Projects | CSRC

<!DOCTYPE html> <html lang="en-us" xml:lang="en-us"> <head> <meta charset="utf-8" /> <title>Projects | CSRC</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta http-equiv="content-script-type" content="text/javascript" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="msapplication-config" content="/CSRC/Media/images/favicons/browserconfig.xml" /> <meta name="theme-color" content="#000000" /> <meta name="google-site-verification" content="xbrnrVYDgLD-Bd64xHLCt4XsPXzUhQ-4lGMj4TdUUTA" /> <meta name="description" content="News and Updates from NIST's Computer Security and Applied Cybersecurity Divisions." /> <link rel="apple-touch-icon" sizes="180x180" href="/images/icons/apple-touch-icon.png" /> <link rel="icon" type="image/png" href="/images/icons/favicon-32x32.png" sizes="32x32" /> <link rel="icon" type="image/png" href="/images/icons/favicon-16x16.png" sizes="16x16" /> <link rel="manifest" href="/images/icons/manifest.json" /> <link rel="mask-icon" href="/images/icons/safari-pinned-tab.svg" color="#000000" /> <link href="/CSRC/Media/images/favicons/favicon.ico" type="image/x-icon" rel="shortcut icon" /> <link href="/CSRC/Media/images/favicons/favicon.ico" type="image/x-icon" rel="icon" /> <link href="/dist/app.css" rel="stylesheet" />  <link href="/dist/highlight-js/github.css" rel="stylesheet" />  <link href="/dist/uswds/css/uswds.css" type="text/css" rel="stylesheet" /> <script type="text/javascript" src="/dist/uswds/js/uswds-init.min.js"></script>  <style> .grecaptcha-badge { visibility: hidden; } </style> <script async type="text/javascript" id="_fed_an_ua_tag" src="https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=nist&subagency=csrc&pua=UA-66610693-15&yt=true&exts=xsd,xml,wav,mpg,mpeg,avi,rtf,webm,ogg,ogv,oga,map,otf,eot,svg,ttf,woff"></script> <style id="antiClickjackCss"> body > * { display: none !important; } #antiClickjack { display: block !important; } </style> <noscript> <style id="antiClickjackNoScript"> body > * { display: block !important; } #antiClickjack { display: none !important; } </style> </noscript> <script type="text/javascript" id="antiClickjackScript"> if (self === top) { // no clickjacking var antiClickjack = document.getElementById("antiClickjackCss"); antiClickjack.parentNode.removeChild(antiClickjack); } else { setTimeout(tryForward(), 5000); } function tryForward() { top.location = self.location; } </script>  <script async src="https://www.googletagmanager.com/gtag/js?id=G-TSQ0PLGJZP"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-TSQ0PLGJZP'); </script>  <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-MZQC4NCJ');</script>  </head> <body>  <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-MZQC4NCJ" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>  <div id="antiClickjack" style="display: none;"> <strong style="font-size: 1.6rem;">You are viewing this page in an unauthorized frame window.</strong> <p>This is a potential security issue, you are being redirected to <a href="https://csrc.nist.gov">https://csrc.nist.gov</a>.</p> </div> <section class="usa-banner" aria-label="Official website of the United States government"> <div class="usa-accordion"> <header class="usa-banner__header"> <noscript> <p style="font-size: 0.85rem; font-weight: bold;">You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.</p> </noscript> <div class="usa-banner__inner"> <div class="grid-col-auto"> <img aria-hidden="true" class="usa-banner__header-flag" src="/dist/uswds/img/us_flag_small.png" alt=""/> </div> <div class="grid-col-fill tablet:grid-col-auto" aria-hidden="true"> <p class="usa-banner__header-text"> An official website of the United States government </p> <p class="usa-banner__header-action">Here’s how you know</p> </div> <button type="button" class="usa-accordion__button usa-banner__button" aria-expanded="false" aria-controls="gov-banner-default"> <span class="usa-banner__button-text">Here’s how you know</span> </button> </div> </header> <div class="usa-banner__content usa-accordion__content" id="gov-banner-default"> <div class="grid-row grid-gap-lg"> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/dist/uswds/img/icon-dot-gov.svg" role="img" alt="" aria-hidden="true"/> <div class="usa-media-block__body"> <p> <strong>Official websites use .gov</strong><br/>A <strong>.gov</strong> website belongs to an official government organization in the United States. </p> </div> </div> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/dist/uswds/img/icon-https.svg" role="img" alt="" aria-hidden="true"/> <div class="usa-media-block__body"> <p> <strong>Secure .gov websites use HTTPS</strong><br/>A <strong>lock</strong> ( <span class="icon-lock"> <svg xmlns="http://www.w3.org/2000/svg" width="52" height="64" viewBox="0 0 52 64" class="usa-banner__lock-image" role="img" aria-labelledby="banner-lock-description-default" focusable="false"> <title id="banner-lock-title-default">Lock</title> <desc id="banner-lock-description-default">Locked padlock icon</desc> <path fill="#000000" fill-rule="evenodd" d="M26 0c10.493 0 19 8.507 19 19v9h3a4 4 0 0 1 4 4v28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V32a4 4 0 0 1 4-4h3v-9C7 8.507 15.507 0 26 0zm0 8c-5.979 0-10.843 4.77-10.996 10.712L15 19v9h22v-9c0-6.075-4.925-11-11-11z"/> </svg> </span >) or <strong>https://</strong> means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites. </p> </div> </div> </div> </div> </div> </section> <nav id="navbar" class="navbar"> <div id="nist-menu-container" class="container"> <div class="row">  <div class="col-xs-6 col-md-4 navbar-header"> <a class="navbar-brand" href="https://www.nist.gov" target="_blank" id="navbar-brand-image"> <img src="/CSRC/media/images/svg/nist-logo.svg" alt="National Institute of Standards and Technology" width="110" height="30"> </a> </div> <div class="col-xs-6 col-md-8 navbar-nist-logo"> <div class="form-inline hidden-sm hidden-xs"> <form name="site-search" id="site-search-form" action="/search" method="GET"> <label for="search-csrc-query" class="element-invisible">Search</label> <input autocomplete="off" class="form-control" id="search-csrc-query" name="keywords" type="text" size="15" maxlength="128" placeholder="Search CSRC" /> <input type="hidden" name="ipp" value="25" /> <input type="hidden" name="sortBy" value="relevance" /> <input type="hidden" name="showOnly" value="publications,projects,news,events,presentations,glossary,topics" /> <input type="hidden" name="topicsMatch" value="ANY" /> <input type="hidden" name="status" value="Final,Draft" /> <button type="submit" id="search-csrc-submit-btn" class="form-submit"> <span class="element-invisible">Search</span> <i class="fa fa-search"></i> </button> </form> </div> <span id="nvd-menu-button" class="pull-right"> <a href="#" id="nvd-menu-button-link"> <span class="fa fa-bars"></span> <span id="nvd-menu-full-text">CSRC MENU</span> </a> </span> </div> </div> </div> <div class="form-inline hidden-md hidden-lg"> <form name="site-search-mobile" id="site-search-form-mobile" action="/search" method="GET"> <label for="search-csrc-query-mobile" class="element-invisible">Search</label> <input autocomplete="off" class="form-control" id="search-csrc-query-mobile" name="keywords" type="text" size="15" maxlength="128" placeholder="Search CSRC" /> <button type="submit" id="search-csrc-submit-btn-mobile" class="form-submit"> <span class="element-invisible">Search</span> <i class="fa fa-search"></i> </button> </form> </div> <div class="main-menu-row container">  <div id="main-menu-drop" class="col-lg-12" style="display: none;"> <ul> <li><a href="/projects">Projects</a></li> <li> <a href="/publications"> Publications <span class="expander fa fa-plus" id="main-menu-pubs-expander" data-expander-name="publications" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="publications" id="main-menu-pubs-expanded"> <div class="row"> <div class="col-lg-4"> <p><a href="/publications/drafts-open-for-comment">Drafts for Public Comment</a></p> <p><a href="/publications/draft-pubs">All Public Drafts</a></p> <p><a href="/publications/final-pubs">Final Pubs</a></p> <p><a href="/publications/fips">FIPS <small>(standards)</small></a></p> </div> <div class="col-lg-4"> <p><a href="/publications/sp">Special Publications (SP<small>s</small>)</a></p> <p><a href="/publications/ir">IR <small>(interagency/internal reports)</small></a></p> <p><a href="/publications/cswp">CSWP <small>(cybersecurity white papers)</small></a></p> <p><a href="/publications/itl-bulletin">ITL Bulletins</a></p> </div> <div class="col-lg-4"> <p><a href="/publications/project-description">Project Descriptions</a></p> <p><a href="/publications/journal-article">Journal Articles</a></p> <p><a href="/publications/conference-paper">Conference Papers</a></p> <p><a href="/publications/book">Books</a></p> </div> </div> </div> </li> <li> <a href="/topics"> Topics <span class="expander fa fa-plus" id="main-menu-topics-expander" data-expander-name="topics" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="topics" id="main-menu-topics-expanded"> <div class="row"> <div class="col-lg-4"> <p><a href="/Topics/Security-and-Privacy">Security & Privacy</a></p> <p><a href="/Topics/Applications">Applications</a></p> </div> <div class="col-lg-4"> <p><a href="/Topics/Technologies">Technologies</a></p> <p><a href="/Topics/Sectors">Sectors</a></p> </div> <div class="col-lg-4"> <p><a href="/Topics/Laws-and-Regulations">Laws & Regulations</a></p> <p><a href="/Topics/Activities-and-Products">Activities & Products</a></p> </div> </div> </div> </li> <li><a href="/news">News & Updates</a></li> <li><a href="/events">Events</a></li> <li><a href="/glossary">Glossary</a></li> <li> <a href="/about"> About CSRC <span class="expander fa fa-plus" id="main-menu-about-expander" data-expander-name="about" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="about" id="main-menu-about-expanded"> <div class="row"> <div class="col-lg-6"> <p> <strong><a href="/Groups/Computer-Security-Division">Computer Security Division</a></strong><br /> <ul> <li><a href="/Groups/Computer-Security-Division/Cryptographic-Technology">Cryptographic Technology</a></li> <li><a href="/Groups/Computer-Security-Division/Secure-Systems-and-Applications">Secure Systems and Applications</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Components-and-Mechanisms">Security Components and Mechanisms</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Engineering-and-Risk-Management">Security Engineering and Risk Management</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Testing-Validation-and-Measurement">Security Testing, Validation, and Measurement</a></li> </ul> </p> </div> <div class="col-lg-6"> <p> <strong><a href="/Groups/Applied-Cybersecurity-Division">Applied Cybersecurity Division</a></strong><br /> <ul> <li><a href="/Groups/Applied-Cybersecurity-Division/Cybersecurity-and-Privacy-Applications">Cybersecurity and Privacy Applications</a></li> <li><a href="/Groups/Applied-Cybersecurity-Division/National-Cybersecurity-Center-of-Excellence">National Cybersecurity Center of Excellence (NCCoE)</a></li> <li><a href="https://www.nist.gov/nice/">National Initiative for Cybersecurity Education (NICE)</a></li> </ul> </p> <p> <a href="/contact"> Contact Us </a> </p> </div> </div> </div> </li> </ul> </div> </div> </nav> <section id="itl-header" class="has-menu"> <div class="container"> <div class="row"> <div class="col-sm-12 col-md-8"> <div class="hidden-xs hidden-sm" id="itl-header-lg"> <a href="https://www.nist.gov/itl" target="_blank" id="itl-header-link">Information Technology Laboratory</a> </div> <div class="hidden-xs hidden-sm" id="csrc-header-lg"> <a href="/" id="csrc-header-link-lg">Computer Security Resource Center</a> </div> </div> <div class="col-sm-12 col-md-4"> <div class="hidden-xs hidden-sm hidden-md"> <a id="logo-csrc-lg" href="/"><img id="img-logo-csrc-lg" src="/CSRC/Media/images/nist-logo-csrc-white.svg" alt="CSRC Logo" class="csrc-header-logo"></a> </div> <div class="hidden-lg"> <a id="logo-csrc-sm" href="/"><img id="img-logo-csrc-sm" src="/CSRC/Media/images/nist-logo-csrc-white.svg" alt="CSRC Logo" class="csrc-header-logo"></a> </div> </div> </div> </div> </section> <div id="body-section" class="container"> <div class="project-content"> <div class="row"> <div class="col-lg-3 col-md-4 hidden-sm hidden-xs hidden-xxs"> <ul class="side-nav" id="left-side-navigation"> <li><a href="/projects">Projects</a></li> <li> <a href="/publications"> Publications <span class="expander fa fa-plus" id="side-menu-pubs-expander" data-expander-name="publicationsSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="publicationsSide" id="side-menu-pubs-expanded"> <ul> <li><a href="/publications/drafts-open-for-comment">Drafts for Public Comment</a></li> <li><a href="/publications/draft-pubs">All Public Drafts</a></li> <li><a href="/publications/sp">NIST Special Publications (SPs)</a></li> <li><a href="/publications/fips">FIPS</a></li> <li><a href="/publications/nistir">NIST interagency/internal reports (NISTIRs)</a></li> <li><a href="/publications/itl-bulletin">ITL Bulletins</a></li> <li><a href="/publications/white-paper">White Papers</a></li> <li><a href="/publications/journal-article">Journal Articles</a></li> <li><a href="/publications/conference-paper">Conference Papers</a></li> <li><a href="/publications/book">Books</a></li> </ul> </div> </li> <li> <a href="/topics"> Topics <span class="expander fa fa-plus" id="side-menu-topics-expander" data-expander-name="topicsSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="topicsSide" id="side-menu-topics-expanded"> <ul> <li><a href="/Topics/Security-and-Privacy">Security & Privacy</a></li> <li><a href="/Topics/Applications">Applications</a></li> <li><a href="/Topics/Technologies">Technologies</a></li> <li><a href="/Topics/Sectors">Sectors</a></li> <li><a href="/Topics/Laws-and-Regulations">Laws & Regulations</a></li> <li><a href="/Topics/Activities-and-Products">Activities & Products</a></li> </ul> </div> </li> <li><a href="/news">News & Updates</a></li> <li><a href="/events">Events</a></li> <li><a href="/glossary">Glossary</a></li> <li> <a href="/about"> About CSRC <span class="expander fa fa-plus" id="side-menu-about-expander" data-expander-name="aboutSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="aboutSide" id="side-menu-about-expanded"> <strong><a href="/Groups/Computer-Security-Division">Computer Security Division</a></strong><br /> <ul> <li><a href="/Groups/Computer-Security-Division/Cryptographic-Technology">Cryptographic Technology</a></li> <li><a href="/Groups/Computer-Security-Division/Secure-Systems-and-Applications">Secure Systems and Applications</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Components-and-Mechanisms">Security Components and Mechanisms</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Engineering-and-Risk-Management">Security Engineering and Risk Management</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Testing-Validation-and-Measurement">Security Testing, Validation, and Measurement</a></li> </ul> <strong><a href="/Groups/Applied-Cybersecurity-Division">Applied Cybersecurity Division</a></strong><br /> <ul> <li><a href="/Groups/Applied-Cybersecurity-Division/Cybersecurity-and-Privacy-Applications">Cybersecurity and Privacy Applications</a></li> <li><a href="/Groups/Applied-Cybersecurity-Division/National-Cybersecurity-Center-of-Excellence">National Cybersecurity Center of Excellence (NCCoE)</a></li> <li><a href="https://www.nist.gov/nice/">National Initiative for Cybersecurity Education (NICE)</a></li> </ul> <strong><a href="/contact-us">Contact Us</a></strong> </div> </li> </ul> <form action="/projects" class="bs-callout bs-callout-success csrc-search-form" data-csrc-form="true" data-default-query="sortBy-lg=name+asc" data-form-ignore-default="sortBy" data-form-name="projectSearchDesktop" id="searchForm-lg" method="get"> <div class="form-group"> <label for="keywords-lg">Search</label> <input Name="keywords-lg" class="form-control" data-val="true" data-val-length="The field Search must be a string with a maximum length of 255." data-val-length-max="255" id="keywords-lg" name="Form.Keywords" type="text" value="" /> <em class="text-muted">Search Project Name, Acronym, Description</em> </div> <div class="form-group"> <label for="sortBy-lg">Sort By</label> <div class="form-inline"> <select Name="sortBy-lg" class="form-control form-control-full" id="sortBy-lg" name="Form.SortBy"><option selected="selected" value="relevance">Relevance (best match)</option> <option value="name asc">Project Name (A-Z)</option> <option value="name desc">Project Name (Z-A)</option> </select> </div> </div> <div class="form-group form-inline"> <label for="ipp-lg" class="form-control-half">Items Per Page</label> <select Name="ipp-lg" class="form-control" id="ipp-lg" name="Form.ItemsPerPage"><option selected="selected" value="25">25</option> <option value="50">50</option> <option value="75">75</option> <option value="100">100</option> <option value="all">All</option> </select> </div> <div class="form-group"> <label for="topics-lg">Topics</label> <input Name="topics-lg" id="topics-lg" name="Form.Topics" type="hidden" value="" /> <div class="form-control topics-selection" id="topicsSelection-lg" contenteditable="true" data-drop-target="projects-search-topics-drop" data-field-name="topics-lg" aria-haspopup="true"> </div> <div class="topics-selection-dropdown desktop" id="projects-search-topics-drop" style="display: none;" data-topics-selector=""><div class="col-sm-4"><strong>Security and Privacy</strong><br/> <ul><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27481" data-expander-for="/topics/security-and-privacy/cryptography"></i> <a data-topic-id="27481" data-topic-text="cryptography">cryptography</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27647" data-topic-text="digital signatures">digital signatures</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27648" data-topic-text="encryption">encryption</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27649" data-topic-text="key management">key management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="30027" data-topic-text="lightweight cryptography">lightweight cryptography</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27650" data-topic-text="message authentication">message authentication</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27651" data-topic-text="post-quantum cryptography">post-quantum cryptography</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27652" data-topic-text="random number generation">random number generation</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27653" data-topic-text="secure hashing">secure hashing</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27482" data-topic-text="cybersecurity supply chain risk management">cybersecurity supply chain risk management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27483" data-topic-text="general security & privacy">general security & privacy</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27484" data-expander-for="/topics/security-and-privacy/identity-and-access-management"></i> <a data-topic-id="27484" data-topic-text="identity & access management">identity & access management</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27663" data-topic-text="access authorization">access authorization</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27664" data-topic-text="access control">access control</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-27484-27665" data-expander-for="/topics/security-and-privacy/identity-and-access-management/authentication"></i> <a data-topic-id="27665" data-topic-text="authentication">authentication</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="36230" data-topic-text="passwords">passwords</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27666" data-topic-text="Personal Identity Verification">Personal Identity Verification</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27667" data-topic-text="public key infrastructure">public key infrastructure</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27485" data-expander-for="/topics/security-and-privacy/privacy"></i> <a data-topic-id="27485" data-topic-text="privacy">privacy</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27680" data-topic-text="personally identifiable information">personally identifiable information</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27681" data-topic-text="privacy engineering">privacy engineering</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27486" data-expander-for="/topics/security-and-privacy/risk-management"></i> <a data-topic-id="27486" data-topic-text="risk management">risk management</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27682" data-topic-text="categorization">categorization</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27683" data-topic-text="continuous monitoring">continuous monitoring</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-27486-27684" data-expander-for="/topics/security-and-privacy/risk-management/controls"></i> <a data-topic-id="27684" data-topic-text="controls">controls</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27767" data-topic-text="controls assessment">controls assessment</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27768" data-topic-text="privacy controls">privacy controls</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27769" data-topic-text="security controls">security controls</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27685" data-topic-text="risk assessment">risk assessment</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27686" data-topic-text="roots of trust">roots of trust</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27687" data-topic-text="system authorization">system authorization</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-27486-27688" data-expander-for="/topics/security-and-privacy/risk-management/threats"></i> <a data-topic-id="27688" data-topic-text="threats">threats</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27770" data-topic-text="advanced persistent threats">advanced persistent threats</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27771" data-topic-text="botnets">botnets</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27772" data-topic-text="information sharing">information sharing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27773" data-topic-text="intrusion detection & prevention">intrusion