributable to the assessments, the trained alumni, and the Websites sponsored by this program. How IAC assessments, alumni, and Web-based information may influence industrial energy efficiency decision making was also studied. It is concluded that appreciable energy and cost savings may be attributed to the IAC Program and that the IAC Program has resulted in more active and improved energy-efficiency decision making by industrial firms.

Do You Take Credit Cards? Security and Compliance for the Credit Card Payment Industry

Science.gov (United States)

Willey, Lorrie; White, Barbara Jo

2013-01-01

Security is a significant concern in business and in information systems (IS) education from both a technological and a strategic standpoint. Students can benefit from the study of information systems security when security concepts are introduced in the context of real-world industry standards. The development of a data security standard for…

IT Security Management Implementation Model in Iranian Bank Industry

Directory of Open Access Journals (Sweden)

Mona Vanaki

2017-06-01

Full Text Available According to the complexity and differences between Iranian banks and other developed countries the appropriate actions to implement effective security management of information technology have not been taken. The aim of this study was to create a powerful model by selecting the appropriate security controls to protect information assets in the bank. In this model, at first the principle set fort in ISO standard 27001, was extracted and then by further studies derived from best practices carried out in the world on the related subject from 2008 to 2016 using a qualitative descriptive method, points comply with information security management in the banking industry were added to it. With the study of Iranian banks in dealing with IT security management system and with help of action research tools, provisions which prevent the actual implementation of this standard was removed and finally a conceptual model with operating instructions and considering all the principles of information security management standard, as well as banking institutions focusing on the characteristics of Iran was proposed.

Hardware-Assisted System for Program Execution Security of SOC

Directory of Open Access Journals (Sweden)

Wang Xiang

2016-01-01

Full Text Available With the rapid development of embedded systems, the systems’ security has become more and more important. Most embedded systems are at the risk of series of software attacks, such as buffer overflow attack, Trojan virus. In addition, with the rapid growth in the number of embedded systems and wide application, followed embedded hardware attacks are also increasing. This paper presents a new hardware assisted security mechanism to protect the program’s code and data, monitoring its normal execution. The mechanism mainly monitors three types of information: the start/end address of the program of basic blocks; the lightweight hash value in basic blocks and address of the next basic block. These parameters are extracted through additional tools running on PC. The information will be stored in the security module. During normal program execution, the security module is designed to compare the real-time state of program with the information in the security module. If abnormal, it will trigger the appropriate security response, suspend the program and jump to the specified location. The module has been tested and validated on the SOPC with OR1200 processor. The experimental analysis shows that the proposed mechanism can defence a wide range of common software and physical attacks with low performance penalties and minimal overheads.

A flexible framework for secure and efficient program obfuscation.

Energy Technology Data Exchange (ETDEWEB)

Solis, John Hector

2013-03-01

In this paper, we present a modular framework for constructing a secure and efficient program obfuscation scheme. Our approach, inspired by the obfuscation with respect to oracle machines model of [4], retains an interactive online protocol with an oracle, but relaxes the original computational and storage restrictions. We argue this is reasonable given the computational resources of modern personal devices. Furthermore, we relax the information-theoretic security requirement for computational security to utilize established cryptographic primitives. With this additional flexibility we are free to explore different cryptographic buildingblocks. Our approach combines authenticated encryption with private information retrieval to construct a secure program obfuscation framework. We give a formal specification of our framework, based on desired functionality and security properties, and provide an example instantiation. In particular, we implement AES in Galois/Counter Mode for authenticated encryption and the Gentry-Ramzan [13]constant communication-rate private information retrieval scheme. We present our implementation results and show that non-trivial sized programs can be realized, but scalability is quickly limited by computational overhead. Finally, we include a discussion on security considerations when instantiating specific modules.

Cyber security evaluation of II&C technologies

Energy Technology Data Exchange (ETDEWEB)

Thomas, Ken [Idaho National Laboratory (INL), Idaho Falls, ID (United States)

2014-11-01

The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a

75 FR 15440 - Guidance for Industry on Standards for Securing the Drug Supply Chain-Standardized Numerical...

Science.gov (United States)

2010-03-29

...] Guidance for Industry on Standards for Securing the Drug Supply Chain--Standardized Numerical... industry entitled ``Standards for Securing the Drug Supply Chain-Standardized Numerical Identification for... the Drug Supply Chain-Standardized Numerical Identification for Prescription Drug Packages.'' In the...

Global Security Program Management Plan

Energy Technology Data Exchange (ETDEWEB)

Bretzke, John C. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2014-03-25

The Global Security Directorate mission is to protect against proliferant and unconventional nuclear threats –regardless of origin - and emerging new threats. This mission is accomplished as the Los Alamos National Laboratory staff completes projects for our numerous sponsors. The purpose of this Program Management Plan is to establish and clearly describe the GS program management requirements including instructions that are essential for the successful management of projects in accordance with our sponsor requirements. The detailed information provided in this document applies to all LANL staff and their subcontractors that are performing GS portfolio work. GS management is committed to a culture that ensures effective planning, execution, and achievement of measurable results in accordance with the GS mission. Outcomes of such a culture result in better communication, delegated authority, accountability, and increased emphasis on safely and securely achieving GS objectives.

NNSA Laboratory Directed Research and Development Program 2008 Symposium--Focus on Energy Security

Energy Technology Data Exchange (ETDEWEB)

Kotta, P R; Sketchley, J A

2008-08-20

The Laboratory Directed Research and Development (LDRD) Program was authorized by Congress in 1991 to fund leading-edge research and development central to the national laboratories core missions. LDRD anticipates and engages in projects on the forefront of science and engineering at the Department of Energy (DOE) national laboratories, and has a long history of addressing pressing national security needs at the National Nuclear Security Administration (NNSA) laboratories. LDRD has been a scientific success story, where projects continue to win national recognition for excellence through prestigious awards, papers published and cited in peer-reviewed journals, mainstream media coverage, and patents granted. The LDRD Program is also a powerful means to attract and retain top researchers from around the world, to foster collaborations with other prominent scientific and technological institutions, and to leverage some of the world's most technologically advanced assets. This enables the LDRD Program to invest in high-risk and potentially high-payoff research that creates innovative technical solutions for some of our nation's most difficult challenges. Worldwide energy demand is growing at an alarming rate, as developing nations continue to expand their industrial and economic base on the back of limited global resources. The resulting international conflicts and environmental consequences pose serious challenges not only to this nation, but to the international community as well. The NNSA and its national security laboratories have been increasingly called upon to devote their scientific and technological capabilities to help address issues that are not limited solely to the historic nuclear weapons core mission, but are more expansive and encompass a spectrum of national security missions, including energy security. This year's symposium highlights some of the exciting areas of research in alternative fuels and technology, nuclear power, carbon

The Comprehensive Approach to Assessing the Economic Security of the Industry Sector in Conditions of Globalization

Directory of Open Access Journals (Sweden)

Denysov Oleg Ye.

2018-01-01

Full Text Available The author carries out an empirical study of the level of economic security of the chemical industry sector of Ukraine in the direction of «production of polyvinyl chlorides». For this purpose the integral index of economic security has been calculated according to the model of functional-component blocks of economic security of sector, developed by the author. Application of this model allowed to research the algorithm of action of the model on the factual basis and to analyze the obtained indicators. This, in turn, made possible to draw a conclusion about the constructiveness and expediency of application of the model of basic functional-component blocks for calculating the level of economic security of the industry sector. With the help of this approach, with application of the complex, system-structural, dynamic and functional approaches, the level of economic security has been defined and the process of monitoring the status and level of economic security of the industry sector has been ensured.

Insights on the Security and Dependability of Industrial Control Systems

NARCIS (Netherlands)

Kargl, Frank; van der Heijden, R.; van der Heijden, Rens W.; König, Hartmut; Valdes, Alfonso; Dacier, Marc C.

2014-01-01

The authors discuss the findings of a recent research seminar on the security and dependability of industrial control systems and provide an overview of major challenges in the field and areas where current research should focus.

Innovation in small and mediumsized firms in the security service industry

DEFF Research Database (Denmark)

Langergaard, Luise Li; Møller, Jørn Kjølseth; Hansen, Anne Vorre

2014-01-01

This article is a study of innovation in the security sector based on an analysis of three Danish security companies. It uncovers the logics and dynamics of innovation in the security business, which is part of the operational service sector. Operational service companies are forced to choose...... activities. In order to overcome this general ‘service squeeze’ and break with a mature market, security companies use different strategies for innovation. These strategies depend on the ability of the individual security companies to activate the innovative resources among employees in order to move...... the business activities further up in the market hierarchy of security services by offering more complex and knowledge-intensive solutions to the customers, thereby reducing price competition and increasing the profits of the business activity in the same way as known from other industries...

78 FR 59706 - Secure Supply Chain Pilot Program; Correction

Science.gov (United States)

2013-09-27

...] Secure Supply Chain Pilot Program; Correction AGENCY: Food and Drug Administration, HHS. ACTION: Notice... Federal Register of August 20, 2013 (78 FR 51192). The document announced the start of the Secure Supply Chain Pilot Program (SSCPP). The document was published with an incorrect email address for the SSCPP...

Software To Secure Distributed Propulsion Simulations

Science.gov (United States)

Blaser, Tammy M.

2003-01-01

Distributed-object computing systems are presented with many security threats, including network eavesdropping, message tampering, and communications middleware masquerading. NASA Glenn Research Center, and its industry partners, has taken an active role in mitigating the security threats associated with developing and operating their proprietary aerospace propulsion simulations. In particular, they are developing a collaborative Common Object Request Broker Architecture (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines

Basic legal provisions concerning the activities of industrial security personnel

International Nuclear Information System (INIS)

Eberstein, H.H.

1980-01-01

The author confines himself to sabotage and espionage. Necessary counter-measures are determined by the respective type of activities. Sect. 618 of the German Civil Code and Sect. 120 a of the Industrial Code give basic legal provisions for the protection of industrial personnel. The legal position held by owner or occupant forms the legal basis for 'vulnerable point protection'. The owner's rights are assigned to the industrial police and are exercised in correspondence with the service or employment contract set up according to Sect. 611 and the following sections of the German Civil Code. Outside guards work according to the performance contract given int the Sections 675, 611, 631 of the German Civil Code. The security personnel has the common right of self-help: self-defence, civil rights concerning the state of national emergency and self-defence under criminal law, rights derived from ownership and property. The author critically argues views held by Mr. Hoffmann-Riem who thinks that police powers have been assigned to private persons. He definitely answers in the negative to the execution of, or encroachment on, sovereign (police) powers by industrial security personnel. A special legal regulation is not necessary, since private protection in form of professional selfdefence is admissible under the law in force. (HSCH) [de

Safety and security of radioactive sources in industrial radiography in Bangladesh

Energy Technology Data Exchange (ETDEWEB)

Mollah, A. S.; Nazrul, M. Abdullah [Industrial Inspection Service Limited, Dhaka (Bangladesh)

2013-07-01

Malicious use of radioactive sources can involve dispersal of that material through an explosive device. There has been recognition of the threat posed by the potential malicious misuse of NDT radioactive source by terrorists. The dispersal of radioactive material using conventional explosives, referred to as a 'dirty bomb', could create considerable panic, disruption and area access denial in an urban environment. However, as it is still a relatively new topic among regulators, users, and transport and storage operators worldwide, international assistance and cooperation in developing the necessary regulatory and security infrastructure is required. The most important action in reducing the risk of radiological terrorism is to increase the security of radioactive sources. This paper presents safety and security considerations for the transport and site storage of the industrial radiography sources as per national regulations entitled 'Nuclear Safety and Radiation Control Rules-1997'.The main emphasis was put on the stages of some safety and security actions in order to prevent theft, sabotage or other malicious acts during the transport of the packages. As a conclusion it must be mentioned that both safety and security considerations are very important aspects that must be taking in account for the transport and site storage of radioactive sources used in the practice of industrial radiography. (authors)

Safety and security of radioactive sources in industrial radiography in Bangladesh

International Nuclear Information System (INIS)

Mollah, A. S.; Nazrul, M. Abdullah

2013-01-01

Malicious use of radioactive sources can involve dispersal of that material through an explosive device. There has been recognition of the threat posed by the potential malicious misuse of NDT radioactive source by terrorists. The dispersal of radioactive material using conventional explosives, referred to as a 'dirty bomb', could create considerable panic, disruption and area access denial in an urban environment. However, as it is still a relatively new topic among regulators, users, and transport and storage operators worldwide, international assistance and cooperation in developing the necessary regulatory and security infrastructure is required. The most important action in reducing the risk of radiological terrorism is to increase the security of radioactive sources. This paper presents safety and security considerations for the transport and site storage of the industrial radiography sources as per national regulations entitled 'Nuclear Safety and Radiation Control Rules-1997'.The main emphasis was put on the stages of some safety and security actions in order to prevent theft, sabotage or other malicious acts during the transport of the packages. As a conclusion it must be mentioned that both safety and security considerations are very important aspects that must be taking in account for the transport and site storage of radioactive sources used in the practice of industrial radiography. (authors)

Use of computer programs to evaluate effectiveness of security systems

International Nuclear Information System (INIS)

Harris, L. Jr.; Goldman, L.A.; Mc Daniel, T.L.

1987-01-01

Thirty or more computer programs for security vulnerability analysis were developed from 1975 through 1980. Most of these programs are intended for evaluating security system effectiveness against outsider threats, but at least six programs are primarily oriented to insider threats. Some strengths and weaknesses of these programs are described. Six of these programs, four for outsider threats and two for insider threats, have been revised and adapted for use with IBM personal computers. The vulnerability analysis process is discussed with emphasis on data collection. The difference between design data and operational data is described. For performance-type operational data, such as detection probabilities and barrier delay times, the difference between unstressed and stressed performance data is discussed. Stressed performance data correspond to situations where an adversary attempts to weaken a security system by mitigating certain security measures. Suggestions are made on the combined use of manual analysis and computer analysis

Review on Cyber Security Programs for NPP Application

Energy Technology Data Exchange (ETDEWEB)

Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

2010-10-15

Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

Review on Cyber Security Programs for NPP Application

International Nuclear Information System (INIS)

Oh, Eung Se

2010-01-01

Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

A Study on Industrial Security Experts Demanding Forecasting in Intelligent Sensor Network

OpenAIRE

Hyungwook Yang; Hyeri Kim; Hangbae Chang

2015-01-01

There have been efforts made to come up with a solution through advancement based on developing technological solution. However, it has come to the point where various forms of the leakage centering on people that are the subject of core asset leakage cannot be solved through technological method. At present time in which the limitation of information security that seeks technological security has been clearly revealed, there is an increasing interest in industrial security for establishing c...

75 FR 17305 - National Industrial Security Program Directive No. 1

Science.gov (United States)

2010-04-06

... Top Secret; Communications Security, except classified keys used for data transfer; Restricted Data... clearance under an SSA to Top Secret unless an approved NID covering the prospective Top Secret access has...

No nation is home alone: understanding the international dimension of homeland security through global transportation security programs

OpenAIRE

Tarpey, Dominique

2016-01-01

Approved for public release; distribution is unlimited Terrorist actors focus on the global transportation system to introduce threats and target attacks. As the lead department for securing the transportation system into the United States, the Department of Homeland Security (DHS) works both domestically and internationally to implement programs and foreign assistance activities to secure the global transportation network. This thesis examines DHS’ international role by analyzing programs...

Joint Logistics Commanders Guide for the Management of Multinational Program,

Science.gov (United States)

1981-07-01

purchase of the A-300 Airbus and the 1977 record-breaking export performance of the French and UK aerospace industries of around $5 billion and $2 billion...DIS. They are the Defense Industrial Security Clearance Office ( DISCO ), the Defense Industrial Security Institute (DISI), and the Office of Industrial...Security International (ISI). Defense Industrial Security Clearance Office ( DISCO ) The Defense Industrial Security Program (DISP) establishes pro

Security Measures in Automated Assessment System for Programming Courses

Directory of Open Access Journals (Sweden)

Jana Šťastná

2015-12-01

Full Text Available A desirable characteristic of programming code assessment is to provide the learner the most appropriate information regarding the code functionality as well as a chance to improve. This can be hardly achieved in case the number of learners is high (500 or more. In this paper we address the problem of risky code testing and availability of an assessment platform Arena, dealing with potential security risks when providing an automated assessment for a large set of source code. Looking at students’ programs as if they were potentially malicious inspired us to investigate separated execution environments, used by security experts for secure software analysis. The results also show that availability issues of our assessment platform can be conveniently resolved with task queues. A special attention is paid to Docker, a virtual container ensuring no risky code can affect the assessment system security. The assessment platform Arena enables to regularly, effectively and securely assess students' source code in various programming courses. In addition to that it is a motivating factor and helps students to engage in the educational process.

PREFACE: 1st International Conference on Sensing for Industry, Control, Communication & Security Technologies

Science.gov (United States)

Shuja Syed, Ahmed

2013-12-01

The 1st International Conference on Sensing for Industry, Control, Communication & Security Technologies (ICSICCST-2013), took place in Karachi, Pakistan, from 24-26 June 2013. It was organized by Indus University, Karachi, in collaboration with HEJ Research Institute of Chemistry, University of Karachi, Karachi. More than 80 abstracts were submitted to the conference and were double blind-reviewed by an international scientific committee. The topics of the Conference were: Video, Image & Voice Sensing Sensing for Industry, Environment, and Health Automation and Controls Laser Sensors and Systems Displays for Innovative Applications Emerging Technologies Unmanned, Robotic, and Layered Systems Sensing for Defense, Homeland Security, and Law Enforcement The title of the conference, 'Sensing for Industry, Control, Communication & Security Technologies' is very apt in capturing the main issues facing the industry of Pakistan and the world. We believe the sensing industry, particularly in Pakistan, is currently at a critical juncture of its development. The future of the industry will depend on how the industry players choose to respond to the challenge of global competition and opportunities arising from strong growth in the Asian region for which we are pleased to note that the conference covered a comprehensive spectrum of issues with an international perspective. This will certainly assist industry players to make informed decisions in shaping the future of the industry. The conference gathered qualified researchers from developed countries like USA, UK, Sweden, Saudi Arabia, China, South Korea and Malaysia etc whose expertise resulting from the research can be drawn upon to build an exploitable area of new technology that has potential Defense, Homeland Security, and Military applicability. More than 250 researchers/students attended the event and made the event great success as the turnout was 100%. An exceptional line-up of speakers spoke at the occasion. We want

Principles of Security Vulnerability Analysis of stationary industrial installations

International Nuclear Information System (INIS)

Borysiewicz, M.

2006-01-01

Security and safety have been key priorities at facilities that manufacture, store, use, or handle hazardous chemicals, after the terrorist attacks on the United States of September 11, 2001. Security improvements may be needed, especially at sites that pose a more attractive target to terrorists due to their economic importance, perceived level of consequences, and other factors. The first step in the process of managing security risks is to identify and analyze the threats and the vulnerabilities facing a facility by conducting a Security Vulnerability Analysis (SVA). The SVA is a systematic process that evaluates the likelihood that a threat against a facility will be successful. It considers the potential severity of consequences to the facility itself, to the surrounding community and on the energy supply chain. The objective of conducting a SVA is to identify security hazards, threats, and vulnerabilities facing a facility, and to evaluate the countermeasures to provide for the protection of the public, workers, national interests, the environment, and the company. With this information security risks can be assessed and strategies can be formed to reduce vulnerabilities as required. SVA is a tool to assist management in making decisions on the need for countermeasures to address the threats and vulnerabilities. The paper provides an overview of fundamental steps of SVA for stationary industrial installations. (author)

Automotive Stirling engine Market and Industrial Readiness Program (MIRP), phase 1

Science.gov (United States)

1982-05-01

A program, begun in 1978, has the goal of transferring Stirling engine technology from United Stirling of Sweden to the US and, then, following design, fabrication, and prototype testing, to secure US manufacturers for the engine. The ultimate objective is the large-scale commercial use of the Automotive Stirling Engine (ASE) by the year 2000. The fist phase of the Market and Industrial Readiness Program for the ASE was concerned with defining the market, product, economic and technical factors necessary to be addressed to assure a reasonable chance of ultimate commercial acceptance. Program results for this first phase are reported and discussed. These results pertain to licensing strategy development, economic analysis, market factors, product planning, market growth, cost studies, and engine performance as measured by fuel economy using conventional fuels and by vehicle speed and acceleration characteristics.

Interactive Industrial Robot Programming for the Ceramic Industry

OpenAIRE

Germano Veiga; Pedro Malaca; Rui Cancela

2013-01-01

This paper presents an interactive programming method for programming industrial robots in ceramic applications. The main purpose was to develop a simple but flexible programming system that empowers the user with product driven programming without compromising flexibility. To achieve this flexibility, a two step hybrid programming model was designed: first the user sketches the desired trajectory in a spatial augmented reality programming table using the final product and then relies on an a...

15 CFR Schedule I to Part 700 - Approved Programs and Delegate Agencies

Science.gov (United States)

2010-01-01

... Designated Programs Do. K1 Federal supply items General Services Administration. Homeland security programs... Intelligence and warning systems Do. N4 Border and transportation security Do. N5 Domestic counter-terrorism... Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE NATIONAL SECURITY INDUSTRIAL...

Quality and security on the uses of cobalt 60 sources for industrial irradiators

International Nuclear Information System (INIS)

Desroches, J.

1976-01-01

The construction and operation of industrial irradiators using large quantities of cobalt 60 give rise to an important problem of security. The CEA Radioisotope Department which manufactures and sells sources of Co60 has created an insurance Quality System which insures the maximum of security for the user. (author)

Quality and security on the uses of cobalt 60 sources for industrial irradiators

International Nuclear Information System (INIS)

Desroches, J.

1976-01-01

The construction and operation of industrial irradiators using large quantities of 60 Co give rise to an important problem of security. The CEA Radioisotope Department which manufactures and sells sources of 60 Co has created an insurance Quality System which insures the maximum of security for the user

Evaluation of a Secure Laptop-Based Testing Program in an Undergraduate Nursing Program: Students' Perspective.

Science.gov (United States)

Tao, Jinyuan; Gunter, Glenda; Tsai, Ming-Hsiu; Lim, Dan

2016-01-01

Recently, the many robust learning management systems, and the availability of affordable laptops, have made secure laptop-based testing a reality on many campuses. The undergraduate nursing program at the authors' university began to implement a secure laptop-based testing program in 2009, which allowed students to use their newly purchased laptops to take quizzes and tests securely in classrooms. After nearly 5 years' secure laptop-based testing program implementation, a formative evaluation, using a mixed method that has both descriptive and correlational data elements, was conducted to seek constructive feedback from students to improve the program. Evaluation data show that, overall, students (n = 166) believed the secure laptop-based testing program helps them get hands-on experience of taking examinations on the computer and gets them prepared for their computerized NCLEX-RN. Students, however, had a lot of concerns about laptop glitches and campus wireless network glitches they experienced during testing. At the same time, NCLEX-RN first-time passing rate data were analyzed using the χ2 test, and revealed no significant association between the two testing methods (paper-and-pencil testing and the secure laptop-based testing) and students' first-time NCLEX-RN passing rate. Based on the odds ratio, however, the odds of students passing NCLEX-RN the first time was 1.37 times higher if they were taught with the secure laptop-based testing method than if taught with the traditional paper-and-pencil testing method in nursing school. It was recommended to the institution that better quality of laptops needs to be provided to future students, measures needed to be taken to further stabilize the campus wireless Internet network, and there was a need to reevaluate the Laptop Initiative Program.

Aspects with Program Analysis for Security Policies

DEFF Research Database (Denmark)

Yang, Fan

Enforcing security policies to IT systems, especially for a mobile distributed system, is challenging. As society becomes more IT-savvy, our expectations about security and privacy evolve. This is usually followed by changes in regulation in the form of standards and legislation. In many cases......, small modification of the security requirement might lead to substantial changes in a number of modules within a large mobile distributed system. Indeed, security is a crosscutting concern which can spread to many business modules within a system, and is difficult to be integrated in a modular way....... This dissertation explores the principles of adding challenging security policies to existing systems with great flexibility and modularity. The policies concerned cover both classical access control and explicit information flow policies. We built our solution by combining aspect-oriented programming techniques...

