The Data Science and Technology Department is an active participant in a number of projects in the arena of security for scientific, high-performance computing systems and high-bandwidth research and education networks.  Research sponsors have typically included DOE’s ASCR program and NSF’s SaTC program, among others. 

DST’s cybersecurity goals are to research, develop, evaluate, adapt, and integrate advanced security and privacy solutions that enable or improve scientific workflows that may otherwise not be possible due to real or perceived security restrictions that, using today’s solution, impose onerous usability and/or performance constraints, thereby hindering scientific progress.

LBNL has had a leadership role in security in scientific computing environments for many years, including the development of the Bro Network Security Monitor, the 100G performance enhancements of Bro, and Bro’s commercial spin-off, Corelight, Inc., as well as leading several DOE-sponsored activities related to defining a cybersecurity research program within the DOE Office of Science.  More recently, LBNL led the coordination of the “Cyber R&D” Enterprise Cyber Capability (ECC) of the DOE-wide Integrated Joint Cybersecurity Coordination Center (iJC3) — a sponsored R&D program that currently involves ten DOE National Laboratories as performers.

DOE Cybersecurity Workshops and Reports

DOE Cybersecurity R&D Challenges for Open Science: Developing a Roadmap and Vision, January 24–26, 2007 [news, report]

DOE Grassroots Cybersecurity Initiative, 2008–2010 [Frincke presentation, Catlett ASCAC presentation, report 1, report 2, report 3]

ASCR Cybersecurity Workshop, January 7–9, 2015 [report, news]

ASCR Cybersecurity for Scientific Computing Workshop, June 2–3, 2015 [report]

Some recent news:

ESnet, CENIC Announce Joint Cybersecurity Initiative - CRD’s Sean Peisert to serve as director of initiative [TABL] — Jan. 19, 2016

NSF Cybersecurity Center of Excellence, ESnet Organize Working Group on Open Science Threats — Jun. 22, 2016

Working Group on Open Science Cybersecurity Risks Releases First Document Draft for Public Comment — Oct. 31, 2016

Building a CENIC Security Strategy — Jan. 11, 2017

Mind the gap: Speaking like a cybersecurity pro — Feb. 10, 2017

Cybersecurity: New Directions for Research and Education Networks — May 26, 2017

Berkeley Lab’s cybersecurity expert Sean Peisert discusses challenges & opportunities of securing HPC — Aug. 24, 2017

HPC security article in Communications of the ACM

Video accompanying HPC security article on Vimeo

Berkeley Lab Researchers Contribute to Making Blockchains Even More Robust — January 30, 2018

Berkeley Lab Contributes to $2.5M supplemental grant for NSF-funded Cybersecurity Center of Excellence — Oct. 5, 2018

Key Representative Publications:

Sean Peisert, Eli Dart, William K. Barnett, James Cuff, Robert L. Grossman, Edward Balas, Ari Berman, Anurag Shankar, and Brian Tierney, ”The Medical Science DMZ: An Network Design Pattern for Data-Intensive Medical Science”, Journal of the American Medical Informatics Association (JAMIA), 25,(3):267–274, March 2018.

Sean Peisert, “Security in High-Performance Computing Environments”, Communications of the ACM (CACM), 60(9):72-80, September 2017.

Projects

Listings of specific projects in security for high-performance computing and security for scientific networking are available.

HPC and Scientific Networking Security Projects

Cybersecurity via Inverter-Grid Automatic Reconfiguration (CIGAR)

This project is performing R&D to enable distribution grids to adapt to resist a cyber-attack by (1) developing adaptive control algorithms for DER, voltage regulation, and protection systems; (2) analyze new attack scenarios and develop associated defensive strategies. It is funded by DOE OE’s CEDS program and is co-led by Sean Peisert and Daniel Arnold.

Medical Science DMZ

We have defined a Medical Science DMZ as a method that allows data flows at scale while simultaneously addressing the HIPAA Security Rule and related regulations governing biomedical data and appropriately managing risk.

UC-Lab Center for Electricity Distribution Cybersecurity

This project will bring together a multi-disciplinary UC-Lab team of cybersecurity and electricity infrastructure experts to investigate, through both cyber and physical modeling and physics-aware cybersecurity analysis, the impact and significance of cyberattacks on electricity distribution infrastructure. It is funded by the UC-Lab Fees Research Program. The overall project is led by Hamed Mohsenian-Rad; the LBNL portion is led by Sean Peisert.