detection & prevention</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27774" data-topic-text="malware">malware</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36185" data-topic-text="phishing">phishing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="37080" data-topic-text="ransomware">ransomware</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27689" data-topic-text="vulnerability management">vulnerability management</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27487" data-expander-for="/topics/security-and-privacy/security-and-behavior"></i> <a data-topic-id="27487" data-topic-text="security & behavior">security & behavior</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27709" data-topic-text="accessibility">accessibility</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27710" data-topic-text="behavior">behavior</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27711" data-topic-text="usability">usability</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27488" data-expander-for="/topics/security-and-privacy/security-measurement"></i> <a data-topic-id="27488" data-topic-text="security measurement">security measurement</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27690" data-topic-text="analytics">analytics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27691" data-topic-text="assurance">assurance</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27692" data-topic-text="modeling">modeling</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27693" data-topic-text="testing & validation">testing & validation</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27489" data-expander-for="/topics/security-and-privacy/security-programs-and-operations"></i> <a data-topic-id="27489" data-topic-text="security programs & operations">security programs & operations</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27694" data-topic-text="acquisition">acquisition</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27695" data-topic-text="asset management">asset management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27696" data-topic-text="audit & accountability">audit & accountability</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27697" data-topic-text="awareness training & education">awareness training & education</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27698" data-topic-text="configuration management">configuration management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27699" data-topic-text="contingency planning">contingency planning</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27700" data-topic-text="incident response">incident response</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27701" data-topic-text="maintenance">maintenance</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27702" data-topic-text="media protection">media protection</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27703" data-topic-text="patch management">patch management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27704" data-topic-text="personnel security">personnel security</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27705" data-topic-text="physical & environmental protection">physical & environmental protection</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27706" data-topic-text="planning">planning</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27707" data-topic-text="program management">program management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27708" data-topic-text="security automation">security automation</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24670-27490" data-expander-for="/topics/security-and-privacy/systems-security-engineering"></i> <a data-topic-id="27490" data-topic-text="systems security engineering">systems security engineering</a><ul style="display: none;"><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-27490-27713" data-expander-for="/topics/security-and-privacy/systems-security-engineering/trustworthiness"></i> <a data-topic-id="27713" data-topic-text="trustworthiness">trustworthiness</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27775" data-topic-text="reliability">reliability</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27776" data-topic-text="resilience">resilience</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27777" data-topic-text="safety">safety</a></li></ul> </li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="28469" data-topic-text="zero trust">zero trust</a></li></ul><strong>Technologies</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27491" data-topic-text="artificial intelligence">artificial intelligence</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27492" data-topic-text="big data">big data</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27493" data-topic-text="biometrics">biometrics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27494" data-topic-text="blockchain">blockchain</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27495" data-topic-text="cloud & virtualization">cloud & virtualization</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27496" data-topic-text="combinatorial testing">combinatorial testing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27497" data-topic-text="complexity">complexity</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24671-27499" data-expander-for="/topics/technologies/hardware"></i> <a data-topic-id="27499" data-topic-text="hardware">hardware</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27714" data-topic-text="circuits">circuits</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27715" data-topic-text="personal computers">personal computers</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36763" data-topic-text="semiconductors">semiconductors</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27716" data-topic-text="sensors">sensors</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27498" data-topic-text="mobile">mobile</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24671-27500" data-expander-for="/topics/technologies/networks"></i> <a data-topic-id="27500" data-topic-text="networks">networks</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27717" data-topic-text="email">email</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27718" data-topic-text="firewalls">firewalls</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27719" data-topic-text="internet">internet</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27501" data-topic-text="quantum information science">quantum information science</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27502" data-topic-text="servers">servers</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27503" data-topic-text="smart cards">smart cards</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24671-27504" data-expander-for="/topics/technologies/software-firmware"></i> <a data-topic-id="27504" data-topic-text="software & firmware">software & firmware</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27720" data-topic-text="BIOS">BIOS</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27721" data-topic-text="databases">databases</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27722" data-topic-text="operating systems">operating systems</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27505" data-topic-text="storage">storage</a></li></ul></div><div class="col-sm-4"><strong>Applications</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27456" data-topic-text="communications & wireless">communications & wireless</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27457" data-topic-text="cyber-physical systems">cyber-physical systems</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27458" data-topic-text="cybersecurity education">cybersecurity education</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27459" data-topic-text="cybersecurity framework">cybersecurity framework</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27460" data-topic-text="cybersecurity workforce">cybersecurity workforce</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27461" data-topic-text="enterprise">enterprise</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27462" data-topic-text="forensics">forensics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27463" data-topic-text="industrial control systems">industrial control systems</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27464" data-topic-text="Internet of Things">Internet of Things</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="29979" data-topic-text="mathematics">mathematics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27920" data-topic-text="positioning navigation & timing">positioning navigation & timing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27465" data-topic-text="small & medium business">small & medium business</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27466" data-topic-text="telework">telework</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27467" data-topic-text="voting">voting</a></li></ul><strong>Laws and Regulations</strong><br/> <ul><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24673-27468" data-expander-for="/topics/laws-and-regulations/executive-documents"></i> <a data-topic-id="27468" data-topic-text="executive documents">executive documents</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27668" data-topic-text="Comprehensive National Cybersecurity Initiative">Comprehensive National Cybersecurity Initiative</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27669" data-topic-text="Cybersecurity Strategy and Implementation Plan">Cybersecurity Strategy and Implementation Plan</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27670" data-topic-text="Cyberspace Policy Review">Cyberspace Policy Review</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27671" data-topic-text="Executive Order 13636">Executive Order 13636</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27672" data-topic-text="Executive Order 13702">Executive Order 13702</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27673" data-topic-text="Executive Order 13718">Executive Order 13718</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27674" data-topic-text="Executive Order 13800">Executive Order 13800</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27921" data-topic-text="Executive Order 13905">Executive Order 13905</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="28468" data-topic-text="Executive Order 14028">Executive Order 14028</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36202" data-topic-text="Executive Order 14110">Executive Order 14110</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27675" data-topic-text="Federal Cybersecurity Research and Development Strategic Plan">Federal Cybersecurity Research and Development Strategic Plan</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27676" data-topic-text="Homeland Security Presidential Directive 7">Homeland Security Presidential Directive 7</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27677" data-topic-text="Homeland Security Presidential Directive 