Tech Beat - August 21, 2012

Tech Beat Archives

Submit an email address to receive news from NIST:

Editor: Michael Baum
Date created: August 21, 2012
Date Modified: August 21, 2012 
Contact: inquiries@nist.gov

Sept. 27 California Workshop to Explore Plans for National Network for Manufacturing Innovation

The Advanced Manufacturing National Program Office (AMNPO), in partnership with state and national organizations, is inviting interested parties to the third in a series of regional workshops to introduce and encourage public discussion of a planned National Network for Manufacturing Innovation (NNMI). "Designing for Impact III: Workshop on Building the National Network for Manufacturing Innovation" will be held on September 27, 2012, at the Arnold and Mabel Beckman Center of the National Academies of Sciences and Engineering at the University of California (UC) Irvine.

Beckman Center
The Beckman Center at the University of California Irvine
Credit: Courtesy UC Irvine

Local hosts and co-organizers for this workshop event include the National Academy of Engineering (NAE), the National Academies' Government-University-Industry Research Roundtable (GUIRR) and University-Industry Demonstration Partnership (UIDP), NASA's Jet Propulsion Laboratory (JPL), and UC Irvine.

The AMNPO was established to coordinate federal resources and programs across agencies to enhance technology transfer to U.S. manufacturers. The office is hosted by the National Institute of Standards and Technology (NIST) in partnership with the Department of Defense, the Department of Education, the Department of Energy, NASA and the National Science Foundation.

The NNMI is a planned network of up to 15 regional "Institutes for Manufacturing Innovation" (IMI) proposed in the President's FY 2013 budget. Operated as public-private collaborations, the institutes would address current gaps in manufacturing innovation by connecting research advances at academic institutions and federal laboratories with the nation's manufacturing community. Each institute will serve as a regional hub of manufacturing excellence, with programs tailored to regional needs.

Workshop participants will learn about the principles and concepts behind the NNMI and participate in interactive sessions designed to solicit ideas on how to best structure the network and the institutes. Workshop sessions will focus on:

  • technologies with broad impact,
  • institute structure and governance,
  • strategies for sustainable institute operations, and
  • workforce education and development.

Additional information on times, fees, the venue and local accommodations is available at http://manufacturing.gov/amp/event_092712.html, and in today's notice in the Federal Register at www.gpo.gov/fdsys/pkg/FR-2012-08-21/pdf/2012-20535.pdf. On-line registration for the workshop will close at 11:59 p.m. Pacific time on Tuesday, Sept. 18, 2012. To register for this event, go to www.calit2.uci.edu/calit2-events/EventOrderRegistration.aspx?eid=552.

For additional information—

Media Contact: Michael Baum, michael.baum@nist.gov, 301-975-2763

Comment  Comment on this article.back to top

National Additive Manufacturing Innovation Institute Announced

On August 15, 2012, the White House announced the launch of a new public-private institute for manufacturing innovation in Youngstown, Ohio. The new partnership, the National Additive Manufacturing Innovation Institute (NAMII), includes manufacturing firms, universities, community colleges, and nonprofit organizations from the Ohio-Pennsylvania-West Virginia “Tech Belt.”

The consortium was selected through a competitive process led by the Department of Defense and will receive an initial $30 million in federal funding, matched by $40 million from the consortium itself.

On March 9, 2012, President Obama announced his plan to invest $1 billion to catalyze a national network of up to 15 manufacturing innovation institutes around the country that would serve as regional hubs of manufacturing excellence to help make U.S. manufacturers more competitive and encourage investment in the United States. The president’s fiscal year 2013 budget includes a proposal to create the National Network of Manufacturing Innovation (NNMI).

The president also announced immediate steps to launch a pilot institute to serve as a proof-of-concept for the NNMI. Five federal agencies—the departments of Defense, Energy, and Commerce, the National Science Foundation, and NASA—jointly committed to invest $45 million in a pilot institute on additive manufacturing. In fiscal year 2013, NIST plans to issue a grant for applied research related to measurement needs in additive manufacturing.

Director of the National Economic Council Gene Sperling, Acting Secretary of Commerce Rebecca Blank and Under Secretary of Defense Frank Kendall along with other administration and local officials, announced the award at M7 Technologies in Youngstown, Ohio.

To learn more about the announcement, please visit www.commerce.gov/news/press-releases/2012/08/16/obama-administration-announces-new-public-private-partnership-support.

