To all those fine folks out there who are interested in computer security, who take care of the secrecy of their passwords and other credentials, who protect their laptops and smartphone adequately with up-to-date operating systems and antivirus software, and who apply due diligence when developing and running their IT services and/or control systems, I would issue just two words:

THANK YOU!

Thank you for reading our articles. Thank you for showing an interest in privacy and security. Thank you for wanting to learn more about this. Thank you, because you are the generation who can get it right. Or better, as my generation of 1971 didn't screw everything up.

What’s gone before
Look, for example, at an ancient telephone – the one with a rotary dial. Back then, fear of being spied on was minimal, and only an issue if you annoyed your country. Today, we all carry small spying devices around that collect all our personal information and pass it on. Maybe not immediately to governments, but to big multinationals that make money from our personal data. The secrecy of the post has become WhatsApp, Threema, Signal and Telegram – each with their own privacy-preserving means (or not). With the cloud came the Wild West. Analogue cameras became Instagram and TikTok. Apple revolutionised our record and tape collection. CDs? Bah. MP3s? Not anymore. Linear television became Netflix, Amazon Prime and Disney+. Amazon and Google know much more about our shopping habits than the old neighbourhood shopkeeper ever did. And workout information now goes to Strava, Fitbit or the like. Mapping out the world. Our nicely cloaked private world has become frighteningly transparent and public. Orwell’s 1984 surveillance state at its best. At least there is a silver lining in the form of the European Union’s General Data Protection Regulation, which the big companies try to aggressively bend and small startups try to creatively circumvent.

Like with privacy, digitalisation over the past decades has tied our lives into symbiosis with technology. Physical security has become cybersecurity. Today, all the amenities of life are technology-supported. Depending where you are, this is the case to varying degrees. Consider electricity. In most of our countries, electricity is the One Ring that rules it all. No electricity, no cold food or (worse) medication. No electricity, no communication. No electricity, no fresh water, as water pumps need electricity. Similarly for fuelling stations. No electricity, no public transport. Going shopping? Erm, how did you pay last time? Of course, you might have some batteries left over, or a diesel generator. But in the long run? We live in symbiosis with a technology backbone. With electricity. With the control systems deployed for running this backbone. In the past, this backbone was threatened only by physical means – by conflicts. By nation states in an increasingly peaceful world. While we thought that those times were gone, our backbone is now much more susceptible to threats. No need for nation states anymore, when a small group of (state-sponsored) criminals can create havoc. Like the attacks on Saudi Aramco. Like Stuxnet against Iranian nuclear centrifuges. Like Russian hackers allegedly attacking Ukrainian infrastructure prior to the invasion of Crimea. Like the ransomware attacks against Maersk. Like the Conti ransomware group against anyone else on this planet. The COVID-19 pandemic and Russia’s war against Ukraine have shown how fragile our technological backbone has become, how inherently insecure it is and how easily it can be brought to a halt. Threats to this backbone won’t disappear.

And the future, the sunny world of clouds, requires even more backbone. More interconnectivity, more technology, more complexity. Ergo more vulnerabilities. And ergo more severe consequences. Self-driving cars talk to each other and to the traffic lights. Cities become smart. Cashless stores RFID your shopping basket and charge your credit card automatically. Your fridge orders missing items automagically, delivered by drone within 10 minutes. In this brave new Wild West, the genie is out of Pandora’s box. Our technological backbone needs reinforcement. The stupid internet of unsecure things needs improvement. The zillions of layers, virtual machines, containers, software interdependencies, agility, DevOps and just-in-time need experts to put the genie back in the bottle. To adapt technology such that it serves but does not burden. To bring security into every single layer by default. Making security an equal among other IT equals: functionality, usability, maintainability, availability and – security. While threats and threat actors will never give up (and will actually become more and more sophisticated), we need to counter the increasing number of vulnerabilities and keep the consequences of successful attacks at bay.