12">Homeland Security Presidential Directive 12</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27678" data-topic-text="OMB Circular A-11">OMB Circular A-11</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27679" data-topic-text="OMB Circular A-130">OMB Circular A-130</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24673-27469" data-expander-for="/topics/laws-and-regulations/laws"></i> <a data-topic-id="27469" data-topic-text="laws">laws</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="35985" data-topic-text="CHIPS and Science Act">CHIPS and Science Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27654" data-topic-text="Cyber Security R&D Act">Cyber Security R&D Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27655" data-topic-text="Cybersecurity Enhancement Act">Cybersecurity Enhancement Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27656" data-topic-text="E-Government Act">E-Government Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27657" data-topic-text="Energy Independence and Security Act">Energy Independence and Security Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27658" data-topic-text="Federal Information Security Modernization Act">Federal Information Security Modernization Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27659" data-topic-text="First Responder Network Authority">First Responder Network Authority</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27660" data-topic-text="Health Insurance Portability and Accountability Act">Health Insurance Portability and Accountability Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27661" data-topic-text="Help America Vote Act">Help America Vote Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="28580" data-topic-text="Internet of Things Cybersecurity Improvement Act">Internet of Things Cybersecurity Improvement Act</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24673-27470" data-expander-for="/topics/laws-and-regulations/regulations"></i> <a data-topic-id="27470" data-topic-text="regulations">regulations</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27662" data-topic-text="Federal Acquisition Regulation">Federal Acquisition Regulation</a></li></ul> </li></ul></div><div class="col-sm-4"><strong>Activities and Products</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27452" data-topic-text="annual reports">annual reports</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27453" data-topic-text="conferences & workshops">conferences & workshops</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="30210" data-topic-text="groups">groups</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36366" data-topic-text="quick-start guides">quick-start guides</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27454" data-topic-text="reference materials">reference materials</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27455" data-topic-text="standards development">standards development</a></li></ul><strong>Sectors</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27471" data-topic-text="aerospace">aerospace</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-pstl-24675-27472" data-expander-for="/topics/sectors/energy"></i> <a data-topic-id="27472" data-topic-text="energy">energy</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27712" data-topic-text="smart grid">smart grid</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27473" data-topic-text="financial services">financial services</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27474" data-topic-text="healthcare">healthcare</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27475" data-topic-text="hospitality">hospitality</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27476" data-topic-text="manufacturing">manufacturing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27477" data-topic-text="public safety">public safety</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27478" data-topic-text="retail">retail</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27479" data-topic-text="telecommunications">telecommunications</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27480" data-topic-text="transportation">transportation</a></li></ul></div></div> <div class="form-inline topics-type"> <label class="radio-label">Match ANY: <input Name="topicsMatch-lg" checked="checked" id="topicsMatchAny-lg" name="Form.TopicsMatch" type="radio" value="ANY" /></label> <label class="radio-label">Match ALL: <input Name="topicsMatch-lg" id="topicsMatchAll-lg" name="Form.TopicsMatch" type="radio" value="ALL" /></label> </div> </div> <div style="display: none;" data-form-error-pane="true" class="text-danger"> <strong class="text-danger">Please fix the following:</strong> <ul data-form-error-list="true"> </ul> <div class="validation-summary-valid" data-valmsg-summary="true"><ul><li style="display:none"></li> </ul></div> </div> <div class="form-group"> <button type="submit" id="submit-lg" name="submit-btn" data-form-button="submit" class="btn">Search</button> <button type="reset" id="reset-lg" name="reset-btn" data-form-button="reset" class="btn">Reset</button> </div> </form> </div> <div class="col-lg-9 col-md-8 col-sm-12 col-xs-12 col-xxs-12"> <h1>Projects</h1> <form action="/projects" class="bs-callout bs-callout-success csrc-search-form hidden-lg hidden-md mobile-form" data-csrc-form="true" data-default-query="sortBy-sm=name+asc" data-form-ignore-default="sortBy" data-form-name="projectSearchMobile" id="searchForm-sm" method="get"> <div class="form-group"> <label for="keywords-sm">Search</label> <input Name="keywords-sm" class="form-control" data-val="true" data-val-length="The field Search must be a string with a maximum length of 255." data-val-length-max="255" id="keywords-sm" name="Form.Keywords" type="text" value="" /> <em class="text-muted">Search Project Name, Acronym, Description</em> </div> <div class="form-group"> <label for="sortBy-sm">Sort By</label> <div class="form-inline"> <select Name="sortBy-sm" class="form-control form-control-full" id="sortBy-sm" name="Form.SortBy"><option selected="selected" value="relevance">Relevance (best match)</option> <option value="name asc">Project Name (A-Z)</option> <option value="name desc">Project Name (Z-A)</option> </select> </div> </div> <div class="form-group form-inline"> <label for="ipp-sm" class="form-control-half">Items Per Page</label> <select Name="ipp-sm" class="form-control" id="ipp-sm" name="Form.ItemsPerPage"><option selected="selected" value="25">25</option> <option value="50">50</option> <option value="75">75</option> <option value="100">100</option> <option value="all">All</option> </select> </div> <div class="form-group"> <label for="topics-sm">Topics</label> <input Name="topics-sm" id="topics-sm" name="Form.Topics" type="hidden" value="" /> <div class="form-control topics-selection" id="topicsSelection-sm" contenteditable="true" data-drop-target="projects-search-topics-drop-sm" data-field-name="topics-sm" aria-haspopup="true"> </div> <div class="topics-selection-dropdown mobile" id="projects-search-topics-drop-sm" style="display: none;" data-topics-selector=""><div class="col-sm-4"><strong>Security and Privacy</strong><br/> <ul><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27481" data-expander-for="/topics/security-and-privacy/cryptography"></i> <a data-topic-id="27481" data-topic-text="cryptography">cryptography</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27647" data-topic-text="digital signatures">digital signatures</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27648" data-topic-text="encryption">encryption</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27649" data-topic-text="key management">key management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="30027" data-topic-text="lightweight cryptography">lightweight cryptography</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27650" data-topic-text="message authentication">message authentication</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27651" data-topic-text="post-quantum cryptography">post-quantum cryptography</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27652" data-topic-text="random number generation">random number generation</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27653" data-topic-text="secure hashing">secure hashing</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27482" data-topic-text="cybersecurity supply chain risk management">cybersecurity supply chain risk management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27483" data-topic-text="general security & privacy">general security & privacy</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27484" data-expander-for="/topics/security-and-privacy/identity-and-access-management"></i> <a data-topic-id="27484" data-topic-text="identity & access management">identity & access management</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27663" data-topic-text="access authorization">access authorization</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27664" data-topic-text="access control">access control</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-27484-27665" data-expander-for="/topics/security-and-privacy/identity-and-access-management/authentication"></i> <a data-topic-id="27665" data-topic-text="authentication">authentication</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="36230" data-topic-text="passwords">passwords</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27666" data-topic-text="Personal Identity Verification">Personal Identity Verification</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27667" data-topic-text="public key infrastructure">public key infrastructure</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27485" data-expander-for="/topics/security-and-privacy/privacy"></i> <a data-topic-id="27485" data-topic-text="privacy">privacy</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27680" data-topic-text="personally identifiable information">personally identifiable information</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27681" data-topic-text="privacy engineering">privacy engineering</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27486" data-expander-for="/topics/security-and-privacy/risk-management"></i> <a data-topic-id="27486" data-topic-text="risk management">risk management</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27682" data-topic-text="categorization">categorization</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27683" data-topic-text="continuous monitoring">continuous monitoring</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-27486-27684" data-expander-for="/topics/security-and-privacy/risk-management/controls"></i> <a data-topic-id="27684" data-topic-text="controls">controls</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27767" data-topic-text="controls assessment">controls assessment</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27768" data-topic-text="privacy controls">privacy controls</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27769" data-topic-text="security controls">security controls</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27685" data-topic-text="risk