index on Sean Peisert, Ph.D.

An Oral History Interview with Sean Peisert

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 05 Jan 2026 17:39:42 +0000

This oral history interview with Dr. Sean Peisert begins by briefly exploring Dr. Peisert’s evolving early interests prior to and his first years of college at UCSD, and how he came to focus on computer science, and within computer science earned a Ph.D. at the same institution. As part of this he discusses key mentors and opportunities he had to work with standout computer scientists and computer security specialists early on, and continuing as a peer, to date in his career. This included work at the UCSD Supercomputer Center. He relates his decision to join Berkeley Lab as a Research Scientist at Lawrence Berkeley National Laboratory, and to become an Adjunct Professor in the Computer Science Department at the University of California, Davis. The bulk of the interview focuses on his research in various areas of computer security and privacy such as electronic voting, digital forensics, cybersecurity for energy delivery, intrusion detection systems, privacy and protocols for handling medical data. He discusses history of science, and his repeated penchant for finding ways to combine areas that previously had not been combined to help solve real world problems for government and for society. He also comments on teaching, his leadership with technical committees, the history of the Oakland Conference (IEEE Symposium on Security and Privacy) and his service as General Chair, as well as his work in publishing that included strategic directions he took IEEE Security & Privacy, toward greater currency, and a board with greater gender and geographic diversity.

Safely Steering Scientific Progress on the High Seas

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 01 Oct 2025 00:00:00 +0000

Modern cars are like computers on wheels. From the dashboard displays to the steering wheel and even your car keys, a complex dance of computer parts and mechanical components work together to keep you safe and on the road. Today’s maritime ships are a similar blend of machinery and software. From computers to networks and satellites, the modern ship purrs with an electronic hum, but also includes more mechanical tools like winches, cranes, engines, and bilge pumps. But the very same seamless systems that help ships run smoothly can be compromised. Like cars, ships must be protected against potential hackers and other malicious actors.

Expert Interview: Sean Peisert on Cybersecurity Research

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 30 Jul 2025 00:00:00 +0000

In this 10-minute audio interview, cybersecurity expert Sean Peisert shares how Berkeley Lab advances research that protects high-performance computing, the power grid, and more.

Listen to the interview.

Cybersecurity Center of Excellence Receives Five-Year, $6M/Year Award From NSF

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 03 Oct 2024 00:00:00 +0000

The U.S. National Science Foundation has awarded Trusted CI, the NSF Cybersecurity Center of Excellence, a five-year, $6-million per-year award to run through September 2029. Lawrence Berkeley National Laboratory (Berkeley Lab) will now serve as Trusted CI’s central steward.

Trusted CI empowers trustworthy discovery and innovation funded by NSF by partnering with research cyberinfrastructure (CI) operators to build and maintain effective cybersecurity programs that secure the progress of NSF-funded research. The center started in 2012 and consists of a multi-institutional, cross-functional team that addresses the complex challenges facing NSF’s cyberinfrastructure research ecosystem.

International Computing Society Recognizes 2023 Distinguished Members for Significant Achievements

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 17 Jan 2024 00:00:00 +0000

New York, NY, January 17, 2024 – ACM, the Association for Computing Machinery, has named 52 Distinguished Members for significant contributions. All the 2023 inductees are longstanding ACM Members and were selected by their peers for work that has advanced computing, fostered innovation across various fields, and improved computer science education.

Berkeley Lab Leading the Way with New Cybersecurity Projects

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 06 Nov 2023 00:00:00 +0000

The U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) recently announced $39 million in funding for nine new National Laboratory projects to advance the cybersecurity of distributed energy resources (DERs), including two projects led by Lawrence Berkeley National Laboratory (Berkeley Lab) that will each receive $4.9 million in funding from CESER. The National Laboratory teams aim to improve real-time DER operation data analytics using artificial intelligence (AI)/machine learning (ML) and secure cloud-based solutions for DER applications.

Updates on Trusted CI’s Efforts in Cybersecurity by Design of NSF Academic Maritime Facilities

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 24 Jul 2023 00:00:00 +0000

As part of its “Annual Challenge” in 2023, Trusted CI has been engaging with current and future NSF Major Facilities undergoing design or construction with the goal of building security into those Facilities from the outset. To date, this effort has focused on working with cyberinfrastructure operators in the the academic maritime domain, and has included support of the cybersecurity aspects of the acceptance testing process of the NSF-funded Research Class Research Vessels (RCRVs) at Oregon State University as well as Scripps Institution of Oceanography’s design of the California Coastal Research Vessel (CCRV). These vessels are all expected to eventually become a part of the U.S. Academic Research Fleet (ARF).

Registration Open for 3rd HPC Security Workshop at NIST NCCoE

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 03 Feb 2023 00:00:00 +0000

Trusted CI is participating in the 3rd HPC Security Workshop, hosted by NIST’s National Cybersecurity Center of Excellence (NCCoE). The goal of the workshop is to gather community feedback, share the work of the HPC security working group, and to plan future tasks.