Post 9-11 Security Issues for Non-Power Reactor Facilities

International Nuclear Information System (INIS)

Zaffuts, P. J.

2003-01-01

This paper addresses the legal and practical issues arising out of the design and implementation of a security-enhancement program for non power reactor nuclear facilities. The security enhancements discussed are derived from the commercial nuclear power industry's approach to security. The nuclear power industry's long and successful experience with protecting highly sensitive assets provides a wealth of information and lessons that should be examined by other industries contemplating security improvements, including, but not limited to facilities using or disposing of nuclear materials. This paper describes the nuclear industry's approach to security, the advantages and disadvantages of its constituent elements, and the legal issues that facilities will need to address when adopting some or all of these elements in the absence of statutory or regulatory requirements to do so

Post 9-11 Security Issues for Non-Power Reactor Facilities

Energy Technology Data Exchange (ETDEWEB)

Zaffuts, P. J.

2003-02-25

This paper addresses the legal and practical issues arising out of the design and implementation of a security-enhancement program for non power reactor nuclear facilities. The security enhancements discussed are derived from the commercial nuclear power industry's approach to security. The nuclear power industry's long and successful experience with protecting highly sensitive assets provides a wealth of information and lessons that should be examined by other industries contemplating security improvements, including, but not limited to facilities using or disposing of nuclear materials. This paper describes the nuclear industry's approach to security, the advantages and disadvantages of its constituent elements, and the legal issues that facilities will need to address when adopting some or all of these elements in the absence of statutory or regulatory requirements to do so.

Quality and security on the uses of cobalt 60 sources for industrial irradiators

International Nuclear Information System (INIS)

Desroches, J.

1976-01-01

The construction and operation of industrial irradiators using large quantities of 60 Co give rise to an important problem of security. The CEA Radioisotope Department which manufactures and sells sources of 60 Co has created an insurance quality system which insures the maximum of security for the user. (orig.) [de

LANL Safeguards and Security Assurance Program. Revision 6

International Nuclear Information System (INIS)

1995-01-01

The Safeguards and Security (S and S) Assurance Program provides a continuous quality improvement approach to ensure effective, compliant S and S program implementation throughout the Los Alamos National Laboratory. Any issues identified through the various internal and external assessments are documented, tracked and closed using the Safeguards and Security Issue Management Program. The Laboratory utilizes an integrated S and S systems approach to protect US Department of Energy (DOE) interests from theft or diversion of special nuclear material (SNM), sabotage, espionage, loss or theft of classified/controlled matter or government property, and other hostile acts that may cause unacceptable impacts on national security, health and safety of employees and the public, and the environment. This document explains the basis, scope, and conduct of the S and S process to include: self-assessments, issue management, risk assessment, and root cause analysis. It also provides a discussion of S and S topical areas, roles and responsibilities, process flow charts, minimum requirements, methodology, terms, and forms

Audit program for physical security systems at nuclear power plants

International Nuclear Information System (INIS)

Minichino, C.

1982-01-01

Licensees of nuclear power plants conduct audits of their physical security systems to meet the requirements of 10 CFR 73, Physical Protection of Plants and Materials. Section 73.55, Requirements for physical Protection of Licensed Activities in Nuclear Power Reactors Against Radiological Sabotage, requires that the security programs be reviewed at least every 12 months, that the audit be conducted by individuals independent of both security management and security supervision, and that the audit program review all aspects of the physical security system: hardware, personnel, and operational and maintenance procedures. This report contains information for the Nuclear Regulatory Commission (NRC) and for the licensees of nuclear power reactors who carry out these comprehensive audits. Guidance on the overall management of the audit function includes organizational structure and issues concerning the auditors who perform the review: qualifications, independence, due professional care, and standards. Guidance in the audit program includes purpose and scope of the audit, planning, techniques, post-audit procedures, reporting, and follow-up

Issues of Safety and Security: New Challenging to Malaysia Tourism Industry

OpenAIRE

Mohd Ayob Norizawati; Masron Tarmiji

2014-01-01

The safety and security issues nowadays become one of the forces causing changes in tourism industry in era of millennium. The main concern of this issues more focus on crime rates, terrorism, food safety, health issues and natural disaster. This topic gained the popularity in tourism research after 9/11 tragedy and since then the academicians and practitioners started seeking the best solution in ways to mitigate these negative impacts. For Malaysia, the image as safety and secure destinatio...

Supporting secure programming in web applications through interactive static analysis.

Science.gov (United States)

Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

2014-07-01

Many security incidents are caused by software developers' failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

Operating Nuclear Power Stations in a Regulated Cyber Security Environment

Energy Technology Data Exchange (ETDEWEB)

Dorman, E.

2014-07-01

The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

Operating Nuclear Power Stations in a Regulated Cyber Security Environment

International Nuclear Information System (INIS)

Dorman, E.

2014-01-01

The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

The "We Card" program: tobacco industry "youth smoking prevention" as industry self-preservation.

Science.gov (United States)

Apollonio, Dorie E; Malone, Ruth E

2010-07-01

The "We Card" program is the most ubiquitous tobacco industry "youth smoking prevention" program in the United States, and its retailer materials have been copied in other countries. The program's effectiveness has been questioned, but no previous studies have examined its development, goals, and uses from the tobacco industry's perspective. On the basis of our analysis of tobacco industry documents released under the 1998 Master Settlement Agreement, we concluded that the We Card program was undertaken for 2 primary purposes: to improve the tobacco industry's image and to reduce regulation and the enforcement of existing laws. Policymakers should be cautious about accepting industry self-regulation at face value, both because it redounds to the industry's benefit and because it is ineffective.

Ensuring Secure Non-interference of Programs by Game Semantics

DEFF Research Database (Denmark)

Dimovski, Aleksandar

Non-interference is a security property which states that improper information leakages due to direct and indirect flows have not occurred through executing programs. In this paper we investigate a game semantics based formulation of non-interference that allows to perform a security analysis...... of closed and open procedural programs. We show that such formulation is amenable to automated verification techniques. The practicality of this method is illustrated by several examples, which also emphasize its advantage compared to known operational methods for reasoning about open programs....

Energy efficiency programs and policies in the industrial sector in industrialized countries

Energy Technology Data Exchange (ETDEWEB)

Galitsky, Christina; Price, Lynn; Worrell, Ernst

2004-06-01

About 37% of the primary energy consumed both in the U.S. and globally is used by the industrial sector. A variety of energy efficiency policies and programs have been implemented throughout the world in an effort to improve the energy efficiency of this sector. This report provides an overview of these policies and programs in twelve industrialized nations and the European Union (EU). We focus on energy efficiency products and services that are available to industrial consumers, such as reports, guidebooks, case studies, fact sheets, profiles, tools, demonstrations, roadmaps and benchmarking. We also focus on the mechanisms to communicate the availability and features of these products and services and to disseminate them to the industrial consumers who can use them. Communication channels include customer information centers and websites, conferences and trade shows, workshops and other training mechanisms, financial assistance programs, negotiated agreements, newsletters, publicity, assessments, tax and subsidy schemes and working groups. In total, over 30 types of industrial sector energy efficiency products, services and delivery channels have been identified in the countries studied. Overall, we found that the United States has a large variety of programs and offers industry a number of supporting programs for improving industrial energy efficiency. However, there are some products and services found in other industrialized countries that are not currently used in the U.S., including benchmarking programs, demonstration of commercialized technologies and provision of energy awareness promotion materials to companies. Delivery mechanisms found in other industrialized countries that are not employed in the U.S. include negotiated agreements, public disclosure and national-level tax abatement for energy-efficient technologies.

User Interface Program for secure electronic tags

International Nuclear Information System (INIS)

Cai, Y.; Koehl, E.R.; Carlson, R.D.; Raptis, A.C.

1995-05-01

This report summarizes and documents the efforts of Argonne National Laboratory (ANL) in developing a secure tag communication user interface program comprising a tag monitor and a communication tool. This program can perform the same functions as the software that was developed at the Lawrence Livermore National Laboratory (LLNL), but it is enhanced with a user-friendly screen. It represents the first step in updating the TRANSCOM Tracking System (TRANSCOM) by incorporating a tag communication screen menu into the main menu of the TRANSCOM user program. A working version of TRANSCOM, enhanced with ANL secure-tag graphics, will strongly support the Department of Energy Warhead Dismantlement/Special Nuclear Materials Control initiatives. It will allow commercial satellite tracking of the movements and operational activities of treaty-limited items and transportation vehicles throughout Europe and the former USSR, as well as the continental US

Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

CERN Document Server

Tilaro, F

2011-01-01

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

Science.gov (United States)

Tompkins, F. G.

1983-01-01

The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

Industrial Technologies Program Research Plan for Energy-Intensive Process Industries

Energy Technology Data Exchange (ETDEWEB)

Chapas, Richard B. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Colwell, Jeffery A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2007-10-01

In this plan, the Industrial Technologies Program (ITP) identifies the objectives of its cross-cutting strategy for conducting research in collaboration with industry and U.S. Department of Energy national laboratories to develop technologies that improve the efficiencies of energy-intensive process industries.

5 CFR 930.301 - Information systems security awareness training program.

Science.gov (United States)

2010-01-01

... 5 Administrative Personnel 2 2010-01-01 2010-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems § 930.301 Information systems security awareness training program. Each Executive Agency must develop a...

Supporting secure programming in web applications through interactive static analysis

Science.gov (United States)

Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

2013-01-01

Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases. PMID:25685513

Supporting secure programming in web applications through interactive static analysis

Directory of Open Access Journals (Sweden)

Jun Zhu

2014-07-01

Full Text Available Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

"Business Continuity and Information Security Maintenance" Masters’ Training Program

OpenAIRE

Miloslavskaya , Natalia; Senatorov , Mikhail; Tolstoy , Alexandr; Zapechnikov , Sergei

2013-01-01

Part 1: WISE 8; International audience; The experience of preparing for the "Business Continuity and Information Security Maintenance" (BC&ISM) Masters’ program implementation and realization at the "Information Security of Banking Systems" Department of the National Research Nuclear University MEPhI (NRNU MEPhI, Moscow, Russia) is presented. Justification of the educational direction choice for BC&ISM professionals is given. The model of IS Master being trained on this program is described. ...

Development of security engineering curricula at US universities

Energy Technology Data Exchange (ETDEWEB)

Garcia, M.L.

1998-08-01

The Southwest Surety Institute was formed in June 1996 by Arizona State University (ASU), New Mexico Institute of Mining and Technology (NM Tech), New Mexico State University (NMSU), and Sandia National Laboratories (SNL) to provide educational programs in Security Engineering, and to conduct research and development in security technologies. This is the first science-based program of its kind in the US, focused on educating Security Engineers to help government and industry address their security needs. Each member brings a unique educational capability to the Institute. NM Tech has a formidable explosives testing and evaluation facility. ASU is developing a Masters program in Security Engineering at their School of Technology located on a new campus in Mesa, Arizona. NMSU provides a Security Technology minor, merging programs in Criminal Justice and Engineering Technology. The Sandia National Laboratories security system design and evaluation process forms the basis for the Security Engineering curricula. In an effort to leverage the special capabilities of each university, distance education will be used to share courses among Institute members and eventually with other sites across the country.

Why should security aspects be more seriously considered in development of Serbian tourism industry?

Directory of Open Access Journals (Sweden)

Radović Vesela

2016-01-01

Full Text Available Tourism today is becoming a part of everyday life for millions of people all over the world. According to the Travel&Tourism Competitiveness Report 2013, security is among the critical factors determining the competitiveness of a country's tourism industry. The most common reasons that are usually given are growing threats from terrorist acts, relatively high level of crime in the region and unknown diseases. The World Tourism Organization stated that one of the factors limiting the development of the industry is that issues related to security in tourism are not sufficiently regulated. The statistics show that the vast majority of organizations in tourism infrastructure are operating at a loss due to terrorism and natural disasters. This statement was particularly confirmed after a great decrease of tourist visits to Phuket and New Orleans after the horrible natural disasters (tsunami and hurricane Katrina, respectively. The question which arises in scientific and public community is: ''How to provide an adequate level of security for tourists.'' Tourism is announced as one of the priorities in future development of the Republic of Serbia. The author used the methodology appropriate for social science. The study results have indicated an urgent need for acceptance of a holistic approach to the issue. Tourism industry has to recognize the importance of security in its daily activities and in these efforts needs to closely cooperate with security services on the local and national level.

The security of medical and industrial radioactive sources

International Nuclear Information System (INIS)

Bielefeld, Tom; Fischer, Helmut W.

2008-01-01

Recent foiled and successful terrorist plots in Europe and the US (including two cases in the UK and Germany which included plans to design radiological dispersal devices in 2004 and 2005), clearly demonstrate that domestic or locally acting terrorist cells have become an important part of the terrorist threat picture. The uncovered 'dirty bomb'-plots involved radioactive material of type or quantity that would not have caused much damage. Still, these observations underscore the necessity to revisit the issue of radioactive sources security in countries which may become the target of a radiological attack. This includes in particular countries in Europe, many of which in the past relied on sophisticated - but safety centred - regulations and functioning oversight institutions. In a pilot study, we have developed plausible attack scenarios involving medical and industrial sources used in Germany. Special emphasis was put on how such sources could be obtained by a locally acting terrorist group using criminal tactics and non-specialized equipment only. To this end, sources storage and handling as well as daily work procedures in hospitals and companies have been analysed to find weak points which could be discovered and exploited by terrorist groups. Publicly available technical information has been used to assess under which circumstances terrorists could obtain various types of sources or whole instruments. Calculations have been performed to estimate the radiation burden to a person handling these sources with improvised equipment. Our study shows that, even in a country with already high regulatory standards, hospitals and industrial facilities still need to introduce improvements to sources security. We therefore discuss and propose a number of affordable security upgrades. Many of our findings in Germany apply to other western countries as well. Hence, we call for a change of mentality of users and manufacturers to take into account not only the safety but

Industry and energy; Industrie et energie

Energy Technology Data Exchange (ETDEWEB)

Birules y Bertran, A.M. [Ministere des Sciences et de la Technologie (Spain); Folgado Blanco, J. [Secretariat d' Etat a l' Economie, a l' Energie et aux PME du Royaume d' Espagne (Spain)

2002-07-01

This document is the provisional version of the summary of the debates of the 2433. session of the European Union Council about various topics relative to the industry and the energy. The energy-related topics that have been debated concern: the government helps in coal industry, the internal electricity and gas market, the trans-European energy networks, the bio-fuels in transportation systems, the energy charter, the pluri-annual energy program, and the green book on the security of energy supplies. (J.S.)

Cyber Security and Resilient Systems

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Cyber Security and Resilient Systems

International Nuclear Information System (INIS)

Anderson, Robert S.

2009-01-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

77 FR 70117 - Purchase of Certain Debt Securities by Business and Industrial Development Companies Relying on...

Science.gov (United States)

2012-11-23

... 3235-AL02 Purchase of Certain Debt Securities by Business and Industrial Development Companies Relying... securities; (B) is engaged or proposes to engage in the business of issuing face-amount certificates of the... business of issuing redeemable securities, the operations of which are subject to regulation by the State...

Assessment of the industrial energy-conservation program. Final report of the Committee on Assessment of the Industrial Energy Conservation Program

Energy Technology Data Exchange (ETDEWEB)

None

1982-01-01

Industrial operations in the United States account for some 37% of the nation's consumptions of energy. It has been estimated that this figure will increase to 50% by 1990 unless appropriate industrial energy conservation measures are adopted. However, such measures are difficult to implement in spite of the potential of various existing, emerging, and advanced technologies that can be applied to the problem. Specifically, the application of many industrial energy conservation measures entails high economic, technological, and institutional risks and uncertainties that constrain industries from adopting such measures. Accordingly, in 1975 the federal government started a program designed to mitigate these risks and uncertainties via government-industry partnership arrangements in the interests of national energy conservation. An important element of this program is the Industrial Energy Conservation Program in the Federal Department of Energy (DOE). In June 1980, DOE asked the National Materials Advisory Board, a unit of the National Academy of Sciences-National Research Council, to form a study committee to assess the effectiveness of the Industrial Energy Conservation Program. The committee concluded that federal support embodied in the DOE program, present and planned, is important to conserving additional industrial energy. However, the committee also concluded that the program needs various improvements in project selection and management and in transfer of results to industry. The committee's findings and recommendations and the results of the deliberation of the committee's three panels, a special report on heat and power, and a report on the visit by four members of the committee to Japan are presented.

Control Systems Cyber Security Standards Support Activities

Energy Technology Data Exchange (ETDEWEB)

Robert Evans

2009-01-01

The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

Development of security engineering curricula at US universities

Energy Technology Data Exchange (ETDEWEB)

Garcia, M.L.

1998-06-01

The Southwest Surety Institute was formed in 1996 to create unique, science-based educational programs in security engineering. The programs will integrate business, technology, and criminal justice elements to educate a new generation of security professionals. Graduates of the programs will better understand basic security system design and evaluation and contribute to strengthening of the body of knowledge in the area of security. A systematic approach incorporating people, procedures, and equipment will be taught that will emphasize basic security principles and establish the science of security engineering. The use of performance measures in the analysis of designed systems will enable effective decisions by an enterprise and provide the rationale for investment in security systems. Along with educational programs, Institute members will conduct original research and development built on existing relationships with sponsors from government and industry in areas such as counterterroism, microelectronics, banking, aviation, and sensor development. Additional information and updates on the Southwest Surety Institute are available via the Institute home page at www.emrtc.nmt.edu/ssi.

I and C security program for nuclear facilities: implementation guide - TAFICS/IG/2

International Nuclear Information System (INIS)

2016-04-01

This is the second in a series of documents being developed by TAFICS for protecting computer-based I and C systems of Indian nuclear facilities from cyber attacks. The document provides guidance to nuclear facility management to establish, implement and maintain a robust I and C security program - consisting of security plan and a set of security controls. In order to provide a firm basis for the security program, the document also identifies the fundamental security principles and foundational security requirements related to computer-based I and C systems of nuclear facilities. It is recommended that all applicable Indian nuclear facilities should implement the security program - with required adaptation - so as to provide the necessary assurance that the I and C systems are adequately protected against cyber attacks. (author)

NNSA Program Develops the Next Generation of Nuclear Security Experts

Energy Technology Data Exchange (ETDEWEB)

Brim, Cornelia P.; Disney, Maren V.

2015-09-02

NNSA is fostering the next generation of nuclear security experts is through its successful NNSA Graduate Fellowship Program (NGFP). NGFP offers its Fellows an exceptional career development opportunity through hands-on experience supporting NNSA mission areas across policy and technology disciplines. The one-year assignments give tomorrow’s leaders in global nuclear security and nonproliferation unparalleled exposure through assignments to Program Offices across NNSA.

A Quantitative Study on the Relationship of Information Security Policy Awareness, Enforcement, and Maintenance to Information Security Program Effectiveness

Science.gov (United States)

Francois, Michael T.

2016-01-01

Today's organizations rely heavily on information technology to conduct their daily activities. Therefore, their information security systems are an area of heightened security concern. As a result, organizations implement information security programs to address and mitigate that concern. However, even with the emphasis on information security,…

Interactive Industrial Robot Programming for the Ceramic Industry

Directory of Open Access Journals (Sweden)

Germano Veiga

2013-10-01

Full Text Available This paper presents an interactive programming method for programming industrial robots in ceramic applications. The main purpose was to develop a simple but flexible programming system that empowers the user with product driven programming without compromising flexibility. To achieve this flexibility, a two step hybrid programming model was designed: first the user sketches the desired trajectory in a spatial augmented reality programming table using the final product and then relies on an advanced 3D graphical system to tune the robot trajectory in the final workcell. The results measured by the end-user feedback show that a new level of flexibility was reached for this type of application.

Government--Industry Data Exchange Program

International Nuclear Information System (INIS)

Nelson, F.M.

1977-01-01

The origin and evolution of the Government--Industry Data Exchange Program, its content, method of operation, and utilization are briefly described. Major sponsoring and participating government agencies are identified, and the methodology to become a program participant is provided

Security of pipeline facilities

Energy Technology Data Exchange (ETDEWEB)

Lee, S.C. [Alberta Energy and Utilities Board, Calgary, AB (Canada); Van Egmond, C.; Duquette, L. [National Energy Board, Calgary, AB (Canada); Revie, W. [Canada Centre for Mineral and Energy Technology, Ottawa, ON (Canada)

2005-07-01

This working group provided an update on provincial, federal and industry directions regarding the security of pipeline facilities. The decision to include security issues in the NEB Act was discussed as well as the Pipeline Security Management Assessment Project, which was created to establish a better understanding of existing security management programs as well as to assist the NEB in the development and implementation of security management regulations and initiatives. Amendments to the NEB were also discussed. Areas of pipeline security management assessment include physical safety management; cyber and information security management; and personnel security. Security management regulations were discussed, as well as implementation policies. Details of the Enbridge Liquids Pipelines Security Plan were examined. It was noted that the plan incorporates flexibility for operations and is integrated with Emergency Response and Crisis Management. Asset characterization and vulnerability assessments were discussed, as well as security and terrorist threats. It was noted that corporate security threat assessment and auditing are based on threat information from the United States intelligence community. It was concluded that the oil and gas industry is a leader in security in North America. The Trans Alaska Pipeline Incident was discussed as a reminder of how costly accidents can be. Issues of concern for the future included geographic and climate issues. It was concluded that limited resources are an ongoing concern, and that the regulatory environment is becoming increasingly prescriptive. Other concerns included the threat of not taking international terrorism seriously, and open media reporting of vulnerability of critical assets, including maps. tabs., figs.

Issues of Safety and Security: New Challenging to Malaysia Tourism Industry

Directory of Open Access Journals (Sweden)

Mohd Ayob Norizawati

2014-01-01

Full Text Available The safety and security issues nowadays become one of the forces causing changes in tourism industry in era of millennium. The main concern of this issues more focus on crime rates, terrorism, food safety, health issues and natural disaster. This topic gained the popularity in tourism research after 9/11 tragedy and since then the academicians and practitioners started seeking the best solution in ways to mitigate these negative impacts. For Malaysia, the image as safety and secure destination was tarnished a few years lately and new unfortunates incident in this year bring more damage to Malaysia image. Healthy issues, terrorism, Lahad Datu intrusion, repeated kidnapping and shooting in Sabah, twin airlines incident, riot and illegal demonstration and false reporting by international media brings new challenging to Malaysia. Although some incident may be had short-term impact to Malaysia tourism industry, but it’s still gave the big impact to Malaysia branding process. Many travellers and Malaysian itself still believe that Malaysia is a one of safer destination and country to visit and stayed in, but more outstanding efforts was require to make sure Malaysia tourism industry was capable to recover from this negative impact as soon as possible.

Assessment and testing of industrial devices robustness against cyber security attacks

International Nuclear Information System (INIS)

Tilaro, F.; Copy, B.

2012-01-01

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. CERN - in collaboration with Siemens - has designed and implemented a dedicated working environment, the Test-bench for Robustness of Industrial Equipment. Such tests attempt to detect possible anomalies by exploiting corrupt communication channels and manipulating the normal behavior of the communication protocols, in the same way as a cyber attacker would proceed. Our approach consists of analyzing protocol implementations by injecting malformed PDUs (Protocol Data Unit) to corrupt the normal behaviour of the system. As a PDU typically has many fields, the number of possible syntactically faulty PDUs grows exponentially with the number of fields. In this document, we proposed a strategy to explore this huge test domain using a hybrid approach of fuzzing and syntax techniques, specifically developed to evaluate industrial device communication robustness. So far, not all the tests can be integrated into automatic tools, human analysis and management is necessary to discover and investigate specific possible failures

Case Study: Creation of a Degree Program in Computer Security. White Paper.