assessment">risk assessment</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27686" data-topic-text="roots of trust">roots of trust</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27687" data-topic-text="system authorization">system authorization</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-27486-27688" data-expander-for="/topics/security-and-privacy/risk-management/threats"></i> <a data-topic-id="27688" data-topic-text="threats">threats</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27770" data-topic-text="advanced persistent threats">advanced persistent threats</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27771" data-topic-text="botnets">botnets</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27772" data-topic-text="information sharing">information sharing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27773" data-topic-text="intrusion detection & prevention">intrusion detection & prevention</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27774" data-topic-text="malware">malware</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36185" data-topic-text="phishing">phishing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="37080" data-topic-text="ransomware">ransomware</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27689" data-topic-text="vulnerability management">vulnerability management</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27487" data-expander-for="/topics/security-and-privacy/security-and-behavior"></i> <a data-topic-id="27487" data-topic-text="security & behavior">security & behavior</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27709" data-topic-text="accessibility">accessibility</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27710" data-topic-text="behavior">behavior</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27711" data-topic-text="usability">usability</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27488" data-expander-for="/topics/security-and-privacy/security-measurement"></i> <a data-topic-id="27488" data-topic-text="security measurement">security measurement</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27690" data-topic-text="analytics">analytics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27691" data-topic-text="assurance">assurance</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27692" data-topic-text="modeling">modeling</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27693" data-topic-text="testing & validation">testing & validation</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27489" data-expander-for="/topics/security-and-privacy/security-programs-and-operations"></i> <a data-topic-id="27489" data-topic-text="security programs & operations">security programs & operations</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27694" data-topic-text="acquisition">acquisition</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27695" data-topic-text="asset management">asset management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27696" data-topic-text="audit & accountability">audit & accountability</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27697" data-topic-text="awareness training & education">awareness training & education</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27698" data-topic-text="configuration management">configuration management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27699" data-topic-text="contingency planning">contingency planning</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27700" data-topic-text="incident response">incident response</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27701" data-topic-text="maintenance">maintenance</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27702" data-topic-text="media protection">media protection</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27703" data-topic-text="patch management">patch management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27704" data-topic-text="personnel security">personnel security</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27705" data-topic-text="physical & environmental protection">physical & environmental protection</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27706" data-topic-text="planning">planning</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27707" data-topic-text="program management">program management</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27708" data-topic-text="security automation">security automation</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24670-27490" data-expander-for="/topics/security-and-privacy/systems-security-engineering"></i> <a data-topic-id="27490" data-topic-text="systems security engineering">systems security engineering</a><ul style="display: none;"><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-27490-27713" data-expander-for="/topics/security-and-privacy/systems-security-engineering/trustworthiness"></i> <a data-topic-id="27713" data-topic-text="trustworthiness">trustworthiness</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27775" data-topic-text="reliability">reliability</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27776" data-topic-text="resilience">resilience</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27777" data-topic-text="safety">safety</a></li></ul> </li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="28469" data-topic-text="zero trust">zero trust</a></li></ul><strong>Technologies</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27491" data-topic-text="artificial intelligence">artificial intelligence</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27492" data-topic-text="big data">big data</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27493" data-topic-text="biometrics">biometrics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27494" data-topic-text="blockchain">blockchain</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27495" data-topic-text="cloud & virtualization">cloud & virtualization</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27496" data-topic-text="combinatorial testing">combinatorial testing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27497" data-topic-text="complexity">complexity</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24671-27499" data-expander-for="/topics/technologies/hardware"></i> <a data-topic-id="27499" data-topic-text="hardware">hardware</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27714" data-topic-text="circuits">circuits</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27715" data-topic-text="personal computers">personal computers</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36763" data-topic-text="semiconductors">semiconductors</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27716" data-topic-text="sensors">sensors</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27498" data-topic-text="mobile">mobile</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24671-27500" data-expander-for="/topics/technologies/networks"></i> <a data-topic-id="27500" data-topic-text="networks">networks</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27717" data-topic-text="email">email</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27718" data-topic-text="firewalls">firewalls</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27719" data-topic-text="internet">internet</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27501" data-topic-text="quantum information science">quantum information science</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27502" data-topic-text="servers">servers</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27503" data-topic-text="smart cards">smart cards</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24671-27504" data-expander-for="/topics/technologies/software-firmware"></i> <a data-topic-id="27504" data-topic-text="software & firmware">software & firmware</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27720" data-topic-text="BIOS">BIOS</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27721" data-topic-text="databases">databases</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27722" data-topic-text="operating systems">operating systems</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27505" data-topic-text="storage">storage</a></li></ul></div><div class="col-sm-4"><strong>Applications</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27456" data-topic-text="communications & wireless">communications & wireless</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27457" data-topic-text="cyber-physical systems">cyber-physical systems</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27458" data-topic-text="cybersecurity education">cybersecurity education</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27459" data-topic-text="cybersecurity framework">cybersecurity framework</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27460" data-topic-text="cybersecurity workforce">cybersecurity workforce</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27461" data-topic-text="enterprise">enterprise</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27462" data-topic-text="forensics">forensics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27463" data-topic-text="industrial control systems">industrial control systems</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27464" data-topic-text="Internet of Things">Internet of Things</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="29979" data-topic-text="mathematics">mathematics</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27920" data-topic-text="positioning navigation & timing">positioning navigation & timing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27465" data-topic-text="small & medium business">small & medium business</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27466" data-topic-text="telework">telework</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27467" data-topic-text="voting">voting</a></li></ul><strong>Laws and Regulations</strong><br/> <ul><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24673-27468" data-expander-for="/topics/laws-and-regulations/executive-documents"></i> <a data-topic-id="27468" data-topic-text="executive documents">executive documents</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27668" data-topic-text="Comprehensive National Cybersecurity Initiative">Comprehensive National Cybersecurity Initiative</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27669" data-topic-text="Cybersecurity Strategy and Implementation Plan">Cybersecurity Strategy and Implementation Plan</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27670" data-topic-text="Cyberspace Policy Review">Cyberspace Policy Review</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27671" data-topic-text="Executive Order 13636">Executive Order 13636</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27672" data-topic-text="Executive Order 13702">Executive Order 13702</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27673" data-topic-text="Executive Order 13718">Executive Order 13718</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27674" data-topic-text="Executive