…

On Thursday, Erik Deumens, member of Trusted CI partner Regulated Research Community of Practice (RRCoP), will be participating in a presentation on HPC security research. Later, Trusted CI Deputy Director Sean Peisert will present the final keynote on secure data sharing in HPC environments.

Announcing the 2023 Trusted CI Annual Challenge: Building Security Into NSF Major Facilities By Design

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 25 Jan 2023 00:00:00 +0000

The Trusted CI Annual Challenge is a year-long project focusing on a cybersecurity topic of importance for scientific computing environments. In its first year, the Trusted CI Annual Challenge focused on improving trustworthy data for open science. In its second year, the Annual Challenge focused on software assurance in scientific computing. In its third year, 2022, the Annual Challenge focused on the security of operational technology in science.

Read more at the Trusted CI Blog.

Trusted Execution Environments Make Computing More Private

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 05 Dec 2022 00:00:00 +0000

Intel, AMD, ARM, and other chip makers now offer TEEs – and cloud providers such as Google, Microsoft and AWS are building the technology into their frameworks. “These environments provide certain guarantees about the confidentiality and integrity of computing that is taking place within them,” states Sean Peisert, a senior scientist at Berkeley Lab and an adjunct professor of computer science at the University of California, Davis.

…

Meanwhile, researchers such as Berkeley Lab’s Peisert are studying ways to extend the functionality of TEEs through open standard RISC-V processors. This would open the black box of chip and BIOS engineering for close examination – and make it possible for organizations to develop instruction set extensions and other features that address specific security needs. “This approach would add an additional layer of protection because it would be possible to have clear evidence that the processor hardware is secure,” Peisert says.

Publication of the Trusted CI Roadmap for Securing Operational Technology in NSF Scientific Research

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 16 Nov 2022 00:00:00 +0000

Trusted CI is pleased to announce the publication of its Roadmap for Securing Operational Technology in NSF Scientific Research.

In 2022, Trusted CI conducted a year-long effort examining the security of operational technology in science. Operational technology (OT) encompasses broad categories of computing and communication systems that in some way interact with the physical world. This includes devices that either have sensing elements or control elements, or some combination of the two, and can include both bespoke scientific instrumentation as well as commercially-produced OT. In both cases, networked sensors and control systems are increasingly important in the context of science as they are critical in operating Major Facilities.

Open Science Cyber Risk Profile (OSCRP) Updated with Science DMZ, Software Assurance, Operational Technology, and Cloud Computing Elements

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 01 Nov 2022 00:00:00 +0000

Trusted CI has released an updated version of the Open Science Cyber Risk Profile (OSCRP), with additions based on insights from its 2021 study of scientific software assurance and its 2022 study on scientific operational technology. A new section on risk profiling of cloud computing was also added.

Read more at the Trusted CI Blog.

Scientific Data Division Summer Students Tackle Data Privacy

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 15 Sep 2022 00:00:00 +0000

Ammar Haydari, a Ph.D. student at the University of California Davis, and a Lawrence Berkeley National Laboratory (Berkeley Lab) Affiliate grew up in Istanbul, Turkey, the eldest child in a big family where scientific exploration was always encouraged. He sees his parents’ encouragement as instrumental in getting him to where he is now.

…

“I am tremendously impressed with what Ammar produced over the past couple of years,” noted Peisert. “We had a problem where important data wasn’t available for research purposes because it contained personally identifiable information and so couldn’t be handed out to researchers, even with the proper legal agreements. Ammar has developed and demonstrated a technical solution that enables this type of research to continue by addressing the privacy concerns while maintaining the usefulness of the data.”

Findings of the 2022 Trusted CI Study on the Security of Operational Technology in NSF Scientific Research

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 15 Jul 2022 00:00:00 +0000

This year, Trusted CI is conducting a year-long effort on the security of operational technology in science. Operational technology (OT) encompasses broad categories of computing and communication systems that in some way interact with the physical world. This includes devices that either have sensing elements or control elements, or some combination of the two. Networked sensors and control systems are increasingly important in the context of science as they are critical in operating scientific instruments. Trusted CI is pleased to share its findings from this study…"

Sean Peisert Tapped to Take on Deputy Director Role at Trusted CI

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 28 Jun 2022 00:00:00 +0000

Trusted CI, the NSF Cybersecurity Center of Excellence, today announced that Sean Peisert has been tapped to serve as its Deputy Director on the leadership team of the organization. Peisert, a Lawrence Berkeley National Laboratory (Berkeley Lab) senior scientist in the Scientific Data Division, joined the organization in 2019 and “has made strong leadership contributions” according to the post.

Announcement of Trusted CI Director Transition

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 27 Jun 2022 00:00:00 +0000

…I’m happy to also share that Jim will receive similar support from Sean Peisert, who has agreed to serve as Trusted CI Deputy Director going forward. Since Sean joined Trusted CI in 2019 he has made strong leadership contributions, including serving as a co-PI the last year and leading annual challenges and the OSCRP effort.

