Page:United States Statutes at Large Volume 116 Part 3.djvu/788

 116 STAT. 2380 PUBLIC LAW 107-305—NOV. 27, 2002 (A) $6,000,000 for fiscal year 2003; (B) $6,200,000 for fiscal year 2004; (C) $6,400,000 for fiscal year 2005; (D) $6,600,000 for fiscal year 2006; and (E) $6,800,000 for fiscal year 2007. 15 USC 7408. SEC. 12. NATIONAL ACADEMY OF SCIENCES STUDY ON COMPUTER AND NETWORK SECURITY IN CRITICAL INFRASTRUC- TURES. Deadline. (a) STUDY. —Not later than 3 months after the date of the Contracts. enactment of this Act, the Director of the National Institute of Standards and Technology shall enter into an arrangement with the National Research Council of the National Academy of Sciences to conduct a study of the vulnerabilities of the Nation's network infrastructure and make recommendations for appropriate improvements. The National Research Council shall— (1) review existing studies and associated data on the architectural, hardware, and software vulnerabilities and interdependencies in United States critical infrastructure networks; (2) identify and assess gaps in technical capability for robust critical infrastructure network security and make recommendations for research priorities and resource requirements; and (3) review any and all other essential elements of computer and network security, including security of industrial process controls, to be determined in the conduct of the study. Deadline. (b) REPORT. —The Director of the National Institute of Standards and Technology shall transmit a report containing the results of the study and recommendations required by subsection (a) to the Senate Committee on Commerce, Science, and Transportation and the House of Representatives Committee on Science not later than 21 months after the date of enactment of this Act. (c) SECURITY. —The Director of the National Institute of Standards and Technology shall ensure that no information that is classified is included in any publicly released version of the report required by this section. (d) AUTHORIZATION OF APPROPRIATIONS. —There are authorized to be appropriated to the Secretary of Commerce for the National Institute of Standards and Technology for the purposes of carrying out this section, $700,000. 15 USC 7409. SEC. 13. COORDINATION OF FEDERAL CYBER SECURITY RESEARCH AND DEVELOPMENT The Director of the National Science Foundation and the Director of the National Institute of Standards and Technology shall coordinate the research programs authorized by this Act or pursuant to amendments made by this Act. The Director of the Office of Science and Technology Policy shall work with the Director of the National Science Foundation and the Director of the National Institute of Standards and Technology to ensure that programs authorized by this Act or pursuant to amendments made by this Act are taken into account in any government-wide cyber security research effort. SEC. 14. OFFICE OF SPACE COMMERCIALIZATION. Section 8(a) of the Technology Administration Act of 1998 (15 U.S.C. 1511e(a)) is amended by inserting "the Technology Administration of after "within".