Media Contact: Jennifer Huergo, jennifer.huergo@nist.gov, 301-975-6343

Comment  Comment on this article.back to top

Baldrige Program Celebrates 25 Years of Performance Excellence

Not many 25-year-olds can boast that in their short lifetime they have helped thousands of organizations develop and maintain world-class operations, innovative management, efficient procedures, involved workforces and highly satisfied customers. But one certainly can: the Baldrige Performance Excellence Program, the nation's premier means for organizations of all types to seek, achieve and maintain performance excellence.

Commerce Secretary Malcolm 'Mac' Baldrige and President Ronald Reagan
Commerce Secretary Malcolm "Mac" Baldrige and President Ronald Reagan return to the White House after horseback riding in June 1981. Shortly after Baldrige was killed in a rodeo accident, President Reagan honored his friend and colleague on Aug. 20, 1987, by signing the bill that established the Baldrige National Quality Award.
Credit: The Baldrige Family
View hi-resolution image

On August 20, 1987, President Ronald Reagan signed into law the Malcolm Baldrige National Quality Improvement Act, establishing the Malcolm Baldrige National Quality Award and its supporting program "to spark U.S. competitiveness and create a sustainable economy." Named after Malcolm Baldrige, the 26th Secretary of Commerce, the Baldrige Award and the Baldrige Program have guided organizations worldwide on their journeys toward continuous improvement and enhanced performance through the seven Baldrige Criteria for Performance Excellence—leadership; strategic planning; customer focus; measurement, analysis and knowledge management; workforce focus; operations focus; and results.

The Baldrige Program is managed by the National Institute of Standards and Technology (NIST) in cooperation with the private sector. It also is a partner in the Baldrige Enterprise, which includes the private-sector Baldrige Foundation, the Alliance for Performance Excellence—a body made up of the 33-plus state, local, regional and sector-specific Baldrige-based programs serving nearly all 50 states—and ASQ, an international organization promoting quality. The program raises awareness about the importance of performance excellence in driving the U.S. and global economy; provides organizational assessment tools and criteria; educates leaders in businesses, schools, health care organizations, and government and nonprofit organizations about the practices of national role models; and recognizes them with the Baldrige Award.

To celebrate its silver anniversary, the Baldrige Program has created a special Web page, "Honoring Our Past. . . Building an Even Better Future" (www.nist.gov/baldrige/25th/index.cfm), that provides numerous links, including:

  • The first-hand story of how the Baldrige Award, the program and the Criteria came to be;
  • Congratulatory letters, including ones from Congress, the Ronald Reagan Presidential Foundation and Library, and international quality award programs;
  • A list of the "25 Ways that Baldrige Adds Value" (for example: jobs created, lives saved and a benefit-to-cost ratio of 820-to-1);
  • Success stories and testimonials showing the benefits gained through use of the Criteria (for example: Baldrige Award-winning manufacturers have seen a 48 percent rise in revenue through 2010, far exceeding their competitors);
  • Impact statements on how "The Baldrige Enterprise Creates Value for Organizations and the Economy" (for example: Baldrige education organizations effectively improve reading and mathematics proficiency and graduation rates); and,
  • An invitation to participate in the grand finale of the silver anniversary celebration at the 25th Anniversary Gala that will be part of the 25th Annual Quest for Excellence Conference (which will include the ceremony for the 2012 Baldrige Award recipients), April 7-10, 2013, in Baltimore, Md.

For more information, go to www.nist.gov/baldrige.

Media Contact: Michael E. Newman, michael.newman@nist.gov, 301-975-3025

Comment  Comment on this article.back to top

Security First: New NIST Guidelines on Securing BIOS for Servers

The National Institute of Standards and Technology (NIST) is requesting comments on new draft guidelines for securing BIOS systems for server computers. BIOS—Basic Input/output System—is the first major software that runs when a computer starts up. Both obscure and fundamental, the BIOS has become a target for hackers.

bank of servers
Credit: ©Amy Walters/Shutterstock

Server manufacturers routinely update BIOS to fix bugs, patch vulnerabilities or support new hardware. However, while authorized updates to BIOS can improve functionality or security, unauthorized or malicious changes could be part of a sophisticated, targeted attack on an organization, allowing an attacker to infiltrate an organization's systems or disrupt their operations. BIOS attacks are an emerging threat area. In September, 2011, a security company discovered the first malware designed to infect the BIOS, called Mebromi.*

An important mechanism for protecting BIOS in servers is to secure the BIOS update process, guarding against unauthorized BIOS updates. NIST's 2011 publication on BIOS security** provided instructions for protecting BIOS in desktops and laptops. The guidelines focused on the core principles of authenticating updates using digital signatures, BIOS integrity protection and "non-bypassibility" features that ensure that no mechanisms circumvent the BIOS protections.