Read more at the Trusted CI Blog.

Better Scientific Software (BSSw) Helps Promote Trusted CI Guide to Securing Scientific Software

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 13 May 2022 00:00:00 +0000

Trusted CI is grateful to Better Scientific Software (BSSw) for helping to publicize the results of Trusted CI’s software security study, including its recently published findings report and Guide to Securing Scientific Software (GS3), via its widely-read blog.

Read more at the Trusted CI Blog.

Announcing the 2022 Trusted CI Annual Challenge on Scientific OT/CPS Security

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 06 Jan 2022 00:00:00 +0000

The Trusted CI Annual Challenge is a year-long project focusing on a cybersecurity topic of importance for scientific computing environments. In its first year, the Trusted CI Annual Challenge focused on improving trustworthy data for open science. In its second year, the Annual Challenge focused on software assurance in scientific computing. Now in its third year, the Annual Challenge is focusing on the security of “operational technology” or “cyber-physical systems” in science.

Publication of the Trusted CI Guide to Securing Scientific Software

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 14 Dec 2021 00:00:00 +0000

Trusted CI is pleased to announce the publication of its Guide to Securing Scientific Software (GS3). The GS3 was produced over the course of 2021 by seven Trusted CI members with the goal of broadly improving the robustness of software used in scientific computing with respect to security. GS3 is the result of the 2021 Trusted CI Annual Challenge on Software Assurance and the interviews we conducted with seven prominent scientific software development projects, helping to shape the team’s ideas about the community’s needs in software assurance.

Initial Findings of the 2021 Trusted CI Annual Challenge on Software Assurance

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 03 Aug 2021 00:00:00 +0000

In 2021, Trusted CI is conducting our focused “annual challenge” on the assurance of software used by scientific computing and cyberinfrastructure. The goal of this year-long project, involving seven Trusted CI members, is to broadly improve the robustness of software used in scientific computing with respect to security. The Annual Challenge team spent the first half of the 2021 calendar year engaging with developers of scientific software to understand the range of software development practices used and identifying opportunities to improve practices and code implementation to minimize the risk of vulnerabilities. In this blog post, the 2021 Trusted CI Annual Challenge team gives a high-level description of some of its more important findings during the past six months.

Trusted CI new co-PIs: Peisert and Shute

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 03 Aug 2021 00:00:00 +0000

I am happy to announce that Sean Peisert and Kelli Shute have taken on co-PI roles with Trusted CI. Both already have substantial leadership roles with Trusted CI. Sean is leading the 2021 annual challenge on software assurance and Kelli has been serving as Trusted CI’s Executive Director since August of 2020.

Thank you to Sean and Kelli for being willing to step up and take on these responsibilities.

Von

Sean Peisert Named to DARPA ISAT Study Group

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 16 Jun 2021 00:00:00 +0000

The Defense Advanced Research Projects Agency (DARPA) has named Berkeley Lab’s cybersecurity expert Sean Peisert to the Information Science and Technology (ISAT) Study Group for a three-year term beginning this summer. The group brings 30 of the brightest scientists and engineers together to identify new areas of development in computer and communication technologies and to recommend future research directions.

CIGAR 'Smokes Out' Attacks on Solar Electrical Power Equipment

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 07 Jun 2021 00:00:00 +0000

As green energy becomes more prevalent, solar arrays are seen as among the most promising methods for generating sustainable electricity. At the same time, inverters - the “brains” of the system, converting DC power generated by the panels to AC power ingested by the grid - are also becoming smarter, adding adaptive capabilities to respond to changing conditions in the grid.

Yet, like so many other network-connected devices, solar inverters and other equipment find themselves in the vulnerable position of being connected to networks without the traditional security protections offered to PCs, servers, and network appliances. A determined attacker could access the inverters connected to these panels and, by manipulating their settings, potentially create disturbances that could cause outages or damage to certain equipment connected to the grid.

Announcing the 2021 Trusted CI Annual Challenge on Software Assurance

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 30 Mar 2021 00:00:00 +0000

The Trusted CI “Annual Challenge” is a year-long project focusing on a particular topic of importance to cybersecurity in scientific computing environments. In its first year, the Trusted CI Annual Challenge focused on issues in trustworthy data. Now, in its second year, the Annual Challenge is focusing on software assurance in scientific computing.

Read more at the Trusted CI Blog.

Summer Students Tackle COVID-19

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 21 Oct 2020 00:00:00 +0000

With near-daily changes in the understanding of SARS-CoV-2 and how COVID-19 is transmitted and spread, researchers are challenged with mountains of data in the race to end the outbreak. Adding to that, the inaccessibility of high-quality electronic health records (EHRs) creates a challenge for researchers needing more complete information to map the viral outbreak and fully understand its broader impact on health.