Now, enter you!
We will never have 100% secure systems – and those who promise this to you are either liars or salespeople or both. “Security will always be exactly as bad as it can possibly be while allowing everything to still function” (Nat Howard). Because we’re lazy and ignorant, because security is usually just a cost factor with limited benefits: security, convenience, cost – pick two. This makes security only as good as the weakest link in the chain of technology. This makes security a people problem. But this also makes security a problem that can be solved by people. You are the crucial generation. The first twists and turns towards a more privacy-preserving and secure future have started. Facebook and Google have been restrained from collecting data. WhatsApp becomes Threema or Signal. Security must again move into focus, joining the other —ities and reinforcing the CIA triangle: confidentiality (hush! for your personal life), integrity (your bank statement) and availability (giving you electricity when you need it). Actually, in industry this is instead the AIC triangle (availability: your supermarket; integrity: the soundness of the bridges you cross to get there; and confidentiality: Coca Cola’s secret recipe).

Since my generation failed to consistently, coherently, efficiently and effectively push those triangles through as it should have, the baton is now handed to you. Together, let’s break up the old mantra of “freedom, security, convenience – choose two” (Dan Geer) and see how we can still get all three deployed on an acceptable level. Open your mind to think secure and privacy-preserving. If you haven’t done so yet, learn how to prevent and protect, how to plan, design, develop and build secure and privacy-preserving applications, software and systems. How to operate systems in a secure and privacy-preserving fashion – finding weaknesses and vulnerabilities, detecting abuse and ensuring that sufficient log information is at hand, and using the magic means available to understand what happened if the evil bad has compromised your system: forensics, incident coordination and response.

In addition to the new round of WhiteHat and Zebra training sessions, which are coming up very soon, we’re happy to announce that dedicated online training courses on all security matters are now available to all of you at any time, with our thanks to the HR training team. The SecureFlag training platform provides hands-on courses, exercises and virtual environments for you to improve your skills in secure software development in your favourite programming language (demo video). Learn how to securely configure your systems, virtual machines and containers and how to securely operate your web and computing services. These new, dedicated courses are provided for your benefit and for the benefit of a secure organisation – to clean up the security and privacy mess. THANK YOU!

______

Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.

CERN and the US government have released a joint statement concerning future planning for large research infrastructures, advanced scientific computing and open science. The Joint Statement of Intent was signed in Washington DC in April by CERN Director-General, Fabiola Gianotti, and Principal Deputy US Chief Technology Officer, Deirdre Mulligan, of the White House Office of Science and Technology (pictured).

Acknowledging their longstanding partnership in nuclear and particle physics, CERN and the US intend to enhance collaboration in planning activities for large-scale, resource-intensive facilities with the goal of providing a sustainable and responsible pathway for the peaceful use of future accelerator technologies.

Concerning the proposed Future Circular Collider, FCC-ee, which would collide electrons and positrons to produce copious quantities of Higgs bosons, the text states: “Should the CERN Member States determine the FCC-ee is likely to be CERN’s next world-leading research facility following the high-luminosity Large Hadron Collider, the United States intends to collaborate on its construction and physics exploitation, subject to appropriate domestic approvals.” A technical and financial feasibility study for the proposed FCC is due to be completed in March 2025.

CERN and the US also intend to discuss potential collaboration on pilot projects to incorporate new analytics techniques and tools such as AI into particle physics research at scale and affirm their collective mission “to take swift strategic action that leads to accelerating widespread adoption of equitable open research, science, and scholarship throughout the world”.

In December 2023, the high-energy physics advisory panel to the US Department of Energy and the National Science Foundation released a 10-year strategic plan for US particle physics. Meanwhile, the next update of the European Strategy for Particle Physics, which is formed through a broad consultation of the particle physics community in Europe and beyond, is about to get under way. The CERN Council has set the deadline for submitting written input for the next Strategy update at 31 March 2025, with a view to concluding the process in June 2026. The final report of the FCC Feasibility Study will be a key component of that input.

If you’re an avid follower of High-Luminosity LHC (HL-LHC) news, you will no doubt already have heard about “the python”, the new superconducting link developed at CERN. It is a component of the new cold powering system that will power the HL-LHC inner triplet magnets, which will focus proton beams more tightly around the ATLAS and CMS collision points.

This new system is packed with novel superconducting technologies: MgB₂ superconducting cables, twisted together to form a compact bundle of about 9 centimetres in diameter, are inserted into a 22-centimetre-diameter flexible cryostat, with vacuum insulation and flowing helium gas. The MgB₂ cables operate in the helium gas at temperatures from about 4.5 K (-268.7 °C) to 20 K (-253.2 °C). The REBCO high-temperature superconducting cables then transfer the current from 20 K to 50 K (-223.2 °C) and, finally, current leads provide the transition from 50 K to room temperature. This system can carry a direct electrical current (DC) of around 120 kA over the required distance of 85 metres.

