The Forum on Cyber Resilience of the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Recoverability as a First-Class Security Objective on February 8, 2018, in Washington, D.C. The workshop featured presentations from several experts in industry, research, and government roles who spoke about the complex facets of recoverability?that is, the ability to restore normal operations and security in a system affected by software or hardware failure or a deliberate attack. This publication summarizes the presentations and discussions from the workshop. Table of Contents Front Matter 1 Introduction and Framing 2 Summary of Workshop Presentations 3 Closing Observations and Discussion Appendixes Appendix A: Workshop Agenda and Participants List Appendix B: Steering Committee Biographies Appendix C: Speaker Biographies

Who Goes There?: Authentication Through the Lens of Privacy explores authentication technologies (passwords, PKI, biometrics, etc.) and their implications for the privacy of the individuals being authenticated. As authentication becomes ever more ubiquitous, understanding its interplay with privacy is vital. The report examines numerous concepts, including authentication, authorization, identification, privacy, and security. It provides a framework to guide thinking about these issues when deciding whether and how to use authentication in a particular context. The book explains how privacy is affected by system design decisions. It also describes government's unique role in authentication and what this means for how government can use authentication with minimal invasions of privacy. In addition, Who Goes There? outlines usability and security considerations and provides a primer on privacy law and policy. Table of Contents Front Matter Executive Summary 1 Introduction and Overview 2 Authentication in the Abstract 3 Privacy Challenges in Authentication Systems 4 Security and Usability 5 Authentication Technologies 6 Authentication, Privacy, and the Roles of Government 7 A Toolkit for Privacy in the Context of Authentication Appendix A: Biographies of Committee Members and Staff Appendix B: Briefers to the Study Committee Appendix C: Some Key Concepts What is CSTB?

The end of dramatic exponential growth in single-processor performance marks the end of the dominance of the single microprocessor in computing. The era of sequential computing must give way to a new era in which parallelism is at the forefront. Although important scientific and engineering challenges lie ahead, this is an opportune time for innovation in programming systems and computing architectures. We have already begun to see diversity in computer designs to optimize for such considerations as power and throughput. The next generation of discoveries is likely to require advances at both the hardware and software levels of computing systems. There is no guarantee that we can make parallel computing as common and easy to use as yesterday's sequential single-processor computer systems, but unless we aggressively pursue efforts suggested by the recommendations in this book, it will be "game over" for growth in computing performance. If parallel programming and related software efforts fail to become widespread, the development of exciting new applications that drive the computer industry will stall; if such innovation stalls, many other parts of the economy will follow suit. The Future of Computing Performance describes the factors that have led to the future limitations on growth for single processors that are based on complementary metal oxide semiconductor (CMOS) technology. It explores challenges inherent in parallel computing and architecture, including ever-increasing power consumption and the escalated requirements for heat dissipation. The book delineates a research, practice, and education agenda to help overcome these challenges. The Future of Computing Performance will guide researchers, manufacturers, and information technology professionals in the right direction for sustainable growth in computer performance, so that we may all enjoy the next level of benefits to society. Table of Contents Front Matter Abstract Summary 1 The Need for Continued Performance Growth 2 What Is Computer Performance? 3 Power Is Now Limiting Growth in Computing Performance 4 The End of Programming as We Know It 5 Research, Practice, and Education to Meet Tomorrow's Performance Needs Appendixes Appendix A: A History of Computer Performance Appendix B: Biographies of Committee Members and Staff Appendix C: Reprint of Gordon E. Moore's "Cramming More Components onto Integrated Circuits" Appendix D: Reprint of Robert H. Dennard's "Design of Ion-Implanted MOSFET's with Very Small Physical Dimensions"

