SEPTEMBER 1992 NIST Computer Systems Laboratory (CSL) NEWSLETTER NIST GOES ON TRIP '92 On November 16-20, 1992, CSL will host an Open House as part of the Transcontinental Integrated Services Digital Network (ISDN) Project 1992 (TRIP '92), cosponsored by the North American ISDN Users' Forum (NIUF) and the Corporation for Open Systems (COS). The week-long event, involving 74 user organizations in 149 locations across North America as well as several international locations, will showcase real applications of ISDN available to government and industry and will demonstrate the national ISDN network. As chair and secretariat of the NIUF, CSL plays a key role in TRIP '92 by encouraging the participation of other federal agencies who are interested in utilizing ISDN technology in their applications. Our involvement in the event underscores the federal government's commitment to ISDN and its willingness to take an active role in defining ISDN applications and user issues. Highlighted by "The Golden Splice," a major event in Washington, D.C. to initiate new ISDN services, TRIP '92 marks the end of a maze of incompatible switches and customer equipment and the beginning of a national telecommunications infrastructure based on Bellcore's National ISDN-1 (NI-1). CSL's Open House will mark the event with demonstrations of ISDN applications targeted at specific government agencies and other interested audiences. Public events in the NIST Open House schedule are as follows: Monday, November 16 Afternoon: Military and Related Government Tuesday, November 17 Afternoon: Internal Revenue Service, Department of Veterans Affairs, and other Civilian Government Wednesday, November 18 Morning and Afternoon: Cooperative Partners, Sponsors, and Guests Thursday, November 19 Morning: Washington ISDN Users Group Kickoff Meeting Afternoon: Local Government and Business Friday, November 20 Morning and Afternoon: NIST Employees and Public. For general information on TRIP '92, contact Cathy Nevolo, COS, at (703) 883-2752. While CSL's Open House is free of charge, registration is required for sessions targeting specific audiences as well as sessions open to the public. For registration information, contact Dawn Hoffman, CSL, at (301) 975-2937. We look forward to seeing you in November! FEDERAL INFORMATION PROCESSING STANDARD (FIPS) ACTIVITIES FIPS for Key Management Approved The Secretary of Commerce has approved FIPS 171, Key Management Using ANSI X9.17, for federal agency use. The standard adopts ANSI X9.17-1985, a voluntary industry standard for managing the keys used in secret-key encryption. FIPS 171 specifies a set of options for the automated distribution of keying material by the federal government using the protocols of ANSI X9.17. To be effective October 30, 1992, FIPS 171 will enhance interoperability between systems built to conform to this set of options and will reduce the cost of building and testing such systems. Approval of FIPS 172, VHSIC Hardware Description Language On June 29, 1992, the Federal Register announced the approval of FIPS 172, VHSIC Hardware Description Language (VHDL). FIPS 172 adopts American National Standard Hardware Description Language VHDL (ANSI/IEEE 1076-1987) which specifies the form and establishes the interpretation of programs expressed in VHDL. To be effective December 31, 1992, the new standard will promote the portability of VHDL programs for use on a variety of data processing systems. Proposed FIPS for Standard Page Description Language (SPDL) A FIPS for SPDL has been proposed which adopts the International Standards Organization/International Electrotechnical Commission Standard Page Description Language (SPDL), ISO/IEC DIS 10180. The standard defines a device-independent format for representing documents in their final, formatted form to printers or other presentation processes. Combining the image description technology of modern page description languages with a document structure which enables efficient processing and page-image management, the SPDL FIPS will promote the interchange of documents between systems of different manufacturers. Proposed Withdrawal of Family of Input/Output Interface Standards The withdrawal of eight FIPS which comprise the family of input/output interface standards has