While the superconducting cables of the LHC magnets have to be maintained in superfluid helium (at 1.9 K (-272.2 °C)) or in liquid helium (at 4.5 K), the new superconducting part of the system is capable of operating at a temperature of up to 60 K (-213.2 °C) at its highest, qualifying it as “high temperature” in superconductivity terms. “One of the beauties of this new system is that it operates in helium gas. The cryogenic cooling of the superconducting link is at zero cost, because it transfers the helium gas that in any case is needed to cool the current leads. This is one of the benefits of using high-temperature superconductors,” explains Amalia Ballarino, leader of the HL-LHC Cold Powering Work Package.

The superconducting link and its flexible cryostat can be spooled onto a large drum and transported like conventional power transmission cables. This new type of superconducting system has enormous potential for future accelerators and in areas beyond accelerator technology where large transfer of current is needed, or for the development of clean aviation.

The first HL-LHC cold powering system has just passed its first tests in the SM18 test facility. While the python was fully qualified in the previous R&D phases, this is the first time that a full power transmission system, transferring current from room temperature to the liquid helium environment via MgB₂ and REBCO superconducting technology, has been constructed and successfully validated in final operating conditions.  The complexity of the system is enhanced by the multiplicity of the circuits it contains. “The 19 superconducting cables and current leads, rated at currents ranging from 2 kA to 18 kA, transported a total DC current of 94 kA, the maximum current that could be delivered by the test station,” adds Ballarino. “Electromagnetic compatibility among circuits was validated, and high-voltage insulation tests were successfully accomplished. This great success is the result of ten years of R&D.”

The next steps will take place in early summer, when the cold powering system will be transported to the HL-LHC IT String where the collective behaviour of the inner triplet magnet system will be tested prior to installation underground in the LHC during the next long technical stop (LS3), scheduled to begin in 2026.

__________

To find out more, read this article published in the CERN Courier in April 2023.

On 13 May 2024, members of CERN’s vibrant community attended, and some performed at, the prestigious Fondation pour Genève prize ceremony at Victoria Hall. Since 1978, the annual prize has honoured Geneva citizens and institutions that contribute to the international influence of the city in scientific, political, economic, cultural and humanitarian fields. CERN received it in 1999. For the 2024 prize, CERN Director-General Fabiola Gianotti was the recipient, honouring her exceptional commitment to the international influence of Geneva.

Musical contributions from the CERN community were at the heart of this celebration, which began with the Canettes Blues Band performing ATLAS Boogie and ended with an excerpt of Niccolò Jommelli’s Requiem performed by the CERN Choir. Interspersed throughout the evening were various testimonials, including from CERN community members. Presentations showing CERN’s 70-year history and the newly inaugurated Science Gateway, CERN’s state-of-the-art centre for education and outreach, celebrated the scientific and cultural impact of CERN in Geneva.

Watch the full award ceremony on the Fondation pour Genève website.

Over the years, the teams responsible for the LHC proton injector chain (Linac 4, PS Booster, PS and SPS) have developed various production schemes for the LHC beam, pushed the performance of the beam and explored its potential to enhance the collisions in the LHC. In 2023 and this year, until the end of last week, the so-called “standard LHC beam” has been used in batches of 3 x 36 bunches, provided by the SPS. On 24 May, the LHC was switched to the “BCMS (Beam Compression, Merging and Splitting) beam” mode to explore its potential to produce more collisions and to compare its performance to that of the standard beam.

In the LHC injector chain, the standard beam is produced by injecting three bunches from the PS Booster into the PS. After an initial acceleration, the PS splits each bunch longitudinally (see box) into three, resulting in nine bunches. These nine bunches are then accelerated to the maximum energy of the PS, where each bunch is split into two, and then again into two, resulting in 36 bunches, each spaced by 25 ns (see Figure 1).

The SPS receives three of these 36-bunch shots from the PS and accelerates them to an energy of 450 GeV before injecting them in the clockwise or counter-clockwise direction into the LHC. This means that one PS Booster bunch results in 12 bunches in the LHC. The number of protons per bunch (named intensity) required by the LHC is 16 x 10¹⁰. Taking the 12-fold splitting into account, this means that the number of protons per bunch which the PS Booster has to inject into the PS is 12 times higher than the LHC bunch intensity, i.e. 192 x 10¹⁰ protons per bunch.