…

As a part of the Computational Research Division’s (CRD) summer student program at Lawrence Berkeley National Laboratory, four graduate students from the University of California, Davis (UC Davis) researched a method that could allow doctors and researchers to leverage valuable health information in the battle against COVID-19 while also preserving patient privacy in COVID-19-related EHRs. The students worked to support the COVID-19 response by using actual EHR data and applying differential privacy, a data-driven approach first published in 2006 that provides strong, statistical privacy guarantees while balancing privacy and the utility of data for use in machine learning and other analyses. Differential privacy is widely used by companies like Apple, Google, and Microsoft, as well as the U.S. Census Bureau and the United Nations, among others.

Data Confidentiality Issues and Solutions in Academic Research Computing

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 10 Sep 2020 00:00:00 +0000

Many universities have needs for computing with “sensitive” data, such as data containing protected health information (PHI), personally identifiable information (PII), or proprietary information. Sometimes this data is subject to legal restrictions, such as those imposed by HIPAA, CUI, FISMA, DFARS, GDPR, or the CCPA, and at other times, data may simply not be sharable per a data use agreement. It may be tempting to think that such data is typically only in the domain of DOD and NIH funded research, but it turns out that this assumption is far from reality. While this issue arises in numerous scientific domains, including ones that people might immediately think of, such as medical research, it also arises in numerous others, including economics, sociology, and other social sciences that might look at financial data, student data or psychological records; chemistry and biology particularly that which relates to genomic analysis and pharmaceuticals, manufacturing, and materials; engineering analyses, such as airflow dynamics; underwater acoustics; and even computer science and data analysis, including advanced AI research, quantum computing, and research involving system and network logs. Such research is funded by an array of sponsors, including the National Science Foundation (NSF) and private foundations.

Sean Peisert named editor-in-chief of IEEE Security and Privacy

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 10 Jul 2020 00:00:00 +0000

Sean Peisert, who leads the computer security research and development team in Lawrence Berkeley National Laboratory’s (Berkeley Lab’s) Computational Research Division, has been named the new editor-in-chief of the peer-reviewed journal, IEEE Security and Privacy. Peisert, who is currently an associate editor-in-chief, will begin his new, three-year appointment on January 1, 2021.

IEEE Security and Privacy is the Institute of Electrical and Electronics Engineers (IEEE) Computer Society’s peer-reviewed journal on computer security, publishing research, case studies, tutorials and reviews on the security and dependability of computer-based systems. Its goal is to disseminate work with both a practical and research emphasis from top scholars in academia, industry and government.

Fantastic Bits and Why They Flip

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 23 Jun 2020 00:00:00 +0000

In 2019, Trusted CI examined the causes of random bit flips in scientific computing and common measures used to mitigate the effects of “bit flips.” (In a separate effort, we will also be issuing a similar report on data confidentiality needs in science, as well.) Its report, “An Examination and Survey of Random Bit Flips and Scientific Computing,” was issued a few days before the winter holidays in December 2019. As news of the report was buried amidst the winter holidays and New Year, we are pleased to highlight the report in a bit more detail now. This post is longer than most of Trusted CI’s blog posts to give you a feel for the report and hopefully entice you to read it.

Isolating Insecurely: A Call to Arms for the Security and Privacy Community During the Time of COVID-19

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 14 Apr 2020 00:00:00 +0000

Let’s begin by saying this was not the letter I had originally planned on writing. However, I have the dubious distinction of writing this piece while the world is dealing with the coronavirus (COVID-19) pandemic. As I write this note, well over 1 million confirmed cases have been reported, and tens of thousands of people have died from the disease. Surely those figures will have risen substantially by the time this column will be published. Very thankfully, hundreds of thousands more who were positively diagnosed have now recovered.

Using Physics to Keep Our Electrical Grid Safe

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 24 Oct 2019 00:00:00 +0000

Many of the systems that provide services or products we use daily, such as the electrical grid, oil and gas pipelines, vehicles, and manufacturing plants, are examples of cyberphysical systems – systems that integrate computing and networking with one or more physical components.

Berkeley Lab researcher Sean Peisert (Credit: Marilyn Chung/Berkeley Lab) Computer security specialist Sean Peisert and a team of researchers at Berkeley Lab are helping ensure that these systems stay secure from cyberattacks. The team has collaborated with utilities and utility equipment companies on numerous projects to use the physical components of electrical grids – and the laws of physics they are subject to – to keep cyberattacks at bay.

Impact of AI on Cybersecurity in DOE National Laboratories

spp@peisert.net (Sean Peisert, Ph.D.) — Sun, 29 Sep 2019 00:00:00 +0000

Impact of AI in DOE National Laboratories (YouTube video) (security discussion at 1'07")

Solar power opens up new targets for cyber attackers

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 30 May 2019 00:00:00 +0000

The sun is powering the equivalent of 12 million homes in the U.S., recent numbers show.

That’s more homes than people in the state of Ohio, all running on sunshine.

But is the solar energy system secure?

Cyber attackers shut off power in Ukraine in 2015 and 2016.

Researchers are trying to make sure the same kind of thing doesn’t happen in the U.S. with solar.

…

“We all are all essentially interconnected neighbors in this regard,” said Sean Peisert, also with Lawrence Berkeley National Laboratory.

