CTSC is pleased to announce our successful completion of a six month engagement with the DKIST Data Center. The DKIST Data Center (NSF AST-0946422), located in Boulder on University of Colorado’s east campus, serves as the operations data management and processing center for the Daniel K. Inouye Solar Telescope (DKIST). When construction completes in 2019, DKIST will be the largest and most precise solar telescope to date, capable of “zooming in” on the sun to an area roughly the size of a county. Data volume is expected to average around 9 TB/day, spiking up to 64 TB/day during ideal viewing conditions. These scientific measurements and images will be continuously streamed from the telescope’s site in Haleakala on Maui, Hawai’i, to the DKIST Data Center. Recognizing their importance in protecting the integrity, availability, and confidentiality of the data and services supporting the telescope’s critical science mission, the DKIST Data Center reached out to CTSC for an engagement focused on kickstarting their newly-forming cybersecurity program.
After discussion about its needs, the DKIST Data Center staff and CTSC decided to focus primarily on the development of written policies and procedures, and secondarily on recommendations for staffing and discussions about security training resources. CTSC recommended developing, implementing, and maintaining written policies based on the CTSC Guide templates available on the CTSC website at https://trustedci.org/guide. These were used as a starting point after a review of the existing policies.
As a project of the National Solar Observatory (NSO), which is managed by the Association of Universities for Research in Astronomy (AURA), the DKIST Data Center is subject to policies inherited from two parent organizations. Further, as a tenant at the University of Colorado, the Data Center must also comply with all of the university’s security policies. During the engagement, CTSC reviewed security policies from all three organizations in order to advise the Data Center on how to meet the requirements. CTSC offered guidance on how to navigate conflicting policies, as well as advice on when to adopt parent policies as-is versus when to adopt a stricter stance.
During the engagement, the CTSC team had an opportunity to visit the DKIST Data Center offices and facilities. This face-to-face opportunity facilitated communication as we finalized the development process of the security policies and reviewed all the policies written during the term of the engagement. Additionally, CTSC performed a physical review of the data center and a co-located center, provided a tutorial on the risk analysis process, and guided the DKIST staff through a tabletop cybersecurity exercise. DKIST also presented their current network map and demonstrated their current installation and security compliance tools.
Engaging with CTSC early in the creation of their security program allowed DKIST Data Center to develop excellent foundational policies rather than needing to change their operations at a later date. We would like to thank DKIST Data Center staff for their participation in this engagement.
Showing posts with label DKIST. Show all posts
Showing posts with label DKIST. Show all posts
Monday, December 18, 2017
Tuesday, September 5, 2017
CTSC begins engagement with DKIST Data Center
The DKIST Data Center (NSF AST-0946422) is the operations data management and processing center for the Daniel K. Inouye Solar Telescope (DKIST),
which at the time of its scheduled completion in 2019 will be the
largest solar telescope in the world. The data center team has the
challenge of managing the terabytes of data coming in daily from the
summit in Haleakala, Maui, Hawaii to the data center facility in
Boulder, Colorado. With assistance from CTSC, the DKIST Data Center team
plans to develop a cybersecurity program that will help them focus
appropriately on the Integrity, Availability and Confidentiality of the
data and services in support of DKIST.
Friday, August 22, 2014
V1 of “Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects” released by CTSC
At the 2013 NSF Cybersecurity Summit Bret Goodrich, Senior Software Engineer of the Daniel K Inouye Solar Telescope(DKIST)/National Solar Observatory(NSO) approached CTSC to discuss how to develop a cybersecurity program for cyberinfrastructure projects.
He was aware of the NIST special publications on conducting risk assessments, applying controls but asked if there was a framework designed to address the unique needs of NSF funded cyberinfrastructure (CI).
At the time, no such framework existed. After further discussions, CTSC and DKIST began a six month process to create a guide for developing cybersecurity programs crafted to the NSF cyberinfrastructure community. At the completion of this effort the collaboration produced the most comprehensive set of security resources tailored specifically for the CI community. The guide includes over 18 supporting documents that can be used to kickstart policy development, assisting with risk assessments, data classification and more. A shared goal is to establish a framework that can be adopted by all CI projects.
The latest version of this guide and supporting documents are available on a CTSC managed Google Drive directory, and are available at trustedci.org/guide.
We’re encouraging CI projects to review and support the cybersecurity planning guide by applying the framework to NSF funded projects.
CTSC is seeking comments, suggestions and other feedback to improve the development of these documents for future revisions.
More information about the cybersecurity planning guide or comments to provide feedback can be directed to ‘info@trustedci.org'.
He was aware of the NIST special publications on conducting risk assessments, applying controls but asked if there was a framework designed to address the unique needs of NSF funded cyberinfrastructure (CI).
At the time, no such framework existed. After further discussions, CTSC and DKIST began a six month process to create a guide for developing cybersecurity programs crafted to the NSF cyberinfrastructure community. At the completion of this effort the collaboration produced the most comprehensive set of security resources tailored specifically for the CI community. The guide includes over 18 supporting documents that can be used to kickstart policy development, assisting with risk assessments, data classification and more. A shared goal is to establish a framework that can be adopted by all CI projects.
The latest version of this guide and supporting documents are available on a CTSC managed Google Drive directory, and are available at trustedci.org/guide.
We’re encouraging CI projects to review and support the cybersecurity planning guide by applying the framework to NSF funded projects.
CTSC is seeking comments, suggestions and other feedback to improve the development of these documents for future revisions.
More information about the cybersecurity planning guide or comments to provide feedback can be directed to ‘info@trustedci.org'.
Sunday, March 16, 2014
Developing a Cybersecurity Plan for NSF Science and Engineering Projects: First Unit Released
A number of NSF projects have a requirement to develop a cybersecurity plan as part of their cooperative agreement with NSF [1]. Other want to do so because they consider it a best practice worth following.
As apart of CTSC's ongoing engagement with the Daniel K. Inouye Solar Telescope (DKIST) we are developing a guide for creating such a cybersecurity program. Our first unit in this guide is now available for comment. We are using the TrustedCI Forum to disseminate this unit and solicit feedback from the community. We encourage all members of the community to join the conversation and provide their insights into this important work.
[1] http://www.nsf.gov/pubs/policydocs/cafatc/cafatc_lf212.pdf (see item 56 on page 6)
As apart of CTSC's ongoing engagement with the Daniel K. Inouye Solar Telescope (DKIST) we are developing a guide for creating such a cybersecurity program. Our first unit in this guide is now available for comment. We are using the TrustedCI Forum to disseminate this unit and solicit feedback from the community. We encourage all members of the community to join the conversation and provide their insights into this important work.
[1] http://www.nsf.gov/pubs/policydocs/cafatc/cafatc_lf212.pdf (see item 56 on page 6)
Subscribe to:
Posts (Atom)