been proposed. Changes in the marketplace and in computer technology prompt this action. Standard computer system interfaces are widely used by computer and peripheral system manufacturers, so the federal government no longer needs to require the use of standards for interconnecting peripheral systems and computers. Further, agencies have requirements for advanced technology to support processing speeds that are well beyond the data transfer rates supported by these FIPS. FIPS 125, MUMPS, Being Revised The Federal Register of May 26, 1992, announced the proposed revision of FIPS 125, MUMPS (Massachusetts General Hospital Utility Multi-Programming System). The revision adopts American National Standard for MUMPS (ANSI/MDC X11.1-1990) which specifies the form and establishes the interpretation of programs written in the MUMPS programming language. To be published as FIPS 125- 1, the revised standard will promote the portability of MUMPS programs for use on a variety of data processing systems. We welcome comments from industry and the public on this proposed revision. You may obtain a copy of the specifications (ANSI/MDC X11.1-1990) from the American National Standards Institute, 11 West 42nd Street, 13th Floor, New York, NY 10036, (212) 042- 4900. Written comments on the proposed revision should be addressed to the Director, Computer Systems Laboratory, ATTN: Revision of FIPS 125, Technology Bldg., Room B154, NIST, Gaithersburg, MD 20899. The comment deadline is August 24, 1992. UPDATE ON NEW PUBLICATIONS CSL publishes the results of studies, investigations, and research. The reports listed below may be ordered from the following sources as indicated for each: *Superintendent of Documents U.S. Government Printing Office (GPO) Washington, DC 20402 Telephone (202) 783-3238 *National Technical Information Service (NTIS) 5285 Port Royal Road Springfield, VA 22161 Telephone (703) 487-4650 Computer Security Considerations in Federal Procurements: A Guide for Procurement Initiators, Contracting Officers, and Computer Security Officials By Barbara Guttman NIST Spec. Pub. 800-4 March 1992 SN003-003-03147-0 $6.00 Order from GPO This document assists federal agencies in selecting and acquiring cost-effective computer security by explaining how to include computer security requirements in federal information processing procurements. Overview of Integrated Services Digital Network Conformance Testing Leslie A. Collica, Kathleen M. Roberts, and David Su, Editors NIST Spec. Pub. 823-1 March 1992 SN003-003-03142-9 $1.75 Order from GPO This document introduces a series of documents which focus on the conformance test specifications for the various ISDN protocols. Also provided are an overview of the current status of ISDN Conformance Testing and the issues involved. Integrated Services Digital Network Conformance Testing, Layer 1 -- Physical Layer, Part 2 -- Basic Rate U Interface, User Side Daniel P. Stokesberry and Kathleen M. Roberts, Editors NIST Spec. Pub. 823-2 March 1992 SN003-003-03143-7 $5.00 Order from GPO This document describes a set of conformance test specifications for all Network Terminations (NT) connected to the Basic Rate ISDN user-network interface. Tests were developed and approved by the North American ISDN Users' Forum (NIUF). Development Plan STEP Conformance Testing Service By Sharon J. Kemmerer NISTIR 4641 August 1991 PB92-191238 $17.00 paper Order from NTIS $ 9.00 microfiche This document describes a plan to develop a conformance testing service to support current product data standardization efforts toward STEP (Standard for the Exchange of Product Model Data). Users' Manual for the NIST TTCN Translator Version 3.0 By David H. Su NISTIR 4655 August 1991 PB92-172493 $17.00 paper Order from NTIS $ 9.00 microfiche A standard test script language called Tree and Tabular Combined Notation (TTCN) is increasingly used to specify abstract conformance test suites (ATS). This manual describes a NIST- developed TTCN to C language translator to help the industry in speeding up implementation of ATSs into executable test suites (ETS). Foundations of a Security Policy for Use of the National Research and Educational Network By Arthur E. Oldehoeft NISTIR 4734 February 1992 PB92-172030 $19.00 paper Order from NTIS $ 9.00 