Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach
A cybersecurity approach for a large-scale user facility is presented—utilizing the National High Magnetic Field Laboratory (NHMFL) at Florida State University (FSU) as an example. The NHMFL provides access to the highest magnetic fields for scientific research teams from a range of disciplines. The...
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-05-01
|
| Series: | Journal of Cybersecurity and Privacy |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2624-800X/3/2/11 |
| _version_ | 1797594087770030080 |
|---|---|
| author | David S. Butcher Christian J. Brigham James Berhalter Abigail L. Centers William M. Hunkapiller Timothy P. Murphy Eric C. Palm Julia H. Smith |
| author_facet | David S. Butcher Christian J. Brigham James Berhalter Abigail L. Centers William M. Hunkapiller Timothy P. Murphy Eric C. Palm Julia H. Smith |
| author_sort | David S. Butcher |
| collection | DOAJ |
| description | A cybersecurity approach for a large-scale user facility is presented—utilizing the National High Magnetic Field Laboratory (NHMFL) at Florida State University (FSU) as an example. The NHMFL provides access to the highest magnetic fields for scientific research teams from a range of disciplines. The unique challenges of cybersecurity at a widely accessible user facility are showcased, and relevant cybersecurity frameworks for the complex needs of a user facility with industrial-style equipment and hazards are discussed, along with the approach for risk identification and management, which determine cybersecurity requirements and priorities. Essential differences between information technology and research technology are identified, along with unique requirements and constraints. The need to plan for the introduction of new technology and manage legacy technologies with long usage lifecycles is identified in the context of implementing cybersecurity controls rooted in pragmatic decisions to avoid hindering research activities while enabling secure practices, which includes FAIR (findable, accessible, interoperable, and reusable) and open data management principles. The NHMFL’s approach to FAIR data management is presented. Critical success factors include obtaining resources to implement and maintain necessary security protocols, interdisciplinary and diverse skill sets, phased implementation, and shared allocation of NHMFL and FSU responsibilities. |
| first_indexed | 2024-03-11T02:18:46Z |
| format | Article |
| id | doaj.art-c3f0bebcb77143979bb3a2b0ff47fa48 |
| institution | Directory Open Access Journal |
| issn | 2624-800X |
| language | English |
| last_indexed | 2024-03-11T02:18:46Z |
| publishDate | 2023-05-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Journal of Cybersecurity and Privacy |
| spelling | doaj.art-c3f0bebcb77143979bb3a2b0ff47fa482023-11-18T11:02:01ZengMDPI AGJournal of Cybersecurity and Privacy2624-800X2023-05-013219120810.3390/jcp3020011Cybersecurity in a Large-Scale Research Facility—One Institution’s ApproachDavid S. Butcher0Christian J. Brigham1James Berhalter2Abigail L. Centers3William M. Hunkapiller4Timothy P. Murphy5Eric C. Palm6Julia H. Smith7National High Magnetic Field Laboratory, 1800 E. Paul Dirac Drive, Tallahassee, FL 32310, USAInformation Security and Privacy Office, Florida State University, 1721 W. Paul Dirac Dr., Tallahassee, FL 32310, USANational High Magnetic Field Laboratory, 1800 E. Paul Dirac Drive, Tallahassee, FL 32310, USANational High Magnetic Field Laboratory, 1800 E. Paul Dirac Drive, Tallahassee, FL 32310, USAInformation Security and Privacy Office, Florida State University, 1721 W. Paul Dirac Dr., Tallahassee, FL 32310, USANational High Magnetic Field Laboratory, 1800 E. Paul Dirac Drive, Tallahassee, FL 32310, USANational High Magnetic Field Laboratory, 1800 E. Paul Dirac Drive, Tallahassee, FL 32310, USANational High Magnetic Field Laboratory, 1800 E. Paul Dirac Drive, Tallahassee, FL 32310, USAA cybersecurity approach for a large-scale user facility is presented—utilizing the National High Magnetic Field Laboratory (NHMFL) at Florida State University (FSU) as an example. The NHMFL provides access to the highest magnetic fields for scientific research teams from a range of disciplines. The unique challenges of cybersecurity at a widely accessible user facility are showcased, and relevant cybersecurity frameworks for the complex needs of a user facility with industrial-style equipment and hazards are discussed, along with the approach for risk identification and management, which determine cybersecurity requirements and priorities. Essential differences between information technology and research technology are identified, along with unique requirements and constraints. The need to plan for the introduction of new technology and manage legacy technologies with long usage lifecycles is identified in the context of implementing cybersecurity controls rooted in pragmatic decisions to avoid hindering research activities while enabling secure practices, which includes FAIR (findable, accessible, interoperable, and reusable) and open data management principles. The NHMFL’s approach to FAIR data management is presented. Critical success factors include obtaining resources to implement and maintain necessary security protocols, interdisciplinary and diverse skill sets, phased implementation, and shared allocation of NHMFL and FSU responsibilities.https://www.mdpi.com/2624-800X/3/2/11cybersecurityuser facilityFAIR dataopen accessrelease of stored energycyberattack |
| spellingShingle | David S. Butcher Christian J. Brigham James Berhalter Abigail L. Centers William M. Hunkapiller Timothy P. Murphy Eric C. Palm Julia H. Smith Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach Journal of Cybersecurity and Privacy cybersecurity user facility FAIR data open access release of stored energy cyberattack |
| title | Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach |
| title_full | Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach |
| title_fullStr | Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach |
| title_full_unstemmed | Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach |
| title_short | Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach |
| title_sort | cybersecurity in a large scale research facility one institution s approach |
| topic | cybersecurity user facility FAIR data open access release of stored energy cyberattack |
| url | https://www.mdpi.com/2624-800X/3/2/11 |
| work_keys_str_mv | AT davidsbutcher cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach AT christianjbrigham cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach AT jamesberhalter cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach AT abigaillcenters cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach AT williammhunkapiller cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach AT timothypmurphy cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach AT ericcpalm cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach AT juliahsmith cybersecurityinalargescaleresearchfacilityoneinstitutionsapproach |