BIOS Protection Guidelines for Servers addresses BIOS security in the varied architectures used by servers. "While laptop and desktop computers have largely converged on a single architecture for system BIOS, server class systems have a more diverse set of architectures, and more mechanisms for updating or modifying the system BIOS," says author Andrew Regenscheid. In addition, many servers contain service processors that perform a variety of management functions that may include BIOS updates, and this document provides additional security guidelines for service processors.

Servers require more flexibility, according to Regenscheid, because in addition to having different architectures, they are almost always managed remotely. BIOS Protection Guidelines for Servers is written for server developers and information system security professionals responsible for server security, secure boot processes and hardware security modules. The draft publication BIOS Protections Guidelines for Servers, (NIST Special Publication 800-147B), is available at http://csrc.nist.gov/publications/drafts/800-147b/draft-sp800-147b_july2012.pdf. NIST requests comments on this draft by Sept. 14, 2012. Please email all comments to 800-147comments@nist.gov.

* Information on Mebromi: www.symantec.com/security_response/writeup.jsp?docid=2011-090609-4557-99.
** D.A. Cooper, W.T. Polk, A.R. Regenscheid and M.P. Souppaya. BIOS Protection Guidelines (NIST SP 800-147) is available at www.nist.gov/manuscript-publication-search.cfm?pub_id=908423.

Media Contact: Evelyn Brown, evelyn.brown@nist.gov, 301-975-5661

Comment  Comment on this article.back to top

NIST Co-Sponsors the 2012 Biometrics Consortium Conference

The National Institute of Standards and Technology (NIST) will co-sponsor the 2012 Biometric Consortium Conference (BCC 2012), September 18-21, 2012, at the Tampa Convention Center in Tampa, Fla. The annual conference, produced in cooperation with the National Security Agency (NSA) and the Armed Forces Communications and Electronics Association (AFCEA ), is focused on the latest advances in biometric technologies for identity management, electronic commerce, defense, homeland security and border crossing.

biometrics photo
Credit: ©Tyler Olson/Shutterstock

The two and a half days of meetings and seminars attract policy makers, government and industry executives, information technology users and developers, law enforcement officials, and systems integrators and researchers involved in using biometrics for personal identification and authentication applications.

This year a new track—the AFCEA Identity Management Focus Session—has been added. It covers best practices, national and international case studies, health care, and the challenges of working securely with developing technologies, including cloud computing and smart phones.

Speakers from India and Indonesia will discuss the large biometric applications they are undertaking in their countries. India’s Unique Identification Authority of India project, for example, intends to enroll more than 1 billion citizens using biometrics conforming to internationally accepted biometric standards to facilitate delivery of financial and other services. Citizens will be issued a unique identification number that can be verified and authenticated online to eliminate duplicate and fake identities.

The conference begins with a history-based keynote on “FBI Biometrics—Approaching 90 Years,” and the sessions move to address the current state of identity management, updates on face and iris recognition, voice biometrics, rapid DNA analysis, biometric standards, and biometric technologies for accelerating identity management. A presentation will spotlight the recently published NIST Special Publication 500-290, the new version of the ANSI/NIST-ITL standard. NIST’s session will highlight ongoing biometric projects in NIST’s Information Technology Laboratory.

In addition to the conference tracks, workshops will be held on a number of topics, including “Securing Your Biometric Data,” “Biometrics in a Cloud Computing Environment Panel” and “Report on the Role of Biometrics in the National Strategy for Trusted Identities in Cyberspace (NSTIC) Identity Ecosystem.” A biometrics training update will also be held for IEEE Certified Biometrics Professionals.

Charles Romine, director of NIST’s Information Technology Laboratory, will provide a keynote address on the opening day.

Concurrent with the conference is the Biometric Technology Expo that showcases a variety of solutions of biometric and identity management challenges.

For more information and to register, see http://events.jspargo.com/biometrics2012/public/MainHall.aspx. Press interested in attending should contact Evelyn Brown at evelyn.brown@nist.gov.

Media Contact: Evelyn Brown, evelyn.brown@nist.gov, 301-975-5661

Comment  Comment on this article.back to top