Science.gov (United States)

Belon, Barbara; Wright, Marie

This paper reports on research into the field of computer security, and undergraduate degrees offered in that field. Research described in the paper reveals only one computer security program at the associate's degree level in the entire country. That program, at Texas State Technical College in Waco, is a 71-credit-hour program leading to an…

Report: EPA’s National Security Information Program Could Be Improved

Science.gov (United States)

Report #12-P-0543, June 18, 2012. Under its classified NSI program, EPA has assigned responsibilities and provided guidance, training, and oversight. EPA program offices provide secure equipment and space, following NSI program specifications.

Doctorate Program Trains Industrial Chemists.

Science.gov (United States)

Chemical and Engineering News, 1982

1982-01-01

The University of Texas (Dallas) has initiated a new Ph.D. program specifically to train chemists for doctoral level work in industry (Doctor of Chemistry). Participants will complete three research practica (at an industrial site and in two laboratory settings) instead of the traditional dissertation, emphasizing breadth and flexibility in…

The Advanced Industrial Materials (AIM) program office of industrial technologies fiscal year 1995

Energy Technology Data Exchange (ETDEWEB)

Sorrell, C.A.

1997-04-01

In many ways, the Advanced Industrial Materials (AIM) Program underwent a major transformation in FY95 and these changes have continued to the present. When the Program was established in 1990 as the Advanced Industrial Concepts (AIC) Materials Program, the mission was to conduct applied research and development to bring materials and processing technologies from the knowledge derived from basic research to the maturity required for the end use sectors for commercialization. In 1995, the Office of Industrial Technologies (OIT) made radical changes in structure and procedures. All technology development was directed toward the seven `Vision Industries` that use about 80% of industrial energy and generated about 90% of industrial wastes. These are: aluminium; chemical; forest products; glass; metal casting; refineries; and steel. OIT is working with these industries, through appropriate organizations, to develop Visions of the desired condition of each industry some 20 to 25 years in the future and then to prepare Road Maps and Implementation Plans to enable them to reach their goals. The mission of AIM has, therefore, changed to `Support development and commercialization of new or improved materials to improve productivity, product quality, and energy efficiency in the major process industries.`

Industrial Energy Efficiency: Designing Effective State Programs for the Industrial Sector

Energy Technology Data Exchange (ETDEWEB)

Goldberg, Amelie [Institute for Industrial Productivity (United States); Taylor, Robert P. [Institute for Industrial Productivity (United States); Hedman, Bruce [Institute for Industrial Productivity (United States)

2014-03-21

This report provides state regulators, utilities, and other program administrators with an overview of U.S. industrial energy efficiency programs and assesses some of the key features of programs that have generated increased energy savings.

Nuclear security. DOE actions to improve the personnel clearance program

International Nuclear Information System (INIS)

Fultz, Keith O.; Bannerman, Carl J.; Daniel, Beverly A.

1988-11-01

The status of the Department of Energy's (DOE) implementation of recommendations in our two reports on DOE's personnel security clearance program was determined. The recommendations were aimed at improving the timeliness, accuracy, and efficiency of personnel security clearance decisions. Specifically, the objective was to determine and report on steps DOE is taking to implement these recommendations. In summary, it was found that DOE has either initiated action or is studying ways to address all the recommendations, but none of the recommendations have been completely implemented. The effectiveness of the DOE actions will depend, in part, on the adequacy of its internal control system for overseeing and evaluating program operations. DOE's personnel security clearance program is intended to provide reasonable assurance that personnel with access to classified information and materials are trustworthy. The Department requests that the Office of Personnel Management or the Federal Bureau of Investigation collect personal data on each person who requires such access to do his or her job. Based on these background investigations, DOE officials authorize individuals whose personal histories indicate that they are trustworthy to have access to classified information, secured facilities, and controlled materials as needed to perform their jobs. DOE has five types of these authorizations or personnel security clearances and must update information on personnel holding each type at 5-year intervals to confirm their continuing reliability. The five types are based on the types of security interests to which the person needs access, e.g., persons needing nuclear weapons-related data must have a Q clearance, and persons with a top secret clearance can have access to national security data classified as top secret

Building effective cybersecurity programs a security manager's handbook

CERN Document Server

Schreider, Tari

2017-01-01

You know by now that your company could not survive without the Internet. Not in today's market. You are either part of the digital economy or reliant upon it. With critical information assets at risk, your company requires a state-of-the-art cybersecurity program. But how do you achieve the best possible program? Tari Schreider, in Building Effective Cybersecurity Programs: A Security Manager's Handbook, lays out the step-by-step roadmap to follow as you build or enhance your cybersecurity program.

75 FR 82037 - National Protection and Programs Directorate; President's National Security Telecommunications...

Science.gov (United States)

2010-12-29

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0050] National Protection and Programs Directorate; President's National Security Telecommunications Advisory Committee AGENCY: National Protection... Committee Meeting. SUMMARY: The President's National Security Telecommunications Advisory Committee (NSTAC...

Program Management at the National Nuclear Security Administration Office of Defense Nuclear Security: A Review of Program Management Documents and Underlying Processes

International Nuclear Information System (INIS)

Madden, Michael S.

2010-01-01

The scope of this paper is to review the National Nuclear Security Administration Office of Defense Nuclear Security (DNS) program management documents and to examine the underlying processes. The purpose is to identify recommendations for improvement and to influence the rewrite of the DNS Program Management Plan (PMP) and the documentation supporting it. As a part of this process, over 40 documents required by DNS or its stakeholders were reviewed. In addition, approximately 12 other documents produced outside of DNS and its stakeholders were reviewed in an effort to identify best practices. The complete list of documents reviewed is provided as an attachment to this paper.

The mutual encouragement of the fear of crime and the security industry: The example of film narratives and electronic home security systems

Directory of Open Access Journals (Sweden)

Vladimira Ilić

2016-02-01

Full Text Available In a culture of fear, everyday life is experienced through the feeling of safety, part of which can be secured through certain electronic home security systems. Three films – Unlawful Entry (1992, Panic Room (2002 and When a Stranger Calls (2006 – will be used as examples in the attempt to consider the relationship between the fear of criminal activity – in this case break ins – and electronic home security systems. The basic premise of the research is that the culturally manufactured fear encourages the electronic home security system industry, the presence of which can, in turn, exasperate one’s fear of the risk of falling victim to violent crime.

A Domain-Specific Programming Language for Secure Multiparty Computation

DEFF Research Database (Denmark)

Nielsen, Janus Dam; Schwartzbach, Michael Ignatieff

2007-01-01

We present a domain-specific programming language for Secure Multiparty Computation (SMC). Information is a resource of vital importance and considerable economic value to individuals, public administration, and private companies. This means that the confidentiality of information is crucial...... on secret values and results are only revealed according to specific protocols. We identify the key linguistic concepts of SMC and bridge the gap between high-level security requirements and low-level cryptographic operations constituting an SMC platform, thus improving the efficiency and security of SMC...

Policy for securing human resources in the nuclear industry of Japan

International Nuclear Information System (INIS)

Takeuchi, S.

1993-01-01

The shortage of human resources in the field of nuclear industry in Japan is due to: structural difficulty resulting from the prevailing labor shortage in Japan, difficulties from the ever-intensifying adverse wind against nuclear power, and difficulties specific to R and D organizations. A practical plan is proposed for securing qualified personnel: approach to be directly made on campuses; effective/advanced management of human resources; better treatment and fringe benefit; promoting the nuclear industry attractiveness; expanding the scope of basic and fundamental researches; regaining the public confidence; closer cooperation between the government and the nuclear power groups. 6 figs

Financial security evaluation of the electric power industry in China based on a back propagation neural network optimized by genetic algorithm

International Nuclear Information System (INIS)

Sun, Wei; Xu, Yanfeng

2016-01-01

Recently security issues like investment and financing in China's power industry have become increasingly prominent, bringing serious challenges to the financial security of the domestic power industry. Thus, it deserves to develop financial safety evaluation towards the Chinese power industry and is of practical significance. In this paper, the GA (genetic algorithm) is used to optimize the connection weights and thresholds of the traditional BPNN (back propagation neural network) so the new model of BPNN based on GA is established, hereinafter referred to as GA-BPNN (back propagation neural network based on genetic algorithm). Then, an empirical example of the electric power industry in China during the period 2003–2010 was selected to verify the proposed algorithm. By comparison with three other algorithms, the results indicate the model can be applied to evaluate the financial security of China's power industry effectively. Then index values of the financial security of China's power industry in 2011 were obtained according to the tested prediction model and the comprehensive safety scores and grades are calculated by the weighted algorithm. Finally, we analyzed the reasons and throw out suggestions based on the results. The work of this paper will provide a reference for the financial security evaluation of the energy industry in the future. - Highlights: • GA-BPNN model is applied to assess the financial security of China's power industry. • 12 indexes of 3 major categories are selected to build the evaluation index system. • The GA-BPNN is superior to the models of GM (1,1), BPNN and LSSVM on the whole. • Predicted financial safety status of China's power industry in 2011 is basic safe. • Reasons and suggestions are proposed based on the forecast results.

AIF programs supporting industry self-improvement

International Nuclear Information System (INIS)

Szalay, R.A.; Bivens, A.C.

1985-01-01

The Atomic Industrial Forum (AIF) report ''Nuclear Power in America's Future'' identifies those actions that must be taken by both government and industry if the nuclear power option is to be preserved. This includes initiatives that: 1) reduce construction costs and lead times; 2) establish a national energy policy that reflects the role of electricity and the nuclear power component; 3) provide better financial arrangements; 4) reform licensing and regulation; 5) enhance the light water reactor design; 6) inform the public on the benefits and contributions of nuclear power; and 7) complete the fuel cycle. In attempting to solve nuclear power's problems, the AIF has programs that support and push these needed actions. Much of the initiative must be taken by industry to enhance the nuclear power option. This paper discusses some AIF initiatives and programs that support industry self-improvement

Gene expression programming for power system static security ...

African Journals Online (AJOL)

user

Keywords: static security, gene expression programming, probabilistic neural network ... Hence digital computers are usually installed in operations control centers to gather ...... power system protection, and applications of AI in power systems.

Advanced Approach to Information Security Management System Model for Industrial Control System

Directory of Open Access Journals (Sweden)

Sanghyun Park

2014-01-01

Full Text Available Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS. ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

Advanced approach to information security management system model for industrial control system.

Science.gov (United States)

Park, Sanghyun; Lee, Kyungho

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

Advanced Approach to Information Security Management System Model for Industrial Control System

Science.gov (United States)

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS. PMID:25136659

Homeland Security Education: Managerial versus Nonmanagerial Market Perspectives of an Academic Program

Science.gov (United States)

Doss, Daniel; Henley, Russ; McElreath, David; Lackey, Hilliard; Jones, Don; Gokaraju, Balakrishna; Sumrall, William

2016-01-01

The authors discuss the findings of a market study that preceded the offering of an academic program in homeland security. The university disseminated a mail survey to gain data for analysis of variance testing of several hypotheses regarding market perceptions of the intended homeland security program offering. Stratification involved segregating…

The Department of Energy`s Solar Industrial Program: 1995 review

Energy Technology Data Exchange (ETDEWEB)

NONE

1996-04-01

During 1995, the Department of Energy`s Solar Industrial (SI) Program worked to bring the benefits of solar energy to America`s industrial sector. Scientists and engineers within the program continued the basic research, applied engineering, and economic analyses that have been at the heart of the Program`s success since its inception in 1989. In 1995, all three of the SI Program`s primary areas of research and development--solar detoxification, advanced solar processes, and solar process heat--succeeded in increasing the contribution made by renewable and energy-efficient technologies to American industry`s sustainable energy future. The Solar Detoxification Program develops solar-based pollution control technologies for destroying hazardous environmental contaminants. The Advanced Solar Processes Program investigates industrial uses of highly concentrated solar energy. The Solar Process Heat Program conducts the investigations and analyses that help energy planners determine when solar heating technologies--like those that produce industrial-scale quantities of hot water, hot air, and steam--can be applied cost effectively. The remainder of this report highlights the research and development conducted within in each of these subprograms during 1995.

20 CFR 404.1402 - When are railroad industry services by a non-vested worker covered under Social Security?

Science.gov (United States)

2010-04-01

...-vested worker covered under Social Security? 404.1402 Section 404.1402 Employees' Benefits SOCIAL... When are railroad industry services by a non-vested worker covered under Social Security? If you are a non-vested worker, we (the Social Security Administration) will consider your services in the railroad...

76 FR 34732 - Privacy Act of 1974; Department of Homeland Security/National Protection and Programs Directorate...

Science.gov (United States)

2011-06-14

... 1974; Department of Homeland Security/National Protection and Programs Directorate--002 Chemical... Homeland Security/National Protection and Programs Directorate--002 Chemical Facility Anti-Terrorism.... 552a, the Department of Homeland Security (DHS)/National Protection and Programs Directorate (NPPD...

Scenario and multiple criteria decision analysis for energy and environmental security of military and industrial installations.

Science.gov (United States)

Karvetski, Christopher W; Lambert, James H; Linkov, Igor

2011-04-01

Military and industrial facilities need secure and reliable power generation. Grid outages can result in cascading infrastructure failures as well as security breaches and should be avoided. Adding redundancy and increasing reliability can require additional environmental, financial, logistical, and other considerations and resources. Uncertain scenarios consisting of emergent environmental conditions, regulatory changes, growth of regional energy demands, and other concerns result in further complications. Decisions on selecting energy alternatives are made on an ad hoc basis. The present work integrates scenario analysis and multiple criteria decision analysis (MCDA) to identify combinations of impactful emergent conditions and to perform a preliminary benefits analysis of energy and environmental security investments for industrial and military installations. Application of a traditional MCDA approach would require significant stakeholder elicitations under multiple uncertain scenarios. The approach proposed in this study develops and iteratively adjusts a scoring function for investment alternatives to find the scenarios with the most significant impacts on installation security. A robust prioritization of investment alternatives can be achieved by integrating stakeholder preferences and focusing modeling and decision-analytical tools on a few key emergent conditions and scenarios. The approach is described and demonstrated for a campus of several dozen interconnected industrial buildings within a major installation. Copyright © 2010 SETAC.

Deployment of ERP Systems at Automotive Industries, Security Inspection (Case Study: IRAN KHODRO Automotive Company)

Science.gov (United States)

Ali, Hatamirad; Hasan, Mehrjerdi

Automotive industry and car production process is one of the most complex and large-scale production processes. Today, information technology (IT) and ERP systems incorporates a large portion of production processes. Without any integrated systems such as ERP, the production and supply chain processes will be tangled. The ERP systems, that are last generation of MRP systems, make produce and sale processes of these industries easier and this is the major factor of development of these industries anyhow. Today many of large-scale companies are developing and deploying the ERP systems. The ERP systems facilitate many of organization processes and make organization to increase efficiency. The security is a very important part of the ERP strategy at the organization, Security at the ERP systems, because of integrity and extensive, is more important of local and legacy systems. Disregarding of this point can play a giant role at success or failure of this kind of systems. The IRANKHODRO is the biggest automotive factory in the Middle East with an annual production over 600.000 cars. This paper presents ERP security deployment experience at the "IRANKHODRO Company". Recently, by launching ERP systems, it moved a big step toward more developments.

Development of the innovative food industry in the conditions of ensuring food security

OpenAIRE

Berdiev S.

2017-01-01

The purpose of this article is to ensure the safety of food and through the development of innovative food industry and learning to increase the production of food. Work to ensure food security of the Republic of Uzbekistan has its own characteristics and analysis of trends and problems identified in this area. As well as ensuring the safety of food and food industry offer based on the priority directions of scientific and practical recommendations developed.

Advanced Industrial Materials Program. Annual progress report, FY 1993

Energy Technology Data Exchange (ETDEWEB)

Stooksbury, F. [comp.

1994-06-01

Mission of the AIM program is to commercialize new/improved materials and materials processing methods that will improve energy efficiency, productivity, and competitiveness. Program investigators in the DOE national laboratories are working with about 100 companies, including 15 partners in CRDAs. Work is being done on intermetallic alloys, ceramic composites, metal composites, polymers, engineered porous materials, and surface modification. The program supports other efforts in the Office of Industrial Technologies to assist the energy-consuming process industries. The aim of the AIM program is to bring materials from basic research to industrial application to strengthen the competitive position of US industry and save energy.

The National Security Education Program and Its Service Requirement: An Exploratory Study of What Areas of Government and for What Duration National Security Education Program Recipients Have Worked

Science.gov (United States)

Comp, David J.

2013-01-01

The National Security Education Program, established under the National Security Education Act of 1991, has had a post-funding service requirement in the Federal Government for undergraduate scholarship and graduate fellowship recipients since its inception. The service requirement, along with the concern that the National Security Education…

Parametric programming of industrial robots

Directory of Open Access Journals (Sweden)

Szulczyński Paweł

2015-06-01

Full Text Available This article proposes the use of parametric design software, commonly used by architects, in order to obtain complex trajectory and program code for industrial robots. The paper describes the drawbacks of existing solutions and proposes a new script to obtain a correct program. The result of the algorithm was verified experimentally.

78 FR 31955 - Privacy Act of 1974; Department of Homeland Security National Protection and Programs Directorate...

Science.gov (United States)

2013-05-28

... 1974; Department of Homeland Security National Protection and Programs Directorate--001 Arrival and... of records titled Department of Homeland Security/National Protection and Programs Directorate--001... of 1974, 5 U.S.C. 552a, the Department of Homeland Security (DHS) National Protection and Programs...

The IAEA Assistance Training Programme for Transport Security

Energy Technology Data Exchange (ETDEWEB)

Eriksson, Ann-Margret [International Atomic Energy Agency (IAEA); Rawl, Richard R [ORNL; Hawk, Mark B [ORNL; Anderson, Kimberly K [ORNL

2010-01-01

The IAEA Office of Nuclear Security is working cooperatively with the U.S. Department of Energy's Global Threat Reduction Initiative, European Union and Australia to provide transport security assistance to countries throughout the world. Assistance is available to countries in reviewing and upgrading their transport security programs at all levels: (1) National level (regulatory and other government agencies); and (2) Operator level (shippers and carriers). Assistance is directed at implementing a consistent level of security throughout the life cycle of radioactive material (same level of security during transport as when in a fixed facility) Upgrade assistance can include: (1) Expert advisory missions to provide advice and guidance; (2) Training courses for regulatory, governmental and industry personnel; (3) Transport security awareness; (4) Detailed training on designing and implementing transport security programs; (5) Planning to identify and prioritize needs (developing security approaches and plans); (6) Developing model security plans and procedures; and (7) Equipment (vehicles, packages, command and control equipment, etc.). Country visits are now being scheduled to initiate transport security cooperative activities. A training course has been developed to assist countries in developing and implementing transport security programs. The training course has been given as a national training course (three times) and as a Regional training course (three times). The course addresses recommended security provisions for the transport of all radioactive material.

Establishing cyber security programs for I and C systems at nuclear facilities

International Nuclear Information System (INIS)

Waedt, Karl

2012-01-01

In recent years, across the international nuclear community, cyber security issues have quickly gained significant attention from safety authorities and plant designers alike. This increased attention was accelerated by news of the Stuxnet virus, which impaired control systems at Iranian nuclear facilities in 2010, but is also fueled by regular news about cyber security breaches of data systems at large business corporations. This paper discusses key aspects of establishing a cyber security program for Instrumentation and Control (I and C) systems at a nuclear facility, and identifies inherent aspects of nuclear power plant (NPP) design, that differentiate the needs of such a cyber security program from those of typical corporate data systems. (orig.)

Establishing cyber security programs for I and C systems at nuclear facilities

Energy Technology Data Exchange (ETDEWEB)

Waedt, Karl [AREVA NP GmbH (Germany)

2012-11-01

In recent years, across the international nuclear community, cyber security issues have quickly gained significant attention from safety authorities and plant designers alike. This increased attention was accelerated by news of the Stuxnet virus, which impaired control systems at Iranian nuclear facilities in 2010, but is also fueled by regular news about cyber security breaches of data systems at large business corporations. This paper discusses key aspects of establishing a cyber security program for Instrumentation and Control (I and C) systems at a nuclear facility, and identifies inherent aspects of nuclear power plant (NPP) design, that differentiate the needs of such a cyber security program from those of typical corporate data systems. (orig.)

Resources available for applying metrics in security and safety programming.

Science.gov (United States)

Luizzo, Anthony

2016-01-01

Incorporating metrics into security surveys has been championed as a better way of substantiating program-related effectiveness and expenditures. Although security surveys have been aroundfor well over 40 years, rarely, if ever, have metric-related strategies been part of the equation, the author says. In this article, he cites several published articles and research findings available to security professionals and their surveyors that may give them the expertise and confidence they need to make use of this valuable tool.

Cyber-security: industrials must stop denying the risk of cyber-attacks

International Nuclear Information System (INIS)

Hausermann, L.

2015-01-01

The risk of cyber-attacks of industrial sites is real. Recently the Anvers port and the Bakou-Tbilissi-Ceyhan pipeline have been attacked. In both cases hackers succeeded: they were able to track sea containers in which drug was concealed and recover it in the Anvers port and in the case of the pipeline the hackers took control of the control system and were able to trigger a huge explosion by shunning security systems and allowing damaging pressure surges. The massive use of digital systems and of automated systems in various industrial sectors has led to huge network of inter-connected smart devices whose purpose is not to process data but to monitor and control. All these devices and equipment are controlled by software whose weaknesses and fault lines multiply the risk of cyber-attacks even for 'closed' networks. While the total hacking of a nuclear power plant is highly unlikely, real threats exist and must be taken into account. Innovative solutions based on the mapping of the fluxes of the system and combined with an inventory of all its weaknesses may pave the way towards cyber-security. (A.C.)

15 CFR 2008.16 - Security education program.

Science.gov (United States)

2010-01-01

... 15 Commerce and Foreign Trade 3 2010-01-01 2010-01-01 false Security education program. 2008.16 Section 2008.16 Commerce and Foreign Trade Regulations Relating to Foreign Trade Agreements OFFICE OF THE UNITED STATES TRADE REPRESENTATIVE REGULATIONS TO IMPLEMENT E.O. 12065; OFFICE OF THE UNITED STATES TRADE...

Evaluation of the awareness and effectiveness of IT security programs in a large publicly funded health care system.

Science.gov (United States)

Hepp, Shelanne L; Tarraf, Rima C; Birney, Arden; Arain, Mubashir Aslam

2017-01-01

Electronic health records are becoming increasingly common in the health care industry. Although information technology (IT) poses many benefits to improving health care and ease of access to information, there are also security and privacy risks. Educating health care providers is necessary to ensure proper use of health information systems and IT and reduce undesirable outcomes. This study evaluated employees' awareness and perceptions of the effectiveness of two IT educational training modules within a large publicly funded health care system in Canada. Semi-structured interviews and focus groups included a variety of professional roles within the organisation. Participants also completed a brief demographic data sheet. With the consent of participants, all interviews and focus groups were audio recorded. Thematic analysis and descriptive statistics were used to evaluate the effectiveness of the IT security training modules. Five main themes emerged: (i) awareness of the IT training modules, (ii) the content of modules, (iii) staff perceptions about differences between IT security and privacy issues, (iv) common breaches of IT security and privacy, and (v) challenges and barriers to completing the training program. Overall, nonclinical staff were more likely to be aware of the training modules than were clinical staff. We found e-learning was a feasible way to educate a large number of employees. However, health care providers required a module on IT security and privacy that was relatable and applicable to their specific roles. Strategies to improve staff education and mitigate against IT security and privacy risks are discussed. Future research should focus on integrating health IT competencies into the educational programs for health care professionals.

Secure Data Transfer Guidance for Industrial Control and SCADA Systems

Energy Technology Data Exchange (ETDEWEB)

Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

2011-09-01

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

Investigating the Process of Valuing Investments in Intangibles: A Case Study in Safety and Security in the Multinational Hotel Industry

OpenAIRE

Punpugdee, Nuttapon

2005-01-01

Safety and security have emerged as a major force driving change in the multinational hotel industry. As a problem area not well-developed in the literature but considered a crucial force influencing hotel firms' value by the multinational hotel community, safety and security provide an excellent opportunity for industry professionals and academic researchers to improve the value creation of multinational hotel firms. A research need is more urgent in the upscale sector of the industry, and t...

