HPC and Scientific Networking Security

The Data Science and Technology Department is an active participant in a number of projects in the arena of security for scientific, high-performance computing systems and high-bandiwdth research and education networks.  Research sponsors have typically included DOE’s ASCR program and NSF’s SaTC program, among others. 

LBNL has had a leadership role in security in scientific computing environments for many years, including the development of the Bro Network Security Monitor, the 100G performance enhancements of Bro, and Bro’s commercial spin-off, Corelight, Inc., as well as leading several DOE-sponsored activities related to defining a cybersecurity research program within the DOE Office of Science.  More recently, LBNL led the coordination of the “Cyber R&D” Enterprise Cyber Capability (ECC) of the DOE-wide Integrated Joint Cybersecurity Coordination Center (iJC3) — a sponsored R&D program that currently involves ten DOE National Laboratories as performers.

DOE Cybersecurity Workshops and Reports

DOE Cybersecurity R&D Challenges for Open Science: Developing a Roadmap and Vision, January 24–26, 2007 [news, report]

DOE Grassroots Cybersecurity Initiative, 2008–2010 [Frincke presentation, Catlett ASCAC presentation, report 1, report 2, report 3]

ASCR Cybersecurity Workshop, January 7–9, 2015 [report, news]

ASCR Cybersecurity for Scientific Computing Workshop, June 2–3, 2015 [report]

Some recent news:

ESnet, CENIC Announce Joint Cybersecurity Initiative - CRD’s Sean Peisert to serve as director of initiative [TABL]— Jan. 19, 2016

NSF Cybersecurity Center of Excellence, ESnet Organize Working Group on Open Science Threats — Jun. 22, 2016

Working Group on Open Science Cybersecurity Risks Releases First Document Draft for Public Comment — Oct. 31, 2016

Building a CENIC Security Strategy — Jan. 11, 2017

Mind the gap: Speaking like a cybersecurity pro — Feb. 10, 2017

Cybersecurity: New Directions for Research and Education Networks — May 26, 2017

Berkeley Lab’s cybersecurity expert Sean Peisert discusses challenges & opportunities of securing HPC — Aug. 24, 2017

HPC security article in Communications of the ACM

Video accompanying HPC security article on Vimeo

Berkeley Lab Researchers Contribute to Making Blockchains Even More Robust — January 30, 2018

Key Representative Publications:

Sean Peisert, Eli Dart, William K. Barnett, James Cuff, Robert L. Grossman, Edward Balas, Ari Berman, Anurag Shankar, and Brian Tierney, ”The Medical Science DMZ: An Network Design Pattern for Data-Intensive Medical Science”, Journal of the American Medical Informatics Association (JAMIA), 25,(3):267–274, March 2018.

Sean Peisert, “Security in High-Performance Computing Environments”, Communications of the ACM (CACM), 60(9):72-80, September 2017.

Projects

Listings of specific projects in security for high-performance computing and security for scientific networking are available.