Cyberattacks threaten smart inverters, but scientists have solutions

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 30 Apr 2019 00:00:00 +0000

Smart inverters expand opportunities for more distributed resources on the grid. But the internet-enabled communications that allow smart inverters to work with the grid also open the door for something sinister.

…

Scientists at Lawrence Berkeley National Lab have been working on solutions to combat cybersecurity threats on smart inverters since 2016. They’ve found some promising solutions to inevitable hacks, but also some serious challenges that come with the growing proliferation of smart inverters.

Some Experiences in Developing Security Technology That Actually Gets Used

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 15 Feb 2019 00:00:00 +0000

Researchers do research for all kinds of reasons – because we want to learn more about the subject matter, because we like working with the other people who do research, or the places where research is done, or just like the research process. Or perhaps because we want to figure out what makes something work, or to solve a problem. Many reasons exist, each just as valid as any other. In my own work, a few years ago, I noticed that I was gradually shifting toward wanting to do something that other people used and found useful. At the same time, though I didn’t really notice it until much later, successfully making that change was much harder than I thought it would be at the outset. “Just pick a practical problem that other people need solved, and solve it, right?” The ability to just pick a practical problem and charge in has definitely not been true, at least for me.

Berkeley Lab Cybersecurity Specialist Highlights Data Sharing Benefits, Challenges at NAS Meeting

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 04 Dec 2018 00:00:00 +0000

There are many reasons why data isn’t widely shared by organizations that collect it or between scientists who analyze it in search of new scientific insights. This topic, and ways to overcome those barriers in a world of data-driven science, was the subject of a National Academy of Sciences, National Academy of Engineering, and the National Academy of Medicine recent meeting of the Committee on Science, Engineering, Medicine, and Public Policy (COSEMPUP), a joint unit of the National Academies, which took place on November 8, 2018, in Washington, D.C.

CRD's Peisert to Discuss Data Sharing at National Academies' COSEMPUP Meeting

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 05 Nov 2018 00:00:00 +0000

Sean Peisert, a cybersecurity expert in the Lab’s Computational Research Division, will be part of two panels of distinguished speakers on the topic of data sharing at a meeting of the Committee on Science, Engineering, Medicine, and Public Policy, a joint unit of the National Academies of Sciences, Engineering, and Medicine, on Nov. 8 in Washington, D.C.

His talk will describe how the strategic use of computer security and privacy preserving techniques can be used to overcome certain traditional barriers involved in data sharing and serve as a means to facilitate, enhance, and incentivize increased data sharing in the sciences, thereby accelerating data-drive scientific discovery.

Expert Q&A Safeguarding the Nation's Energy Infrastructure

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 26 Oct 2018 00:00:00 +0000

In recognition of National Cybersecurity Awareness Month, Sean Peisert, a cybersecurity expert and staff scientist in the Lab’s Computational Research Division, discusses new methods that have the potential to keep our energy infrastructure safe from a cyberattack.

Berkeley Lab Contributes to $2.5M supplemental grant for NSF-funded Cybersecurity Center of Excellence

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 05 Oct 2018 00:00:00 +0000

The National Science Foundation (NSF) has awarded Trusted CI, the NSF Cybersecurity Center of Excellence (CCoE) a $2.5 million supplemental grant to extend the CCoE through 2019 and expand its activities. The Department of Energy’s Lawrence Berkeley National Laboratory (Berkeley Lab) and Oklahoma State University are joining the collaboration to support the CCoE’s expanded activities, which will be to assist in transitioning cybersecurity research into practice in order to better secure the NSF community, creating a Cybersecurity Fellows program to broaden the impact of the CCoE, and creating an Open Science Cybersecurity Framework.

Cyber Defense Tool Is an Early Warning System for Grid Attacks

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 27 Mar 2018 00:00:00 +0000

A new tool will enable grid operators to better detect not only a brutal physical attack, but also a hacker probing for vulnerabilities

A rifle attack on an electrical substation near California’s Silicon Valley in April 2013 led to the development of a new tool for grid operators that will enable them to better detect not only a brutal physical attack but also the slightest hint of a hacker looking for vulnerabilities in these critical links in the grid.

Into the Medical Science DMZ

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 23 Mar 2018 00:00:00 +0000

A new model for research networks protects patient privacy while improving data transfer rates for scientists.

Privacy Rule The 1996 Health Insurance Portability and Accountability Act (HIPAA) is best known for preserving insurance coverage for employees who change or lose their jobs. But the law also includes a Security Rule and a Privacy Rule that protect confidential healthcare data for consumers.

…

In their paper, Lawrence Berkeley National Laboratory (LBNL) computer scientist Sean Peisert and Energy Sciences Network (ESnet) researcher Eli Dart and their collaborators outline a “design pattern” for deploying specialized research networks and ancillary computing equipment for HIPAA-protected biomedical data that provides high-throughput network data transfers and high-security protections.