Industry perspectives on future directions in the fusion program

International Nuclear Information System (INIS)

Maniscalco, J.A.; Bell, J.M.

1985-01-01

Industry is the ultimate recipient of the product of the fusion development program. However, budget trends are causing the program to lose it's focus on the energy goal, thus diminishing opportunities for a meaningful industrial role at a time when technical progress has been remarkable and scientific feasibility is being demonstrated. The findings of the Magnetic Fusion Advisory Committee Panel charged to report on industrial participation in fusion energy development are summarized. A recommendation of this panel was to increase intellectual involvement of industry in the development of fusion. Opportunities to achieve this include forming partnerships with national laboratories and universities, assigning industry responsibility for a complete scope of work, and assigning industry a major role in system studies and reactor design. These opportunities can be implemented without requiring large budget increases. Increasing the involvement of industry in the fusion program will provide both long and short-term benefits

Industrial cogeneration optimization program. Final report, September 1979

Energy Technology Data Exchange (ETDEWEB)

Davis, Jerry; McWhinney, Jr., Robert T.

1980-01-01

This study program is part of the DOE Integrated Industry Cogeneration Program to optimize, evaluate, and demonstrate cogeneration systems, with direct participation of the industries most affected. One objective is to characterize five major energy-intensive industries with respect to their energy-use profiles. The industries are: petroleum refining and related industries, textile mill products, paper and allied products, chemicals and allied products, and food and kindred products. Another objective is to select optimum cogeneration systems for site-specific reference case plants in terms of maximum energy savings subject to given return on investment hurdle rates. Analyses were made that define the range of optimal cogeneration systems for each reference-case plant considering technology applicability, economic factors, and energy savings by type of fuel. This study also provides guidance to other parts of the program through information developed with regard to component development requirements, institutional and regulatory barriers, as well as fuel use and environmental considerations. (MCW)

Technology Roadmap Research Program for the Steel Industry

Energy Technology Data Exchange (ETDEWEB)

Joseph R. Vehec

2010-12-30

The steel industry's Technology Roadmap Program (TRP) is a collaborative R&D effort jointly sponsored by the steel industry and the United States Department of Energy. The TRP program was designed to develop new technologies to save energy , increase competitiveness, and improve the environment. TRP ran from July, 1997 to December, 2008, with a total program budget of $38 million dollars. During that period 47 R&D projects were performed by 28 unique research organizations; co-funding was provided by DOE and 60 industry partners. The projects benefited all areas of steelmaking and much know-how was developed and transferred to industry. The American Iron and Steel Institute is the owner of all intellectual property developed under TRP and licenses it at commercial rates to all steelmakers. TRP technologies are in widespread use in the steel industry as participants received royalty-free use of intellectual property in return for taking the risk of funding this research.

76 FR 39887 - Extension of Agency Information Collection Activity Under OMB Review: Highway Corporate Security...

Science.gov (United States)

2011-07-07

... Security Administration (TSA) has forwarded the Information Collection Request (ICR), Office of Management... industry by way of its Highway Corporate Security Review (CSR) Program, which encompasses site visits and... the site visit, TSA personnel complete the CSR form, which asks security-related questions. This...

Employee assistance programs in the hospital industry.

Science.gov (United States)

Howard, J C; Szczerbacki, D

1988-01-01

The health care literature describes the industry's need for employee assistance programs (EAPs). New research results show the degree to which EAPs are used in the industry and ways to determine their success.

Proposals For The Secure Use Of IoT Technology In The Car Industry - Proposals on how to use IoT technology in the car industry but avoid its negative security consequences

OpenAIRE

Ramquist, Robin

2016-01-01

The Internet Of Things (IoT) is a hotter topic than ever. As devices and our daily life get connected to the IoT, we also put ourselves at risk. IoT security issues get reported on a regular basis, and experts are concerned that we will lose control of the situation. In this thesis, the IoT usage in the car industry is investigated and analyzed, and proposals for security issue mitigations are presented based on existing research. To do this work, existing research is being looked at and inte...

Advanced Industrial Materials (AIM) program. Annual progress report. FY 1996

Energy Technology Data Exchange (ETDEWEB)

NONE

1997-04-01

The Advanced Industrial Materials (AIM) Program underwent a major transformation in Fiscal Year 1995 and these changes have continued to the present. When the Program was established in 1990 as the Advanced Industrial Concepts (AIC) Materials Program, the mission was to conduct applied research and development to bring materials and processing technologies from the knowledge derived from basic research to the maturity required for the end use sectors for commercialization. In 1995, the Office of Industrial Technologies (OIT) made radical changes in structure and procedures. All technology development was directed toward the seven `Vision Industries` that use about 80% of industrial energy and generated about 90% of industrial wastes. These are: aluminium; chemical; forest products; glass; metal casting; refineries; and steel. OIT is working with these industries, through appropriate organizations, to develop Visions of the desired condition of each industry some 20 or 25 years in the future and then to prepare Road Maps and Implementation Plans to enable them to reach their goals. The mission of AIM has, therefore, changed to `Support development and commercialization of new or improved materials to improve productivity, product quality, and energy efficiency in the major process industries.` Though AIM remains essentially a National Laboratory Program, it is necessary that each project have industrial partners, including suppliers to, and customers of, the seven industries. Now, well into FY 1996, the transition is nearly complete and the AIM Program remains healthy and productive, thanks to the superb investigators and Laboratory Program Managers. Separate abstracts have been indexed into the energy database for articles from this report.

Effectiveness of the Civil Aviation Security Program.

Science.gov (United States)

1978-03-31

Passenger Screening Results 12. Scope of Civil Aviation Security Program 13. Basic Policies 14. Explosives Detection Dog Teams 15. Explosives Detection... policies guiding the program recognize airline responsibilities for the safety of passengers, baggage and cargo in their care as well as for the...U *i * (U U Los -7 .cn cf) 1-4 ~~LL _m e- Hf LMU 0- u,-C -oL -ccJLL LII -~ LLIOL 0 _ CL. LLJ cr-L LCnIJ C ~ ~ CnCD C. ) &j 2ic- nc r JL AJ -L JC C.- L

Safeguards and security deficiencies fulfilled through technology development

International Nuclear Information System (INIS)

Smoot, W.

1996-01-01

The Office of Safeguards and Security (OSS) sponsors research and development activities based on identified field and headquarters customer requirements. Annually, a formal solicitation of safeguards and security user needs is conducted. Currently, there are over 300 valid safeguards and security deficiencies that have been identified. These user needs serve as the basis for formulating the OSS Technology Development Program (TDP). Due to budget constraints, the TDP can only address approximately 47% of these needs in FY 1996. This paper will discuss, in a general sense, the current deficiencies and how the TDP is responding to each. Specifically, the paper will highlight technologies in the areas of Material Control and Accounting, Physical Security, and Information Security. A brief discussion of unfulfilled user requirements will also be presented as a catalyst for leveraging available or developing technologies from other similar programs or from private industry

Radiation protection program of Petrobras in industrial radiography area

International Nuclear Information System (INIS)

Signorini, M.

1988-01-01

Industrial hygiene has as main purpose the preservation of employees physical integrity when exposed to certain agressive agents. PETROBRAS Industrial hygiene program forecasts preventive policies in several specific fields. For the ionizing radiations area it was developed the ''Radiologic Protection Program'' which also deals with specific actions in industrial radiography jobs. These actions are hereinafter presented. (C.M.) [pt

Industry and energy

International Nuclear Information System (INIS)

Birules y Bertran, A.M.; Folgado Blanco, J.

2002-01-01

This document is the provisional version of the summary of the debates of the 2433. session of the European Union Council about various topics relative to the industry and the energy. The energy-related topics that have been debated concern: the government helps in coal industry, the internal electricity and gas market, the trans-European energy networks, the bio-fuels in transportation systems, the energy charter, the pluri-annual energy program, and the green book on the security of energy supplies. (J.S.)

Advanced Industrial Materials (AIM) Program: Annual progress report FY 1995

Energy Technology Data Exchange (ETDEWEB)

NONE

1996-04-01

In many ways, the Advanced Industrial Materials (AIM) Program underwent a major transformation in Fiscal Year 1995 and these changes have continued to the present. When the Program was established in 1990 as the Advanced Industrial Concepts (AIC) Materials Program, the mission was to conduct applied research and development to bring materials and processing technologies from the knowledge derived from basic research to the maturity required for the end use sectors for commercialization. In 1995, the Office of Industrial Technologies (OIT) made radical changes in structure and procedures. All technology development was directed toward the seven ``Vision Industries`` that use about 80% of industrial energy and generated about 90% of industrial wastes. The mission of AIM has, therefore, changed to ``Support development and commercialization of new or improved materials to improve productivity, product quality, and energy efficiency in the major process industries.`` Though AIM remains essentially a National Laboratory Program, it is essential that each project have industrial partners, including suppliers to, and customers of, the seven industries. Now, well into FY 1996, the transition is nearly complete and the AIM Program remains reasonably healthy and productive, thanks to the superb investigators and Laboratory Program Managers. This Annual Report for FY 1995 contains the technical details of some very remarkable work by the best materials scientists and engineers in the world. Areas covered here are: advanced metals and composites; advanced ceramics and composites; polymers and biobased materials; and new materials and processes.

The IAEA Assistance and Training Programme for Transport Security

Energy Technology Data Exchange (ETDEWEB)

Hawk, Mark B [ORNL; Eriksson, Ann-Margret [International Atomic Energy Agency (IAEA); Rawl, Richard [Transport Security and Safety, Oak Ridge; Anderson, Kimberly K [ORNL

2010-01-01

The IAEA Office of Nuclear Security is working cooperatively with the U.S. Department of Energy's Global Threat Reduction Initiative, European Union and Australia to provide transport security assistance to countries throughout the world. Assistance is available to countries in reviewing and upgrading their transport security programs at all levels: (1) National level (regulatory and other government agencies); and (2) Operator level (shippers and carriers). Assistance is directed at implementing a consistent level of security throughout the life cycle of radioactive material (same level of security during transport as when in a fixed facility) Upgrade assistance can include: (1) Expert advisory missions to provide advice and guidance; (2) Training courses for regulatory, governmental and industry personnel; (3) Transport security awareness; (4) Detailed training on designing and implementing transport security programs; (5) Planning to identify and prioritize needs (developing security approaches and plans); (6) Developing model security plans and procedures; and (7) Equipment (vehicles, packages, command and control equipment, etc.). Country visits are now being scheduled to initiate transport security cooperative activities. A training course has been developed to assist countries in developing and implementing transport security programs. The training course has been given as a national training course (three times) and as a Regional training course (three times). The course addresses recommended security provisions for the transport of all radioactive material.

Cyber security for greater service reliability

Energy Technology Data Exchange (ETDEWEB)

Vickery, P. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

2008-05-15

Service reliability in the electricity transmission and distribution (T and D) industry is being challenged by increased equipment failures, harsher climatic conditions, and computer hackers who aim to disrupt services by gaining access to transmission and distribution resources. This article discussed methods of ensuring the cyber-security of T and D operators. Weak points in the T and D industry include remote terminal units; intelligent electronic devices; distributed control systems; programmable logic controllers; and various intelligent field devices. An increasing number of interconnection points exist between an operator's service control system and external systems. The North American Electric Reliability Council (NERC) standards specify that cyber security strategies should ensure that all cyber assets are protected, and that access points must be monitored to detect intrusion attempts. The introduction of new advanced metering initiatives must also be considered. Comprehensive monitoring systems should be available to support compliance with cyber security standards. It was concluded that senior management should commit to a periodic cyber security re-assessment program in order to keep up-to-date.

Analysis of Payment Card Industry Data Security Standard [PCI DSS] Compliance by Confluence of COBIT 5 Framework

OpenAIRE

Ashish Ukidve; Ds S SMantha; Milind Tadvalkar

2017-01-01

The Payment Card Industry Data Security Standard (PCI DSS) aims to enhance the security of cardholder data and is required when cardholder data or authentication data are stored, processed or transmitted. The implementation of enabling processes from COBIT 5 can complement compliance to PCI DSS. COBIT 5 assists enterprises in governance and management of enterprise IT and, at the same time, supports the need to meet security requirements with supporting processes and management activities. Th...

Current status of securing Category 1 and 2 radioactive sources in Taiwan

Energy Technology Data Exchange (ETDEWEB)

Cheng, Y-F.; Tsai, C-H. [Atomic Energy Council of Executive Yuan of Taiwan (China)

2014-07-01

For enhancing safe and secure management of Category 1 and 2 radioactive sources against theft or unauthorized removal, AEC (Atomic Energy Council) of Taiwan have been regulating the import/export of the sources ever since 2005, in compliance with the IAEA's (International Atomic Energy Agency) 'Guidance on the Import and Export of Radioactive Sources'. Furthermore in consulting the IAEA Nuclear Security Series No.11 report, administrative regulations on the program of securing the sources have been embodied into AECL's regulatory system since 2012, for the purpose of enforcing medical and non-medical licensees and industrial radiographers to establish their own radioactive source security programs. Regulations require that security functions such as access control, detection, delay, response and communication and security management measures are to be implemented within the programs. This paper is to introduce the current status in implementing the security control measures in Taiwan. (author)

Self-Reliability and Motivation in a Nuclear Security Culture Enhancement Program

Energy Technology Data Exchange (ETDEWEB)

Crawford,C.; de Boer,G.; De Castro, K; Landers, Ph.D., J; Rogers, E

2009-10-19

The threat of nuclear terrorism has become a global concern. Many countries continue to make efforts to strengthen nuclear security by enhancing systems of nuclear material protection, control, and accounting (MPC&A). Though MPC&A systems can significantly upgrade nuclear security, they do not eliminate the "human factor." This paper will describe some of the key elements of a comprehensive, sustainable nuclear security culture enhancement program and how implementation can mitigate the insider threat.

Nevada National Security Site Radiation Protection Program

Energy Technology Data Exchange (ETDEWEB)

none,

2013-04-30

Title 10 Code of Federal Regulations (CFR) Part 835, “Occupational Radiation Protection,” establishes radiation protection standards, limits, and program requirements for protecting individuals from ionizing radiation resulting from the conduct of U.S. Department of Energy (DOE) activities. 10 CFR 835.101(a) mandates that DOE activities be conducted in compliance with a documented Radiation Protection Program (RPP) as approved by DOE. This document promulgates the RPP for the Nevada National Security Site (NNSS), related (on-site or off-site) U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/NFO) operations, and environmental restoration off-site projects. This RPP section consists of general statements that are applicable to the NNSS as a whole. The RPP also includes a series of appendices which provide supporting detail for the associated NNSS Tennant Organizations (TOs). Appendix H, “Compliance Demonstration Table,” contains a cross-walk for the implementation of 10 CFR 835 requirements. This RPP does not contain any exemptions from the established 10 CFR 835 requirements. The RSPC and TOs are fully compliant with 10 CFR 835 and no additional funding is required in order to meet RPP commitments. No new programs or activities are needed to meet 10 CFR 835 requirements and there are no anticipated impacts to programs or activities that are not included in the RPP. There are no known constraints to implementing the RPP. No guides or technical standards are adopted in this RPP as a means to meet the requirements of 10 CFR 835.

A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

International Nuclear Information System (INIS)

Song, S. H.; Lee, M. S.; Kim, T. H.; Park, C. H.; Park, S. P.; Kim, H. S.

2014-01-01

As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system

A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

Energy Technology Data Exchange (ETDEWEB)

Song, S. H. [Korea University, Seoul (Korea, Republic of); Lee, M. S.; Kim, T. H. [Formal Work Inc., Seoul (Korea, Republic of); Park, C. H. [LINE Corp., Tokyo (Japan); Park, S. P. [Ahnlab Inc., Seoul (Korea, Republic of); Kim, H. S. [Sejong University, Seoul (Korea, Republic of)

2014-08-15

As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system.

DOD/COCOM Water Security Program Strategy Document

Science.gov (United States)

2011-04-22

treatment and disposal. DOD/COCOM Water Security Program Strategy 22 18. Toxic Minerals In regions where there are naturally occurring unsafe...surface hydrologic observations using remote sensing to provide data on precipitation, radiation, temperature, soil moisture, groundwater, snowcover...habitat alteration and aquaculture . 13. Centers for Disease Control (CDC) Works with partners throughout the nation and the world to monitor health

44 CFR 8.3 - Senior FEMA official responsible for the information security program.

Science.gov (United States)

2010-10-01

... 44 Emergency Management and Assistance 1 2010-10-01 2010-10-01 false Senior FEMA official... Senior FEMA official responsible for the information security program. The Director of the Security Division, has been designated as the senior official to direct and administer the FEMA information security...

An industrial view of the Plowshare program

Energy Technology Data Exchange (ETDEWEB)

Smith, Sam [Exploration, El Paso Natural Gas Company (United States)

1970-05-01

The presented viewpoints have evolved from extensive interaction since 1963 with government and industry participants in the Plowshare program. During the first decade of the Atomic Energy Commission's Plowshare program, the scientific feasibility of industrial applications of underground nuclear explosive technology was established by the Rainier, Gnome, Hardhat, Shoal, Salmon and Handcar experiments. A new era for examination of the technical and economic feasibility of industrial applications of nuclear explosives began with the Gas-buggy detonation in 1967. This era must be accompanied by close coordination between government and industry which was not required when government alone was establishing scientific feasibility. This presentation on 'industry's view of underground nuclear engineering' will be concentrated on problems which must be resolved to make the transition from scientific feasibility to technical and economic feasibility. The distinctions between 'contained' and 'cratering' applications go far beyond the differences in technology. Cratering objectives have been defined, funded by the government, pursued with a readiness date in mind, and supported by a national policy. Thus far, underground nuclear engineering has enjoyed few of these benefits. Industry's objective in underground nuclear engineering is to establish a viable enterprise which will benefit the public.

An industrial view of the Plowshare program

International Nuclear Information System (INIS)

Smith, Sam

1970-01-01

The presented viewpoints have evolved from extensive interaction since 1963 with government and industry participants in the Plowshare program. During the first decade of the Atomic Energy Commission's Plowshare program, the scientific feasibility of industrial applications of underground nuclear explosive technology was established by the Rainier, Gnome, Hardhat, Shoal, Salmon and Handcar experiments. A new era for examination of the technical and economic feasibility of industrial applications of nuclear explosives began with the Gas-buggy detonation in 1967. This era must be accompanied by close coordination between government and industry which was not required when government alone was establishing scientific feasibility. This presentation on 'industry's view of underground nuclear engineering' will be concentrated on problems which must be resolved to make the transition from scientific feasibility to technical and economic feasibility. The distinctions between 'contained' and 'cratering' applications go far beyond the differences in technology. Cratering objectives have been defined, funded by the government, pursued with a readiness date in mind, and supported by a national policy. Thus far, underground nuclear engineering has enjoyed few of these benefits. Industry's objective in underground nuclear engineering is to establish a viable enterprise which will benefit the public

Study evaluating the status quo and the legal implications of third party liability for the European Security Industry

NARCIS (Netherlands)

Bergkamp, L.; Faure, M.G.; Hinteregger, M.; Philipsen, N.J.

2013-01-01

Third party liability has been identified as an issue that could adversely impact the European security industry. Limitless third party liability for security product and services is believed to have the potential to reduce investments in innovation. In the US, the Safety Act (discussed in this

NotaMark industrial laser marking system: a new security marking technology

Science.gov (United States)

Moreau, Vincent G.

2004-06-01

Up until now, the only variable alphanumeric data which could be added to banknotes was the number, applied by means of impact typographical numbering boxes. As an additional process or an alternative to this mechanical method, a non-contact laser marking process can be used offering high quality and greater levels of flexibility. For this purpose KBA-GIORI propose an exclusive laser marking solution called NotaMark. The laser marking process NotaMark is the ideal solution for applying variable data and personalizing banknotes (or any other security documents) with a very high resolution, for extremely large production volumes. A completely integrated solution has been developed comprised of laser light sources, marking head units, and covers and extraction systems. NotaMark allows the marking of variable data by removing locally and selectively, specific printed materials leaving the substrate itself untouched. A wide range of materials has already been tested extensively. NotaMark is a new security feature which is easy to identify and difficult to counterfeit, and which complies with the standard mechanical and chemical resistance tests in the security printing industry as well as with other major soiling tests. The laser marking process opens up a whole new range of design possibilities and can be used to create a primary security feature such as numbering, or to enhance the value of existing features.

Postdoctoral pharmacy industry fellowships: a descriptive analysis of programs and postgraduate positions.

Science.gov (United States)

Melillo, Stephanie; Gangadharan, Amy; Johnson, Hiliary; Schleck, Patrick; Steinberg, Michael; Alexander, James G

2012-01-01

Postdoctoral pharmacy industry fellowship programs and the employment of fellowship graduates are described. A list of postgraduate industry fellowships was gathered from the 2009 ASHP Midyear Clinical Meeting. Data regarding program characteristics were collected using the Personnel Placement Service database and program-specific brochures. After data compilation, a standardized survey was sent in January 2010 via e-mail to the point of contact for all programs to confirm the accuracy of the program's characteristics. Only academically affiliated industry fellowship programs were analyzed. Retrospective data were collected regarding the first position of employment for all fellows who graduated from the program between 2005 and 2009 and the position of those same individuals at the time of survey completion. Surveys were sent to 64 postgraduate industry fellowship programs affiliated with a school of pharmacy, 56 (87.5%) of whom responded. The departmental breakdown for positions offered (n = 75) across all academically affiliated industry fellowship programs (including nonresponders) was as follows: medical affairs (38.7%, n = 29), clinical research (32.0%, n = 24), regulatory affairs (9.3%, n = 7), commercial (8.0%, n = 6), health economics and outcomes research (8.0%, n = 6), and pharmacovigilance (4.0%, n = 3). Data from fellows during years 1-5 after completion of the industry fellowship indicated that 90.5% of former fellows remained in the industry (n = 238). The postgraduate industry fellowship programs surveyed indicated that the majority of fellowship graduates continued to hold positions in industry after program completion. The majority of industry fellowships and subsequent job placements occurred in the areas of medical affairs, clinical research, and regulatory affairs.

The effectiveness of online gaming as part of a security awareness program

CSIR Research Space (South Africa)

Labuschagne, WA

2014-07-01

Full Text Available the human element whose actions can be considered as erratic and unpredictable thus posing a threat to the security of the organization. Security awareness programs aim to equip users of cyberspace with the necessary knowledge to identify and mitigate...

Empirical research on financial capability evaluation of A-share listed companies in the securities industry based on principal component analysis

Directory of Open Access Journals (Sweden)

Xiuping Wang

2017-11-01

Full Text Available Based on the relevant financial data indicators of A-share markets of Shanghai and Shenzhen in 2009, with all of 29 listed companies in the securities industry as the research objects, this paper selects 10variables that can fully reflect the financial capability indicators and uses the principal component analysis to carry out the empirical research on the financial capability. The research results show that the comprehensive financial capability of listed companies in A-share securities industry must be focused on the following four capabilities, investment and income, profit, capital composition and debt repayment and cash flow indicators. In addition, the principal component analysis can effectively evaluate the financial capability of listed companies in A-share securities industry, and solve the problems in the previous analysis methods, such as excessive indicators, information overlapping and so on.

Corporate strategic plan for safeguards and security

International Nuclear Information System (INIS)

1997-06-01

Department of Energy (DOE) safeguards and security (S and S) is a team effort, consisting of Field, National Laboratories, Program Office, and Headquarters units cooperating to support the Department's diverse security needs. As an integral part of the nation's security structure, the DOE S and S Program regularly supports and works in cooperation with other US Government agencies and private industry to improve the national security posture. Thus, inter- and intra-agency partnerships play an invaluable role in the continuing efforts to integrate and implement improved ways of doing business. Their Corporate Strategic Plan provides a road map to guide, track, and provide feedback for the incorporation and implementation of S and S activities within DOE. Part 1 Planning Framework, describes those overarching factors which influence the planning endeavors. Part 2, Strategic Perspective, outlines where the S and S Program has been and how they will move to the future through core competencies, changing cultural thinking, and implementing their strategies. Part 3, Strategic and Operational Integration, details critical focus areas, strategies, and success indicators designed to enhance inter-agency S and S integration and promote cooperation with external agencies. This Plan will be reviewed annually to ensure it remains supportive and fully-engaged with the nation's and international security environments

What is Security? A perspective on achieving security

Energy Technology Data Exchange (ETDEWEB)

Atencio, Julian J.

