VAT researchers spend their workdays devising and demonstrang ways to defeat a wide variety of security devices, systems,and programs, ranging from electronic vong machines and global posioning systems (GPS) to nuclear safeguards programsand biometrics-based access control. This involves analyzing the security features, reverse-engineering the technology orsecurity strategy, guring out how to beat the security, demonstrang aacks, and then devising eecve countermeasures.The team’s “think-like-the-bad-guy” approach rounely results in the discovery of surprising, easy-to-exploit vulnerabiliesthat are oen overlooked by security managers, designers and manufacturers, as well as other vulnerability assessors usingmore convenonal or formalisc techniques.The VAT has worked with more than 50 dierent companies, non-prots and government organizaons, including the U.S.Department of Defense, Naonal Nuclear Security Administraon, Department of Homeland Security, U.S. Department of State, Internaonal Atomic Energy Agency, Euratom and intelligence agencies.The team provides vulnerability assessments, consulng, training, and research and security soluons, including classiedexperimental projects. In addion to the Vulnerability Assessment Laboratory’s extensive classied lab space, team membershave access to two Sensive Compartmented Informaon Facilies (SCIFs).The VAT also runs a rapid, one-stop microprocessor shop that provides quick turnaround for inexpensive microprocessorprototype circuits. These can be used to record data, control experiments, transmit data wirelessly, provide beer securityfor instruments/cargo/packages, or demonstrate concepts.
– rog Johnon, hd of agonn’ Vnb amn tm
om fom hnkng k h bd g.
Argonne’s VulnerabilityAssessment Team (VAT)takes a unique approach to
idenfying and addressingthe vulnerabilies of physical
security devices, systemsand programs – the team
members rounely put
themselves in the shoes
of adversaries and in their
heads as well.