Berkeley Lab Researchers Contribute to Making Blockchains Even More Robust

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 30 Jan 2018 00:00:00 +0000

Hyperledger Iroha project notes that this work heavily inspired their protocol

Blockchain—a technology used for verifying and recording digital transactions—blasted into public consciousness with the rise of Bitcoin. But this tool could also transform the way governments, global industries and even science research operate. In fact, several banks, corporations, governments and scientists have already implemented some form of blockchain to inexpensively, securely and expediently store and share information.

In the last few years, researchers at Lawrence Berkeley National Laboratory (Berkeley Lab), University of California at Davis (UC Davis) and University of Stavanger in Norway have developed a new protocol, called BChain, which makes blockchain even more robust. A paper describing BChain was published in the Proceedings of the 18th International Conference on Principles of Distributed Systems. The researchers are also working with colleagues at Berkeley Lab and beyond to adapt this tool to support applications that are of strategic importance to the Department of Energy’s (DOE) Office of Science.

Berkeley Lab Aims to Strengthen the Cybersecurity of the Grid

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 26 Sep 2017 00:00:00 +0000

As the U.S. electricity grid continues to modernize, it will mean things like better reliability and resilience, lower environmental impacts, greater integration of renewable energy, as well as new computing and communications technologies to monitor and manage the increasing number of devices that connect to the grid. However, that enhanced connectivity for grid operators and consumers also opens the door to potential cyber intrusions.

As part of the Department of Energy’s (DOE’s) commitment to building cyber-resilient energy delivery systems, a new project led by Lawrence Berkeley National Laboratory (Berkeley Lab) will develop tools to detect and counter certain types of cyber attacks on the grid. The project has been awarded up to $2.5 million in funding over three years by DOE, one of 20 projects for cybersecurity on the grid announced recently.

Helping Scientists Understand Research Cyber Risks

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 20 Sep 2017 00:00:00 +0000

Cyber attacks don’t just hit big corporations or governments or hospitals. Anything connected to networks is vulnerable, and that includes research and open science.

In general, scientists who use computers and other devices plugged into computer networks are aware of cyber threats. Often though they have little knowledge about the specific threats to systems like theirs, what to do about them, or the degree to which these threats target open science projects.

Berkeley Lab's cybersecurity expert Sean Peisert discusses challenges & opportunities of securing HPC

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 24 Aug 2017 00:00:00 +0000

Berkeley Lab’s cybersecurity expert Sean Peisert discusses challenges & opportunities of securing HPC

Twitter link

HPC security article in Communications of the ACM

Video accompanying HPC security article on Vimeo

Open-Source Software Won't Ensure Election Security

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 24 Aug 2017 00:00:00 +0000

The technology behind elections is hard to get right. Elections require security. They also require transparency: anyone should be able to observe enough of the election process, from distribution of ballots, to the counting and canvassing of votes, to verify that the reported winners really won. But if people vote on computers or votes are tallied by computers, key steps of the election are not transparent and additional measures are needed to confirm the results.

Cybersecurity: New Directions for Research and Education Networks

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 26 May 2017 00:00:00 +0000

A panel of recognized national experts in online security was convened during CENIC’s recent 20th Anniversary conference focused on sorting through the various models of securing what was widely recognized as “insecurable” by those in attendance.

Moderator Sean Peisert, CENIC’s Chief Cybersecurity Strategist, set the tone in his opening comments that focused on both the vulnerabilities and strengths of the network community.

“This notion of community makes us collectively vulnerable to cyber attack, much like the presence of unimmunized portions of the population do in a public health sense,” said Peisert. “On the other hand, if properly leveraged, our community may help us figure out how to protect our organizations, so our goal is to understand the challenges created by this community as well as to explore possible solutions.”

CENIC's Community Approach for Bringing Increased Security to Its Network and Constituent Institutions

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 05 May 2017 00:00:00 +0000

Numerous recent headlines have drawn our attention to successful hacking, with breaches of information believed to be secure and systems believed to be safe. In the last year, hospitals have paid ransom to regain access to their own records, and political parties have been publicly embarrassed. Headlines like these raise security concerns for any organization.

At the center of CENIC’s work is its commitment to supporting the research, education, and government missions of its members in an open and transparent way. The 20 million people who rely on CENIC’s network to connect with each other and the world want to know that their network is reliable.

CENIC's Network Security Initiative

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 15 Mar 2017 00:00:00 +0000

The 20 million people who rely on CENIC’s network to connect with each other and with the world want to know that their network is secure, safe, and reliable. As part of developing a more robust security strategy, CENIC has produced a comprehensive, risk-prioritized list of computing and networking assets, and has begun a detailed examination of security posture and risk exposure for the most critical assets. Mitigations, including monitoring and hardening, have also begun.

Mind the gap: Speaking like a cybersecurity pro

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 10 Feb 2017 00:00:00 +0000

The Open Science Cyber Risk Profile is a bridge between the language of the domain scientist and the language of the information security professional.