microfiche This report explores the foundations of a national network security policy and proposes a draft policy for the National Research and Educational Network (NREN). Operating Principles of MULTIKRON Performance Instrumentation for MIMD Computers By Alan Mink and Robert J. Carpenter NISTIR 4737 March 1992 PB92-181072 $17.00 paper Order from NTIS $ 9.00 microfiche This report describes the single-chip MULTIKRON design which replaces earlier performance instrumentation chips. Annual Report 1991 Computer Systems Laboratory By Elizabeth B. Lennon, Shirley M. Radack, and Ramona Roach NISTIR 4759 December 1991 PB92-172709 $19.00 paper Order from NTIS $ 9.00 microfiche This publication describes the computer and related telecommunications activities of NIST's Computer Systems Laboratory for 1991. A Review of U.S. and European Security Evaluation Criteria By Charles R. Dinkel NISTIR 4774 March 1992 PB92-172022 $17.00 paper Order from NTIS $ 9.00 microfiche This report reviews five U.S. and European documents which describe criteria for specifying and evaluating the trust of computer products and systems. Training Feed Forward Neural Networks Using Conjugate Gradients By Patrick J. Grother and James L. Blue NISTIR 4776 February 1992 PB92-171990 $17.00 paper Order from NTIS $ 9.00 microfiche This report describes an optical character recognition study in which neural networks are tested using conjugate gradient methods. Guide for Specifying and Building CITIS with Data Management Standards By Leonard J. Gallagher, Joan M. Sullivan, and Joseph C. Collica NISTIR 4780 February 1992 PB92-172725 $17.00 paper Order from NTIS $ 9.00 microfiche This report complements the military specification for a Contractor Integrated Technical Information Service (CITIS) when that service is to be provided in an environment that supports other federal standards for data management systems. A Formal Description of the SDNS Security Protocol at Layer 4 (SP4) By Wayne A. Jansen NISTIR 4792 March 1992 PB92-172816 $26.00 paper Order from NTIS $12.50 microfiche This report contains a formal description of the Secure Data Network System (SDNS) security protocol at layer four (SP4) of the Open Systems Interconnection (OSI) reference model. An Overview of the Document Style Semantics and Specification Language and the MIL-M-28001A Output Specification By Ronald B. Wilson NISTIR 4800 March 1992 PB92-181122 $17.00 paper Order from NTIS $ 9.00 microfiche This report provides an overview of the functional similarities between the Document Style Semantics and Specification Language (DSSSL) and the Output Specification (OS) of MIL-M-28001A. FAUST: A Vision-Based Neural Network Multi-Map Pattern Recognition Architecture By C.L. Wilson NISTIR 4805 March 1992 PB92-181064 $17.00 paper Order from NTIS $ 9.00 microfiche This publication presents a new architecture for multi-map, self- organizing pattern recognition which allows concurrent massively parallel learning of features using different maps for each feature type. Procedures Manual for Testing CGM Generator Products That Claim Conformance to FIPS 128 and MIL-D-28003 Daniel R. Benigni, Editor NISTIR 4806 March 1992 PB92-181155 $26.00 paper Order from NTIS $12.50 microfiche This report provides procedures for specifying the methodology and details for testing conformance of CGM generator products. PBX Administrator's Security Standards, Developed by the Federal Deposit Insurance Corporation (FDIC) Edward Roback, NIST Coordinator NISTIR 4816 April 1992 PB92-187152 $17.00 paper Order from NTIS $ 9.00 microfiche This document presents the FDIC's generic security standards for phone system administrators and users throughout the agency. Topics covered include FDIC telephone policies, past and present methods of PBX fraud, and PBX administration. Validated Products List 1992 No. 3 Judy B. Kailey, Editor NISTIR 4871 (supersedes NISTIR 4820) July 1992 PB92-937302 $26.00 paper Order from NTIS $68.00 subscription This document, published quarterly, identifies the COBOL, Fortran, Ada, and Pascal programming language processors with current validation certificates and the SQL language processors with registered test reports. Also included are GOSIP Conformance Testing Registers and NIST POSIX Testing Laboratories and