The Berkeley Lab Data Science and Technology Department is an active participant in a number of projects in the arena of computer security. Its mission-driven emphasis has historically focused on security for science, including high-performance computing and high-throughput networking environments, and security of cyber-physical systems, notably in the power grid. These projects include collaborations with UC Berkeley, UC Davis, and numerous other academic, National Lab, and industry partners. Research sponsors have included DOE’s ASCR program, DOE’s CEDS program, NNSA, NSF’s SaTC program, and NSF’s OAC, among others.
LBNL has had a leadership role in security in scientific computing environments for many years, including the development of the Zeek/Bro Network Security Monitor, as well as leading several DOE-sponsored activities related to defining a cybersecurity research program within the DOE Office of Science. More recently, LBNL led the coordination of the “Cyber R&D” Enterprise Cyber Capability (ECC) of the DOE-wide Integrated Joint Cybersecurity Coordination Center (iJC3) — a sponsored R&D program involving ten DOE National Laboratories as performers. LBNL is currently a co-lead of Trusted CI, the NSF Cybersecurity Center of Excellence.
Recent highlights of DST’s cybersecurity R&D activities include:
Development of techniques for “fingerprinting” the use of high-performance computing resources using both on-system and off-system side channels.
Development of the Medical Science DMZ design pattern as a method that allows data flows at scale while simultaneously addressing the HIPAA Security Rule and related regulations governing biomedical data and appropriately managing risk.
Development of research challenges and a roadmap for co-designing high-performance computing systems with security built in.
Development of security monitoring systems for cyber-physical systems that integrate insights about the physical limitations of those systems into network security monitoring and that leverage high-resolution physical sensors combined with SCADA to identify cyberattacks on power grid distribution systems.