[Federal Register Volume 77, Number 203 (Friday, October 19, 2012)]
[Pages 64314-64315]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-25826]



National Institute of Standards and Technology

[Docket No. 120912441-2441-01]

National Cybersecurity Center of Excellence (NCCoE)

AGENCY: National Institute of Standards and Technology, Department of 

ACTION: Notice.


SUMMARY: The National Institute of Standards and Technology (NIST) 
Information Technology Laboratory (ITL) invites interested U.S. 
companies to submit letters of interest in collaborating with NIST/ITL 
on an ongoing basis in the National Cybersecurity Center of Excellence 
(NCCoE) through partnerships called ``National Cybersecurity Excellence 
Partnerships'' (NCEPs).

DATES: Letters of interest will be accepted on an ongoing basis. 
However, if NIST determines that letters of interest will no longer be 
accepted, NIST will publish the last date when letters will be accepted 
in a Federal Register notice.

ADDRESSES: Interested U.S. companies should send letters to Karen 
Waltermire via email at [email protected]; or via hardcopy to NCCoE, 
National Institute of Standards and Technology; 100

[[Page 64315]]

Bureau Drive; MS 2000; Gaithersburg, MD 20899.

FOR FURTHER INFORMATION CONTACT: Karen Waltermire via email at 
[email protected]; or telephone 301-975-4500. For additional information 
on NCCoE governance, business processes, and operational structure, 
visit the NCCoE Web site, at http://csrc.nist.gov/nccoe.

SUPPLEMENTARY INFORMATION: The NCCoE, hosted by NIST, is a public-
private collaboration for accelerating the widespread adoption of 
integrated cybersecurity tools and technologies. The NCCoE's mission is 
to bring together experts from industry, government, and academia under 
one roof to develop practical, interoperable cybersecurity approaches 
that address the real world needs of complex Information Technology 
(IT) systems. By accelerating dissemination and use of these integrated 
tools and technologies for protecting IT assets, the NCCoE strives to 
enhance trust in U.S. IT communications, data, and storage systems, 
lower risk for companies and individuals in the use of IT systems, and 
encourage development of innovative, job-creating cybersecurity 
products and services.
    As part of the NCCoE initiative, NIST/ITL intends to enter into 
partnerships, called ``National Cybersecurity Excellence Partnerships'' 
(NCEPs), with U.S. companies to collaborate on an ongoing basis in the 
NCCoE. Collaboration agreements will be based upon the statutory 
technology transfer authorities available to NIST, including the 
Federal Technology Transfer Act, 15 U.S.C. 3710a. NIST/ITL intends that 
NCEP collaborators will co-locate with ITL at the NCCoE at 9600 
Gudelsky Drive Rockville, MD 20850 and will contribute to the 
development of the intellectual and physical infrastructure needed to 
support collaborative efforts among NIST and many sources of security 
capabilities, including users and vendors of products and services, on 
holistic approaches to resolve cybersecurity challenges.
    Approaches to resolving cybersecurity challenges will be addressed 
at the NCCoE through individual ``use cases,'' a standard tool used by 
software engineers to define specific function requirements of a system 
from the point of view of a user trying to accomplish a specific task. 
The ``use cases'' developed by NCCoE will incorporate the IT security 
needs of specific communities or sectors. Examples of candidate sectors 
include health care, finance and utilities. The cybersecurity 
challenges that will be the subject of the ``use cases'' will be 
selected by NIST through workshops with input from broad groups of 
stakeholders, as well as public feedback provided via collaborative 
internet participation. Collaborative participation may be accessed via 
links from http://nccoe.nist.gov/. Opportunities to participate in 
individual ``use cases'' will be announced in the Federal Register and 
will be open to the public on a first-come, first-served basis. NIST/
ITL envisions that the NCCoE will be capable of supporting multiple 
simultaneous ``use cases'' in various stages. NCEP collaborators will 
neither be obligated to participate in a given ``use case,'' nor will 
they be guaranteed participation in a given ``use case,'' but they will 
be given priority for participation in each ``use case'' only for their 
resources that are already onsite at the NCCoE and for components that 
are interoperable with those onsite resources, within the process 
defined for that ``use case'' as announced in the Federal Register.
    NCEP collaborators selected to participate in a given ``use case'' 
may contribute, but will not be required to contribute, resources in 
addition to those contributed through their NCEP agreement. However, 
priority participation in a ``use case'' will be granted only for 
resources relevant to the ``use case'' that are already onsite in the 
NCCoE and components that are interoperable with those onsite 
resources. Through their collaboration agreements with NIST/ITL, NCEP 
collaborators will agree that resources contributed to the NCCoE 
initiative will be available to all ``use case'' participants, as 
determined by NIST. Through individual ``use case'' consortium 
agreements, all ``use case'' participants, including NIST, NCEP 
collaborators and others, will agree that successful solutions to a 
NCCoE ``use case'' will be thoroughly documented and shared publicly, 
in order to encourage the rapid adoption of comprehensive cybersecurity 
templates and approaches that support automated and trustworthy e-
government and e-commerce.
    Each NCEP will be between NIST and a U.S. company. It is 
anticipated that NCEP agreements will be established for a three-year 
period, with renewal subject to the requirements and interests of the 
collaborator and NIST/ITL.
    Interested U.S. companies are invited to submit a letter of 
interest that contains sufficient information for NIST/ITL to 
objectively determine whether the proposed collaboration is feasible, 
relevant to the NCCoE mission to foster the rapid adoption and broad 
deployment of integrated cybersecurity tools and techniques that 
enhance consumer confidence in U.S. information systems, and has 
potential to advance the state of cybersecurity practice. Companies 
whose proposed collaborations are determined by NIST/ITL to meet all 
three criteria will be invited to enter into negotiations for a 
cooperative research and development agreement (CRADA) with NIST/ITL. 
Companies whose letters of interest contain insufficient information 
for NIST/ITL to make a determination as to whether the proposed 
collaboration meets all three criteria, and companies whose proposed 
collaboration is determined by NIST/ITL not to meet all three criteria, 
will be notified in writing by NIST/ITL.

    Dated: October 12, 2012.
Willie E. May,
Associate Director for Laboratory Programs.
[FR Doc. 2012-25826 Filed 10-18-12; 8:45 am]