United States Department of Energy Office of Science

ASCR Cybersecurity for Scientific Computing Integrity Workshop

Sponsored by the U.S. Department of Energy,
Office of Advanced Scientific Computing research
Hilton Gaithersburg, 620 Perry Parkway
Gaithersburg, MD
June 2-3, 2015

ASCR Cybersecurity Research Pathways and Ideas Report (862 KB)

ASCR Cybersecurity for Scientific Computing Integrity Report (PDF, 2.52 MB)

ASCR Program Manager: Robinson Pino

The U.S. Department of Energy, Office of Science, Office of Advanced Scientific Computing Research will host the ASCR Cybersecurity for Scientific Computing Integrity Workshop AT THE Hilton Gaithersburg in Gaithersburg, Maryland. The meeting will begin on Tuesday, June 2, 2015, at 9:00 A.M. and will end on Wednesday, June 3, 2015, at 5:00 P.M.


On behalf of Dr. Robinson E. Pino from the Advanced Scientific Computing Research (ASCR) Division of the Office of Science, U.S. Department of Energy, we invite you to submit a one to two page white paper for contribution to our upcoming ASCR Cybersecurity for Scientific Computing Integrity Workshop (June 2-3, 2015) at the Hilton Gaithersburg, 620 Perry Parkway, Gaithersburg, Maryland, 20877, USA.

The goal of this workshop will be to define a long term 10 to 20 year fundamental basic research and development strategy and roadmap facing future high performance computing (HPC) and network scientific user facilities following on our recent highly successful ASCR Cybersecurity workshop that was held during January 7–9, 2015, in Rockville, MD, to examine computer security research gaps and approaches for assuring scientific computing integrity specific to the mission of the DOE Office of Science. Basic research challenges included computation and simulations that take place on ASCR computing facilities and networks, as well as network-connected scientific instruments, such as those run by other DOE Office of Science programs. Workshop participants included researchers and operational staff from DOE National Laboratories, as well as academic researchers and industry experts. Participants were selected based on the prior submission of abstracts relating to the topic.

The Department of Energy (DOE) has the responsibility to address the energy, environmental and nuclear security challenges that face our nation. Much of DOE's enterprise involves distributed, collaborative teams; a significant fraction involves "open science," which depends on multi-institutional, often international collaborations that must access or share significant amounts of information between institutions and over networks around the world. The mission of the Office of Science (SC) is the delivery of scientific discoveries and major scientific tools to transform our understanding of nature and to advance the energy, economic, and national security of the United States. The ability of DOE to execute these critical responsibilities depends on the integrity and availability of scientific facilities and computer systems, and of the scientific, engineering, and operational software and data that support its mission.

As we consider the ASCR program's mission within SC and our long history in the research and development of first of its kind HPC systems and facilities, it becomes apparent that we have the unique opportunity to research and explore designed- and built-in security mechanisms that will ensure trustworthy operation, computing integrity, usage, and results from extreme scale simulations and experiments that can be applied to a range of applications important to DOE such as power grid, nuclear, and/or climate modeling and simulation at extreme scales. One important aspect of the workshop will be to leverage ASCR's long-standing research and development relationships within our DOE National Laboratories, scientific community, and computer and software vendors to influence a long term security mindset during product research, development, and prototype delivery. Research white papers are requested in three focused areas: (1) Trustworthy Supercomputing, (2) Extreme Scale Data, Knowledge, and Analytics, and (3) Trust within Open, High-End Networking and Data Centers, for Understanding and Improving Cybersecurity.

White paper submissions are intended to educate and inform ASCR based on your experience, insights, and vision for how cybersecurity will transform Office of Science research best practices. Reviewed and accepted white papers will be invited to contribute to our upcoming workshop. Submission must clearly identify the workshop attendee and include the following information: White paper Title, Name, Email, Organization, Focused Area (1–3, above) and Narrative (in Word or PDF format only). The submission deadline is May 4, 2015, via the workshop website. Questions can be addressed to Dr. Sean Peisert, Dr. Thomas Potok, Dr. Todd Jones, or Dr. Robinson Pino. Dr. Sean Peisert will serve as the General Workshop Chair. We look forward to your submission.

Robinson Pino

Workshop Outcome

The result of this workshop will be three white papers, one for each technical topic area, outlining potential research priorities, agenda, and strategy roadmap to achieve measurable Scientific Computing Integrity for Understanding and Improving Cybersecurity ASCR mission-relevant, high-performance computing, data center, and networking applications in 10 to 20 years.

