Secure Systems

Trusted CI, the National Science Foundation Cybersecurity of Excellence

The mission of Trusted CI is to improve the cybersecurity of NSF computational science and engineering projects, while allowing those projects to focus on their science endeavors. Sean Peisert is the Director- and PI-Designate of Trusted CI.

Data Enclaves for Scientific Computing

This project will develop secure computation architectures to ensure trustworthiness of scientific data while addressing the gaps left by existing solutions for scientific workflows to address the specific power, performance, and usability, and needs from the edge to the HPC center. It is led by Sean Peisert, Venkatesh Akella, and Jason Lowe-Power.

Privacy-Preserving Data Analysis for Scientific Discovery

This project aims to produce methods, processes, and architectures applicable to a variety of scientific computing domains that enables querying, machine learning, and analysis of data while protecting against releasing sensitive information beyond pre-defined bounds. It is supported by LBNL CSR funds and is led by Sean Peisert.

Byzantine Security — Multi-layered Intrusion Tolerant Byzantine Architecture for Bulk Power System Protective Relays

This project aims to explore applications of a Byzantine Fault Tolerant (BFT) architecture in combination with ML/AI methods to ensure that the bulk power system, including protective relays in the transmission grid, and associated substation and control center systems, can perform intrusion tolerant operations. It is funded by the DOE Grid Modernization Initiative. The LBNL portion of this effort is led by Sean Peisert.

Toward a Hardware/Software Co-Design Framework for Ensuring the Integrity of Exascale Scientific Data

This project takes a broad look at several aspects of security and scientific integrity issues in HPC systems. It is funded by DOE ASCR and is led by Sean Peisert.

An Automated, Disruption Tolerant Key Management System for the Power Grid

This project is designing and developing a key management system to meet the unique requirements of electrical power distribution systems. It is funded by DOE OE’s CEDS program and is led by Sean Peisert.

Host and Network Resilience

This project focused on mapping and analyzing the qualities of resilient networks by investigating components of redundancy, diversity, quality of service, etc… The project’s goal is to be able to quantify and compare the resilience of networks in a scientifically meaningful way. This project was led at LBNL by Sean Peisert.

A Mathematical and Data-Driven Approach to Intrusion Detection for High-Performance Computing

This project developed mathematical and statistical techniques to analyze the secure access and use of high-performance computer systems. It was funded by DOE ASCR and was originally led by David H. Bailey.

Secure Collaboration

This project developed advanced approaches to to secure scientific computing collaborations.

Reliable Multicast for Continuous Data Transmission for Nuclear Treaty Verification

This project examined the use of reliable multicast communication protocols, including for the Comprehensive test Ban Treaty.

Bro/Zeek Network Security Monitor

Vern Paxson developed the Bro/Zeek Network Security Monitor while at Lawrence Berkeley National Laboratory.