Biometric recognition-the automated recognition of individuals based on their behavioral and biological characteristic-is promoted as a way to help identify terrorists, provide better control of access to physical facilities and financial accounts, and increase the efficiency of access to services and their utilization. Biometric recognition has been applied to identification of criminals, patient tracking in medical informatics, and the personalization of social services, among other things. In spite of substantial effort, however, there remain unresolved questions about the effectiveness and management of systems for biometric recognition, as well as the appropriateness and societal impact of their use. Moreover, the general public has been exposed to biometrics largely as high-technology gadgets in spy thrillers or as fear-instilling instruments of state or corporate surveillance in speculative fiction. Now, as biometric technologies appear poised for broader use, increased concerns about national security and the tracking of individuals as they cross borders have caused passports, visas, and border-crossing records to be linked to biometric data. A focus on fighting insurgencies and terrorism has led to the military deployment of biometric tools to enable recognition of individuals as friend or foe. Commercially, finger-imaging sensors, whose cost and physical size have been reduced, now appear on many laptop personal computers, handheld devices, mobile phones, and other consumer devices. Biometric Recognition: Challenges and Opportunities addresses the issues surrounding broader implementation of this technology, making two main points: first, biometric recognition systems are incredibly complex, and need to be addressed as such. Second, biometric recognition is an inherently probabilistic endeavor. Consequently, even when the technology and the system in which it is embedded are behaving as designed, there is inevitable uncertainty and risk of error. This book elaborates on these themes in detail to provide policy makers, developers, and researchers a comprehensive assessment of biometric recognition that examines current capabilities, future possibilities, and the role of government in technology and system development. Table of Contents Front Matter Summary 1 Introduction and Fundamental Concepts 2 Engineering Biometric Systems 3 Lessons from Other Large-Scale Systems 4 Cultural, Social, and Legal Considerations 5 Research Opportunities and the Future of Biometrics Appendixes Appendix A: Biosketches of Committee Members and Staff Appendix B: Watch-List Operational Performance and List Size: A First-Cut Analysis Appendix C: Statement of Task Appendix D: Testing and Evaluation Examples Appendix E: The Biometrics Standards Landscape

Privacy is a growing concern in the United States and around the world. The spread of the Internet and the seemingly boundaryless options for collecting, saving, sharing, and comparing information trigger consumer worries. Online practices of business and government agencies may present new ways to compromise privacy, and e-commerce and technologies that make a wide range of personal information available to anyone with a Web browser only begin to hint at the possibilities for inappropriate or unwarranted intrusion into our personal lives. Engaging Privacy and Information Technology in a Digital Age presents a comprehensive and multidisciplinary examination of privacy in the information age. It explores such important concepts as how the threats to privacy evolving, how can privacy be protected and how society can balance the interests of individuals, businesses and government in ways that promote privacy reasonably and effectively? This book seeks to raise awareness of the web of connectedness among the actions one takes and the privacy policies that are enacted, and provides a variety of tools and concepts with which debates over privacy can be more fruitfully engaged. Engaging Privacy and Information Technology in a Digital Age focuses on three major components affecting notions, perceptions, and expectations of privacy: technological change, societal shifts, and circumstantial discontinuities. This book will be of special interest to anyone interested in understanding why privacy issues are often so intractable. Table of Contents Front Matter Executive Summary Part I Thinking About Privacy, 1 Thinking About Privacy Part II The Backdrop for Privacy, 2 Intellectual Approaches and Conceptual Underpinnings 3 Technological Drivers 4 The Legal Landscape in the United States 5 The Politics of Privacy Policy in the United States Part III Privacy in Context, 6 Privacy and Organizations 7 Health and Medical Privacy 8 Libraries and Privacy 9 Privacy, Law Enforcement, and National Security Part IV Findings and Recommendations, 10 Findings and Recommendations Appendix A A Short History of Surveillance and Privacy in the United States Appendix B International Perspectives on Privacy Appendix C Biographies Index

Software update is an important mechanism by which security changes and improvements are made in software, and this seemingly simple concept encompasses a wide variety of practices, mechanisms, policies, and technologies. To explore the landscape further, the Forum on Cyber Resilience hosted a workshop featuring invited speakers from government, the private sector, and academia. This publication summarizes the presentations and discussions from the workshop. Table of Contents Front Matter Workshop Introduction 1 Policy Considerations: The Intersection of Public Values and Private Infrastructure 2 Technical Considerations for Secure Software Updates 3 Microsoft's Approach to Software Updates 4 Update Issues for Open Source Software 5 Cisco's Approach to Software Updates 6 Ensuring Robust Firmware Updates 7 Updates in the Consumer Electronics Industry 8 Software Updates in Automotive Electronic Control Units 9 The NIST Perspective on Software Updates 10 Protecting Consumers from Software Update Risks 11 Discussion Afterword Appendixes Appendix A: Workshop Agenda and Participants List Appendix B: Steering Committee Biographies Appendix C: Speaker Biographies