2014-05-05

This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

Programming of Canberra Industries 8100/Quanta System

International Nuclear Information System (INIS)

Yoshida, Hiroshi; Kubo, Katsumi

1980-03-01

In this report are described usage of an interactive programming language ''CLASS'' (Canberra Laboratory Automation Software System) which is a feature the software for Canberra Industries 8100/Quanta System consisting of a Canberra Industries 8100 multichannel analyzer (MCA) and a PDP-11/05 mini-computer, and the programs with CLASS developed to process and analyze the data of gamma spectra obtained with semiconductor detectors. The programs are (1) to compute the coefficients in the formulae that relate the channel numbers of gamma-ray photopeaks obtained from MCA and the energy values; (2) to subtract the background component from the total count of a photopeak obtained from MCA, and (3) to calculate the lapse of time in days or years following the preparation of a radiation source. (author)

Walk the Talk: Progress in Building a Supply Chain Security Culture

Energy Technology Data Exchange (ETDEWEB)

Hund, Gretchen [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2016-08-31

Pacific Northwest National Laboratory (PNNL) has engaged industry to “go beyond compliance” for over a decade in controlling and securing their supply chains to ensure their goods are not diverted to nuclear weapons programs. This work has focused on dual-use industries that manufacture products that can be used in both commercial applications and in the development of a nuclear weapon. The team encourages industry to self-regulate to reduce proliferation risks. As part of that work, PNNL interviewed numerous companies about their compliance practices to understand their business and to build awareness around best practices to ensure security of goods, technology, and information along their supply chains. From conducting this work, PNNL identified indicators that a company can adopt as part of its commitment to nonproliferation ideals with a focus on supply chain security.

Walk the Talk: Progress in Building a Supply Chain Security Culture

International Nuclear Information System (INIS)

Hund, Gretchen

2016-01-01

Pacific Northwest National Laboratory (PNNL) has engaged industry to ''go beyond compliance'' for over a decade in controlling and securing their supply chains to ensure their goods are not diverted to nuclear weapons programs. This work has focused on dual-use industries that manufacture products that can be used in both commercial applications and in the development of a nuclear weapon. The team encourages industry to self-regulate to reduce proliferation risks. As part of that work, PNNL interviewed numerous companies about their compliance practices to understand their business and to build awareness around best practices to ensure security of goods, technology, and information along their supply chains. From conducting this work, PNNL identified indicators that a company can adopt as part of its commitment to nonproliferation ideals with a focus on supply chain security.

78 FR 32241 - U.S. Air Force Seeks Industry Input for National Security Space Launch Assessment

Science.gov (United States)

2013-05-29

..., seeks industry views and perspectives to inform an on-going strategic National Security Space Launch... the U.S. Government. 2. What are the critical issues that concern current and prospective launch...

Report: Fiscal Year 2006 Federal Information Security Management Act Report Status of EPA’s Computer Security Program

Science.gov (United States)

Report #2006-S-00008, September 25, 2006. Although the Agency has made substantial progress to improve its security program, the OIG identified weaknesses in the Agency’s incident reporting practices.

Advanced Industrial Materials (AIM) Program. Annual progress report, FY 1994

Energy Technology Data Exchange (ETDEWEB)

Sorrell, C.A.

1995-05-01

The Advanced Industrial Materials Program is a part of the Office of Industrial Technologies (OIT), Energy Efficiency and Renewable Energy in the Department of Energy. The mission of the AIM Program is to conduct applied research, development, and applications engineering work, in partnership with industry, to commercialize new or improved materials and materials processing methods that will improve energy efficiency, productivity, and competitiveness. AIM is responsible for identifying, supporting, and coordinating multidisciplinary projects to solve identified industrial needs and transferring the technology to the industrial sector. Program investigators in the DOE National Laboratories are working closely with approximately 100 companies, including 15 partners in Cooperative Research and Development Agreements. Work is being done in a wide variety of materials technologies, including intermetallic alloys, ceramic composites, metal composites, polymers, engineered porous materials, and surface modification. The Program supports other efforts in the Office of Industrial Technologies to assist the energy consuming process industries, including forest products, glass, steel, aluminum, foundries, chemicals, and refineries. To support OITs {open_quotes}Industries of the Future{close_quotes} initiatives and to improve the relevance of materials research, assessments of materials needs and opportunities in the process industries are being made. These assessments are being used for program planning and priority setting; support of work to satisfy those needs is being provided. Many new materials that have come into the marketplace in recent years, or that will be available for commercial use within a few more years, offer substantial benefits to society. This document contains 28 reports on advanced materials research. Individual reports have been processed separately for entry onto the Department of Energy databases.

Report: Fiscal Year 2015 Federal Information Security Modernization Act Report: Status of CSB’s Information Security Program

Science.gov (United States)

Report #16-P-0086, January 27, 2016. The effectiveness of the CSB’s information security program is challenged by its lack of personal identity verification cards for logical access, complete system inventory.

Industrial screening programs for workers

International Nuclear Information System (INIS)

Lavine, M.P.

1982-01-01

Industrial screening efforts to identify classes of workers who are more susceptible to workplace hazards, by virtue of their fertility, genetic, or lifestyle characteristics, represent a relatively new approach to reducing workplace risks. Screening has already raised some important economic, legal, social, medical, and moral questions. Employers, employees, administrative agencies, and the courts are offering different, often conflicting answers. Ultimately the acceptability of various screening schemes rests upon judgments about how a society justifies the distribution of risk. The questions that industrial screening programs raise are only partially answered by empirical evidence; the rest is a matter of values

Report: EPA’s Information Security Program Is Established, but Improvements Are Needed to Strengthen Its Processes

Science.gov (United States)

Report #18-P-0031, October 30, 2017. Although the EPA has an effective information security program, management emphasis is needed to achieve a higher level of maturity for the agency’s information security program.

Advanced programming languages for industrial robots

International Nuclear Information System (INIS)

Wolter, H.

1983-02-01

With this report, the sponsor of the project on automation in manufacture introduces to the public several new programming procedures for industrial robots which are still under construction. In addition to the programming systems SRL - which, as already previously reported, represent an further development of the AL and ROBEX systems - two additional programming procedures are being described. These are adjusted to perform interactive work at the production site. As introduction to this report, a survey is offered on the status and development of robot programming in the Federal Republic of Germany and in other countries. (orig.) [de

Strong tobacco control program requirements and secure funding are not enough: lessons from Florida.

Science.gov (United States)

Kennedy, Allison; Sullivan, Sarah; Hendlin, Yogi; Barnes, Richard; Glantz, Stanton

2012-05-01

Florida's Tobacco Pilot Program (TPP; 1998-2003), with its edgy Truth media campaign, achieved unprecedented youth smoking reductions and became a model for tobacco control programming. In 2006, 3 years after the TPP was defunded, public health groups restored funding for tobacco control programming by convincing Florida voters to amend their constitution. Despite the new program's strong legal structure, Governor Charlie Crist's Department of Health implemented a low-impact program. Although they secured the program's strong structure and funding, Florida's nongovernmental public health organizations did not mobilize to demand a high-impact program. Implementation of Florida's Amendment 4 demonstrates that a strong programmatic structure and secure funding are insufficient to ensure a successful public health program, without external pressure from nongovernmental groups.

INFORMATION SECURITY RISKS OPTIMIZATION IN CLOUDY SERVICES ON THE BASIS OF LINEAR PROGRAMMING

Directory of Open Access Journals (Sweden)

I. A. Zikratov

2013-01-01

Full Text Available The paper discusses theoretical aspects of secure cloud services creation for information processing of various confidentiality degrees. A new approach to the reasoning of information security composition in distributed computing structures is suggested, presenting the problem of risk assessment as an extreme problem of decisionmaking. Linear programming method application is proved to minimize the risk of information security for given performance security in compliance with the economic balance for the maintenance of security facilities and cost of services. An example is given to illustrate the obtained theoretical results.

Revolutionizing safety and security in the chemical and process industry: applying the CHESS concept

NARCIS (Netherlands)

Reniers, G.L.L.M.E.; Khakzad Rostami, N.

2017-01-01

This paper argues that a new concept, summarized as ‘CHESS’, should be used in the chemical industry to further substantially advance safety (where we use the term in a broad sense, that is, safety and physical security, amongst others). The different domains that need to be focused upon, and where

CORBASec Used to Secure Distributed Aerospace Propulsion Simulations

Science.gov (United States)

Blaser, Tammy M.

2003-01-01

The NASA Glenn Research Center and its industry partners are developing a Common Object Request Broker (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines. It was developed by Glenn and is being managed by the NASA Ames Research Center as the lead center reporting directly to NASA Headquarters' Aerospace Technology Enterprise. Glenn is an active domain member of the Object Management Group: an open membership, not-for-profit consortium that produces and manages computer industry specifications (i.e., CORBA) for interoperable enterprise applications. When NPSS is deployed, it will assemble a distributed aerospace propulsion simulation scenario from proprietary analytical CORBA servers and execute them with security afforded by the CORBASec implementation. The NPSS CORBASec test bed was initially developed with the TPBroker Security Service product (Hitachi Computer Products (America), Inc., Waltham, MA) using the Object Request Broker (ORB), which is based on the TPBroker Basic Object Adaptor, and using NPSS software across different firewall products. The test bed has been migrated to the Portable Object Adaptor architecture using the Hitachi Security Service product based on the VisiBroker 4.x ORB (Borland, Scotts Valley, CA) and on the Orbix 2000 ORB (Dublin, Ireland, with U.S. headquarters in Waltham, MA). Glenn, GE Aircraft Engines, and Pratt & Whitney Aircraft are the initial industry partners contributing to the NPSS CORBASec test bed. The test bed uses Security SecurID (RSA Security Inc., Bedford, MA) two-factor token-based authentication together with Hitachi Security Service digital-certificate-based authentication to validate the various NPSS users. The test

Exploring Effects of Organizational Culture upon Implementation of Information Security Awareness and Training Programs within the Defense Industry Located in the Tennessee Valley Region

Science.gov (United States)

Grant, Robert Luther

2017-01-01

Data breaches due to social engineering attacks and employee negligence are on the rise. The only known defense against social engineering attacks and employee negligence is information security awareness and training. However, implementation of awareness and training programs within organizations are lagging in priority. This research used the…

Safeguard and security issues for the U.S. Fissile Materials Disposition Program

International Nuclear Information System (INIS)

Jaeger, C.D.; Moya, R.W.; Duggan, R.A.

1995-01-01

The Department of Energy's Office of Materials Disposition (MD) is analyzing long-term storage and disposition options for fissile materials, preparing a Programmatic Environmental Impact Statement (PEIS), preparing for a Record of Decision (ROD) regarding this material, and conducting other related activities. A primary objective of this program is to support U.S. nonproliferation policy by reducing major security risks. Particular areas of concern are the acquisition of this material by unauthorized persons and preventing the reintroduction of the material for use in weapons. This paper presents some of the issues, definitions, and assumptions addressed by the Safeguards and Security Project Team in support of the Fissile Materials Disposition Program (FMDP). The discussion also includes some preliminary ideas regarding safeguards and security criteria that are applicable to the screening of disposition options

Safeguards and security issues for the U.S. Fissile Materials Disposition Program

International Nuclear Information System (INIS)

Jaeger, C.D.; Moya, R.W.; Duggan, R.A.

1995-01-01

The Department of Energy's Office of Materials Disposition (MD) is analyzing long-term storage and disposition options for fissile materials, preparing a Programmatic Environmental Impact Statement (PEIS), preparing for a Record of Decision (ROD) regarding this material, and conducting other related activities. A primary objective of this program is to support US nonproliferation policy by reducing major security risks. Particular areas of concern are the acquisition of this material by unauthorized persons and preventing the reintroduction of the material for use in weapons. This paper presents some of the issues, definitions, and assumptions addressed by the Safeguards and Security Project Team in support of the Fissile Materials Disposition Program (FMDP). The discussion also includes some preliminary ideas regarding safeguards and security criteria that are applicable to the screening of disposition options

Advanced Industrial Materials (AIM) Program annual progress report, FY 1997

Energy Technology Data Exchange (ETDEWEB)

NONE

1998-05-01

The Advanced Industrial Materials (AIM) Program is a part of the Office of Industrial Technologies (OIT), Energy Efficiency and Renewable Energy, US Department of Energy (DOE). The mission of AIM is to support development and commercialization of new or improved materials to improve energy efficiency, productivity, product quality, and reduced waste in the major process industries. OIT has embarked on a fundamentally new way of working with industries--the Industries of the Future (IOF) strategy--concentrating on the major process industries that consume about 90% of the energy and generate about 90% of the waste in the industrial sector. These are the aluminum, chemical, forest products, glass, metalcasting, and steel industries. OIT has encouraged and assisted these industries in developing visions of what they will be like 20 or 30 years into the future, defining the drivers, technology needs, and barriers to realization of their visions. These visions provide a framework for development of technology roadmaps and implementation plans, some of which have been completed. The AIM Program supports IOF by conducting research and development on materials to solve problems identified in the roadmaps. This is done by National Laboratory/industry/university teams with the facilities and expertise needed to develop new and improved materials. Each project in the AIM Program has active industrial participation and support.

Shaping a novel security approach in chemical industrial clusters to prevent large-scale domino events

NARCIS (Netherlands)

Reniers, Genserik L L; Dullaert, Wout; Soudan, Karel

2009-01-01

Two aspects are important when it comes to guaranteeing an effective and efficient security policy in a chemical industrial cluster. The first issue involves obtaining an acceptable level of collaboration between the different enterprises forming the cluster. The second topic is to ensure that an

Lemnos Interoperable Security Program

Energy Technology Data Exchange (ETDEWEB)

Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

2012-01-31

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

Software-Based Visual Loan Calculator For Banking Industry

Science.gov (United States)

Isizoh, A. N.; Anazia, A. E.; Okide, S. O. 3; Onyeyili, T. I.; Okwaraoka, C. A. P.

2012-03-01

industry is very necessary in modern day banking system using many design techniques for security reasons. This paper thus presents the software-based design and implementation of a Visual Loan calculator for banking industry using Visual Basic .Net (VB.Net). The fundamental approach to this is to develop a Graphical User Interface (GUI) using VB.Net operating tools, and then developing a working program which calculates the interest of any loan obtained. The VB.Net programming was done, implemented and the software proved satisfactory.

The Oil Security Metrics Model: A Tool for Evaluating the Prospective Oil Security Benefits of DOE's Energy Efficiency and Renewable Energy R&D Programs

Energy Technology Data Exchange (ETDEWEB)

Greene, David L [ORNL; Leiby, Paul Newsome [ORNL

2006-05-01

Energy technology R&D is a cornerstone of U.S. energy policy. Understanding the potential for energy technology R&D to solve the nation's energy problems is critical to formulating a successful R&D program. In light of this, the U.S. Congress requested the National Research Council (NRC) to undertake both retrospective and prospective assessments of the Department of Energy's (DOE's) Energy Efficiency and Fossil Energy Research programs (NRC, 2001; NRC, 2005). ("The Congress continued to express its interest in R&D benefits assessment by providing funds for the NRC to build on the retrospective methodology to develop a methodology for assessing prospective benefits." NRC, 2005, p. ES-2) In 2004, the NRC Committee on Prospective Benefits of DOE's Energy Efficiency and Fossil Energy R&D Programs published a report recommending a new framework and principles for prospective benefits assessment. The Committee explicitly deferred the issue of estimating security benefits to future work. Recognizing the need for a rigorous framework for assessing the energy security benefits of its R&D programs, the DOE's Office of Energy Efficiency and Renewable Energy (EERE) developed a framework and approach for defining energy security metrics for R&D programs to use in gauging the energy security benefits of their programs (Lee, 2005). This report describes methods for estimating the prospective oil security benefits of EERE's R&D programs that are consistent with the methodologies of the NRC (2005) Committee and that build on Lee's (2005) framework. Its objective is to define and implement a method that makes use of the NRC's typology of prospective benefits and methodological framework, satisfies the NRC's criteria for prospective benefits evaluation, and permits measurement of that portion of the prospective energy security benefits of EERE's R&D portfolio related to oil. While the Oil Security Metrics (OSM) methodology described

Cyber security

CERN Document Server

Voeller, John G

2014-01-01

Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

Spatial Programming for Industrial Robots through Task Demonstration

Directory of Open Access Journals (Sweden)

Jens Lambrecht

2013-05-01

Full Text Available Abstract We present an intuitive system for the programming of industrial robots using markerless gesture recognition and mobile augmented reality in terms of programming by demonstration. The approach covers gesture-based task definition and adaption by human demonstration, as well as task evaluation through augmented reality. A 3D motion tracking system and a handheld device establish the basis for the presented spatial programming system. In this publication, we present a prototype toward the programming of an assembly sequence consisting of several pick-and-place tasks. A scene reconstruction provides pose estimation of known objects with the help of the 2D camera of the handheld. Therefore, the programmer is able to define the program through natural bare-hand manipulation of these objects with the help of direct visual feedback in the augmented reality application. The program can be adapted by gestures and transmitted subsequently to an arbitrary industrial robot controller using a unified interface. Finally, we discuss an application of the presented spatial programming approach toward robot-based welding tasks.

The School Breakfast Program strengthens household food security among low-income households with elementary school children.

Science.gov (United States)

Bartfeld, Judith S; Ahn, Hong-Min

2011-03-01

The School Breakfast Program is an important component of the nutritional safety net and has been linked to positive changes in meal patterns and nutritional outcomes. By offering a breakfast, which for low-income children is available either at no cost or reduced price, the program also has the potential to increase household food security. This study examined the relationship between availability of the School Breakfast Program and household food security among low-income third-grade students by using data from the Early Childhood Longitudinal Survey-Kindergarten Cohort. The primary sample included 3010 students. Availability of school breakfast was assessed by surveys of school administrators. Food security was assessed by parents' reports by using the standard 18-item food security scale and considering 2 different food security thresholds. A probit model was estimated to measure the relationship between school breakfast availability and household food security while controlling for a range of other characteristics. Access to school breakfast reduced the risk of marginal food insecurity but not the risk of food insecurity at the standard threshold. That is, the program appeared beneficial in offsetting food-related concerns among at-risk families, although not necessarily in alleviating food insecurity once hardships had crossed the food insecurity threshold. Increasing the availability of school breakfast may be an effective strategy to maintain food security among low-income households with elementary school children.

National Survey of Computer Aided Manufacturing in Industrial Technology Programs.

Science.gov (United States)

Heidari, Farzin

The current status of computer-aided manufacturing in the 4-year industrial technology programs in the United States was studied. All industrial technology department chairs were mailed a questionnaire divided into program information, equipment information, and general comments sections. The questionnaire was designed to determine the subjects…

Food Security and Weight Status in Children: Interactions With Food Assistance Programs.

Science.gov (United States)

Nguyen, Binh T; Ford, Christopher N; Yaroch, Amy L; Shuval, Kerem; Drope, Jeffrey

2017-02-01

It is unclear whether Supplemental Nutrition Assistance Program (SNAP) or National School Lunch Program (NSLP) participation modifies the relationship between food insecurity and obesity in children. Data were included for 4,719 children aged 9-17 years who participated in the National Health and Nutrition Survey between 2003-2004 and 2011-2012. Linear regression was used to examine the relationship between household food security (full, marginal, low, and very low) and BMI percentile. Adjusted models were also stratified by SNAP and NSLP participation. There was no significant overall relationship between household food security and BMI percentile. In SNAP non-participants, there was no apparent overall relationship between BMI percentile and household food security. However, BMI percentile in children from households with low food security was significantly higher than that of children from fully food-secure households (risk difference [RD]=5.95, 95% CI=1.11, 10.80). Among SNAP participants, there was no significant relationship between household food security and BMI percentile. By NSLP participation category, there was a non-significant trend toward increasing BMI percentile with decreasing household food security in those reporting two or fewer (RD=1.75, 95% CI= -0.79, 4.29) and two to three (RD=1.07; 95% CI= -1.74, 3.89) lunches/week. There was no apparent relationship between household food security and BMI percentile in those reporting four or more lunches/week. Although the overall relationship between household food security and weight status in school-aged children was not statistically significant, there was some evidence that the relationship may differ by SNAP or NSLP participation, suggesting the need for more research. Copyright © 2016 American Journal of Preventive Medicine. Published by Elsevier Inc. All rights reserved.

PEMETAAN INDUSTRI PENGOLAHAN PANGAN UNGGULAN BERBASIS SISTEM INFORMASI GEOGRAFIS PADA PROPINSI JAWA TENGAH

OpenAIRE

Oswari, Teddy; Agustina, Fenni; Haryatmi, Emy; Suhendra, E. Susy

2017-01-01

The emphasis of the agricultural industry in Indonesia lies in the program of increasing food security, agribusiness development and improving the welfare of farmers. The priority of food security in establishing the independence of farmers in maintaining local resources efficiently and optimally, so that resources can be utilized further. The objectives of the research are to mapping the leading food processing industry, the determination of the leading local resources, the formation of docu...

Socio-Economic Correlates of Information Security Threats and Controls in Global Financial Services Industry: An Analysis

OpenAIRE

Princely Ifinedo

2015-01-01

Threats to data and information assets of Global Financial Services Industry (GFSI) are ever-present; such problems, if not well understood, could lead to huge negative impact. To some extent, the environment where a business operates does matter for its success. This study presents information about the relationships between selected socio-economic factors and information security threats and controls in the financial services industry. Essentially, it seeks to enrich the information provide...

Security an introduction

CERN Document Server

Purpura, Philip P

2011-01-01

Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

DATA Act File B Object Class and Program Activity - Social Security

Data.gov (United States)

Social Security Administration — The DATA Act Information Model Schema Reporting Submission Specification File B. File B includes the agency object class and program activity detail obligation and...

An Undergraduate Information Security Program: More than a Curriculum

Science.gov (United States)

Woodward, Belle; Imboden, Thomas; Martin, Nancy L.

2013-01-01

This paper describes the implementation of an information security program at a large Midwestern university. The initial work is briefly summarized and improvements that have occurred over time are described. Current activities and future plans are discussed. This paper offers insight and lessons learned for organizations that have or are…

PCI DSS: Security Standard and Security in Fact

OpenAIRE

M. V. Kuzin

2011-01-01

The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

An integrated approach to validation of safeguards and security program performance

International Nuclear Information System (INIS)

Altman, W.D.; Hunt, J.S.; Hockert, J.W.

1988-01-01

Department of Energy (DOE) requirements for safeguards and security programs are becoming increasingly performance oriented. Master Safeguards and Security Agreemtns specify performance levels for systems protecting DOE security interests. In order to measure and validate security system performance, Lawrence Livermore National Laboratory (LLNL) has developed cost effective validation tools and a comprehensive validation approach that synthesizes information gained from different activities such as force on force exercises, limited scope performance tests, equipment testing, vulnerability analyses, and computer modeling; into an overall assessment of the performance of the protection system. The analytic approach employs logic diagrams adapted from the fault and event trees used in probabilistic risk assessment. The synthesis of the results from the various validation activities is accomplished using a method developed by LLNL, based upon Bayes' theorem

Sandia's experience in designing and implementing integrated high security physical protection systems

International Nuclear Information System (INIS)

Caskey, D.L.

