community, and the NIST Special Publication 800* series is renowned for providing technically sound, unbiased, relevant guidelines that are frequently adopted voluntarily in private-sector procurements and practices and often mandated by the Office of Management and Budget for use by the federal government.
3. The ITL R&D efforts appear to be carefully aligned with the mission-critical deliverables for which the ITL is responsible. Programs in cloud computing, health information technology, identity management, cybersecurity education, trusted identities, and voting standards are all addressing national priorities in information technology. National priorities with critical information technology aspects are being addressed by projects in biosciences and bioimaging, cyber physical systems, forensics, greenhouse gas measurement, optical medical imaging, public safety communications, quantum information, smart grid, and trusted networking (Internet Protocol Version 6 [IPv6], Domain Name System Security Extensions [DNSSEC]).
4. The Software and Systems Division (SSD) has made great strides since the previous assessment panel registered concerns in its 2009 report.2 The most prominent concern was “the lack of strong scientific and administrative leadership within the SSD and also, in some cases, at the programmatic level.”3 Today those concerns are being aggressively addressed, and the SSD has become more focused and better able to respond to its current challenges.
5. The ITL leadership has done an excellent job in filling two critical management positions: division chief for the Computer Security Division (CSD) and division chief for the Software and Systems Division. The ITL management is still faced with finding a permanent chief for the Advanced Network Technologies Division (ANTD).
6. The ITL has struggled with how crosscutting programs—those that involve work in a collaborative fashion across divisions—would be managed, since they do not fit neatly into the divisional structure. The ITL answer has been to use a matrix management structure (a structure in which an individual reports to two supervisors, one functional and one operational). In 2007,4 less so in 2009, the panel was aware of considerable angst on the part of management and staff as to how that would work. This year there were no signs of that distress. It appears that the ITL has done an excellent job of working out the kinks and implementing matrix management.
7. The Statistical Engineering Division (SED) is continuing on an even keel with strong leadership and technical expertise. However, as observed in the 2009 assessment report, the division workload is growing but the division is not. The SED is seriously understaffed, and this problem needs to be addressed with some urgency.5
3 Ibid., p. 15.
4 National Research Council, An Assessment of the National Institute of Standards and Technology Information Technology Laboratory: Fiscal Year 2007. Washington, D.C.: The National Academies Press, 2007.
5 National Research Council, An Assessment of the National Institute of Standards and Technology Information Technology Laboratory: Fiscal Year 2009. Washington, D.C.: The National Academies Press, 2009, pp. 2, 9, 14.