Attaining meaningful cybersecurity presents a broad societal challenge. Its complexity and the range of systems and sectors in which it is needed mean that successful approaches are necessarily multifaceted. Moreover, cybersecurity is a dynamic process involving human attackers who continue to adapt. Despite considerable investments of resources and intellect, cybersecurity continues to poses serious challenges to national security, business performance, and public well-being. Modern developments in computation, storage and connectivity to the Internet have brought into even sharper focus the need for a better understanding of the overall security of the systems we depend on. Foundational Cybersecurity Research focuses on foundational research strategies for organizing people, technologies, and governance. These strategies seek to ensure the sustained support needed to create an agile, effective research community, with collaborative links across disciplines and between research and practice. This report is aimed primarily at the cybersecurity research community, but takes a broad view that efforts to improve foundational cybersecurity research will need to include many disciplines working together to achieve common goals. Table of Contents Front Matter Summary 1 Cybersecurity Challenges and Security Science 2 The Role of Social, Behavioral, and Decision Sciences in Security Science 3 Engineering, Operational, and Life-Cycle Challenges in Security Science 4 Foundational Research Topics 5 Institutional Opportunities to Improve Security Science Appendixes Appendix A: Briefers to the Study Committee Appendix B: Committee Biographies Appendix C: Highlights from Other Research Agendas

The Next Generation Air Transportation System's (NextGen) goal is the transformation of the U.S. national airspace system through programs and initiatives that could make it possible to shorten routes, navigate better around weather, save time and fuel, reduce delays, and improve capabilities for monitoring and managing of aircraft. A Review of the Next Generation Air Transportation provides an overview of NextGen and examines the technical activities, including human-system design and testing, organizational design, and other safety and human factor aspects of the system, that will be necessary to successfully transition current and planned modernization programs to the future system. This report assesses technical, cost, and schedule risk for the software development that will be necessary to achieve the expected benefits from a highly automated air traffic management system and the implications for ongoing modernization projects. The recommendations of this report will help the Federal Aviation Administration anticipate and respond to the challenges of implementing NextGen. Table of Contents Front Matter Summary 1 Recognize Constraints and Align Expectations 2 Assert Architectural Leadership 3 Cope with Change 4 Minimize Cultural and Organizational Barriers Appendixes Appendix A: Biographies of CommitteeMembers and Staff Appendix B: Briefers to the Study Committee Appendix C: Acronyms

A broad and growing literature describes the deep and multidisciplinary nature of the sustainability challenges faced by the United States and the world. Despite the profound technical challenges involved, sustainability is not, at its root, a technical problem, nor will merely technical solutions be sufficient. Instead, deep economic, political, and cultural adjustments will ultimately be required, along with a major, long-term commitment in each sphere to deploy the requisite technical solutions at scale.
Nevertheless, technological advances and enablers have a clear role in supporting such change, and information technology (IT) is a natural bridge between technical and social solutions because it can offer improved communication and transparency for fostering the necessary economic, political, and cultural adjustments. Moreover, IT is at the heart of nearly every large-scale socioeconomic system-including systems for finance, manufacturing, and the generation and distribution of energy-and so sustainability-focused changes in those systems are inextricably linked with advances in IT.
The focus of Computing Research for Sustainability is "greening through IT," the application of computing to promote sustainability broadly. The aim of this report is twofold: to shine a spotlight on areas where IT innovation and computer science (CS) research can help, and to urge the computing research community to bring its approaches and methodologies to bear on these pressing global challenges. Computing Research for Sustainability focuses on addressing medium- and long-term challenges in a way that would have significant, measurable impact. The findings and recommended principles of the Committee on Computing Research for Environmental and Societal Sustainability concern four areas: (1) the relevance of IT and CS to sustainability; (2) the value of the CS approach to problem solving, particularly as it pertains to sustainability challenges; (3) key CS research areas; and (4) strategy and pragmatic approaches for CS research on sustainability.