1986-01-01

As DOE's lead laboratory for physical security, Sandia National Laboratories has had a major physical security program for over ten years. Activities have ranged from component development and evaluation, to full scale system design and implementation. This paper presents some of the lessons learned in designing and implementing state-of-the-art high security physical protection systems for a number of government facilities. A generic system design is discussed for illustration purposes. Sandia efforts to transfer technology to industry are described

The Importance of the Brain Neuro-Programming Technologies in National and Regional Security

Directory of Open Access Journals (Sweden)

Vasyl H. Fatkhutdinov

2018-02-01

Full Text Available The authors’ understanding of neuro-programming is the result of the impact on the human brain of information and communication technology (including educational one, through which in the human brain the programs of manifestation in the ontogenesis of internal creative potentials are written. This article summarizes the history of the formation of key neuro-programming technologies of the human brain as well as proves that the changes in the society’s worldview are caused by the possibilities and quality of neuro-programming technologies that society uses. Having influence over worldview stereotypes and behaviour set by the society, neuro-programming technologies essentially ensure the national security of any state and the peaceful coexistence of states in the regions and on the planet as a whole. Using historical and philosophical methods, methods of conceptualization, systematization, modeling, etc., the authors have come to the conclusion that the modern world lies in a confrontation of security strategies, in which neuro-programming technologies play a key role.

PCI DSS: Security Standard and Security in Fact

Directory of Open Access Journals (Sweden)

M. V. Kuzin

2011-12-01

Full Text Available The article focuses on Payment Card Industry Data Security Standard (PCI DSS requirements and practices, especially it’s issues and disadvantages to achieve the main goal — security of payment cards infrastructure.

49 CFR 659.25 - Annual review of system safety program plan and system security plan.

Science.gov (United States)

2010-10-01

... system security plan. 659.25 Section 659.25 Transportation Other Regulations Relating to Transportation... and system security plan. (a) The oversight agency shall require the rail transit agency to conduct an annual review of its system safety program plan and system security plan. (b) In the event the rail...

A continuing program for technology transfer to the apparel industry

Science.gov (United States)

Clingman, W. H.

1971-01-01

A six month program has been carried out to investigate various mechanisms for transferring technology to industry. This program has focused on transfer to the apparel industry through the Apparel Research Foundation. The procedure was to analyze the problem, obtain potentially relevant aerospace technology, and then transfer this technology to the industry organization. This was done in a specific case. Technology was identified relevant to stitchless joining, and this technology was transferred to the Apparel Research Foundation. The feasibility and ground rules for carrying out such activities on a broader scale were established. A specific objective was to transfer new technology from the industry organization to the industry itself. This required the establishment of an application engineering program. Another transfer mechanism tested was publication of solutions to industry problems in a format familiar to the industry. This is to be distinguished from circulating descriptions of new technology. Focus is on the industry problem and the manager is given a formula for solving it that he can follow. It was concluded that this mechanism can complement the problem statement approach to technology transfer. It is useful in achieving transfer when a large amount of application engineering is not necessary. A wide audience is immediately exposed to the technology. On the other hand, the major manufacturing problems which require a sophisticated technical solution integrating many innovations are less likely to be helped.

Profile of the chemicals industry in California: Californiaindustries of the future program

Energy Technology Data Exchange (ETDEWEB)

Galitsky, Christina; Worrell, Ernst

2004-06-01

The U.S. Department of Energy (DOE) Office of Industrial Technologies (OIT) established the Industries of the Future (IOF) program to increase energy efficiency, reduce waste production and to improve competitiveness, currently focusing on nine sectors. The IOF is a partnership strategy involving industry, the research community and the government, working together to identify technology needs, promote industrial partnerships and implement joint measures with all partners involved. The State Industries of the Future (SIOF) program delivers the accomplishments of the national Industries of the Future strategy to the local level, to expand the technology opportunities to a larger number of partners and reach smaller businesses and manufacturers that were not initially involved in the IOF effort. The state programs bring together industry, academia, and state agencies to address the important issues confronting industry in the state. These public-private coalitions facilitate industry solutions locally and enhance economic development. California has started a State Industries of the Future effort, in collaboration with the U.S. Department of Energy. The California Energy Commission (CEC) is leading the SIOF program in California, as part of many other programs to improve the energy efficiency and performance of industries in California. The California State IOF program aims to build a network of participants from industry, academia and government in four selected industrial sectors as a basis for the development of a strategic partnership for industrial energy efficient technology in the state. In California the IOF effort focuses petroleum refining, chemical processing, food processing and electronics. As part of this effort, the SIOF program will develop roadmaps for technology development for the selected sectors. On the basis of the roadmap, the program will develop successful projects with co-funding from state and federal government, and promote industry

The security analyzer, a security analyzer program written in Prolog

International Nuclear Information System (INIS)

Zimmerman, B.D.; Densley, P.J.; Carlson, R.L.

1987-01-01

A technique has been developed to characterize a nuclear facility and measure the strengths and weaknesses of the physical protection system. It utilizes the artificial intelligence capabilities available in the prolog programming language to probe a facility's defenses and find potential attack paths that meet designated search criteria. As sensors or barriers become inactive due to maintenance, failure, or inclement weather conditions, the protection system can rapidly be reanalyzed to discover weaknesses that would need to be strengthened by alternative means. Conversely, proposed upgrades and enhancements can be easily entered into the database and their effect measured against a variety of potential adversary attacks. Thus the security analyzer is a tool that aids the protection planner as well as the protection operations staff

Security guide for subcontractors

Energy Technology Data Exchange (ETDEWEB)

Adams, R.C.

1993-06-01

This guide is provided to aid in the achievement of security objectives in the Department of Energy (DOE) contractor/subcontractor program. The objectives of security are to protect information that, if released, would endanger the common defense and security of the nation and to safeguard plants and installations of the DOE and its contractors to prevent the interruption of research and production programs. The security objective and means of achieving the objective are described. Specific security measures discussed in this guide include physical barriers, personnel identification systems, personnel and vehicular access control, classified document control, protection of classified matter in use, storing classified matter, and repository combinations. Means of dealing with security violations and security infractions are described. Maintenance of a security education program is discussed. Also discussed are methods of handling clearance terminations, visitor control, travel to sensitive countries, and shipment security. The Technical Surveillance Countermeasures Program (TSCM), the Computer Security Program, and the Operations Security Plan (OPSEC) are examined.

Developing a secured social networking site using information security awareness techniques

Directory of Open Access Journals (Sweden)

Julius O. Okesola

2014-11-01

Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

Sustained Energy Savings Achieved through Successful Industrial Customer Interaction with Ratepayer Programs: Case Studies

Energy Technology Data Exchange (ETDEWEB)

Goldberg, Amelie [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hedman, Bruce [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Taylor, Robert P. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Russell, Christopher [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

2015-10-01

Many states have implemented ratepayer-funded programs to acquire energy efficiency as a predictable and reliable resource for meeting existing and future energy demand. These programs have become a fixture in many U.S. electricity and natural gas markets as they help postpone or eliminate the need for expensive generation and transmission investments. Industrial energy efficiency (IEE) is an energy efficiency resource that is not only a low cost option for many of these efficiency programs, but offers productivity and competitive benefits to manufacturers as it reduces their energy costs. However, some industrial customers are less enthusiastic about participating in these programs. IEE ratepayer programs suffer low participation by industries across many states today despite a continual increase in energy efficiency program spending across all types of customers, and significant energy efficiency funds can often go unused for industrial customers. This paper provides four detailed case studies of companies that benefited from participation in their utility’s energy efficiency program offerings and highlights the business value brought to them by participation in these programs. The paper is designed both for rate-payer efficiency program administrators interested in improving the attractiveness and effectiveness of industrial efficiency programs for their industrial customers and for industrial customers interested in maximizing the value of participating in efficiency programs.

Radiological protection, safety and security issues in the industrial and medical applications of radiation sources

International Nuclear Information System (INIS)

Vaz, Pedro

2015-01-01

The use of radiation sources, namely radioactive sealed or unsealed sources and particle accelerators and beams is ubiquitous in the industrial and medical applications of ionizing radiation. Besides radiological protection of the workers, members of the public and patients in routine situations, the use of radiation sources involves several aspects associated to the mitigation of radiological or nuclear accidents and associated emergency situations. On the other hand, during the last decade security issues became burning issues due to the potential malevolent uses of radioactive sources for the perpetration of terrorist acts using RDD (Radiological Dispersal Devices), RED (Radiation Exposure Devices) or IND (Improvised Nuclear Devices). A stringent set of international legally and non-legally binding instruments, regulations, conventions and treaties regulate nowadays the use of radioactive sources. In this paper, a review of the radiological protection issues associated to the use of radiation sources in the industrial and medical applications of ionizing radiation is performed. The associated radiation safety issues and the prevention and mitigation of incidents and accidents are discussed. A comprehensive discussion of the security issues associated to the global use of radiation sources for the aforementioned applications and the inherent radiation detection requirements will be presented. Scientific, technical, legal, ethical, socio-economic issues are put forward and discussed. - Highlights: • The hazards associated to the use of radioactive sources must be taken into account. • Security issues are of paramount importance in the use of radioactive sources. • Radiation sources can be used to perpetrate terrorist acts (RDDs, INDs, REDs). • DSRS and orphan sources trigger radiological protection, safety and security concerns. • Regulatory control, from cradle to grave, of radioactive sources is mandatory.

75 FR 56858 - Improvements to the Supplemental Security Income Program-Heroes Earnings Assistance and Relief...

Science.gov (United States)

2010-09-17

... number, 1-800-772-1213, or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at... SOCIAL SECURITY ADMINISTRATION 20 CFR Part 416 [Docket No. SSA-2009-0017] RIN 0960-AH00 Improvements to the Supplemental Security Income Program--Heroes Earnings Assistance and Relief Tax Act of 2008...

Fusion program. The interest for the industry

International Nuclear Information System (INIS)

Dominguez Bautista, M. T.

2007-01-01

On November 21, 2006, the ministers representing all the parties taking part in ITER (EU, china, India, Japan, Rusia, USA and south Korea signed the so-called ITER agreement, thereby affirming the decision to build this fusion energy demonstration experiment. As of that moment, each partner has been preparing its Domestic Agency that will manage its contribution. Europe will play a relevant role in this facility, the site of which is located in Cadarache, and will provide 50% of its investment. This leading role of Europe is the continuation of years of decisive support for the fusion program. In successive Framework Programs of EURATOM, resources have been allotted to fusion and projects have been executed with specific organizations to coordinate them (EFDA). One of the most significant decision to accomplish this coordination was to involve the industry; in 1994, the ITER EDA Framework Contract was signed to develop the ITER engineering. Since then the EFET group, formed by seven European engineering firms including Empresarios Agrupados and Sener, has developed design work for ITER. together with these engineering activities, engineering firms and manufacturers were qualified to develop prototypes as apart of the so-called 17-technology program. these decisions have made it possible to provide ITER with the industry experience in the execution of large projects and have provided industry with a knowledge of this facility features. Now the time has come to execute the project, and the challenge will be to know how to take advantage of the experience gained by Europe. This article discusses in greater detail the areas to which the European industry has contributed and the expected conditions for this participation. (Author)

Training programs for the systems approach to nuclear security

International Nuclear Information System (INIS)

Ellis, D.

2005-01-01

Full text: In support of United States Government (USG) and International Atomic Energy Agency (IAEA) nuclear security programs, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been developed and implemented as the basis for a performance-based methodology for the design and evaluation of physical protection systems against a design basis threat (DBT) for theft and sabotage of nuclear and/or radiological materials. Integrated systems must include technology, people, and the man-machine interface. A critical aspect of the human element is training on the systems-approach for all the stakeholders in nuclear security. Current training courses and workshops have been very beneficial but are still rather limited in scope. SNL has developed two primary international classes - the international training course on the physical protection of nuclear facilities and materials, and the design basis threat methodology workshop. SNL is also completing the development of three new courses that will be offered and presented in the near term. They are vital area identification methodology focused on nuclear power plants to aid in their protection against radiological sabotage, insider threat analysis methodology and protection schemes, and security foundations for competent authority and facility operator stakeholders who are not security professionals. In the long term, we envision a comprehensive nuclear security curriculum that spans policy and technology, regulators and operators, introductory and expert levels, classroom and laboratory/field, and local and offsite training options. This training curriculum will be developed in concert with a nuclear security series of guidance documents that is expected to be forthcoming from the IAEA. It is important to note that while appropriate implementation of systems based on such training and documentation can improve the risk reduction, such a

Security intelligence a practitioner's guide to solving enterprise security challenges

CERN Document Server

Li, Qing

2015-01-01

Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo

Radiological Threat Reduction (RTR) program: implementing physical security to protect large radioactive sources worldwide

International Nuclear Information System (INIS)

Lowe, Daniel L.

2004-01-01

The U.S. Department of Energy's Radiological Threat Reduction (RTR) Program strives to reduce the threat of a Radiological Dispersion Device (RDD) incident that could affect U.S. interests worldwide. Sandia National Laboratories supports the RTR program on many different levels. Sandia works directly with DOE to develop strategies, including the selection of countries to receive support and the identification of radioactive materials to be protected. Sandia also works with DOE in the development of guidelines and in training DOE project managers in physical protection principles. Other support to DOE includes performing rapid assessments and providing guidance for establishing foreign regulatory and knowledge infrastructure. Sandia works directly with foreign governments to establish cooperative agreements necessary to implement the RTR Program efforts to protect radioactive sources. Once necessary agreements are in place, Sandia works with in-country organizations to implement various security related initiatives, such as installing security systems and searching for (and securing) orphaned radioactive sources. The radioactive materials of interest to the RTR program include Cobalt 60, Cesium 137, Strontium 90, Iridium 192, Radium 226, Plutonium 238, Americium 241, Californium 252, and Others. Security systems are implemented using a standardized approach that provides consistency through out the RTR program efforts at Sandia. The approach incorporates a series of major tasks that overlap in order to provide continuity. The major task sequence is to: Establish in-country contacts - integrators, Obtain material characterizations, Perform site assessments and vulnerability assessments, Develop upgrade plans, Procure and install equipment, Conduct acceptance testing and performance testing, Develop procedures, and Conduct training. Other tasks are incorporated as appropriate and commonly include such as support of reconfiguring infrastructure, and developing security

Delivering high-level food industry skills for future food security through Advanced Training Partnerships

OpenAIRE

Frazier, Richard A.

2013-01-01

The UK Biotechnology and Biological Sciences Research Council’s Advanced Training Partnerships initiative represents a significant investment in the provision of high-level skills for the UK food industry sector to address global food security from farm to fork. This paper summarises the background, aims and scope of the Advanced Training Partnerships, their development so far, and offers a view on future directions and evaluation of impact.

Leveraging multi-channel x-ray detector technology to improve quality metrics for industrial and security applications

Science.gov (United States)

Jimenez, Edward S.; Thompson, Kyle R.; Stohn, Adriana; Goodner, Ryan N.

2017-09-01

Sandia National Laboratories has recently developed the capability to acquire multi-channel radio- graphs for multiple research and development applications in industry and security. This capability allows for the acquisition of x-ray radiographs or sinogram data to be acquired at up to 300 keV with up to 128 channels per pixel. This work will investigate whether multiple quality metrics for computed tomography can actually benefit from binned projection data compared to traditionally acquired grayscale sinogram data. Features and metrics to be evaluated include the ability to dis- tinguish between two different materials with similar absorption properties, artifact reduction, and signal-to-noise for both raw data and reconstructed volumetric data. The impact of this technology to non-destructive evaluation, national security, and industry is wide-ranging and has to potential to improve upon many inspection methods such as dual-energy methods, material identification, object segmentation, and computer vision on radiographs.

Food Security and Women's Access to Natural Resources workshop; a brief report.

Science.gov (United States)

1997-01-01

This article describes the workshop on Food Security and Women's Access to Natural Resources, held in January 1997 in Mumbai, India. The workshop was organized jointly by the Tata Institute of Social Sciences and the Indian Association of Women's Studies. The aim was to examine the food security situation in Maharashtra and Gujarat states in the west, the initiative to build alternative institutions, legal changes augmenting industrialization, and how traditional rights to common property resources can be legalized and how the poor can have access to new resources. The workshop organizers were unable to obtain experts on some topics. Core discussion centered on changes in industrialization, natural resources, gender and food security; access to natural resources and poverty alleviation programs; initiatives to create food security; and laws related to access to land and water. Discussions revealed the alienation of small and marginal farmers, landless laborers, and artisans from their livelihoods and survival strategies for these disenfranchised groups. The design of drought eradication and water conservation programs did not permit women and men working at construction sites to have access to the program assets. Case studies revealed situations in which women won the right of access to community water and then negotiated for land in lease. The women used landowners to negotiate credit and access development program assets, but normal channels of the National Bank of Agricultural Research and Development could have provided these benefits. Participants discussed how governments can be held accountable and how public funds could be used to revamp poverty alleviation and asset creation programs. All agreed that macrolevel development should give priority to agricultural development and legal constraints or problems. Five follow-up activities are identified.

AspectKE*:Security Aspects with Program Analysis for Distributed Systems

DEFF Research Database (Denmark)

2010-01-01

AspectKE* is the first distributed AOP language based on a tuple space system. It is designed to enforce security policies to applications containing untrusted processes. One of the key features is the high-level predicates that extract results of static program analysis. These predicates provide...

The Industrial Vocational High School Teacher Training Program Cooperating with the Enterprises.

Science.gov (United States)

Chi, Cheng-Feng

Training of vocational education teachers should be closely linked to the industries in which the teachers are preparing to instruct students. A teacher training program in Taiwan has been designed with the cooperation of the metals manufacturing industry. In this four-year program, students are assigned to the industry to learn the product…

77 FR 32709 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Homeland Security...

Science.gov (United States)

2012-06-01

...; Computer Matching Program (SSA/ Department of Homeland Security (DHS))--Match Number 1010 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program that... amended by the Computer Matching and Privacy Protection Act of 1988, as amended, and the regulations and...

Safeguards and security research and development: Program status report, February-July 1981

International Nuclear Information System (INIS)

Henry, C.N.; Walton, R.B.

1982-04-01

This report, one of a series of biannual progress reports, describes the status of research and development in the Safeguards and Security Program at Los Alamos from February-July 1981. Most work covered here is sponsored by the Office of Safeguards and Security of the Department of Energy; however, project activities that are technically closely related to nuclear safeguards and security also are included where appropriate for conveying information useful to the nuclear community. The report comprises four major subject areas: Security Development and Support; Nuclear Materials Measurement and Engineering; Nuclear Facility Safeguards Support; and International Safeguards, Technology Transfer, and Training. Some technical topics included in the subject areas are computer and informational security, chemical and nondestructive analysis of nuclear materials, process modeling and analysis, nuclear materials accounting systems, evaluation of prototype measurement instrumentation and procedures in nuclear facilities, design and consultation for facilities, technical exchange, training courses, and international safeguards

Safeguards and security research and development: Program status report, February-July 1981

Energy Technology Data Exchange (ETDEWEB)

Henry, C.N.; Walton, R.B. (comps.)

1982-04-01

This report, one of a series of biannual progress reports, describes the status of research and development in the Safeguards and Security Program at Los Alamos from February-July 1981. Most work covered here is sponsored by the Office of Safeguards and Security of the Department of Energy; however, project activities that are technically closely related to nuclear safeguards and security also are included where appropriate for conveying information useful to the nuclear community. The report comprises four major subject areas: Security Development and Support; Nuclear Materials Measurement and Engineering; Nuclear Facility Safeguards Support; and International Safeguards, Technology Transfer, and Training. Some technical topics included in the subject areas are computer and informational security, chemical and nondestructive analysis of nuclear materials, process modeling and analysis, nuclear materials accounting systems, evaluation of prototype measurement instrumentation and procedures in nuclear facilities, design and consultation for facilities, technical exchange, training courses, and international safeguards.

78 FR 11996 - Energy Efficiency Program for Commercial and Industrial Equipment: Commercial and Industrial Pumps

Science.gov (United States)

2013-02-21

.... EERE-2011-BT-STD-0031] RIN 1904-AC54 Energy Efficiency Program for Commercial and Industrial Equipment: Commercial and Industrial Pumps AGENCY: Office of Energy Efficiency and Renewable Energy, Department of... CONTACT: Mr. Charles Llenza, U.S. Department of Energy, Office of Energy Efficiency and Renewable Energy...

78 FR 35945 - Request for Comments on Security Training Programs for Surface Mode Employees

Science.gov (United States)

2013-06-14

... million for training projects. Similarly, under the Intercity Bus Security Grant Program (IBSGP), which... related to the security elements in Table 1, per employee? (Please indicate whether this includes travel... on the size and scope of the exercise, including the phases of an exercise, travel expenses for...

Alberta industrial synergy CO2 programs initiative

International Nuclear Information System (INIS)

Yildirim, E.

1998-01-01

The various industrial sectors within Alberta produce about 350,000 tonnes of CO 2 per day. This presentation was concerned with how this large volume and high concentration of CO 2 can be used in industrial and agricultural applications, because every tonne of CO 2 used for such purposes is a tonne that does not end up in the atmosphere. There is a good potential for an industrial synergy between the producers and users of CO 2 . The Alberta Industrial Synergy CO 2 Programs Initiative was established to ultimately achieve a balance between the producers of CO 2 and the users of CO 2 by creating ways to use the massive quantities of CO 2 produced by Alberta's hydrocarbon-based economy. The Alberta CO 2 Research Steering Committee was created to initiate and support CO 2 programs such as: (1) CO 2 use in enhanced oil recovery, (2) creation of a CO 2 production inventory, (3) survey of CO 2 users and potential users, (4) investigation of process issues such as power generation, oil sands and cement manufacturing, and (5) biofixation by plants, (6) other disposal options (e.g. in depleted oil and gas reservoirs, in aquifers, in tailings ponds, in coal beds). The single most important challenge was identified as 'rationalizing the formation of the necessary infrastructure'. Failing to do that will greatly impede efforts directed towards CO 2 utilization

Information security fundamentals

CERN Document Server

Peltier, Thomas R

2013-01-01

Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.The book examines the elements of computer security, employee roles and r

Watermarking security

CERN Document Server

Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

2016-01-01

This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

Building a National Security Program at a Small School: Identifying Opportunities and Overcoming Challenges

Science.gov (United States)

Grossman, Michael; Schortgen, Francis

2016-01-01

This article offers insights into the overall program development process and--institutional obstacles and constraints notwithstanding--successful introduction of a new national security program at a small liberal arts university at a time of growing institutional prioritization of science, technology, engineering, and mathematics (STEM) programs.…

Walk the Talk: How PNNL is developing a Supply Chain Security Culture

Energy Technology Data Exchange (ETDEWEB)

Hund, Gretchen [Pacific Northwest National Lab. (PNNL), Richland, WA (United States). Center for Global Security

2015-09-30

For the past decade, a team at the Pacific Northwest National Laboratory (PNNL) has engaged industry to “go beyond compliance” in controlling and securing their supply chains to ensure their goods are not diverted to nuclear weapons programs. This work has focused on dual-use industries that manufacture products that can be used in both commercial applications and in the development of a nuclear weapon. The team encourages industry to self-regulate to reduce proliferation risks. As part of that work, PNNL interviewed numerous companies about their compliance practices in order to understand their business and to build awareness around best practices to ensure security of goods and information along their supply chains. As a result, PNNL has identified seven indicators that a company can adopt as part of their commitment to nonproliferation ideals.

Walk the Talk: How PNNL is developing a Supply Chain Security Culture

International Nuclear Information System (INIS)

Hund, Gretchen

2015-01-01

For the past decade, a team at the Pacific Northwest National Laboratory (PNNL) has engaged industry to ''go beyond compliance'' in controlling and securing their supply chains to ensure their goods are not diverted to nuclear weapons programs. This work has focused on dual-use industries that manufacture products that can be used in both commercial applications and in the development of a nuclear weapon. The team encourages industry to self-regulate to reduce proliferation risks. As part of that work, PNNL interviewed numerous companies about their compliance practices in order to understand their business and to build awareness around best practices to ensure security of goods and information along their supply chains. As a result, PNNL has identified seven indicators that a company can adopt as part of their commitment to nonproliferation ideals.

