ITL Newsletter for July-August 2019

ISSUE 159

July - August 2019

VIEW AS WEBPAGE

information technology laboratory

CULTIVATING TRUST IN IT AND METROLOGY

IN THIS ISSUE

vehicles

NIST TOOL ENABLES MORE COMPREHENSIVE TESTS ON HIGH-RISK SOFTWARE

We entrust our lives to software every time we step aboard a high-tech aircraft or modern car. A long-term research effort guided by two researchers at the National Institute of Standards and Technology (NIST) and their collaborators has developed new tools to make this type of safety-critical software even safer.

Augmenting an existing software toolkit, the research team’s new creation can strengthen the safety tests that software companies conduct on the programs that help control our vehicles, operate our power plants and manage other demanding technology. While these tests are often costly and time-consuming, they reduce the likelihood this complex code will glitch because it received some unexpected combination of input data. This source of trouble can plague any sophisticated software package that must reliably monitor and respond to multiple streams of data flowing in from sensors and human operators at every moment.

READ MORE

NEWS UPDATES

NIST REQUESTS INFORMATION ON ARTIFICIAL INTELLIGENCE TECHNICAL STANDARDS AND TOOLS

composite hero

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is seeking information about technical standards and related tools for artificial intelligence (AI). The Request for Information (RFI), published today in the Federal Register, is in response to the Feb. 11, 2019, Executive Order on Maintaining American Leadership in Artificial Intelligence. The executive order directs NIST to create a plan for federal engagement in the development of these standards and tools in support of reliable, robust and trustworthy systems that use AI technologies. 

READ MORE

MITIGATING THE RISK OF SOFTWARE VULNERABILITIES

software

NIST is releasing a Draft NIST Cybersecurity White Paper for public comment, Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF). This white paper recommends a core set of high-level secure software development practices, called a secure software development framework (SSDF), to be added to each software development life cycle (SDLC) implementation.

READ MORE

NIST PUBLISHES A METHODOLOGY FOR ENABLING FORENSIC ANALYSIS

Hardware/Server Virtualization is a foundational technology in a cloud computing environment and the hypervisor is the key software in that virtualized infrastructure. However, hypervisors are large pieces of software with several thousand lines of code and are therefore known to have vulnerabilities. Hence, a capability to perform forensic analysis to detect, reconstruct and prevent attacks based on vulnerabilities on an ongoing basis is a critical requirement in cloud environments.

To gain a better understanding of recent hypervisor vulnerabilities and attack trends, identify forensic information needed to reveal the presence of such attacks, and develop guidance on taking proactive steps to detect and prevent those attacks, NIST has published NIST Internal Report (NISTIR) 8221, A Methodology for Enabling Forensic Analysis Using Hypervisor Vulnerabilities Data, which outlines a methodology to enable this forensic analysis.

READ MORE

STAFF RECOGNITION

Nader Moayeri

Congratulations to Nader for receiving The Excellence in Research in Computer Science award from the Washington Academy of Sciences.

Bonita V. Saunders

Congratulations to Bonita for receiving The Excellence in Research in Mathematics and Computer Science award from the Washington Academy of Sciences.

Alfred S. Carasso

Congratulation to Alfred for receiving The Excellence in Research in Applied Mathematics award from the Washington Academy of Sciences.

 

SELECTED NEW PUBLICATIONS

 

Applied and ComputationalMathematics DivisionSummary of Activities for Fiscal Year 2018 (NISTIR 8251)

This report summarizes recent technical work of the Applied and Computational Sciences Division of the Information Technology Laboratory at the National Institute of Standards and Technology (NIST). Part I (Overview) provides a high-level overview of the Division’s activities, including highlights of technical accomplishments during the previous year. Part II (Features) provides further details on three projects of particular note this year. This is followed in Part III (Project Summaries) by brief synopses of all technical projects active during the past year. Part IV (Activity Data) provides listings of publications, technical talks, and other professional activities in which Division staff members have participated. The reporting period covered by this document is October 2017 through December 2018.

IREX IX Part Two Multispectral Iris Recognition (NISTIR 8252)

Iris Exchange (IREX) IX is an evaluation of automated iris recognition algorithms. The first part of the evaluation was a performance test of both verification (one-to-one) and identification (one-to-many) recognition algorithms over operational test data. Those results are summarized in NIST IR 8207[1]. The second part of the evaluation constitutes a multispectral evaluation of iris recognition. Those results are summarized in this report.

 

CONFERENCE CALENDAR

JUNE - AUGUST

July

8-9

Getting to V1.0 of the NIST Privacy Framework: Workshop #3

READ MORE

August

13

Workshop on Core IOT Cybersecurity Baseline

READ MORE

August

22

Second PQC Standardization Conference

READ MORE


for more events click on calendar