Order 13800">Executive Order 13800</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27921" data-topic-text="Executive Order 13905">Executive Order 13905</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="28468" data-topic-text="Executive Order 14028">Executive Order 14028</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36202" data-topic-text="Executive Order 14110">Executive Order 14110</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27675" data-topic-text="Federal Cybersecurity Research and Development Strategic Plan">Federal Cybersecurity Research and Development Strategic Plan</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27676" data-topic-text="Homeland Security Presidential Directive 7">Homeland Security Presidential Directive 7</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27677" data-topic-text="Homeland Security Presidential Directive 12">Homeland Security Presidential Directive 12</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27678" data-topic-text="OMB Circular A-11">OMB Circular A-11</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27679" data-topic-text="OMB Circular A-130">OMB Circular A-130</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24673-27469" data-expander-for="/topics/laws-and-regulations/laws"></i> <a data-topic-id="27469" data-topic-text="laws">laws</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="35985" data-topic-text="CHIPS and Science Act">CHIPS and Science Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27654" data-topic-text="Cyber Security R&D Act">Cyber Security R&D Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27655" data-topic-text="Cybersecurity Enhancement Act">Cybersecurity Enhancement Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27656" data-topic-text="E-Government Act">E-Government Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27657" data-topic-text="Energy Independence and Security Act">Energy Independence and Security Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27658" data-topic-text="Federal Information Security Modernization Act">Federal Information Security Modernization Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27659" data-topic-text="First Responder Network Authority">First Responder Network Authority</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27660" data-topic-text="Health Insurance Portability and Accountability Act">Health Insurance Portability and Accountability Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27661" data-topic-text="Help America Vote Act">Help America Vote Act</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="28580" data-topic-text="Internet of Things Cybersecurity Improvement Act">Internet of Things Cybersecurity Improvement Act</a></li></ul> </li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24673-27470" data-expander-for="/topics/laws-and-regulations/regulations"></i> <a data-topic-id="27470" data-topic-text="regulations">regulations</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27662" data-topic-text="Federal Acquisition Regulation">Federal Acquisition Regulation</a></li></ul> </li></ul></div><div class="col-sm-4"><strong>Activities and Products</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27452" data-topic-text="annual reports">annual reports</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27453" data-topic-text="conferences & workshops">conferences & workshops</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="30210" data-topic-text="groups">groups</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="36366" data-topic-text="quick-start guides">quick-start guides</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27454" data-topic-text="reference materials">reference materials</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27455" data-topic-text="standards development">standards development</a></li></ul><strong>Sectors</strong><br/> <ul><li><i class="fa fa-fw"></i> <a data-topic-id="27471" data-topic-text="aerospace">aerospace</a></li><li><i class="fa fa-plus fa-fw" id="topics-expander-psts-24675-27472" data-expander-for="/topics/sectors/energy"></i> <a data-topic-id="27472" data-topic-text="energy">energy</a><ul style="display: none;"><li><i class="fa fa-fw"></i> <a data-topic-id="27712" data-topic-text="smart grid">smart grid</a></li></ul> </li><li><i class="fa fa-fw"></i> <a data-topic-id="27473" data-topic-text="financial services">financial services</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27474" data-topic-text="healthcare">healthcare</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27475" data-topic-text="hospitality">hospitality</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27476" data-topic-text="manufacturing">manufacturing</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27477" data-topic-text="public safety">public safety</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27478" data-topic-text="retail">retail</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27479" data-topic-text="telecommunications">telecommunications</a></li><li><i class="fa fa-fw"></i> <a data-topic-id="27480" data-topic-text="transportation">transportation</a></li></ul></div></div> <div class="form-inline topics-type"> <label class="radio-label">Match ANY: <input Name="topicsMatch-sm" checked="checked" id="topicsMatchAny-sm" name="Form.TopicsMatch" type="radio" value="ANY" /></label> <label class="radio-label">Match ALL: <input Name="topicsMatch-sm" id="topicsMatchAll-sm" name="Form.TopicsMatch" type="radio" value="ALL" /></label> </div> </div> <div style="display: none;" data-form-error-pane="true" class="text-danger"> <strong class="text-danger">Please fix the following:</strong> <ul data-form-error-list="true"> </ul> <div class="validation-summary-valid" data-valmsg-summary="true"><ul><li style="display:none"></li> </ul></div> </div> <div class="form-group"> <button type="submit" id="submit-sm" name="submit-btn" data-form-button="submit" class="btn">Search</button> <button type="reset" id="reset-sm" name="reset-btn" data-form-button="reset" class="btn">Reset</button> </div> </form> <div id="search-criteria-container" data-target-form="projectSearchDesktop"></div> <div id="results-container"> <div class="row top-pagination-area"> <div class="col-md-7 col-sm-12"> <span id='showing-results-text' data-total-pages='5' data-first-record='76' data-last-record='100' data-current-page='4' data-items-per-page='25' data-total-results='104'>Showing <strong id='showing-results-first'>76</strong> through <strong id='showing-results-last'>100</strong> of <strong id='showing-results-total'>104</strong> matching records.</span> </div> <div class="col-md-5 col-sm-12"> <span class="pull-right hidden-sm hidden-xs hidden-xxs"> <span class='pagination-links' id='top-pagination-container' data-total-pages='5' data-min-page='1' data-max-page='5' data-current-page='4' data-show-first='True' data-show-last='True'><a href="/projects?page=1" aria-label="First Page" id="top-page-first"><<</a>   <a href="/projects?page=3" aria-label="Previous Page" id="top-page-prev"><</a>   <a href="/projects?page=1" aria-label="Page 1" id="top-page-1">1</a> | <a href="/projects?page=2" aria-label="Page 2" id="top-page-2">2</a> | <a href="/projects?page=3" aria-label="Page 3" id="top-page-3">3</a> | <strong aria-label="Page 4" id="top-page-4">4</strong> | <a href="/projects?page=5" aria-label="Page 5" id="top-page-5">5</a>  <a href="/projects?page=5" aria-label="Next Page" id="top-page-next">></a>  <a href="/projects?page=5" aria-label="Last Page" id="top-page-last" data-last-page-number="5">>></a></span> </span> <p class="text-center hidden-md hidden-lg"> <span class='pagination-links' id='mobile-top-pagination-container' data-total-pages='5' data-min-page='1' data-max-page='5' data-current-page='4' data-show-first='True' data-show-last='True'><a href="/projects?page=1" aria-label="First Page" id="mobile-top-page-first"><<</a>   <a href="/projects?page=3" aria-label="Previous Page" id="mobile-top-page-prev"><</a>   <a href="/projects?page=1" aria-label="Page 1" id="mobile-top-page-1">1</a> | <a href="/projects?page=2" aria-label="Page 2" id="mobile-top-page-2">2</a> | <a href="/projects?page=3" aria-label="Page 3" id="mobile-top-page-3">3</a> | <strong aria-label="Page 4" id="mobile-top-page-4">4</strong> | <a href="/projects?page=5" aria-label="Page 5" id="mobile-top-page-5">5</a>  <a href="/projects?page=5" aria-label="Next Page" id="mobile-top-page-next">></a>  <a href="/projects?page=5" aria-label="Last Page" id="mobile-top-page-last" data-last-page-number="5">>></a></span> </p> </div> </div> <div class="search-results-list" id="search-results-list" data-total-records="104" data-page="4" data-first-record="76" data-last-record="100" data-ipp="25"> <div class="project-list-item" id="result-76"> <h5 id="title-76"> <a id="title-link-76" href="/Projects/pec">Privacy-Enhancing Cryptography</a> <small id="acronym-76">PEC</small> </h5> <span id="overview-76"> The PEC project in the Cryptographic Technology Group (CTG), Computer Security Division (CSD), Information Technology Laboratory (ITL), at NIST accompanies the progress of emerging technologies in the area of privacy-enhancing cryptography (PEC). News: WPEC 2024: NIST Workshop on Privacy-Enhancing Cryptography (Sept 24–26). Slides and videos are available. News: STPPA #7: Special Topics on Privacy and Public Auditability, Event 7 (2025-Jan-16), with talks on timelock encryption, witness... </span> </div> <div class="project-list-item" id="result-77"> <h5 id="title-77"> <a id="title-link-77" href="/Projects/program-review-for-information-security-assistance">Program Review for Information Security Assistance</a> <small id="acronym-77">PRISMA</small> </h5> <span id="overview-77"> The Program Review for Information Security Assistance (PRISMA) project was last updated in 2007; NIST Interagency Report (IR) 7358 and the corresponding PRISMA tool continue to serve as useful resources for high-level guidance and as a general framework, but may not be fully consistent with changes to requirements, standards and guidelines for securing systems. The PRISMA project is being incorporated into the NIST Cybersecurity Risk Analytics and Measurement project, and research to support... </span> </div> <div class="project-list-item" id="result-78"> <h5 id="title-78"> <a id="title-link-78" href="/Projects/protecting-controlled-unclassified-information">Protecting Controlled Unclassified Information</a> <small id="acronym-78">CUI</small> </h5> <span id="overview-78"> Protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations is critical to federal agencies. The suite of guidance (NIST Special Publication (SP) 800-171, SP 800-171A, SP 800-172, and SP 800-172A) focuses on protecting the confidentiality of CUI and recommends specific security requirements to achieve that objective. Recent Updates January 27, 2025: Public comments received on initial public draft (ipd) of SP 800-172r3 (Revision 3), Enhanced Security... </span> </div> <div class="project-list-item" id="result-79"> <h5 id="title-79"> <a id="title-link-79" href="/Projects/pki-testing">Public Key Infrastructure Testing</a> <small