Integrated Multi Scale Machine Learning for the Power Grid

The goal of this project is to create advanced, distributed data analytics capability to provide visibility and controllability to distribution grid operators. It is funded by the DOE Grid Modernization Initiative. The LBNL portion of this effort is led by Sean Peisert.

Detecting Distributed Denial of Service Attacks on Wide-Area Networks

This project develops techniques for detecting DDoS attacks and disambiguating them from large-scale science flows. It is funded by the DOE iJC3 Cyber R&D program and is led by Sean Peisert.

Toward a Hardware/Software Co-Design Framework for Ensuring the Integrity of Exascale Scientific Data

This project takes a broad look at several aspects of security and scientific integrity issues in HPC systems. It is funded by DOE ASCR and is led by Sean Peisert.

Power Grid Threat Detection and Response with Data Analytics

The goal of this project is to develop technologies and methodologies to protect the nation’s power grid from advanced cyber and all-hazard threats. This will be done through the collection of disparate data and the use of advanced analytics to detect threats and response to them. It is funded by DOE OE’s CEDS program via the Grid Modernization Initiative and is co-led by Sean Peisert.

Inferring Computing Activity Using Physical Sensors

This project uses power data to monitor the use of computing systems, including supercomputers and large computing centers. It is led by Sean Peisert.

An Automated, Disruption Tolerant Key Management System for the Power Grid

This project is designing and developing a key management system to meet the unique requirements of electrical power distribution systems. It is funded by DOE OE’s CEDS program and is led by Sean Peisert.

Secure and Private Acquisition, Storage, and Analysis of Medical Sensor Data

This project is developing a system-based workflow to securely acquire wireless data from mechanical ventilators in critical care environments, and leverage scalable web-based analytic platforms to advance data analytics and visualization of issues surrounding patients with respiratory failure.

Host and Network Resilience

This project focused on mapping and analyzing the qualities of resilient networks by investigating components of redundancy, diversity, quality of service, etc… The project’s goal is to be able to quantify and compare the resilience of networks in a scientifically meaningful way. This project was led at LBNL by Sean Peisert.

Symbiosis in Byzantine Fault Tolerance and Intrusion Detection

This project was funded by NSF’s SaTC program, and was co-led by Sean Peisert. The theme of this effort was to integrate Byzantine fault-tolerance (BFT) into intrusion detection systems (IDS), at both the fundamental and system levels, thereby improving both BFT and IDS. potential to improve BFT.

NetSage - an open privacy-aware network measurement, analysis, and visualization service

NetSage is a network measurement, analysis and visualization service funded by the National Science Foundation and is designed to address the needs of today’s international networks. This project is co-led by Sean Peisert at LBNL.

Cyber Security of Power Distribution Systems by Detecting Differences Between Real-time Micro-Synchrophasor Measurements and Cyber-Reported SCADA

This project is using micro-PMU measurements and SCADA commands to develop a system to detect cyberattacks against the power distribution grid. It is funded by DOE OE’s CEDS program and is led by Sean Peisert.

NNSA Cyber Sciences Lab (CSL)

Using seed funding from the NNSA CIO, this consortium of eight DOE laboratories worked to form an enduring, national computer security research laboratory to address cybersecurity threats. LBNL’s effort was led by Deb Agarwal and Sean Peisert.

The Hive Mind: Applying a Distributed Security Sensor Network to GENI.

This project sought to define and prototype a security layer using a method of intrusion detection based on mobile agents and swarm intelligence. The project was funded by NSF’s CISE Directorate, and was led by Sean Peisert.

Application of Cyber Security Techniques in the Protection of Efficient Cyber-Physical Energy Generation Systems

The goal of this project was to design and implement a measurement network, which can detect and report the resultant impact of cyber security attacks on the distribution system network. It was funded by DOE OE’s CEDS program and was co-led by Chuck McParland and Sean Peisert.

A Mathematical and Data-Driven Approach to Intrusion Detection for High-Performance Computing

This project developed mathematical and statistical techniques to analyze the secure access and use of high-performance computer systems. It was funded by DOE ASCR and was originally led by David H. Bailey.

I3P Data Sanitization

This project looked at defining means for understanding what data can be sanitized, and how. At LBNL, this project was led by Sean Peisert and was funded by the Institute for Information Infrastructure Protection (I3P).

Computer Forensics

This project is looking at establishing a rigorous, scientific model of forensic logging and analysis that is both efficient and effective at establishing the data that is necessary to record in order to understand past events. This work was led by Sean Peisert.

Insider Threat

This project looked at defining, analyzing, and seeking methods of ameliorating the insider threat.