Social Security Administration Electronic Service Provision examines the Social Security Administration's (SSA's) proposed e-government strategy and provides advice on how the SSA can best deliver services to its constituencies in the future. The assessment by the Committee on the Social Security Administration's E-Government Strategy and Planning for the Future was based on (1) its examination of the SSA's current e-government strategy, including technological assumptions, performance measures and targets, planned operational capabilities, strategic requirements, and future goals; (2) its consideration of strategies, assumptions, and technical and operational requirements in comparable public- and private-sector institutions; and (3) its consideration of the larger organizational, societal, and technological context in which the SSA operates. Table of Contents Front Matter Summary 1 Background and Current Context 2 Lessons from Electronic Services in Financial Institutions 3 The Social Security Administration's Information Technology - Present and Future 4 Toward Organizational Transformation for Electronic Service Delivery Appendix A Committee and Staff Biographies Appendix B Panelists and Briefers at Open Committee Meetings Appendix C Social Security Administration Major Office Missions Appendix D Overview of Selected Legislation Pertaining to E-Government Appendix E A Short History of E-Government

IDs?Not That Easy highlights some of the challenging policy, procedural, and technological issues presented by nationwide identity systems. In the wake of the events of September 11, 2001, nationwide identity systems have been proposed to better track the movement of suspected terrorists. However, questions arise as to who would use the system and how, if participation would be mandatory, the type of data that would be collected, and the legal structures needed to protect privacy. The committee's goal is to foster a broad and deliberate discussion among policy-makers and the public about the form of nationwide identity system that might be created, and whether such a system is desirable or feasible.

Federal laws, regulations, and executive orders have imposed requirements for federal agencies to move toward the sustainable acquisition of goods and services, including the incorporation of sustainable purchasing into federal agency decision making. Since the federal government is such a significant player in the market, its move to incorporate sustainable procurement practices could have a profound impact on the types of products being developed for the market as a whole. The General Services Administration (GSA) has played a key role in furthering sustainable procurement practices throughout the federal government. GSA is responsible for formulating and maintaining government-wide policies covering a variety of administrative actions, including those related to procurement and management. GSA has several ongoing activities related to sustainable procurement to assess the feasibility of working with the federal supplier community - vendors and contractors that serve federal agencies to measure and reduce greenhouse gas emissions in the supply chain while encouraging sustainable operations among suppliers. GSA has also been actively developing programs to assist federal agencies in making sustainable procurement decisions. As federal agencies cannot directly fund the development of sustainable procurement tools, they are particularly interested in understanding how to foster innovation and provide incentives for collaboration between developers and users of tools for sustainable purchasing throughout the supply chain. The training of procurement professionals is also a priority for these agencies. To assist efforts to build sustainability considerations into the procurement process, the National Research Council appointed a committee to organize a two-day workshop that explored ways to better incorporate sustainability considerations into procurement tools and capabilities across the public and private sectors. The workshop was designed to help participants assess the current landscape of green purchasing tools, identify emerging needs for enhanced or new tools and opportunities to develop them, identify potential barriers to progress, and explore potential solutions. The workshop provided an opportunity for participants to discuss challenges related to sustainable purchasing and to developing new procurement tools. Sustainability Considerations for Procurement Tools and Capabilities reviews the presenters' recommendations and tools currently used in sustainable procurement, such as databases for ecolabels and standards, codes, or regulations and other nontechnological tools such as policies, frameworks, rating systems, and product indexes. Table of Contents Front Matter 1 Overview 2 Government Efforts 3 Sourcing and Materials 4 Tools and Technology for Sustainable Purchasing 5 Workforce and Culture Appendix A: Workshop Agenda Appendix B: Registered Participants List Appendix C: Biographies Appendix D: Examples of Federal Agency Procurement Systems and Green Purchasing Programs Appendix E: The Federal Life-Cycle Assessment (LCA) Digital Commons