id="acronym-79">PKI</small> </h5> <span id="overview-79"> Testing PKI Components NIST/Information Technology Laboratory responds to industry and user needs for objective, neutral tests for information technology. ITL recognizes such tests as the enabling tools that help companies produce the next generation of products and services. It is a goal of the NIST PKI Program to develop such tests to help companies produce interoperable PKI components. NIST worked with CygnaCom Solutions and BAE Systems to develop a suite of tests that will enable... </span> </div> <div class="project-list-item" id="result-80"> <h5 id="title-80"> <a id="title-link-80" href="/Projects/random-bit-generation">Random Bit Generation</a> <small id="acronym-80">RBG</small> </h5> <span id="overview-80"> The National Institute of Standards and Technology (NIST) Random Bit Generation (RBG) project focuses on the development and validation of generating random numbers that are essential for cryptographic and security applications. SP 800-90 Series The project provides guidelines through the SP 800-90 series, which includes recommendations on deterministic random bit generator (DRBG) mechanisms, entropy sources, and construction principles for RBGs, and has three parts: SP 800-90A,... </span> </div> <div class="project-list-item" id="result-81"> <h5 id="title-81"> <a id="title-link-81" href="/Projects/ransomware-protection-and-response">Ransomware Protection and Response</a> <small id="acronym-81"></small> </h5> <span id="overview-81"> Thanks for helping shape our ransomware guidance! We've published an initial public draft of NISTIR 8374 Revision 1, Ransomware Risk Management: A Cybersecurity Framework Profile. It reflects changes made to the Cybersecurity Framework (CSF) from CSF 1.1 to CSF 2.0 which identifies security objectives that support managing, detecting, responding to, and recovering from ransomware events. The public comment period is open until March 14, 2025. Please send your feedback about this initial public... </span> </div> <div class="project-list-item" id="result-82"> <h5 id="title-82"> <a id="title-link-82" href="/Projects/redactable-distributed-ledger">REDLedger - REdactable Distributed Ledger</a> <small id="acronym-82"></small> </h5> <span id="overview-82"> Hyperledger Fabric drop-in component for data block matrix is now available. Privacy laws increasingly require some types of data to be erased at user request, according to GDPR and related regulations. We have developed a secure distributed trust solution for networks using Next-Generation Database Access Control (NDAC) and the Data Block Matrix (DBM), with an open source implementation of the DBM using Hyperledger Fabric. This Hyperledger Fabric component solves the conflict between... </span> </div> <div class="project-list-item" id="result-83"> <h5 id="title-83"> <a id="title-link-83" href="/Projects/resource-oriented-lightweight-information-exchange">Resource Oriented Lightweight Information Exchange</a> <small id="acronym-83">ROLIE</small> </h5> <span id="overview-83"> Published as RFC8322 in the IETF, The Resource Oriented Lightweight Information Exchange (ROLIE) is standard for exchanging security automation information between two machines, or between a machine and a human operator. As a cooperative effort between NIST and the international computer security community, ROLIE seeks to improve the current state of the art in security automation information sharing. Reducing communication bandwidth, enabling new automation use cases, and easing complicated... </span> </div> <div class="project-list-item" id="result-84"> <h5 id="title-84"> <a id="title-link-84" href="/Projects/Role-Based-Access-Control">Role Based Access Control</a> <small id="acronym-84">RBAC</small> </h5> <span id="overview-84"> One of the most challenging problems in managing large networks is the complexity of security administration. Role based access control (RBAC) (also called "role based security"), as formalized in 1992 by David Ferraiolo and Rick Kuhn, has become the predominant model for advanced access control because it reduces this cost. This project site explains RBAC concepts, costs and benefits, the economic impact of RBAC, design and implementation issues, the RBAC standard, and advanced research... </span> </div> <div class="project-list-item" id="result-85"> <h5 id="title-85"> <a id="title-link-85" href="/Projects/Hardware-Roots-of-Trust">Roots of Trust</a> <small id="acronym-85">RoT</small> </h5> <span id="overview-85"> Modern computing devices consist of various hardware, firmware, and software components at multiple layers of abstraction. Many security and protection mechanisms are currently rooted in software that, along with all underlying components, must be trustworthy. A vulnerability in any of those components could compromise the trustworthiness of the security mechanisms that rely upon those components. Stronger security assurances may be possible by grounding security mechanisms in roots of trust.... </span> </div> <div class="project-list-item" id="result-86"> <h5 id="title-86"> <a id="title-link-86" href="/Projects/samate-software-assurance-metrics-tool-evaluation">SAMATE: Software Assurance Metrics And Tool Evaluation</a> <small id="acronym-86">SAMATE</small> </h5> <span id="overview-86"> [Redirect to https://www.nist.gov/itl/ssd/software-quality-group/samate] The NIST Software Assurance Metrics And Tool Evaluation (SAMATE) project is dedicated to improving software assurance by developing methods to enable software tool evaluations, measuring the effectiveness of tools and techniques, and identifying gaps in tools and methods. The scope of the SAMATE project is broad: ranging from operating systems to firewalls, SCADA to web applications, source code security analyzers to... </span> </div> <div class="project-list-item" id="result-87"> <h5 id="title-87"> <a id="title-link-87" href="/Projects/sard-software-assurance-reference-dataset">SARD: Software Assurance Reference Dataset</a> <small id="acronym-87">SARD</small> </h5> <span id="overview-87"> [Redirect to: https://www.nist.gov/itl/ssd/software-quality-group/samate/software-assurance-reference-dataset-sard] The purpose of the Software Assurance Reference Dataset (SARD) is to provide users, researchers, and software security assurance tool developers with a set of known security flaws. This will allow end users to evaluate tools and tool developers to test their methods. You will be redirected to the SARD homepage. </span> </div> <div class="project-list-item" id="result-88"> <h5 id="title-88"> <a id="title-link-88" href="/Projects/sate-static-analysis-tool-exposition">SATE: Static Analysis Tool Exposition</a> <small id="acronym-88">SATE</small> </h5> <span id="overview-88"> [Redirect to: https://www.nist.gov/itl/ssd/software-quality-group/samate/static-analysis-tool-exposition-sate] SATE is a non-competitive study of static analysis tool effectiveness, aiming at improving tools and increasing public awareness and adoption. Briefly, participating tool makers run their static analyzer on a set of programs, then researchers led by NIST analyze the tool reports. Everyone shares results and experiences at a workshop. The analysis report is made publicly available... </span> </div> <div class="project-list-item" id="result-89"> <h5 id="title-89"> <a id="title-link-89" href="/Projects/sfds">Secure Federated Data Sharing</a> <small id="acronym-89">SFDS</small> </h5> <span id="overview-89"> The ability to share database resources among collaborating organizations is highly desirable. However, sharing data continues to be a challenge when it comes from different types of database management systems (DBMSs) due to different schemas and data formats. Another challenge that is limiting collaboration is being able to enforce the home organizations local data protection policies while sharing data. For example, can a patient’s condition details be shared with an outside research... </span> </div> <div class="project-list-item" id="result-90"> <h5 id="title-90"> <a id="title-link-90" href="/Projects/ssdf">Secure Software Development Framework</a> <small id="acronym-90">SSDF</small> </h5> <span id="overview-90"> NIST has finalized SP 800-218A, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models: An SSDF Community Profile. This publication augments SP 800-218 by adding practices, tasks, recommendations, considerations, notes, and informative references that are specific to AI model development throughout the software development life cycle. NIST has recently added a Community Profiles section to this page. It will contain links to SSDF Community Profiles developed by... </span> </div> <div class="project-list-item" id="result-91"> <h5 id="title-91"> <a id="title-link-91" href="/Projects/security-aspects-of-electronic-voting">Security Aspects of Electronic Voting</a> <small id="acronym-91"></small> </h5> <span id="overview-91"> The Help America Vote Act (HAVA) of 2002 was passed by Congress to encourage the upgrade of voting equipment across the United States. HAVA established the Election Assistance Commission (EAC) and the Technical Guidelines Development Committee (TGDC), chaired by the Director of NIST, was well as a Board of Advisors and Standard Board. HAVA calls on NIST to provide technical support to the EAC and TGDC in efforts related to human factors, security, and laboratory accreditation. The Information... </span> </div> <div class="project-list-item" id="result-92"> <h5 id="title-92"> <a id="title-link-92" href="/Projects/Security-Content-Automation-Protocol">Security Content Automation Protocol</a> <small id="acronym-92">SCAP</small> </h5> <span id="overview-92"> The Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community ideas. Community participation is a great strength for SCAP, because the security automation community ensures the broadest possible range of use cases is reflected in SCAP functionality. This Web site is provided to support continued community involvement. From this site, you will find information about both existing SCAP specifications and emerging specifications relevant to... </span> </div> <div class="project-list-item" id="result-93"> <h5 id="title-93"> <a id="title-link-93" href="/Projects/scap-validation-program">Security Content Automation Protocol Validation Program</a> <small id="acronym-93">SCAPVP</small> </h5> <span id="overview-93"> The SCAP Validation Program is designed to test the ability of products to use the features and functionality available through SCAP and its component standards. Under the SCAP Validation Program, independent laboratories are accredited by the NIST National Voluntary Laboratory Accreditation Program (NVLAP). Accreditation requirements are defined in NIST Handbook 150, and NIST Handbook 150-17. Independent laboratories conduct the tests contained in the SCAP Validation Program Derived Test... </span> </div> <div class="project-list-item" id="result-94"> <h5 id="title-94"> <a id="title-link-94" href="/Projects/security-content-automation-protocol-v2">Security Content Automation Protocol Version 2 (SCAP v2)</a> <small id="acronym-94">SCAP v2</small> </h5> <span id="overview-94"> Security Content Automation Protocol Version 2 (SCAP v2) is