The BCMS beam is produced by injecting six bunches into the PS: three from a first cycle and three, 1.2 seconds later, from a second cycle. After an initial acceleration, these six bunches are compressed and merged, in pairs of two, into a single bunch, resulting in three bunches, which are then each split into three bunches. The remainder of this production scheme is identical to the standard production scheme, which also results in 36 bunches spaced by 25 ns. With this scheme, six bunches are manipulated to obtain 36 bunches, which gives a splitting factor of six. Therefore, to obtain a bunch intensity of 16 x 10¹⁰ protons for the LHC, the PS Booster needs to provide only 96 x 10¹⁰ protons per bunch (see Figure 2).

The LHC has now used the BCMS beam for about a week and the first signs of improved performance compared with the standard beam have already been observed.

How is it that the BCMS beam results in more collisions in the LHC if it contains the same number of protons as a standard beam?

The BCMS beam has a greater brightness, which means that it contains the same number of protons but in a smaller beam size. This smaller beam size is the result of the lower intensity per bunch in the PS Booster.

The challenge is to preserve this increased brightness when the beam is accelerated in all the machines of the LHC injector chain and in the LHC itself. During acceleration in the LHC, the beam size seems to increase slightly more with the BCMS scheme than with the standard beam scheme. Studies of the beam behaviour and adjustments of the machine parameters may limit this growth in the future, further increasing the number of collisions.

Final adjustments will be made in the coming weeks. A fact-based comparison will allow us to decide whether to continue using the BCMS production scheme or to revert to the standard production scheme. Stay tuned!

2024 is proving to be an exhilarating year for the CERN Alumni Network, which will turn seven on 8 June. Join the seventh-anniversary LinkedIn live on Thursday, 13 June to discover  the impactful work being carried out by its members and celebrate our shared achievements together.

The CERN Alumni Network, which boasts nearly 10 000 members, is an integral part of the CERN community as it enables alumni to keep in touch with the Organization and each other after leaving the Laboratory. Throughout the year, the Network organises events to connect with alumni and companies and it also offers career guidance and mentoring.

Between 9 and 11 February 2024, CERN witnessed the momentous gathering of just under 600 people for the Network’s triennial reunion, Third Collisions. This vibrant event served as a testament to the enduring camaraderie within the CERN community, providing a platform for alumni to reconnect and exchange ideas. From captivating keynote addresses to interactive panel discussions, participants explored a wide array of topics, showcasing the breadth of knowledge within the alumni network and its collective commitment to addressing global challenges. Recordings of many of the keynote talks and parallel sessions can be accessed on the Indico event page. One highlight of Third Collisions was the inclusion of the first careers fair, which provided a platform for companies to connect directly with alumni. Networking sessions and CERN Club activities further reinforced the sense of a CERN community at the event. Participants also had the privilege of exploring the newly inaugurated Science Gateway, which served as a fitting backdrop for discussions on cutting-edge research and innovation.

Third Collisions was more than just a reunion: it was a convergence of minds, ideas and experiences. Energised by new insights and connections, participants departed with a renewed sense of purpose and pride in belonging to the extraordinary CERN alumni community. Thanks to Third Collisions, several alumni have come forward to propose new regional groups. Reflecting on the event, one attendee remarked, "I am so proud to be part of such a thriving and inspiring community! All the trajectories of CERN's alumni are super interesting, and it felt like a big family get-together."

If you haven't joined the Network yet, now is the perfect time to do so. By becoming a member, you can expand your professional network, forge connections with individuals who share your CERN experience, participate in exciting events and showcase your ongoing endeavours to a community passionate about the groundbreaking work conducted at CERN. Don’t forget to join the LinkedIn live on 13 June to continue these celebrations and connect with this ever-growing community.

Watch highlights from the Third Collisions event below.

For World Environment Day, celebrated by the United Nations on 5 June, CERN reaffirms its commitment to environmentally responsible research. Among numerous actions, CERN has a dedicated strategy to reduce emissions, which targets gas recirculation, gas recovery and exploring the use of alternative gases. Currently, the majority of CERN’s direct greenhouse gas emissions come from its particle detectors, which use a range of gas mixtures for particle detection and detector cooling. These gases are mainly synthetic refrigerants, including fluorinated gases with a particularly high global warming potential.

Since 2017, CERN has been developing a novel approach to detector cooling using carbon dioxide (CO₂). CO₂ has a global warming potential of 1, which is several thousand times lower than the synthetic refrigerants currently used in low-temperature refrigeration systems, making it an excellent alternative. The Engineering department’s Cooling and Ventilation group and the Experimental Physics department’s Detector Technology group, with the support of other teams across CERN and partners in science and industry, are currently renovating the cooling systems of the ATLAS and CMS inner detectors. Surface work is already under way, while underground work will take place during the next long shutdown, LS3, scheduled to begin at the end of 2025. The objective is to achieve a drastic reduction of direct emissions of fluorinated gases, saving the equivalent of 40 000 tonnes of CO₂ each year.

How? Every technical parameter has been optimised to cool CO₂ to -53 °C, close to the temperature where CO₂ becomes solid (-56.6 °C), pushing the performance of the equipment and the standard cooling cycles. Not only will this technology contribute to CERN’s objective of reducing its emissions, but it could also have applications in other low‑temperature industries, notably the food and pharmaceutical industries, furthering CERN’s tradition of knowledge and technology transfer for the benefit of society. Find out more in the new video below.

This is just one of CERN’s initiatives to minimise its impact on the environment in key domains, including energy, water, waste, sustainable land use, noise and emissions. Find out more here.

On 5 July 2022, protons began colliding again in the LHCb detector after a three-and-a-half-year break known as Long Shutdown 2 (LS2), marking the start of the third run of the Large Hadron Collider (LHC). During this period, the original LHCb detector at the LHC was largely dismantled and an almost completely new detector constructed. The 2020 update of the European Strategy for Particle Physics approved by the CERN Council strongly supported exploiting the full potential of the LHC for studying flavour physics. A further upgrade of the LHCb detector, known as Upgrade II, is planned to allow LHCb to operate at a much higher instantaneous luminosity and cope with the demanding data-taking conditions of the High-Luminosity LHC (HL-LHC). The latest technological developments will be taken into account to design the new detectors.

Electromagnetic calorimeter

The new revolutionary electromagnetic calorimeter being developed for LHCb Upgrade II will be able to precisely measure the arrival time of electromagnetic particles. Its test measurements demonstrated detection of high-energy electrons within 20 picoseconds of precision. This is the first time that such excellent performance has been achieved with an electromagnetic calorimeter in particle physics. The new calorimeter will have finer granularity, enabling it to cope with a much higher particle density at higher instantaneous luminosity. Luminosity is an important indicator of the performance of an accelerator: it is proportional to the number of particle collisions that occur in a given amount of time.

The technology for the new LHCb calorimeter modules is based on the “Spaghetti Calorimeter” (SpaCal) concept, in which the scintillators resemble strands of spaghetti. These scintillating fibres are housed in the 5180 longitudinal holes in the SpaCal module. The calorimeter is constructed with modules with two types of absorbers: tungsten-based SpaCal-W modules, which will be built using tungsten 3D-printing technology, and lead-based SpaCal-Pb modules.

The number of particles crossing the detector is extremely high in the central region surrounding the beam pipe, inside which the proton beams of the LHC circulate. The current LHCb calorimeter is composed of Shashlik modules. The performance of these modules decreases over time due to radiation damage caused by the large flux of particles when the LHC is running. During the next Long Shutdown, these degraded Shashlik modules in the very central region around the LHC beampipe will be replaced with 32 SpaCal-W modules, and an additional 144 SpaCal-Pb modules will be placed around them.

Ring-imaging Cherenkov system

In the upgrade of the ring-imaging Cherenkov (RICH) system, the whole electronics chain will be replaced. The detector will be equipped with a high-rate data acquisition system and a novel readout application-specific integrated circuit, called FastRICH, which is capable of providing precise timestamps of Cherenkov photons. These photons are produced when electrically charged particles, such as protons or electrons, travel faster than light in a medium.

The new LHCb RICH will be the first system featuring fast timing capabilities for single photons at the hundred-picosecond level, demonstrating once again how the challenging conditions of a flavour physics experiment at the LHC can lead to technological breakthroughs.

Prototypes of both subdetectors, SpaCal and RICH, have been successfully tested at CERN’s accelerator complex with beams from the Super Proton Synchrotron in preparation for the HL-LHC era.