An important goal will be for the resulting R&D strategies to align with our recently announced DOE Review of Exascale Plan on the following specific topics:

  1. Application Integrity: This research topic will seek to investigate and develop solutions for the protection of computation integrity of codes, services, and applications executed on the potential ECI hierarchical and heterogeneous high performance (HPC) computing platform. The challenge to address in this research topic is the assurance that during computation, the execution of concurrent codes, services, or applications cannot interfere or affect the computed result in an unquantifiable manner. Today, formal (software or hardware) verification techniques are applied to most system components before they are integrated and deployed in production systems. Commonly, the verification of these systems is done by providing a formal proof on an abstract mathematical model of the system, the correspondence between the mathematical model and the nature of the system being otherwise known by construction. Because of the potential of subtle interactions between components, it is increasingly difficult to exercise a realistic set of possibilities by simulation. Therefore, formal verification is commonly applied to limited sub-systems leaving room for potential vulnerabilities once these are integrated within the production environment. In some respects, research and development efforts in this particular topic may investigate the mechanisms to deliver effective solutions for performing Real-Time Result Verification within the constraints provided by the ECI system architecture such as processor memory, input/output bandwidth, storage, hierarchies, and communication network to name a few.
  2. Cybersecurity: The main research challenge with cybersecurity is the ability to effectively detect and characterize anomalies that may register as faults or may not even disrupt the normal system operation. Another challenge is how to accurately determine if a perceived anomaly is naturally occurring within the system or maliciously caused. Success in cybersecurity today lies in the detection of signatures that are accurate but only detect what is known, and the application of anomaly detection algorithms as a post-processing analysis step with high levels of false-positive alerts. Both approaches assume full access to the data as most data are archived and later retrieved for analysis, if time and human resources permit. ECI presents new challenges to cybersecurity that combine (1) large amounts of data and information some of which cannot be saved or stored for later analysis, (2) limited computing and memory capacity for real-time monitoring during operation, (3) higher rates of faults and resilience issues, and (4) a more complex heterogeneous system architecture than currently exists. The goal for cybersecurity research and development within ECI includes the understanding of the attack surface area for the computing platform, network, data repository systems, and the elements that regularly access the system over various networks. In addition, research and development performed in the areas of resilience and computational integrity will lead to effective monitoring and reporting technology solutions that should seek to minimize any security overhead allowing the system to fulfill its scientific mission unimpeded.

Announcement: https://science.energy.gov/ascr/ascac/meetings/november-2014/

Preliminary Plan: https://science.energy.gov/~/media/ascr/ascac/pdf/meetings/20141121/Exascale_Preliminary_Plan_V11_sb03c.pdf (314 KB)

Appendix: https://science.energy.gov/~/media/ascr/ascac/pdf/meetings/20141121/ExaRD_Appendix_v5-141113.pdf (387 KB)


Workshop Organizing Committee

Dr. Sean Peisert (Chair)
Topic Lead: Trustworthy Supercomputing
Staff Scientist, Lawrence Berkeley National Laboratory
sppeisert@lbl.gov; 530.746.8717; http://dst.lbl.gov/~peisert

Dr. Thomas Potok
Topic Lead: Knowledge and Analytics
Group Leader, Oak Ridge National Laboratory
potokte@ornl.gov; 865.574.0834; http://cda.ornl.gov/potok/index.shtml

Dr. Todd Jones
Topic Lead: Networks and Data Centers
Staff Scientist, Sandia National Laboratories
stjones@sandia.gov; 505.284.3501

Dr. Robinson Pino
Program Manager, DOE Office of Science, ASCR
robinson.pino@science.doe.gov; 301.903.1263; http://science.energy.gov/ascr/about/dr-robinson-e-pino/

Adobe Reader is necessary to view PDF files. If you don't have the latest version of Reader, you can download a free copy at the Adobe download site.


Important Notice

Workshop participation priority is by the acceptance of a submitted and accepted white paper (i.e., invitation to submit a white paper is not an invitation to contribute and to attend the workshop). Due to space limitations and high demand for participation and attendance, submitted and accepted white papers will be invited to contribute with priority over those who did not submit a white paper or whose white paper was not formally accepted.

White Paper Submission is now closed.

Additional Information

Relevant and additional information can be found from our most recent ASCR workshop on cybersecurity at the following URL: http://www.orau.gov/cybersecurity2015/

Our latest workshop report can be found at the following URL: http://www.orau.gov/cybersecurity2015/ASCR_Cybersecurity_For_Scientific_Computing_Integrity_Report_2015.pdf (2.52 MB)