INL Software

@DisCo: Binary-Level Vulnerability Detection

Annotated Translated Disassembled Code (@DisCo)

AHA: Infrastructure Decision Support for Disaster Management

All Hazards Analysis Core (AHA)

ATIS: Malware Analysis and STIX Data Transformation

Any Threat Intelligence to STIX (ATIS)

ATTAR: Remote Testing Framework for Security Analysis and Protection

A remote testing and validation tool using SSH for automated software testing, particularly effective in cybersecurity applications

Automated NVD Vulnerability Search to STIX Bundle Translator

Convert National Vulnerability Database searches into structured STIX data for enhanced security intelligence and analysis.

CATCH: Comprehensive Telemetry Analysis and Threat Intelligence Framework for Advanced Security

Collect, analyze, and report on anomalous telemetry data with the CATCH CLI and CGUI, integrating Neo4j and STIX 2.1 for standardized, actionable intelligence.

Cerberus

Safety Instrumented System (SIS) for Extreme Fast Charging (XFC) Infrastructure - Analysis Software

CIEMAT: Cyber-Informed Engineering Microgrid Analysis Tool

CIEMAT helps microgrid designers and operators build stronger, more resilient systems by integrating engineering and cybersecurity measures to minimize the impact of cyber attacks.

Cirrus: Cloud Feasibility Assessment Tool for Grid Professionals

Cirrus provides grid and utility professionals with strategic guidance for cloud integration, enhancing operational resilience and efficiency through tailored feasibility assessments and resource planning.

CSET: Cyber Security Evaluation Tool

A desktop or web-based tool guiding asset owners through evaluating control system and IT security practices against industry standards.

CyOTE: Detecting Cyber Attacks in Operational Technology Environments

CyOTE Research Tool Library (CRTL)

CyStAR: Cyber-Physical Threat Detection and Asset Monitoring

Cyber State Awareness for Resilience (CyStAR)

DaRT: Malicious Code Disassembly for Risk-Free Transport

DaRT (Disassembly and Reassembly for Transport)

DISCOverflow: Project Code Structure Visualization Tool

Automatically disassembles project code data into a graph database for efficient and secure code analysis.

EFAC: Infrastructure Analysis for Enhanced Disaster Resilience

Essential Function Analysis Capability (EFAC)

EMV: Exploit, Malware, and Vulnerability Scoring GUI

A customizable application that allows users to create and apply their own scoring schema to cyber issues, interfacing with STIX objects and supporting export functions.

ESE: Comprehensive STIX1-to-STIX2 Conversion Tool

Enhanced STIX Elevator (ESE)

HPCACT-2022: Video Annotation for Anomaly Detection in Data Centers

Anomalous and normal High Performance Computing datacenter activities

ICSNPP: Industrial Control System Network Protocol Parsers

A series of industrial control system protocol parsers developed by INL for the Zeek network security monitoring framework to enhance incident response capabilities.

Infrastructure eXpression: Discovery Tools

Automates the collection and conversion of network vulnerabilities into STIX format, streamlining vulnerability management and sharing.

Malcolm: Network Traffic Analysis

Network traffic analysis suite offering easy upload, powerful traffic analysis, and streamlined deployment for security operations.

MaSDE: Real-Time Dynamic Estimation for a Resilient Power Grid

Master State Distributed Estimator (MaSDE)

MASFIC: Streamlined Contingency Analysis for Power Utilities

MASFIC (MASTERRI Automated SAPHIRE File Intermediary Converter) is a powerful software application designed to streamline contingency analysis and risk assessment in power grids.

MaSTI: Network Monitoring for Enhanced Control System Protection

Master State Threat Identifier (MaSTI)

NAVV Tool: Network Architecture Verification & Validation Tool

Automates network traffic analysis using Zeek IDS logs, generating an Excel summary for easy data sorting and analysis.

OpDefender: Real-Time Network Traffic Analysis

A cybersecurity solution for control system networks, featuring smart switches and a network HMI for real-time attack prevention and network traffic control.

PacketSight: Mitigating Unusual Network Packets

This software identifies, examines, and mitigates unusual network packets using a multi-dimensional latent space representation.

PANDA: Predictive Automation of Novel Defect Anomalies

Automate the identification and segmentation of dislocation-type defects in irradiated materials using a YOLOv8-based software, capable of detecting both dislocation lines and loops—even in high-noise micrographs—improving accuracy and efficiency in post-irradiation materials analysis.

Parsnip Parser Creation Application:

Parsnip aims to automate 90% of the repetitive tasks involved in parser development

Polyglot Framework: Cross-Platform Tool Development

Polyglot is a framework that simplifies the process of creating or modifying tools for a wide range of devices and operating systems. It is especially useful for embedded, esoteric, or old targets that lack easy and consistent solutions.

PowDDeR v2: Power Distribution Designing for Resilience Application

Updated software tool for power distribution design, analyzing system resilience to disturbances in real and reactive power.

PowDDeR: Power Distribution Designing for Resilience Application

Measures power system resilience by analyzing responses to disturbances, such as natural or human-caused ones

Scramble

Simulated control and cybersecurity testing tool for microgrid implementations, providing realistic response analysis.

Sentinel: Low-Power Semi-Supervised Machine-Learning-Based Intrusion Detection for IoT Networks

Efficient anomaly and intrusion detection tailored for IoT and critical infrastructure networks with low power requirements.

SPEMMCRA: Control Strategy Testing for Microgrid Implementations

Simulated control and cybersecurity testing tool for microgrid implementations, providing realistic response analysis.

STAR: Structured Threat Automated Response

Automates response actions for cybersecurity threats by executing STIX Course of Action objects in Python.

STIG: Graph-Based Threat Intelligence and Response System

Structured Threat Intelligence Graph (STIG)

STIXEnforcer: Advanced STIX 2.1 Data Enrichment and Error Correction Tool

Structured Threat Information Expression Style Enforcer

STOAT: Automated Scoring Tool for Software Weaknesses

Scoring Threat Object Analysis Tool (STOAT)

STOTS: Network Threat Analysis and Visualization Suite

Structured Threat Observation Tool Set (STOTS)

TOPGEAR: Technology, Organization, and Person of interest Graph Extraction, Analysis, and Reporting

Adversarial Socio-Technical Network Analysis (ASTNA) is a data processing pipeline for extracting a knowledge graph from SEC Documents to enable robust socio-technical analysis of critical infrastructure influence.