a major update to the SCAP 1.x publications. SCAP v2 covers a broader scope in an attempt to further improve enterprise security through standardization and automation. This project page will be used to provide information on the SCAP v2 effort, as well as updates on ongoing work, and directions on how to get involved. Important Links: SCAPv2 Community - Get involved in the SCAP effort by joining our mailing lists. SCAPv2... </span> </div> <div class="project-list-item" id="result-95"> <h5 id="title-95"> <a id="title-link-95" href="/Projects/small-business-cybersecurity-corner">Small Business Cybersecurity Corner</a> <small id="acronym-95"></small> </h5> <span id="overview-95"> [Redirect to https://www.nist.gov/itl/smallbusinesscyber] The vast majority of smaller businesses rely on information technology to run their businesses and to store, process, and transmit information. Protecting this information from unauthorized disclosure, modification, use, or deletion is essential for those companies and their customers. With limited resources and budgets, these companies need cybersecurity guidance, solutions, and training that is practical, actionable, and enables them... </span> </div> <div class="project-list-item" id="result-96"> <h5 id="title-96"> <a id="title-link-96" href="/Projects/software-identification-swid">Software Identification (SWID) Tagging</a> <small id="acronym-96">SWID</small> </h5> <span id="overview-96"> Software is vital to our economy and way of life as part of the critical infrastructure for the modern world. Too often cost and complexity make it difficult to manage software effectively, leaving the software open for attack. To properly manage software, enterprises need to maintain accurate software inventories of their managed devices in support of higher-level business, information technology, and cybersecurity functions. Accurate software inventories help an enterprise to: Manage... </span> </div> <div class="project-list-item" id="result-97"> <h5 id="title-97"> <a id="title-link-97" href="/Projects/space-cybersecurity">Space Domain Cybersecurity | NCCoE</a> <small id="acronym-97"></small> </h5> <span id="overview-97"> [Redirect to: https://www.nccoe.nist.gov/cybersecurity-space-domain] Space is an emerging commercial critical infrastructure sector that is no longer the domain of only national government authorities. Space is an inherently risky environment in which to operate, so cybersecurity risks involving commercial space – including those affecting commercial satellite vehicles – need to be understood and managed alongside other types of risks to ensure safe and successful operations. </span> </div> <div class="project-list-item" id="result-98"> <h5 id="title-98"> <a id="title-link-98" href="/Projects/stateful-hash-based-signatures">Stateful Hash-Based Signatures</a> <small id="acronym-98">HBS</small> </h5> <span id="overview-98"> In Special Publication 800-208, Recommendation for Stateful Hash-Based Signature Schemes, NIST approves two schemes for stateful hash-based signatures (HBS) as part of the post-quantum cryptography development effort. The two schemes were developed through the Internet Research Task Force (IRTF): 1) XMSS, specified in Request for Comments (RFC) 8391 in May 2018, and 2) LMS, in RFC 8554 in April 2019. Background HBS schemes were the topic for a session of talks during the first public workshop... </span> </div> <div class="project-list-item" id="result-99"> <h5 id="title-99"> <a id="title-link-99" href="/Projects/systems-security-engineering-project">Systems Security Engineering (SSE) Project</a> <small id="acronym-99">SSE</small> </h5> <span id="overview-99"> Systems security engineering contributes to a broad-based and holistic security perspective and focus within the systems engineering effort. This ensures that stakeholder protection needs and security concerns associated with the system are properly identified and addressed in all systems engineering tasks throughout the system life cycle. Mission Statement... To provide a basis to formalize a discipline for systems security engineering in terms of its principles, concepts, and activities.... </span> </div> <div class="project-list-item" id="result-100"> <h5 id="title-100"> <a id="title-link-100" href="/Projects/telework-working-anytime-anywhere">Telework: Working Anytime, Anywhere</a> <small id="acronym-100"></small> </h5> <span id="overview-100"> Today, many employees telework (also known as “telecommuting,” “work from home,” or “work from anywhere”). Teleworking is the ability of an organization’s employees, contractors, business partners, vendors, and other users to perform work from locations other than the organization’s facilities. Telework has been on the rise for some time, but sharply increased because of the COVID-19 pandemic. For many, telework is now the only way to get work done, and the original concept of “telework” has... </span> </div> </div> <div class="row bottom-pagination-area"> <p class="text-center"> <span class='pagination-links' id='bottom-pagination-container' data-total-pages='5' data-min-page='1' data-max-page='5' data-current-page='4' data-show-first='True' data-show-last='True'><a href="/projects?page=1" aria-label="First Page" id="bottom-page-first"><< first</a>   <a href="/projects?page=3" aria-label="Previous Page" id="bottom-page-prev">< previous</a>   <a href="/projects?page=1" aria-label="Page 1" id="bottom-page-1">1</a>     <a href="/projects?page=2" aria-label="Page 2" id="bottom-page-2">2</a>     <a href="/projects?page=3" aria-label="Page 3" id="bottom-page-3">3</a>     <strong aria-label="Page 4" id="bottom-page-4">4</strong>     <a href="/projects?page=5" aria-label="Page 5" id="bottom-page-5">5</a>  <a href="/projects?page=5" aria-label="Next Page" id="bottom-page-next">next ></a>  <a href="/projects?page=5" aria-label="Last Page" id="bottom-page-last" data-last-page-number="5">last >></a></span> </p> </div> </div> </div> </div> </div> <div id="footer-pusher"></div> </div> <footer id="footer"> <div class="container"> <div class="row"> <div class="col-sm-6"> <span class="hidden-xs"> <a href="https://www.nist.gov" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo" id="footer-nist-logo-link"> <img src="/CSRC/Media/images/nist-logo-brand-white.svg" alt="National Institute of Standards and Technology logo" id="footer-nist-logo" /> </a> </span> <div class="row footer-contact-container"> <div class="col-sm-12" id="footer-address"> <strong>HEADQUARTERS</strong><br> 100 Bureau Drive<br> Gaithersburg, MD 20899 </div> </div> </div> <div class="col-sm-6"> <ul class="social-list text-right" style="display: block;"> <li class="field-item service-twitter list-horiz"> <a href="https://x.com/NISTCyber" class="social-btn social-btn--large extlink ext" id="footer-social-twitter-link"> <i class="fa-brands fa-x-twitter fa-fw"><span class="element-invisible">X</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-facebook list-horiz"> <a href="https://www.facebook.com/NIST" class="social-btn social-btn--large extlink ext" id="footer-social-facebook-link"> <i class="fa fa-facebook fa-fw"><span class="element-invisible">facebook</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-linkedin list-horiz"> <a href="https://www.linkedin.com/company/nist" class="social-btn social-btn--large extlink ext" id="footer-social-linkedin-link"> <i class="fa fa-linkedin fa-fw"><span class="element-invisible">linkedin</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-instagram list-horiz"> <a href="https://www.instagram.com/usnistgov/" class="social-btn social-btn--large extlink ext" id="footer-social-instagram-link"> <i class="fa fa-instagram fa-fw"><span class="element-invisible">instagram</span></i> <span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-youtube list-horiz"> <a href="https://www.youtube.com/user/USNISTGOV" class="social-btn social-btn--large extlink ext" id="footer-social-youtube-link"> <i class="fa fa-youtube fa-fw"><span class="element-invisible">youtube</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-rss list-horiz"> <a href="https://www.nist.gov/news-events/nist-rss-feeds" class="social-btn social-btn--large extlink" id="footer-social-rss-link"> <i class="fa fa-rss fa-fw"><span class="element-invisible">rss</span></i> </a> </li> <li class="field-item service-govdelivery list-horiz last"> <a href="https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" class="social-btn social-btn--large extlink ext" title="Subscribe to CSRC and publication updates, and other NIST cybersecurity news" id="footer-social-govdelivery-link"> <i class="fa fa-envelope fa-fw"><span class="element-invisible">govdelivery</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> </ul> <p class="text-right"> Want updates about CSRC and our publications? <a href="https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" class="btn btn-lg btn-primary" style="background-color: #12659c!important; border-color: #12659c!important;" id="footer-subscribe-link">Subscribe</a> </p> </div> </div> <div class="row hidden-sm hidden-md hidden-lg"> <div class="col-sm-12"> <a href="https://www.nist.gov" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo" id="footer-bottom-nist-logo-link"> <img src="/CSRC/Media/images/logo_rev.png" alt="National Institute of Standards and Technology logo" id="footer-bottom-nist-logo" /> </a> </div> </div> <div class="row"> <div class="col-sm-6"> <p> <a href="/about/contact" id="footer-contact-us-link">Contact Us</a> | <a href="https://www.nist.gov/about-nist/visit" style="display: inline-block;" id="footer-org-link">Our Other Offices</a> </p> </div> <div class="col-sm-6"> <span class="pull-right text-right"> Send inquiries to <a href="mailto:csrc-inquiry@nist.gov?subject=CSRC Inquiry" style="display: inline-block;" id="footer-inquiries-link">csrc-inquiry@nist.gov</a> </span> </div> </div> <div class="row"> <div class="footer-bottom-links-container" id="footer-bottom-links-container"> <ul> <li><a href="https://www.nist.gov/privacy-policy">Site Privacy</a></li> <li><a href="https://www.nist.gov/oism/accessibility">Accessibility</a></li> <li><a href="https://www.nist.gov/privacy">Privacy Program</a></li> <li><a href="https://www.nist.gov/oism/copyrights">Copyrights</a></li> <li><a href="https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a></li> <li><a href="https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a></li> <li><a href="https://www.nist.gov/foia">FOIA</a></li> <li><a href="https://www.nist.gov/environmental-policy-statement">Environmental Policy</a></li> <li><a href="https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a></li> <li><a href="https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a></li> <li><a href="https://www.commerce.gov/">Commerce.gov</a></li> <li><a href="https://www.science.gov/">Science.gov</a></li> <li><a href="https://www.usa.gov/">USA.gov</a></li> <li><a href="https://vote.gov/">Vote.gov</a></li> </ul> </div> </div> </div> </footer> <script type="text/javascript" src="/dist/js/quick-collapse.js"></script> <script type="text/javascript" src="/dist/app.bundle.js"></script>  <script type="text/javascript" src="/dist/uswds/js/uswds.min.js"></script> </body> </html>

CINXE.COM

Projects | CSRC