…

To bridge this linguistic divide, funding from National Science Foundation (NSF) and the Department of Energy (DOE) has launched the Open Science Cyber Risk Profile (OSCRP).

More at ScienceNode

Building a CENIC Security Strategy

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 11 Jan 2017 00:00:00 +0000

Numerous headlines in recent years have drawn our attention to successful hacking, leading to breaches of information believed secure, access to systems believed safe. This year alone, hospitals have paid ransom to regain access to their own records, and political parties have been publicly embarrassed, to the point of replacing their own leaders.

Those headlines raise security questions for any organization involved in the digital economy, and CENIC is no different.

Working Group on Open Science Cybersecurity Risks Releases First Document Draft for Public Comment

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 31 Oct 2016 00:00:00 +0000

Over the past several months, ESnet and the NSF Cybersecurity Center of Excellence collaborated with research and education community leaders to develop a risk profile for open science to formally capture and benchmark this expertise, allowing other organizations to apply these best practices more broadly.

Today, the group is releasing its draft Open Science Cyber Risk Profile (OSCRP) and inviting comment from the research community. The OSCRP is designed to help principal investigators and their supporting information technology professionals assess cybersecurity risks related to open science projects. The draft document, along with information on how to comment, can be found at http://trustedci.github.io/OSCRP/.

The Value of Failed Experiments in Cybersecurity

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 08 Sep 2016 00:00:00 +0000

The “Learning from Authoritative Security Experiment Results (LASER)” workshop series was established in 2012 with the purpose of publishing results for “properly conducted experimental (cyber) security research, including both successful as well as unsuccessful experiments.” Here, 2016 program chair Sean Peisert, a staff scientist at Lawrence Berkeley National Laboratory, associate adjunct professor of computer science at the University of California, Davis, and chief scientist for cybersecurity for the Corporation for Education Network Initiatives in California, discusses the importance of failed experiments and evidence-based approaches in cybersecurity.

Detecting Cybersecurity Threats by Taking the Grid's Pulse

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 22 Jul 2016 00:00:00 +0000

a research effort, led by LBNL cybersecurity expert Sean Peisert, to optimize the integration of micro-PMUs within cybersecurity systems for distribution grids. At least two utilities are collaborating.

NSF Cybersecurity Center of Excellence, ESnet Organize Working Group on Open Science Threats

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 22 Jul 2016 00:00:00 +0000

Managing the security risks to scientific instruments, data and cyberinfrastructure is a priority for creating a trustworthy environment for science. Assessing and managing the risks to the integrity and availability of science, and sometimes also privacy issues, involves making judgments on the likelihood and consequences of threats. Deep experience in understanding cybersecurity and the science being supported is needed to achieve these goals. As a result, ESnet and the NSF Cybersecurity Center of Excellence are collaborating with research and education community leaders to develop a threat profile for open science to formally capture and benchmark this expertise, allowing other organizations to apply these best practices more broadly.

Livermore, Berkeley National Labs Leading Project to Increase Power Grid Cybersecurity

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 12 Jul 2016 00:00:00 +0000

Cybersecurity experts Jamie Van Randwyk of Lawrence Livermore National Laboratory (LLNL) and Sean Peisert of Lawrence Berkeley National Laboratory (Berkeley Lab) are leading a new program to develop new data analysis methods to better protect the nation’s power grid.

The project, “Threat Detection and Response with Data Analytics,” is part of a $220 million, three-year Grid Modernization Initiative launched in January 2016 by the Department of Energy to support research and development in power grid modernization.

Open Science Cyber Risk Profile (OSCRP)

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 01 Apr 2016 00:00:00 +0000

I am co-leading the [Center for Trustworthy Scientific Cyberinfrastructure (CTSC) Open Science Cyber Risk Profile (OSCRP) effort along with Michael Dopheide of ESnet and Von Welch and Susan Sons of IU’s Trusted CI.

Chief Cybersecurity Strategist for CENIC

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 19 Jan 2016 00:00:00 +0000

I am Chief Cybersecurity Strategist for CENIC and Director of the CENIC/ESnet Joint Cybersecurity Initiative).

ESnet, CENIC Announce Joint Cybersecurity Initiative -- Berkeley Lab’s Sean Peisert to serve as director of initiative

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 19 Jan 2016 00:00:00 +0000

The Department of Energy’s Energy Sciences Network, or ESnet, and the Corporation for Education Network Initiatives in California (CENIC) have announced an initiative to jointly develop cybersecurity strategies and research projects.

Sean Peisert of Lawrence Berkeley National Laboratory’s (Berkeley Lab) Computational Research Division will be director of the new CENIC/ESnet Joint Cybersecurity Initiative. Peisert, who was also recently named as the chief cybersecurity strategist for CENIC, is a noted security expert who has worked extensively in computer security research and development. He will continue his work at Berkeley Lab and as an adjunct faculty member of the University of California at Davis.

CENIC and ESnet Announce Joint Cybersecurity Initiative

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 12 Jan 2016 00:00:00 +0000

The Corporation for Education Network Initiatives in California (CENIC) and the Energy Sciences Network (ESnet) are pleased to announce a partnership between their organizations in the area of cybersecurity.