Extracting classification rules from an informatic security incidents repository by genetic programming

Directory of Open Access Journals (Sweden)

Carlos Javier Carvajal Montealegre

2015-04-01

Full Text Available This paper describes the data mining process to obtain classification rules over an information security incident data collection, explaining in detail the use of genetic programming as a mean to model the incidents behavior and representing such rules as decision trees. The described mining process includes several tasks, such as the GP (Genetic Programming approach evaluation, the individual's representation and the algorithm parameters tuning to upgrade the performance. The paper concludes with the result analysis and the description of the rules obtained, suggesting measures to avoid the occurrence of new informatics attacks. This paper is a part of the thesis work degree: Information Security Incident Analytics by Data Mining for Behavioral Modeling and Pattern Recognition (Carvajal, 2012.

Spatial Programming for Industrial Robots Through Task Demonstration

OpenAIRE

Jens Lambrecht; Martin Kleinsorge; Martin Rosenstrauch; Jörg Krüger

2013-01-01

Abstract We present an intuitive system for the programming of industrial robots using markerless gesture recognition and mobile augmented reality in terms of programming by demonstration. The approach covers gesture-based task definition and adaption by human demonstration, as well as task evaluation through augmented reality. A 3D motion tracking system and a handheld device establish the basis for the presented spatial programming system. In this publication, we present a prototype toward ...

Guide to request license for industrial X-rays practices

International Nuclear Information System (INIS)

2000-05-01

In this work the instructions it plows described to request license for practices it of industrial x-ray it continued. The instructions but important: they plows license type, purpose of the application, source and equipment, location of local the, program of radiological protection and security

INMETRO products analysis program: impact on quality of the brazilian industry

Directory of Open Access Journals (Sweden)

Marcos André Borges

2008-07-01

Full Text Available The main objective is to proceed a detailed analysis of the Products Analysis Program of Inmetro, evaluating its contribution to the suppliers of products and services. The relevance of this program - a governmental initiative financed with public resources that relates several sectors of the society – as a factor of incentive to the competitiveness of the national industry, can be evidenced by the research of the impact generated by this activity, translated in improvement actions to the analyzed products and services that aim at the correction of eventual non-conformity to the criteria set in standards and technical regulations related to health and safety. Several sectors in industry have been benefited with the creation or revision of standards, implementation of industry quality programs, voluntary or mandatory conformity assessment programs, and others. The consequences include, beyond the protection of the consumers, the increase of national industry competitiveness and domestic market strength, and the warranty of loyal competition between the suppliers. Key-words: Product Analysis, Quality, Inmetro.

IMPACTS. Industrial Technologies Program: Summary of Program Results for CY 2008

Energy Technology Data Exchange (ETDEWEB)

none,

2010-08-02

The Impacts report summarizes benefits resulting from ITP-sponsored technologies, including energy savings, waste reduction, increased productivity, and lowered emissions. It also provides an overview of the activities of the Industrial Assessment Centers, BestPractices Program, and Combined Heat and Power efforts.

Resort loan securities as a source of investing the hospitality industry

Directory of Open Access Journals (Sweden)

Alla Yu. Baranova

2016-03-01

Full Text Available Objective to prove the possibility of attracting funds of population and corporate organizations to invest into hospitality industry. Methods the basis of the study was the methods of logical and structural analysis the dialectical method which determined the main regularities of financial relations development in hospitality industry. Results basing on the study of formation and use of financial resources of organizations we have revealed the following at the present stage attention is paid to the functioning and investment of the hospitality industry in accordance with federal and regional target programs measures are proposed for the effective financing from the budget and resources of various funds the creation of tourist and recreational clusters is proposed but the savings of the population and corporate entities are not attracted as sources of investment in hospitality industry. Scientific novelty the measures are proposed aimed at involving the financial resources of the population and organizations through corporate bonds by the creation of a resort consortium to promote investment in hospitality industry. Practical significance the proposed recommendations will contribute to enhance the financing of hospitality industry due to the source which is currently not being used. nbsp

U.S. Social Security at 75 years: an international perspective.

Science.gov (United States)

Hoskins, Dalmer D

2010-01-01

Is the historical development of the Old-Age, Survivors, and Disability Insurance (OASDI) program unique or similar to the development of social security programs in other industrialized countries? The U.S. Social Security program was adopted some 40 to 50 years after those of most Western European nations. The United States thus had the opportunity to choose from a number of models and clearly chose to follow the classic social insurance path of such countries as Austria, France, and Germany, which in 1935 already had considerable experience administering earnings-related, employer/worker-financed old-age pension programs. Although based on the traditional social insurance model, OASDI evolved in certain unique ways, including the rejection over the course of succeeding decades of any reliance on general revenue financing, the importance attached to long-range (75-year) actuarial projections, and the relative generosity of benefits for survivors and dependents.

Industrial development - consequences about the implantation of Brazilian Nuclear Program

International Nuclear Information System (INIS)

Syllus, C.

1987-07-01

The strategy to promote the growing industry participation in the Brazilian Nuclear Program, the difficulties, the measurements adopted for overcoming and the results obtained in terms of industrial development, are presented. (M.C.K.) [pt

Alberta's Industrial Heartland Land Trust Society : voluntary property purchase program information booklet

International Nuclear Information System (INIS)

2006-01-01

Alberta's industrial heartland is home to one of Canada's largest concentrations of petroleum, refining, petrochemical and chemical production facilities. To date, more than $25 billion has been invested in major industrial plants in the heartland and adjacent Strathcona industrial regions by major corporations, and more investment is expected in the future. The Industrial Heartland Collaboration to Address Resident Interests is a process in which area residents, municipalities, industries and the provincial government are working collaboratively to resolve concerns related to the cumulative operations and expansion of industry. This paper presented details of the Alberta Industrial Heartland Land Trust Society's voluntary purchase program, which was initiated to provide an equitable, efficient and economical process of acquiring properties of rural landowners currently located within region who voluntarily wish to relocate outside of the policy area. Application and eligibility details were presented, as well as an outline of the property appraisal process. Details of the compliance and real property report required by the program were presented. Issues concerning relocation and moving expenses were discussed, as well as details of the program's flat rate inconvenience payment

International Experience with Key Program Elements of IndustrialEnergy Efficiency or Greenhouse Gas Emissions Reduction Target-SettingPrograms

Energy Technology Data Exchange (ETDEWEB)

Price, Lynn; Galitsky, Christina; Kramer, Klaas Jan

2008-02-02

Target-setting agreements, also known as voluntary ornegotiated agreements, have been used by a number of governments as amechanism for promoting energy efficiency within the industrial sector. Arecent survey of such target-setting agreement programs identified 23energy efficiency or GHG emissions reduction voluntary agreement programsin 18 countries. International best practice related to target-settingagreement programs calls for establishment of a coordinated set ofpolicies that provide strong economic incentives as well as technical andfinancial support to participating industries. The key program elementsof a target-setting program are the target-setting process,identification of energy-saving technologies and measures usingenergy-energy efficiency guidebooks and benchmarking as well as byconducting energy-efficiency audits, development of an energy-savingsaction plan, development and implementation of energy managementprotocols, development of incentives and supporting policies, monitoringprogress toward targets, and program evaluation. This report firstprovides a description of three key target-setting agreement programs andthen describes international experience with the key program elementsthat comprise such programs using information from the three keytarget-setting programs as well as from other international programsrelated to industrial energy efficiency or GHG emissionsreductions.

Lack of skilled personnel as threat to HR security of industrial enterprises

Directory of Open Access Journals (Sweden)

Ozernikova Tatiana

2017-01-01

Full Text Available The article assesses the needs of Russian industrial enterprises for skilled labor. The authors consider deficiency in qualified personnel as a threat to the human resources security of industrial enterprises, and analyze its causes. The study includes the criteria to distinguish highly skilled employees in the labor force (education level, occupation, correspondence of performed work to education, and analysis of the dynamics of their number. It identifies the internal and external factors that have a significant influence on the number of qualified personnel. The external factors include the size of the salary, population growth due to migration, the regional level of the socio-economic development. The applied methods of analysis are single-factor analysis of variance (F-test, multiple regression and descriptive statistics. The analysis is based on the materials of the Russian Federal State Statistics Service, as well as on the Russian Longitudinal Monitoring Survey - Higher School of Economics.

Centers for manufacturing technology: Industrial Advisory Committee Review

Energy Technology Data Exchange (ETDEWEB)

NONE

1995-10-01

An advisory committee, composed of senior managers form industrial- sector companies and major manufacturing trade associations and representatives from appropriate educational institutions, meets semi-annually to review and advise the Oak Ridge Centers for Manufacturing Technology (ORCMT) on its economic security program. Individual papers have been indexed separately for the database.

Integrating security issues in nuclear engineering curriculum in Indonesia. Classical vs policy approaches

International Nuclear Information System (INIS)

Putero, Susetyo Hario; Rosita, Widya; Sihana, Fnu; Ferdiansjah; Santosa, Haryono Budi; Muharini, Anung

2015-01-01

Recently, risk management for nuclear facilities becomes more complex due to security issue addressed by IAEA. The harmonization between safety, safeguards and security is still questionable. It also challenges to nuclear engineering curriculum in the world how to appropriately lecture the new issue. This paper would like to describe how to integrate this issue in developing nuclear engineering curriculum in Indonesia. Indonesia has still no nuclear power plant, but there are 3 research reactors laid in Indonesia. As addition, there are several hospitals and industries utilizing radioisotopes in their activities. The knowledge about nuclear security of their staffs is also not enough for handling radioactive material furthermore the security officers. Universitas Gadjah Mada (UGM) is the only university in Indonesia offering nuclear engineering program, as consequently the university should actively play the role in overcoming this issue not only in Indonesia, but also in Southeast Asia. In the other hand, students has to have proper knowledge in order to complete in the global nuclear industry. After visited several universities in USA and participated in INSEN meeting, we found that most of universities in the world anticipate this issue by giving the student courses related to policy (non-technical) study based on IAEA NSS 12. In the other hand, the rest just make nuclear security as a case study on their class. Furthermore, almost all of programs are graduate level. UGM decided to enhance several present related undergraduate courses with security topics as first step to develop the awareness of student to nuclear security. The next (curriculum 2016) is to integrate security topics into the entire of curriculum including designing a nuclear security elective course for undergraduate level. The first trial has successfully improved the student knowledge and awareness on nuclear security. (author)

DoD Information Security Program and Protection of Sensitive Compartmented Information (SCI)

Science.gov (United States)

2016-04-21

Sensitive Compartmented Information ( SCI ) References: See Enclosure 1 1. PURPOSE. In accordance with the authority in DoD Directive (DoDD...collateral, special access program, SCI , and controlled unclassified information (CUI) within an overarching DoD Information Security Program...use, and dissemination of SCI within the DoD pursuant to References (a), (c), and (e) and Executive Order 12333 (Reference (h)). 2

Applying Model Checking to Industrial-Sized PLC Programs

CERN Document Server

AUTHOR|(CDS)2079190; Darvas, Daniel; Blanco Vinuela, Enrique; Tournier, Jean-Charles; Bliudze, Simon; Blech, Jan Olaf; Gonzalez Suarez, Victor M

2015-01-01

Programmable logic controllers (PLCs) are embedded computers widely used in industrial control systems. Ensuring that a PLC software complies with its specification is a challenging task. Formal verification has become a recommended practice to ensure the correctness of safety-critical software but is still underused in industry due to the complexity of building and managing formal models of real applications. In this paper, we propose a general methodology to perform automated model checking of complex properties expressed in temporal logics (\\eg CTL, LTL) on PLC programs. This methodology is based on an intermediate model (IM), meant to transform PLC programs written in various standard languages (ST, SFC, etc.) to different modeling languages of verification tools. We present the syntax and semantics of the IM and the transformation rules of the ST and SFC languages to the nuXmv model checker passing through the intermediate model. Finally, two real cases studies of \\CERN PLC programs, written mainly in th...

Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution (PPBE) System in Georgia

Science.gov (United States)

2004-06-01

Roy J. What Determines Economic Growth? Economic Review – Second Quarter 1993 [References: Barro (1991); Mankiw , Romer, and Well (1992); De Long...NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS Approved for public release: distribution unlimited ECONOMIC SECURITY...DATES COVERED Master’s Thesis 4. TITLE AND SUBTITLE: Economic Security Environment and Implementation of Planning, Programming, Budgeting, Execution

75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

Science.gov (United States)

2010-02-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2009-0043] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 Public Law (Pub. L.) 100-503...

Employee assistance programs in the upstream petroleum industry

International Nuclear Information System (INIS)

Crutcher, R.A.; Yip, R.Y.; Young, M.R.

1991-01-01

This paper is a descriptive overview of Employee Assistance Programs (EAPs) in the upstream Canadian petroleum industry. The authors review current EAP models within the occupational health setting and the Canadian health care context. This article also explores the challenging issues of EAP's emergent functions in workplace substance abuse programs, its changing role in organizational effectiveness and its professional identity

Seluge++: a secure over-the-air programming scheme in wireless sensor networks.

Science.gov (United States)

Doroodgar, Farzan; Abdur Razzaque, Mohammad; Isnin, Ismail Fauzi

2014-03-11

Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

Managing information security in a process industrial environment; Gestao de seguranca da informacao em processos industriais

Energy Technology Data Exchange (ETDEWEB)

Pereira, Raphael Gomes; Aguiar, Leandro Pfleger de [Siemens Company (Brazil)

2008-07-01

With the recently globalization expansion (growth), the exploration of energetic resources is crossing over countries boundaries, resulting in worldwide companies exploring Oil and Gas fields available in any place of the world. To the government's bodies, this information about those fields should be treated as a national security interest subject by bringing an adequate management and protection to all the important and critical information and assets, and making possible, at the same time, the freedom and transparency in concurrence processes. This create a complex security context to be managed, where information disruption might, for instance, imply in broke of integrity in public auctions processes as a result of privileged information usage. Furthermore, with the terrorism problem, the process itself becomes an attractive target for different kinds of attacks, motivated by the opportunism to explore the known incapacity of the big industries in well manage their large and complex environments. With all transformations that are happening in productive processes, as the growing TCP/IP protocol usage, the Windows operating systems adoption in SCADA systems and the integration of industrial with business network, are factors that contribute to an eminent landscape of problems. This landscape demonstrates the need from the organizations and countries that are operating in energetic resources exploration, for renew their risk management areas, establishing a unique and integrated process to protect information security infrastructure. This work presents a study of the challenges to be faced by the organizations while rebuilding their internal processes to integrate the risk management and information security areas, as long as a set of essential steps to establish an affective corporative governance of risk management and compliance aspects. Moreover, the work presents the necessary points of the government involvement to improve all the regulatory aspects

Impact of the National Food Supplementary Program for Children on Household Food Security and Maternal Weight Status in Iran.

Science.gov (United States)

Ghodsi, Delaram; Omidvar, Nasrin; Eini-Zinab, Hassan; Rashidian, Arash; Raghfar, Hossein

2016-01-01

Food aid programs are strategies that aim to improve nutritional status and to tackle food insecurity. This study aimed to evaluate the effect of a National Food Supplementary Program for Children on households' food security. The study sample included 359 mothers of children aged 6-72 months under the coverage of the program in two provinces of Iran. Demographic and socioeconomic characteristics of the households and percentage of supplementary food items consumed by target child were assessed by a questionnaire and checklist. Data on household food security were collected by locally adapted Household Food Insecurity Access Scale at the baseline of the study and 6 months thereafter. At the baseline, only 4.7% of families were food secure, while 43.5% were severely food insecure, and these proportions were changed to 7.9% and 38%, respectively ( P security in the baseline and at the end of the study ( P > 0.05). Findings show that the food supplementary program for children can also improve the household food security status. Further research is needed to assess other factors that affect the effectiveness of this kind of programs.

Insider threat to secure facilities: data analysis

International Nuclear Information System (INIS)

1980-01-01

Three data sets drawn from industries that have experienced internal security breaches are analyzed. The industries and the insider security breaches are considered analogous in one or more respects to insider threats potentially confronting managers in the nuclear industry. The three data sets are: bank fraud and embezzlement (BF and E), computer-related crime, and drug theft from drug manufacturers and distributors. A careful analysis by both descriptive and formal statistical techniques permits certain general conclusions on the internal threat to secure industries to be drawn. These conclusions are discussed and related to the potential insider threat in the nuclear industry. 49 tabs

US-Japan Industry and Technology Management Training Program

National Research Council Canada - National Science Library

Liker, Jeffrey

2000-01-01

...; and student programs. Major accomplishments of the grant included the publication of two books, the growth and increased importance to industry of the annual Lean Manufacturing Conference, and the increased involvement...

Advanced Industrial Materials (AIM) Program: Compilation of project summaries and significant accomplishments, FY 1995

Energy Technology Data Exchange (ETDEWEB)

NONE

1996-04-01

In many ways, the Advanced Industrial Materials (AIM) Program underwent a major transformation in Fiscal Year 1995 and these changes have continued to the present. When the Program was established in 1990 as the Advanced Industrial Concepts (AIC) Materials Program, the mission was to conduct applied research and development to bring materials and processing technologies from the knowledge derived from basic research to the maturity required for the end use sectors for commercialization. In 1995, the Office of Industrial Technologies (OIT) made radical changes in structure and procedures. All technology development was directed toward the seven ``Vision Industries`` that use about 80% of industrial energy and generated about 90% of industrial wastes. The mission of AIM has, therefore, changed to ``Support development and commercialization of new or improved materials to improve productivity, product quality, and energy efficiency in the major process industries.`` Though AIM remains essentially a National Laboratory Program, it is essential that each project have industrial partners, including suppliers to, and customers of, the seven industries. Now, well into FY 1996, the transition is nearly complete and the AIM Program remains reasonably healthy and productive, thanks to the superb investigators and Laboratory Program Managers. This report contains the technical details of some very remarkable work by the best materials scientists and engineers in the world. Subject areas covered are: advanced metals and composites; advanced ceramics and composites; polymers and biobased materials; and new materials and processes.

Security management internship program: a great recruiting tool for your company.

Science.gov (United States)

Yaross, Dan; Morris, Ronald J

2013-01-01

A well thought out and managed internship program is easily a "win-win" situation, according to the authors, who established such a program for the security department of their hospital. The program benefits not only the students with gaining practical experience of the business environment, but also the colleges/universities in coordinating internship opportunities for its students and business organizations in a number of ways including the possible identification of potential young career candidates to augment their current workforces. The article is based on the authors' presentation at the ASIS International Annual Seminar in September 2012.

Leveraging Safety Programs to Improve and Support Security Programs

Energy Technology Data Exchange (ETDEWEB)

Leach, Janice [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Snell, Mark K. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Pratt, R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Sandoval, S. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-10-01

There has been a long history of considering Safety, Security, and Safeguards (3S) as three functions of nuclear security design and operations that need to be properly and collectively integrated with operations. This paper specifically considers how safety programmes can be extended directly to benefit security as part of an integrated facility management programme. The discussion will draw on experiences implementing such a programme at Sandia National Laboratories’ Annular Research Reactor Facility. While the paper focuses on nuclear facilities, similar ideas could be used to support security programmes at other types of high-consequence facilities and transportation activities.

Career Exploration in the Fashion Industry: A Suggested Program Guide. Fashion Industry Series No. 1.

Science.gov (United States)

Fashion Inst. of Tech., New York, NY.

The career exploration guide is the first of a series of five interrelated program resource guides encompassing the various dimensions of the fashion industry. The series is intended to provide an information source for establishing, expanding, or evaluating secondary and adult vocational instructional programs related to the broad field of…

EPA's Radioactive Source Program

International Nuclear Information System (INIS)

Kopsick, D.

2004-01-01

The US EPA is the lead Federal agency for emergency responses to unknown radiological materials, not licensed, owned or operated by a Federal agency or an Agreement state (Federal Radiological Emergency Response Plan, 1996). The purpose of EPA's clean materials programme is to keep unwanted and unregulated radioactive material out of the public domain. This is achieved by finding and securing lost sources, maintaining control of existing sources and preventing future losses. The focus is on both, domestic and international fronts. The domestic program concentrates on securing lost sources, preventing future losses, alternative technologies like tagging of radioactive sources in commerce, pilot radioactive source roundup, training programs, scrap metal and metal processing facilities, the demolition industry, product stewardship and alternatives to radioactive devices (fewer radioactive source devices means fewer orphan sources). The international program consists of securing lost sources, preventing future losses, radiation monitoring of scrap metal at ports and the international scrap metal monitoring protocol

Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

Energy Technology Data Exchange (ETDEWEB)

Dorman, E., E-mail: Erik.Dorman@areva.com [AREVA Inc., Cyber Security Solutions, Charlotte, NC (United States)

2015-07-01

The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

International Nuclear Information System (INIS)

Dorman, E.

2015-01-01

The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

Methodology for Management of Information Security in Industrial Control Systems: A Proof of Concept aligned with Enterprise Objectives.

Directory of Open Access Journals (Sweden)

Fabian Bustamante

2017-04-01

Full Text Available This article is an extended version of the study presented at the IEEE Ecuador Technical Chapters Meeting (ETCM-2016. At that time, a methodological proposal was designed, implemented, and applied in a group of industrial plants for the management of the information security of the Industrial control systems (ICS. The present study displays an adaptation and improvement of such methodology with the purpose of aligning the proposal for the effective management of information security with the strategic objectives. The development of this study has been divided into three distinctive phases. Firstly, we induced the articulation of PMI-PMBOK v5 and ITIL v3 both for the management of the project and for the verification of risks in the IT services. Second, we applied a set of risk mitigation strategies based on international standards as NIST 800-82 and 800-30. Thirdly, we assembled the two mentioned phases in a Guide for standards-based instructions and security policies, which previously have been encouraged on NIST 800-82, 800-53 and 800-12. Hereby, we observed the reduction of incidents of information security, the correct delimitation of the functions of the direct responsible of the ICS and the improvement of the communication between the operative and technical areas of the involved companies. The results demonstrate the functionality of these improvements, especially in the context of the availability and integrity of information, which generates an added value to the enterprise.

Family conflict, emotional security, and child development: translating research findings into a prevention program for community families.

Science.gov (United States)

Cummings, E Mark; Schatz, Julie N

2012-03-01

The social problem posed by family conflict to the physical and psychological health and well-being of children, parents, and underlying family relationships is a cause for concern. Inter-parental and parent-child conflict are linked with children's behavioral, emotional, social, academic, and health problems, with children's risk particularly elevated in distressed marriages. Supported by the promise of brief psycho-educational programs (e.g., Halford et al. in Journal of Family Psychology 22:497-505, 2008; Sanders in Journal of Family Psychology 22:506-517, 2008), the present paper presents the development and evaluation of a prevention program for community families with children, concerned with family-wide conflict and relationships, and building on Emotional Security Theory (Davies and Cummings in Psychological Bulletin 116:387-411, 1994). This program uniquely focuses on translating research and theory in this area into brief, engaging programs for community families to improve conflict and emotional security for the sake of the children. Evaluation is based on multi-domain and multi-method assessments of family-wide and child outcomes in the context of a randomized control design. A series of studies are briefly described in the programmatic development of a prevention program for conflict and emotional security for community families, culminating in a program for family-wide conflict and emotional security for families with adolescents. With regard to this ongoing program, evidence is presented at the post-test for improvements in family-wide functioning, consideration of the relative benefits for different groups within the community, and preliminary support for the theoretical bases for program outcomes.