Validated Products. Karhunen Loeve Feature Extraction for Neural Handwritten Character Recognition By Patrick J. Grother NISTIR 4824 April 1992 PB92-187111 $17.00 paper Order from NTIS $ 9.00 microfiche This report describes experiments which investigate the effectiveness of Karhunen Loeve transforms as classifiable features for handwritten digit recognition. Next Generation Documents By Ronald B. Wilson and Roger F. Sies NISTIR 4830 April 1992 PB92-187103 $17.00 paper Order from NTIS $ 9.00 microfiche This document presents the findings of a Computer-aided Acquisition and Logistic Support (CALS)-sponsored workshop on Next Generation Documents (NGD) held at NIST on March 25, 1991. Managing Data--From Vision to Reality, Proceedings of the Fourth Annual DAMA Symposium Judith J. Newton, Mary Lou Melley, and Holly Higgins, Editors NISTIR 4843 May 1992 PB92-191212 $26.00 paper Order from NTIS $12.50 microfiche This document presents the proceedings of the fourth annual Data Administration Management Association (DAMA) symposium held at NIST in May 1991. Raster Graphics Validation By F.E. Spielman NISTIR 4848 May 1992 PB92-196070 $19.00 paper Order from NTIS $ 9.00 microfiche This publication describes the guidelines for establishing and managing raster graphics validations which include conformance testing and the issuance of a certificate of validation. UPCOMING TECHNICAL CONFERENCES Open System Environment (OSE) Implementors Workshop (OIW) This workshop is part of a continuing series to develop implementation specifications from international standard design specifications for computer network protocols. Sponsors: NIST and the IEEE Computer Society Dates: September 21-25, 1992 December 14-18, 1992 Place: NIST, Gaithersburg, MD Contact: Brenda Gray (301) 975-3664 FTS 879-3664 Lecture Series on High Integrity Systems This lecture series addresses problems and solutions for developing and operating high integrity systems. The series targets managers and technical staff who acquire or develop computer software systems. Date: October 9, 1992 Time: 10:00 a.m. Place: NIST Red Auditorium Speaker: Jerome Mersky, Logicon, Inc. Topic: "Bringing Total Quality Management into an Engineering Environment" Date: December 1, 1992 Time: 2:00 p.m. Place: NIST Green Auditorium Speaker: Bill Curtis, Software Engineering Institute Topic: "The Superior Software Organization" Contact: Dolores Wallace (301) 975-3340 FTS 879-3340 15th National Computer Security Conference The theme of this year's conference is "Information Systems Security: Building Blocks to the Future." The major emphasis will be the use of resources to provide security to networked and distributed systems. Sponsors: NIST and NSA's National Computer Security Center Dates: October 13-16, 1992 Place: Baltimore Convention Center, Inner Harbour, Baltimore, MD Contacts: Irene Gilbert (301) 975-3360 Dennis Gilbert (301) 975-3872 North American ISDN Users' Forum (NIUF) The NIUF addresses many concerns over a broad range of Integrated Services Digital Network (ISDN) issues and seeks to reach consensus on ISDN Implementation Agreements. Participants include ISDN users, implementors, and service providers. Dates: October 27-30, 1992 November 16-20, 1992, Transcontinental ISDN Project 1992 Place: NIST, Gaithersburg, MD Contact: Dawn Hoffman (301) 975-2937 FTS 879-2937 7th International Conference on the Application of Standards for Open Systems This conference will provide an international forum for government and private sector organizations to discuss policies and strategies to foster the introduction of open systems. Sponsors: Commission of the European Communities, Belgium; Dept. of Communications, Canada; Ministry of Industry, France; Ministry of Economics, Germany; Ministry of International Trade and Industry, Japan; Dept. of Trade and Industry, U.K., and the Dept. of Commerce, U.S.A. Date: November 3-5, 1992 Place: Paris, France Contact: Mme Catherine Peulier Tel: (+33) 1 42-91-57-21 FAX: (+33) 1 42-91-56-56 Applications Portability Profile (APP)/Open Systems Environment (OSE) Workshop This workshop is designed as a user's forum to discuss the latest developments in the APP/OSE. Dates: November 10, 1992 Place: NIST, Gaithersburg, MD Contact: Marty Gray (301) 975-3276 FTS 879-3276