“CENIC is a critical partner of ESnet’s, and we already collaborate actively to improve research outcomes in California and beyond,” said ESnet Director Greg Bell. “This new initiative is timely and exciting. Because data exchange is the lifeblood of open science, both organizations require innovative and flexible cybersecurity solutions in order to succeed. Aligning our strategies and teams is an important step forward.”

Vice Chair of IEEE Technical Committee on Security & Privacy

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 01 Jan 2016 00:00:00 +0000

I am the vice chair of the IEEE Technical Committee on Security & Privacy.

Chair of ASCR Cybersecurity Workshops and Editor of Workshop Reports

spp@peisert.net (Sean Peisert, Ph.D.) — Mon, 01 Jun 2015 00:00:00 +0000

I chaired the DOE ASCR Cybersecurity Workshop in early 2015 and edited the subsequent report, and chaired the DOE ASCR Cybersecurity for Scientific Computing Integrity Workshop in June 2015 and also edited the subsequent report for that workshop.

NSF funds NetSage to analyze, improve international data networks

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 12 May 2015 00:00:00 +0000

Every day, thousands of researchers rely on robust data networks to share petabytes of data with their colleagues around the world. A new $5 million, five-year National Science Foundation grant, awarded to Indiana University, the University of California, Davis and the University of Hawaii at Mānoa, seeks to bolster these networks by enabling unprecedented measurement and analysis.

The grant will fund NetSage, a network measurement, analysis and visualization service designed to address the needs of today’s international networks. The principal investigators are: Jennifer Schopf at Indiana University; Sean Peisert, assistant professor of computer science at UC Davis; and Jason Leigh at the University of Hawaii.

Peisert Compiles Workshop Report on Securing Scientific Computing Integrity

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 20 Mar 2015 00:00:00 +0000

Sean Peisert of CRD’s Integrated Data Frameworks Group has published a report from a DOE workshop on ASCR Cybersecurity for Scientific Computing Integrity. Peisert co-chaired the workshop held Jan. 7-9 in Rockville, Md. CRD Director David Brown and ESnet’s Brian Tierney were members of the workshop organizing committee. Eric Roman of CRD and Scott Campbell of NERSC participated in the workshop.

Securing Scientific Computing Integrity

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 20 Mar 2015 00:00:00 +0000

Sean Peisert of CRD’s Integrated Data Frameworks Group has published a report from a DOE workshop on ASCR Cybersecurity for Scientific Computing Integrity. Peisert co-chaired the workshop held Jan. 7-9 in Rockville, Md. CRD Director David Brown and ESnet’s Brian Tierney were members of the workshop organizing committee. Eric Roman of CRD and Scott Campbell of NERSC participated in the workshop.

CRD's Sean Peisert Guest Edits Special Issue of IEEE's Security and Privacy Magazine

spp@peisert.net (Sean Peisert, Ph.D.) — Tue, 20 Jan 2015 00:00:00 +0000

CRD’s Sean Peisert recently guest edited a special issue of IEEE Security & Privacy Magazine (http://www.computer.org/security), of which he is also a member of the editorial board. The special issue focuses on “Control Systems Security for the Energy Sector” and contains six-peer reviewed articles with authors from U.S. national labs, U.S. and international academic institutions, and industry.

Open-Source Software Won't Ensure Election Security

spp@peisert.net (Sean Peisert, Ph.D.) — Thu, 01 Jan 2015 00:00:00 +0000

The technology behind elections is hard to get right. Elections require security. They also require transparency: anyone should be able to observe enough of the election process, from distribution of ballots, to the counting and canvassing of votes, to verify that the reported winners really won. But if people vote on computers or votes are tallied by computers, key steps of the election are not transparent and additional measures are needed to confirm the results.

CRD’s Sean Peisert Shares Cyber Security Expertise at I3P Meeting

spp@peisert.net (Sean Peisert, Ph.D.) — Fri, 26 Oct 2012 00:00:00 +0000

Sean Peisert, a research scientist in Berkeley Lab’s Computational Research Division, recently gave a presentation talk at the 10th Anniversary of the Institute for Information Infrastructure Protection (I3P), held Oct. 10 at the National Press Club in Washington, D.C. Peisert discussed the impact of I3P, a consortium of leading universities, national laboratories and nonprofit institutions dedicated to strengthening the cyber infrastructure of the United States.

Resolving the Unexpected in Elections: Election Officials' Options

spp@peisert.net (Sean Peisert, Ph.D.) — Wed, 08 Oct 2008 00:00:00 +0000

This paper seeks to assist election officials and their lawyers in effectively handling the technical issues that can be difficult to understand and analyze, allowing them to protect themselves and the public interest from unfair accusations, inaccuracies in results, and conspiracy theories. The paper helps to empower officials to recognize which types of voting system events and indicators need a more structured analysis and what steps to take to set up the evaluations (or forensic assessments) using computer experts.