PRODUKSI PROGRAM TELEVISI: Sebuah proses kreatif menuju industri kreatif

Directory of Open Access Journals (Sweden)

NRA. Candra DA

2016-01-01

Full Text Available A producer or program maker of a audio visual have to posses the sense of creativity in searching the material of program production. This can be appeared from the experience, education and critical attitude. The producer who does not have a clear vision will produce an audio visual product that is limit quality and duplicate another programs that have been ever exist. Meanwhile a television channel needs a innovative strategy to propose the program.  Keyword : television program, creative process, creative industry

Security, Dignity, Caring Relationships, and Meaningful Work: Needs Motivating Participation in a Job-Training Program

Science.gov (United States)

Ayers, David F.; Miller-Dyce, Cherrel; Carlone, David

2008-01-01

Researchers asked 17 participants in a job-training program to describe their personal struggles following an economic restructuring. Examined through a critical theoretical lens, findings indicate that the learners enrolled in the program to reclaim security, dignity, meaningful work, and caring relationships. Program planners at community…

Operations Security (OPSEC) Guide

Science.gov (United States)

2011-04-01

Request for Proposal TAC Threat Analysis Center TECHINT Technical Intelligence TMAP Telecommunications Monitoring and Assessment Program TTP...communications security, use of secure telephones, and a robust Telecommunications Monitoring and Assessment Program ( TMAP ) prevents undetermined...and AFI 33-219, Telecommunications Monitoring and Assessment Program ( TMAP ), or Information Assurance (IA) or Communications Security (COMSEC

Investment risk evaluation techniques: use in energy-intensive industries and implications for ERDA's Industrial Conservation Program

Energy Technology Data Exchange (ETDEWEB)

None

1977-07-13

The trade-off between risk and rate-of-return in investment evaluations is crucial in assessing the commercial potential of future energy-conservation technologies. The focus of the Industrial Conservation Program at ERDA is to reduce the perceived risks of a given technology to the extent that the private sector will adopt the technology within the normal course of its business operations. These perceived risks may emanate from technical, institutional, or commercial uncertainties, or in many cases they may result merely from a company's or industry's lack of previous experience with a particular technology. Regardless of the source of the risk surrounding a project, the uncertainty it poses to the private sector will serve to inhibit decisions to invest. This study evaluates the treatment of risk in capital investments in certain energy-intensive industries which are the primary targets of ERDA's Industrial Conservation Program. These risks evaluation considerations were placed within a context that includes capital budgeting practices and procedures, organizational considerations, and basic rate-of-return evaluation procedures in the targeted energy-intensive industries (petroleum, chemicals, paper, textiles, cement, food processing, aluminum, steel, glass, and agriculture).

A two-factor, stochastic programming model of Danish mortgage-backed securities

DEFF Research Database (Denmark)

Nielsen, Søren S.; Poulsen, Rolf

2004-01-01

-trivial, both in terms of deciding on an initial mortgage, and in terms of managing (rebalancing) it optimally.We propose a two-factor, arbitrage-free interest-rate model, calibrated to observable security prices, and implement on top of it a multi-stage, stochastic optimization program with the purpose...

Forming the development program of industrial cooperation in the region

Directory of Open Access Journals (Sweden)

Aleksandr Viktorovich Makarov

2011-09-01

Full Text Available The paper defines the role of industrial cooperation in the process of ensuring the competitiveness of the Russian economy. Economic nature of this form of long-term cooperation specified subjects and objects of cooperatives, the effects of its introduction is disclosed. Formed concept of the Programme of development of industrial cooperation in the region, taking into account the state gained in building industrial complex and the differentiation of state support measures at various stages of development cooperation. Forecast parameters on implementation of cooperation development in Sverdlovsk region for the period up to 2020 are formed. According to the reported characteristics and conducted author's calculations, based on realistic projections of engineering enterprises of Sverdlovsk region, a four-indicator sectorgram for the performance evaluation of the program for the development of industrial and technological cooperation in the field of engineering is presented. The described approach to the establishment of a development program for the industrial cooperation in the region can monitor the situation, timely adjust regional performance standards and policies in this field

Implementation guidance for industrial-level security systems using radio frequency alarm links

Energy Technology Data Exchange (ETDEWEB)

Swank, R.G.

1996-07-12

Spread spectrum (SS) RF transmission technologies have properties that make the transmitted signal difficult to intercept, interpret, and jam. The digital code used in the modulation process results in a signal that has high reception reliability and supports multiple use of frequency bands and selective addressing. These attributes and the relatively low installation cost of RF systems make SSRF technologies candidate for communications links in security systems used for industrial sites, remote locations, and where trenching or other disturbances of soil or structures may not be desirable or may be costly. This guide provides a description of such a system and presents implementation methods that may be of engineering benefit.

Integration Of The Security Sub-Modules Elements In The Automotive Industry

International Nuclear Information System (INIS)

Gallego, C.; Fernandez, M.; Caires, A. S.; Canibano, E.

2007-01-01

This study is addressed to obtain a design methodology for integrated security sub-modules (constituting the suspension and steering modules) in the car manufacturing industry. The sub-modules are made up of a steel structure and anchorage elements (rubber-metal or plastic-metal), which undergo separate surface treatments to prevent corrosion. Afterwards, the elements are traditionally joined by means of adhesives and screws. This process involves a great number of stages, low quality union methods and generation of corrosion areas that shorten its useful life.This methodology provides automotive suppliers an additional added value and cost reduction, allowing them to increase its competitiveness in a sector that faces the transition from the traditional supply chain to a strategic value chain

MULTI-CRITERIA PROGRAMMING METHODS AND PRODUCTION PLAN OPTIMIZATION PROBLEM SOLVING IN METAL INDUSTRY

OpenAIRE

Tunjo Perić; Željko Mandić

2017-01-01

This paper presents the production plan optimization in the metal industry considered as a multi-criteria programming problem. We first provided the definition of the multi-criteria programming problem and classification of the multicriteria programming methods. Then we applied two multi-criteria programming methods (the STEM method and the PROMETHEE method) in solving a problem of multi-criteria optimization production plan in a company from the metal industry. The obtained resul...

ONLINE BANKING SECURITY INDUSTRY IN EMERGING CHINA MARKET

OpenAIRE

Liu, Rui

2009-01-01

In China, although traditional banks are still taking a wait-and-see approach in terms of offering their customers authentication tokens, online security technology is gaining momentum among Internet banks. During the last 15 years, technology for online banking security has undergone remarkable progress. The number of online banking users and the volume of transactions are increasing daily. Moreover, Chinese customers are paying more attention to online banking security issues, and are gradu...

Radiological protection, safety and security issues in the industrial and medical applications of radiation sources

Science.gov (United States)

Vaz, Pedro

2015-11-01

The use of radiation sources, namely radioactive sealed or unsealed sources and particle accelerators and beams is ubiquitous in the industrial and medical applications of ionizing radiation. Besides radiological protection of the workers, members of the public and patients in routine situations, the use of radiation sources involves several aspects associated to the mitigation of radiological or nuclear accidents and associated emergency situations. On the other hand, during the last decade security issues became burning issues due to the potential malevolent uses of radioactive sources for the perpetration of terrorist acts using RDD (Radiological Dispersal Devices), RED (Radiation Exposure Devices) or IND (Improvised Nuclear Devices). A stringent set of international legally and non-legally binding instruments, regulations, conventions and treaties regulate nowadays the use of radioactive sources. In this paper, a review of the radiological protection issues associated to the use of radiation sources in the industrial and medical applications of ionizing radiation is performed. The associated radiation safety issues and the prevention and mitigation of incidents and accidents are discussed. A comprehensive discussion of the security issues associated to the global use of radiation sources for the aforementioned applications and the inherent radiation detection requirements will be presented. Scientific, technical, legal, ethical, socio-economic issues are put forward and discussed.

Pro Spring security

CERN Document Server

Scarioni, Carlo

2013-01-01

Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

77 FR 43639 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

Science.gov (United States)

2012-07-25

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0090] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Department of Veterans Affairs (VA.... SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Pub. L. 100-503...

77 FR 54943 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

Science.gov (United States)

2012-09-06

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0016] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Department of Veterans Affairs (VA.... SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Pub. L. 100-503...

Measuring the Effect of Supplemental Nutrition Assistance Program (SNAP) Participation on Food Security.

OpenAIRE

James Mabli; Jim Ohls; Lisa Dragoset; Laura Castner; Betsy Santos

2013-01-01

The Supplemental Nutrition Assistance Program (SNAP) provides food assistance to more than 47 million low-income Americans every month. It aims to reduce hunger by facilitating beneficiaries’ access to enough food for a healthy, active lifestyle, otherwise known as "food security." Our study conducted for the Food and Nutrition Service of the U.S. Department of Agriculture shows that SNAP participation is associated with improved food security. The study is the largest and most rigorous one...

Center for computer security: Computer Security Group conference. Summary

Energy Technology Data Exchange (ETDEWEB)

None

1982-06-01

Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

Secure Programming Cookbook for C and C++ Recipes for Cryptography, Authentication, Input Validation & More

CERN Document Server

Viega, John

2009-01-01

Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code for Unix® (including Linux®) and Windows® environments. This essential code companion covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering.

Information Security Service Branding – beyond information security awareness

Directory of Open Access Journals (Sweden)

Rahul Rastogi

2012-12-01

Full Text Available End-users play a critical role in the effective implementation and running of an information security program in any organization. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls and the resultant behavior and actions of end-users. However, end-users often have negative perception of information security in the organization and exhibit non-compliance. In order to improve compliance levels, it is vital to improve the image of information security in the minds of end-users. This paper borrows the concepts of brands and branding from the domain of marketing to achieve this objective and applies these concepts to information security. The paper also describes a process for creating the information security service brand in the organization.

Canine Supply for Physical Security: An Analysis of the Royal Australian Air Force Military Working Dog Program

Science.gov (United States)

2016-03-01

PHYSICAL SECURITY: AN ANALYSIS OF THE ROYAL AUSTRALIAN AIR FORCE MILITARY WORKING DOG PROGRAM by Mark W. Powell March 2016 Thesis...AN ANALYSIS OF THE ROYAL AUSTRALIAN AIR FORCE MILITARY WORKING DOG PROGRAM 5. FUNDING NUMBERS 6. AUTHOR(S) Mark W. Powell 7. PERFORMING...increased demand on its physical security elements. Its military working dog (MWD) workforce is required to meet an inventory of 204 by end of year 2023 as

Security programs for Category I or II nuclear material or certain nuclear facilities. Regulatory guide G-274

International Nuclear Information System (INIS)

2003-03-01

The purpose of this regulatory guide is to help applicants for a Canadian Nuclear Safety Commission (CNSC) licence in respect of Category I or II nuclear material - other than a licence to transport - , or a nuclear facility consisting of a nuclear reactor that may exceed 10 MW thermal power during normal operation, prepare and submit the security information to be included with the application, pursuant to the Nuclear Safety and Control Act (NSCA). Category I and II nuclear material are defined in Appendix B to this guide. This guide describes: the security information that should typically be included with the application for any licence referred to above; how the security information may be organized and presented in a separate document (hereinafter 'the security program description'), in order to assist CNSC review and processing of the application; and, the administrative procedures to be followed when preparing, submitting or revising the security program description. (author)

A critical overview of industrial energy decoupling programs in six developing countries in Asia

International Nuclear Information System (INIS)

Luken, Ralph A.; Piras, Stefano

2011-01-01

In reviewing the journal literature on the decoupling of energy use and industrial output in the Asian region, particularly with respect to developing countries, we found little information about most country programs other than for China and India and only one article that compared the programs of these two countries. For this reason, we used diverse sources to identify the key programmatic features that have contributed, but clearly are not totally responsible for, decoupling achievements of two countries ( China and Thailand) and then, on the basis of these findings, reviewed emerging industrial energy decoupling programs in four other countries (India, Indonesia, Malaysia and Vietnam). We found that the design of the two successful on-going decoupling programs have common features, which are setting an explicit target for decoupling of energy use and industrial output, a government program that offers financial incentives and imposes specific auditing and reporting requirements and involvement of the manufacturing sector in designing and implementing targets as they apply to individual enterprises. We also found that the emerging programs in the other four countries lack some or all of these essential programmatic features. - Highlights: → We reviewed two on-going and four emerging industrial energy decoupling programs. → These six Asian developing countries have very different rates of decoupling. → The two successful on-going programs share three common features. → These are quantitative targets, supportive programs and industry involvement. → The four emerging programs lack some or all of these features.

Report: EPA Improved Its National Security Information Program, but Some Improvements Still Needed

Science.gov (United States)

Report #16-P-0196, June 2, 2016. The EPA will continue to improve its national security information program by completing information classification guides that can be used uniformly and consistently throughout the agency.

Hybrid Security Policies

Directory of Open Access Journals (Sweden)

Radu CONSTANTINESCU

2006-01-01

Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

Process Security in Chemical Engineering Education

Science.gov (United States)

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

Import dependence of industrial enterprises in the region as an economic security hazard

Directory of Open Access Journals (Sweden)

A. N. Makarov

2010-12-01

Full Text Available Import is traditionally considered as a source for saturation of a home market with scarce commodities or goods non-manufactured in an importing country. However, the larger is the share of import in the total volume of deliveries, the greater is the hazard for economic security of the region and for the state upon the whole. The analysis has revealed the fact that in the regional industry there is a real situation of absolute import dependence. It means that enterprises have been functioning only based on import deliveries to manufacture some single components for products of production-technical purposes.

Nuclear Regulatory Systems in Africa: Improving Safety and Security Culture Through Education and Training

International Nuclear Information System (INIS)

Kazadi Kabuya, F.

2016-01-01

The purpose of this paper is to address the important issue of supporting safety and security culture through an educational and training course program designed both for regulatory staff and licensees. Enhancing the safety and security of nuclear facilities may involve assessing the overall effectiveness of the organization's safety culture. Safety Culture implies steps such as identifying and targeting areas requiring attention, putting emphasis on organizational strengths and weaknesses, human attitudes and behaviours that may positively impact an organization's safety culture, resulting in improving workplace safety and developing and maintaining a high level of awareness within these facilities. Following the terrorist attacks of September 11, 2001, international efforts were made towards achieving such goals. This was realized through meetings, summits and training courses events, with main aim to enhance security at facilities whose activities, if attacked, could impact public health and safety. During regulatory oversight inspections undertaken on some licensee's premises, violations of security requirements were identified. They mostly involved inadequate management oversight of security, lack of a questioning attitude, complacency and mostly inadequate training in both security and safety issues. Using training and education approach as a support to raise awareness on safety and security issues in the framework of improving safety and security culture, a tentative training program in nuclear and radiological safety was started in 2002 with the main aim of vulgarizing the regulatory framework. Real first needs for a training course program were identified among radiographers and radiologists with established working experience but with limited knowledge in radiation safety. In the field of industrial uses of radiation the triggering events for introducing and implementing a training program were: the loss of a radioactive source in a mining

Industry-led program recycles used oil materials

International Nuclear Information System (INIS)

Anon.

1997-01-01

The Alberta Used Oil Management Association (AUOMA) is running an industry-led program for recycling used oil filters, containers and used oil. The objective of the program is to help develop an infrastructure that will make recycling simple and convenient for consumers of oil materials. It was estimated that millions of litres of used oil are improperly discarded into the Alberta environment. The program is also aimed at increasing public awareness of the importance of recycling used oil materials, particularly to those consumers who change their own motor oil. By the end of 1997 AUOMA expects to open about 50 recycling centres called EcoCentres. An environmental handling charge (EHC) will be paid to AUOMA by wholesale suppliers on the first sale of oil materials in Alberta. The EHC will be the only funds used to support the program

Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

National Research Council Canada - National Science Library

Ganger, Gregory R

2007-01-01

This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

Security practices and regulatory compliance in the healthcare industry.

Science.gov (United States)

Kwon, Juhee; Johnson, M Eric

2013-01-01

Securing protected health information is a critical responsibility of every healthcare organization. We explore information security practices and identify practice patterns that are associated with improved regulatory compliance. We employed Ward's cluster analysis using minimum variance based on the adoption of security practices. Variance between organizations was measured using dichotomous data indicating the presence or absence of each security practice. Using t tests, we identified the relationships between the clusters of security practices and their regulatory compliance. We utilized the results from the Kroll/Healthcare Information and Management Systems Society telephone-based survey of 250 US healthcare organizations including adoption status of security practices, breach incidents, and perceived compliance levels on Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, Red Flags rules, Centers for Medicare and Medicaid Services, and state laws governing patient information security. Our analysis identified three clusters (which we call leaders, followers, and laggers) based on the variance of security practice patterns. The clusters have significant differences among non-technical practices rather than technical practices, and the highest level of compliance was associated with hospitals that employed a balanced approach between technical and non-technical practices (or between one-off and cultural practices). Hospitals in the highest level of compliance were significantly managing third parties' breaches and training. Audit practices were important to those who scored in the middle of the pack on compliance. Our results provide security practice benchmarks for healthcare administrators and can help policy makers in developing strategic and practical guidelines for practice adoption.

Smart security proven practices

CERN Document Server

Quilter, J David

2014-01-01

Smart Security: Understanding and Contributing to the Business is a video presentation. Length: 68 minutes. In Smart Security: Understanding and Contributing to the Business, presenter J. David Quilter demonstrates the benefits of how a fully integrated security program increases business profits and delivers smart security practices at the same time. The presentation does away with the misconception that security is only an expense. In fact, a well-integrated security program can protect business interests, thereby enhancing productivity and net income. Quilter covers cost analysis and secu

Foreign research reactor uranium supply program: The Y-12 national security complex process

International Nuclear Information System (INIS)

Nelson, T.; Eddy, B.G.

2010-01-01

The Foreign Research Reactor (FRR) Uranium Supply Program at the Y-12 National Security Complex supports the nonproliferation objectives of the HEU Disposition Program, the Reduced Enrichment Research and Test Reactors (RERTR) Program, and the United States FRR Spent Nuclear Fuel (SNF) Acceptance Program. The Y-12 National Nuclear Security Administration (NNSA) Y-12 Site Office maintains the prime contracts with foreign governments for the supply of Low-Enriched Uranium (LEU) for their research reactors. The LEU is produced by down blending Highly Enriched Uranium (HEU) that has been declared surplus to the U.S. national defense needs. The down blending and sale of the LEU supports the Surplus HEU Disposition Program Record of Decision to make the HEU non-weapons usable and to recover the economic value of the uranium to the extent feasible. This program supports the important U.S. government and nuclear nonproliferation commitment to serve as a reliable and cost-effective uranium supplier for those foreign research reactors that are converting or have converted to LEU fuel under the guidance of the NNSA RERTR Program. In conjunction with the FRR SNF Acceptance Program which supports the global nonproliferation efforts to disposition U.S.-origin HEU, the Y-12 FRR Uranium Supply Program can provide the LEU for the replacement fuel fabrication. In addition to feedstock for fuel fabrication, Y-12 supplies LEU for target fabrication for medical isotope production. The Y-12 process uses supply forecasting tools, production improvements and efficient delivery preparations to successfully support the global research reactor community

Development of a security vulnerability assessment process for the RAMCAP chemical sector.

Science.gov (United States)

Moore, David A; Fuller, Brad; Hazzan, Michael; Jones, J William

2007-04-11

The Department of Homeland Security (DHS), Directorate of Information Analysis & Infrastructure Protection (IAIP), Protective Services Division (PSD), contracted the American Society of Mechanical Engineers Innovative Technologies Institute, LLC (ASME ITI, LLC) to develop guidance on Risk Analysis and Management for Critical Asset Protection (RAMCAP). AcuTech Consulting Group (AcuTech) has been contracted by ASME ITI, LLC, to provide assistance by facilitating the development of sector-specific guidance on vulnerability analysis and management for critical asset protection for the chemical manufacturing, petroleum refining, and liquefied natural gas (LNG) sectors. This activity involves two key tasks for these three sectors: Development of a screening to supplement DHS understanding of the assets that are important to protect against terrorist attack and to prioritize the activities. Development of a standard security vulnerability analysis (SVA) framework for the analysis of consequences, vulnerabilities, and threats. This project involves the cooperative effort of numerous leading industrial companies, industry trade associations, professional societies, and security and safety consultants representative of those sectors. Since RAMCAP is a voluntary program for ongoing risk management for homeland security, sector coordinating councils are being asked to assist in communicating the goals of the program and in encouraging participation. The RAMCAP project will have a profound and positive impact on all sectors as it is fully developed, rolled-out and implemented. It will help define the facilities and operations of national and regional interest for the threat of terrorism, define standardized methods for analyzing consequences, vulnerabilities, and threats, and describe best security practices of the industry. This paper will describe the results of the security vulnerability analysis process that was developed and field tested for the chemical manufacturing

Development of a security vulnerability assessment process for the RAMCAP chemical sector

International Nuclear Information System (INIS)

Moore, David A.; Fuller, Brad; Hazzan, Michael; Jones, J. William

2007-01-01

The Department of Homeland Security (DHS), Directorate of Information Analysis and Infrastructure Protection (IAIP), Protective Services Division (PSD), contracted the American Society of Mechanical Engineers Innovative Technologies Institute, LLC (ASME ITI, LLC) to develop guidance on Risk Analysis and Management for Critical Asset Protection (RAMCAP). AcuTech Consulting Group (AcuTech) has been contracted by ASME ITI, LLC, to provide assistance by facilitating the development of sector-specific guidance on vulnerability analysis and management for critical asset protection for the chemical manufacturing, petroleum refining, and liquefied natural gas (LNG) sectors. This activity involves two key tasks for these three sectors:*Development of a screening to supplement DHS understanding of the assets that are important to protect against terrorist attack and to prioritize the activities. *Development of a standard security vulnerability analysis (SVA) framework for the analysis of consequences, vulnerabilities, and threats. This project involves the cooperative effort of numerous leading industrial companies, industry trade associations, professional societies, and security and safety consultants representative of those sectors. Since RAMCAP is a voluntary program for ongoing risk management for homeland security, sector coordinating councils are being asked to assist in communicating the goals of the program and in encouraging participation. The RAMCAP project will have a profound and positive impact on all sectors as it is fully developed, rolled-out and implemented. It will help define the facilities and operations of national and regional interest for the threat of terrorism, define standardized methods for analyzing consequences, vulnerabilities, and threats, and describe best security practices of the industry. This paper will describe the results of the security vulnerability analysis process that was developed and field tested for the chemical manufacturing

Addressing Software Security

Science.gov (United States)

Bailey, Brandon

2015-01-01

Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

Career Preparation Program Curriculum Guide for: Hospitality/Tourism Industry (Food Services).

Science.gov (United States)

British Columbia Dept. of Education, Victoria. Curriculum Development Branch.

This curriculum outline provides secondary and postsecondary instructors with detailed information on student learning outcomes for completion of the food services program requirements in the hospitality/tourism industry. A program overview discusses the aims of education; secondary school philosophy; and career preparation programs and their…

PERANCANGAN PROGRAM APLIKASI PEMBELIAN PADA PT INDO TAICHEN TEXTILE INDUSTRY

Directory of Open Access Journals (Sweden)

Yakub Yakub

2010-05-01

Full Text Available PT Indo Taichen Textile Industry is a company in the textile industry producing cloth. Activities and operations personnel administration, payroll systems, purchasing systems, and inventory systems are conducted manually. Problems begin to become fairly complex on the company’s purchasing system so that a software application is required. Purchasing system is made by Data Flow Diagram (DFD as a model of the process or system and Entity Relation Diagram (ERD as a data model. The purchasing application is programmed using the programming language Visual Basic 6.0 and SQL Server database.Keywords: data base, purchasing, system, information system

The Implementation of Industrial Cluster Development Program in Padurenan Village, Kudus

Directory of Open Access Journals (Sweden)

R. Heffi Achid Muharrom

2014-12-01

Full Text Available Small medium enterprise (SME has a significant contribution to the national economic growth, and the Government has been trying to enhance the competitiveness of SME by using industrial cluster approach.This research tries to discuss the implementation of embroidery and apparel industrial cluster development program in Padurenan Village, Kudus Regency, also to analyze supporting and constraining factors that influence the implementation. The descriptive research method with qualitative approach is used in this research.The result shows that many activities conducted through a synergy among stakeholders have been implemented succesfully and proven to provide a positive impact for the developmet of embroidery and apparel SME in Padurenan. Enhancing the commitment and communication among actors involved in the program are needed for further development.Keywords:  Embroidery and apparel industry, industrial cluster, policy implementation

15 CFR 758.7 - Authority of the Office of Export Enforcement, the Bureau of Industry and Security, Customs...

Science.gov (United States)

2010-01-01

... forfeiture. In addition to the authority of Customs officers to seize and detain items, both Customs... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Authority of the Office of Export Enforcement, the Bureau of Industry and Security, Customs offices and Postmasters in clearing shipments 758.7...

Information security management handbook

CERN Document Server

Tipton, Harold F

2006-01-01

Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

Mobile platform security

CERN Document Server

Asokan, N; Dmitrienko, Alexandra

2013-01-01

Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrat