system aware cyber security architecture
play

SystemAware Cyber Security Architecture Rick A. Jones October, - PowerPoint PPT Presentation

Apr 05, 2023 •13 likes •353 views

SystemAware Cyber Security Architecture Rick A. Jones October, 2011 Research Topic DescripAon SystemAware Cyber Security Architecture Addresses supply chain and insider threats Embedded into the system to be protected

  1. System‐Aware Cyber Security Architecture Rick A. Jones October, 2011

  2. Research Topic DescripAon • System‐Aware Cyber Security Architecture – Addresses supply chain and insider threats – Embedded into the system to be protected – Includes physical systems as well as informaAon systems • Requires system engineering support tools for evaluaAng architectures factors • To facilitate reusability requires establishment of candidate Design PaMern Templates and iniAaAon of a design library – Security Design – System Impact Analyses ASRR 10/11 October 2011 2

  3. IncorporaAng Recognized Security FuncAons into an Integrated System‐Aware Security SoluAon • Fault‐Tolerance – Diverse ImplementaAons of Common FuncAons – Data ConAnuity Checking via VoAng • Cyber Security – Moving Target with Diversity • Physical ConfiguraAon Hopping • Virtual ConfiguraAon Hopping – Adversary‐SensiAve System ReconstrucAon • AutomaAc Control Systems – Data ConAnuity Checking via State EsAmaAon – System IdenAficaAon • TacAcal Forensics ASRR 10/11 October 2011 3

  4. System‐Aware Security Architecture Internal Controls Inputs Outputs System to be Protected Internal Measurements System-Aware Security Sub-System ASRR 10/11 October 2011 4

  5. System‐Aware Cyber Security Subsystem System-Aware Security Sub- System Measurements Measurement Analysis Security System to be Control Protected Decisions Hopping & Restoral System Control Control Signaling ASRR 10/11 October 2011 5

  6. System‐Aware Security Analysis Mission-Risk Ranked System Functions Number of hopped (1) functions Selected (2) set for (3) hopping (4) … (N) System Latency Rate of Delay in hopping compromise detection Mission Risk System Latency ASRR 10/11 October 2011 6

  7. System‐Aware Security for Facility Defense ASRR 10/11 October 2011 7

  8. Facility Defense System to be Secured • We consider a facility defense system consisAng of: – Streaming sensors conAnuously monitoring discrete areas – Streaming Servers distribuAng sensor data, received over a wired network, to mobile users over a wireless broadcast network – Mobile users receiving alerts and streaming data regarding potenAal problems ASRR 10/11 October 2011 8

  9. IllustraAve Architectural Diagram for Candidate Facility Defense System for System‐Aware Security 9

  10. PotenAal Cyber AMacks • Replay aMacks masking malicious acAvity iniAated through – Sensor system – Streaming servers – User devices • DoS aMacks addressed through redundancy – Sensor system – Streaming servers – OperaAonal procedures and redundancy regarding user devices ASRR 10/11 October 2011 10

  11. System‐Aware SoluAon for Securing the Facility Defense System • Replay aMack defense – Diversely Redundant Streaming Sensors, with VoAng (Data ConAnuity Checking) – Diversely Redundant, Virtually Hopped Streaming Servers – Diverse User Devices, with RotaAng User Surveillance Assignments and Device Use – Mobile User based Data ConAnuity Checking • DoS defense – Redundancy at the Sensor and Streaming server levels – Streaming servers / User feed back loops to enable redistribuAon of data and job responsibiliAes ASRR 10/11 October 2011 11

  12. IllustraAve System‐Aware SoluAon Architecture 12

  13. Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng 100 90 80 Max Possible # of Observable Regions 70 60 50 No VoAng/Single Stream ConAnuous 3 Stream VoAng 40 30 20 10 0 100 150 200 250 500 Stream Fidelity (Kbps) 13

  14. Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng 100 90 80 Max Possible # of Observable Regions 70 60 Loss in User PresentaAon Fidelity 50 No VoAng/Single Stream ConAnuous 3 Stream VoAng 40 30 20 10 0 100 150 200 250 500 Stream Fidelity (Kbps) 14

  15. Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng 100 90 80 Max Possible # of Observable Regions 70 ReducAon in Maximum Observable Regions 60 50 No VoAng/Single Stream ConAnuous 3 Stream VoAng 40 30 20 10 0 100 150 200 250 500 Stream Fidelity (Kbps) 15

  16. Duty Cycle VoAng for Increasing the Possible Number of Observable Regions Concept – Use of Ame division for voAng permits an increase • in the number of possible surveillance points User compares streams concurrently received from mulAple – diversely redundant servers to discover disconAnuiAes 3 parameters can be uAlized to govern voAng – Number of Observed Regions • Deemed acceptable VoAng Interval for data conAnuity checking • across all regions Streaming period Ame alloMed for conAnuity checking (VoAng • Time), which can be less than the VoAng Interval Given the VoAng Time can be a subset of the VoAng Interval, – the use of Ame division can be uAlized to manage informaAon distribuAon over the broadcast network, interleaving mulAple streams for voAng users with single streams for other users who are not voAng ASRR 10/11 October 2011 16

  17. IllustraAve System‐Aware SoluAon Architecture with Duty Cycle VoAng 17

  18. IllustraAve System‐Aware SoluAon Architecture with Duty Cycle VoAng 18

  19. IllustraAve System‐Aware SoluAon Architecture with Duty Cycle VoAng 19

  20. Duty Cycle VoAng for Increasing the Possible Number of Observable Regions User 1 Time User 2 Time User 3 Time Wireless Network Time Column Heights = Data / Time Interval 20

  21. Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng 100 90 80 Max Possible # of Observable Regions 70 60 No VoAng/Single Stream 50 ConAnuous 3 Stream VoAng 40 Duty Cycle VoAng 30 20 10 0 100 150 200 250 500 Stream Fidelity (Kbps) 21

  22. AddiAonal Collateral System Impacts • Common Cause Failures are reduced • MTBF increases in relaAonship to the individual diverse component reliabiliAes • Development cost increases based on the cost to develop voAng and duty cycle management components, as well as to resolve lower level technical issues that may arise – SynchronizaAon needs – Sohware integraAon – Performance impact measurements and enhancement needs (e.g. CPU uAlizaAon, memory, and energy usage) • One Ame and life cycle cost increase in relaAonship to the increased complexity 22

  23. Scoring Framework 23

  24. Need: Methodology for EvaluaAng AlternaAve Security SoluAons for a ParAcular System • A methodology is required in order to clarify reasoning and prioriAzaAons regarding unavoidable cyber security vagaries: – RelaAonships between soluAons and adversarial responses – MulAdimensional contribuAons of individual security services to complex aMributes, such as deterrence • Scores can be derived in many different forms – Single scalar value where bigger is beMer – 2 scalar values: (1) security value added, (2) system‐level disvalues – MulA‐objecAve component scores providing more transparency ASRR 10/11 October 2011 24

  25. Metrics • AMack phase‐based security value factors: – Pre‐AMack (Deterrence) – Trans‐AMack (Defense) – Post‐AMack (RestoraAon) • Would include collateral system impact metrics for the security architecture: • Performance • Reliability, Safety • Complexity, Costs ASRR 10/11 October 2011 25

  26. System‐Aware Security System Scoring Matrix RelaDve Value k 1 k 2 k 3 k 4 k 5 k 6 k j Weights Value Deterrence Real Restor‐ Collateral Implemen‐ Life Other Factors Time aDon System taDon Cost Cycle Defense Impacts Cost Security Services Diversity s 11 s 12 s 1j (s 1 ) Hopping s 21 s 22 s 2j (s 2 ) Data s 31 s 32 s 3j ConAnuity Checking (s 3 ) TacAcal s 41 s 42 s 4j Forensics (s 4 ) ASRR 10/11 October 2011 26 Other (s i ) s i1 s i2 s ij

  27. System‐Aware Security System Scoring Matrix RelaDve Value k 1 k 2 k 3 k 4 k 5 k 6 k j Weights Value Deterrence Real Restor‐ Collateral Implemen‐ Life Other Factors Time aDon System taDon Cost Cycle Defense Impacts Cost Security Services Diversity s 11 s 12 s 1j p (s 1 ) k 1 ∑ = j Hopping s 21 s 22 s 2j j 1 = (s 2 ) s ij = Assurance Level of the ith service as Data s 31 s 32 s 3j ConAnuity related to the jth value factor Checking (s 3 ) s ij = QuanAzed Assurance Level = 0…M TacAcal s 41 s 42 s 4j p n Security k j s ∑∑ = Forensics ij Score (s 4 ) j 1 i 1 = = ASRR 10/11 October 2011 Max Possible Score = n x M 27 Other (s i ) s i1 s i2 s ij

  28. Example Facility Defense Scoring Matrix RelaDve K 1 =0.30 K 2 = 0.20 k 3 =0.10 K 4 = 0.20 K 5 = 0.05 K 6 = 0.15 Value Weights Value Deterrence Real Restor‐ Collateral Implemen‐ Life Factors Time aDon System taDon Cost Cycle Defense Impacts Cost Security Services Diversity 4 3 4 4 2 2 (s 1 ) Hopping 3 4 3 1 2 3 (s 2 ) Data 2 4 3 1 4 3 ConAnuity Checking (s 3 ) TacAcal 3 0 4 5 4 2 Forensics (s 4 ) Strongest Area is RestoraAon 28 Max Possible Score = 20 Facility Defense Score = 11.5 Weakest Area is Life Cycle Cost

  29. On Going ExploraAon • A pracAcal methodology for determining Assurance Level Values • Methodology for addressing uncertainty in assigning Assurance Level Values • Methodology for uAlizing RelaAve Value Weights • Tradeoffs between scoring simplicity and transparency of results ASRR 10/11 October 2011 29

Recommend

System Aware Cyber Security Barry M. Horowitz, PI University of Virginia November, 2012 System

System Aware Cyber Security Barry M. Horowitz, PI University of Virginia November, 2012 System

System Aware Cyber Security Barry M. Horowitz, PI University of Virginia November, 2012 System Aware Cyber Security Operates at the system application-layer , For security inside of the network and perimeter protection provided for the

164 views • 3 slides
System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology

System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology

System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology to the Cyber Security of Physical Systems Barry M. Horowitz, Kate Pierce University of Virginia April, 2012 This material is based upon work

518 views • 41 slides
CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

Eric Weston Wally Magda, CISSP, PSP, CISA Compliance Auditor, Cyber Compliance Auditor, Cyber Security Security CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September 24-25, 2013 Salt Lake City, UT No

2.02k views • 198 slides
Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and the Intel-NSF Partnership for Cyber- Physical Systems Security and Privacy) Insup Lee (PI) PRECISE Center School of Engineering and Applied Science

1.11k views • 34 slides
90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 16, 2013 SafeConfig 2013: IEEE 6th

227 views • 18 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo University of Pennsylvania July 12, 2018 Overview of Research Tort and products liability for CPS Privacy and cybersecurity regulation NHTSA

472 views • 25 slides
Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System

Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System

Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System Dr. Igor Nai Fovino Head of the Research Department Global Cyber Security Center The Global Cyber Security Center, is an International not-for-profit

615 views • 33 slides
Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

1 Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to innovation Sallie Sweeney KPMG The healthcare industrys evolution toward a true value based system, assuming responsibility for complex

797 views • 10 slides
Ostro OS security architecture An IoT OS security architecture that is so boring that you can

Ostro OS security architecture An IoT OS security architecture that is so boring that you can

Ostro OS security architecture An IoT OS security architecture that is so boring that you can sleep soundly at night Ismo Puustinen, Intel Finland What is Ostro OS? https://ostroproject.org IoT operating system, based on Yocto project

261 views • 9 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
Leveraging Physical Models for Attacking and Defending PLCs Luis Garcia 4N6 Cyber Security &

Leveraging Physical Models for Attacking and Defending PLCs Luis Garcia 4N6 Cyber Security &

Leveraging Physical Models for Attacking and Defending PLCs Luis Garcia 4N6 Cyber Security & Forensics Research Lab ECE Department Rutgers University Outline Background Harvey: Model-Aware Rootkit System Model

934 views • 71 slides
Cyber-Physical System Security Alia Long Advanced Research in Cyber Systems (ARCS) Los Alamos

Cyber-Physical System Security Alia Long Advanced Research in Cyber Systems (ARCS) Los Alamos

Cyber-Physical System Security Alia Long Advanced Research in Cyber Systems (ARCS) Los Alamos National Laboratory LA-UR-17-27644 Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA A Cyber-Physical Model

837 views • 7 slides
Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web application weaknesses XSS AJAX weaknesses SQL Injection Attacks (Slides from Lars Olson)

588 views • 41 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Davis Social Links Leveraging Social Informatics for Cyber Security: Architecture,

Davis Social Links Leveraging Social Informatics for Cyber Security: Architecture,

Davis Social Links Leveraging Social Informatics for Cyber Security: Architecture, Implementation, and Applications S. Felix Wu Computer Science Department Univers BTH, Karlskrona, Sweden ity of California, Davis wu@cs.ucdavis.edu

809 views • 41 slides
ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* * Preliminary programme, subject to revision/update status 16 December 2014 4 February 2015 Day 1: Cyber Security Readiness Registration KU

306 views • 4 slides
Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

16 Oct 2012 Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford Willke Cyber Security Advisor, MidAtlantic Region National Cyber Security Division (NCSD) Office of Cybersecurity and Communications

443 views • 20 slides
Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs ! 3 properties ... Confidentiality (including personal data) Integrity Availability 2 -Sminaire LIRIMA: Cyber security: current

876 views • 64 slides
2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor, Region VII Office of Cybersecurity and Communications (CS&C) National Protection and Programs Directorate (NPPD) FOUO / UNCLASS Cyber Security

333 views • 12 slides
CYBER SECURITY FOR NON-TECHNICAL EXECUTIVE Cor Corpor porate O te Over erview view AT-NET

CYBER SECURITY FOR NON-TECHNICAL EXECUTIVE Cor Corpor porate O te Over erview view AT-NET

CYBER SECURITY FOR NON-TECHNICAL EXECUTIVE Cor Corpor porate O te Over erview view AT-NET Services offers comprehensive engineering services for the life cycle of your system; design, build, secure and manage CYBER SECURITY FOR

873 views • 65 slides
CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview 1. What is at risk? 2. Global industry trends 3. BDO/AusCERT survey 4. Recent cyber case studies 5. Cyber risk mitigation strategies Page

481 views • 35 slides

More recommend