System Aware Cyber Security Architecture

Size: px
Start display at page:

Download "System Aware Cyber Security Architecture"

Transcription

1 System Aware Cyber Security Architecture Rick A. Jones October, 2011

2 Research Topic DescripAon System Aware Cyber Security Architecture Addresses supply chain and insider threats Embedded into the system to be protected Includes physical systems as well as informaaon systems Requires system engineering support tools for evaluaang architectures factors To facilitate reusability requires establishment of candidate Design PaMern Templates and iniaaaon of a design library Security Design System Impact Analyses ASRR 10/11 October

3 IncorporaAng Recognized Security FuncAons into an Integrated System Aware Security SoluAon Fault Tolerance Diverse ImplementaAons of Common FuncAons Data ConAnuity Checking via VoAng Cyber Security Moving Target with Diversity Physical ConfiguraAon Hopping Virtual ConfiguraAon Hopping Adversary SensiAve System ReconstrucAon AutomaAc Control Systems Data ConAnuity Checking via State EsAmaAon System IdenAficaAon TacAcal Forensics ASRR 10/11 October

4 System Aware Security Architecture Internal Controls Inputs System to be Protected Outputs Internal Measurements System-Aware Security Sub-System ASRR 10/11 October

5 System Aware Cyber Security Subsystem System-Aware Security Sub- System Measurements Measurement Analysis System to be Protected Hopping & Restoral Control System Control Signaling Security Control Decisions ASRR 10/11 October

6 System Aware Security Analysis Selected set for hopping Mission-Risk Ranked System Functions (1) (2) (3) (4) Number of hopped functions (N) System Latency Delay in compromise detection Rate of hopping Mission Risk System Latency ASRR 10/11 October

7 System Aware Security for Facility Defense ASRR 10/11 October

8 Facility Defense System to be Secured We consider a facility defense system consisang of: Streaming sensors conanuously monitoring discrete areas Streaming Servers distribuang sensor data, received over a wired network, to mobile users over a wireless broadcast network Mobile users receiving alerts and streaming data regarding potenaal problems ASRR 10/11 October

9 IllustraAve Architectural Diagram for Candidate Facility Defense System for System Aware Security 9

10 PotenAal Cyber AMacks Replay amacks masking malicious acavity iniaated through Sensor system Streaming servers User devices DoS amacks addressed through redundancy Sensor system Streaming servers OperaAonal procedures and redundancy regarding user devices ASRR 10/11 October

11 System Aware SoluAon for Securing the Facility Defense System Replay amack defense Diversely Redundant Streaming Sensors, with VoAng (Data ConAnuity Checking) Diversely Redundant, Virtually Hopped Streaming Servers Diverse User Devices, with RotaAng User Surveillance Assignments and Device Use Mobile User based Data ConAnuity Checking DoS defense Redundancy at the Sensor and Streaming server levels Streaming servers / User feed back loops to enable redistribuaon of data and job responsibiliaes ASRR 10/11 October

12 IllustraAve System Aware SoluAon Architecture 12

13 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions No VoAng/Single Stream ConAnuous 3 Stream VoAng Stream Fidelity (Kbps) 13

14 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions Loss in User PresentaAon Fidelity No VoAng/Single Stream ConAnuous 3 Stream VoAng Stream Fidelity (Kbps) 14

15 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions ReducAon in Maximum Observable Regions No VoAng/Single Stream ConAnuous 3 Stream VoAng Stream Fidelity (Kbps) 15

16 Duty Cycle VoAng for Increasing the Possible Number of Observable Regions Concept Use of Ame division for voang permits an increase in the number of possible surveillance points User compares streams concurrently received from mulaple diversely redundant servers to discover disconanuiaes 3 parameters can be ualized to govern voang Number of Observed Regions Deemed acceptable VoAng Interval for data conanuity checking across all regions Streaming period Ame allomed for conanuity checking (VoAng Time), which can be less than the VoAng Interval Given the VoAng Time can be a subset of the VoAng Interval, the use of Ame division can be ualized to manage informaaon distribuaon over the broadcast network, interleaving mulaple streams for voang users with single streams for other users who are not voang ASRR 10/11 October

17 IllustraAve System Aware SoluAon Architecture with Duty Cycle VoAng 17

18 IllustraAve System Aware SoluAon Architecture with Duty Cycle VoAng 18

19 IllustraAve System Aware SoluAon Architecture with Duty Cycle VoAng 19

20 Duty Cycle VoAng for Increasing the Possible Number of Observable Regions User 1 User 2 Time Time User 3 Time Wireless Network Time Column Heights = Data / Time Interval 20

21 Observable Regions / User Fidelity Impacts of 3 Stream ConAnuous VoAng Max Possible # of Observable Regions No VoAng/Single Stream ConAnuous 3 Stream VoAng Duty Cycle VoAng Stream Fidelity (Kbps) 21

22 AddiAonal Collateral System Impacts Common Cause Failures are reduced MTBF increases in relaaonship to the individual diverse component reliabiliaes Development cost increases based on the cost to develop voang and duty cycle management components, as well as to resolve lower level technical issues that may arise SynchronizaAon needs Sohware integraaon Performance impact measurements and enhancement needs (e.g. CPU ualizaaon, memory, and energy usage) One Ame and life cycle cost increase in relaaonship to the increased complexity 22

23 Scoring Framework 23

24 Need: Methodology for EvaluaAng AlternaAve Security SoluAons for a ParAcular System A methodology is required in order to clarify reasoning and prioriazaaons regarding unavoidable cyber security vagaries: RelaAonships between soluaons and adversarial responses MulAdimensional contribuaons of individual security services to complex amributes, such as deterrence Scores can be derived in many different forms Single scalar value where bigger is bemer 2 scalar values: (1) security value added, (2) system level disvalues MulA objecave component scores providing more transparency ASRR 10/11 October

25 Metrics AMack phase based security value factors: Pre AMack (Deterrence) Trans AMack (Defense) Post AMack (RestoraAon) Would include collateral system impact metrics for the security architecture: Performance Reliability, Safety Complexity, Costs ASRR 10/11 October

26 System Aware Security System Scoring Matrix RelaDve Value Weights k 1 k 2 k 3 k 4 k 5 k 6 k j Value Factors Security Services Diversity (s 1 ) Hopping (s 2 ) Data ConAnuity Checking (s 3 ) TacAcal Forensics (s 4 ) Deterrence Real Time Defense Collateral System Impacts RestoraDon ImplementaDon Cost Life Cycle Cost s 11 s 12 s 1j s 21 s 22 s 2j s 31 s 32 s 3j s 41 s 42 s 4j Other (s i ) s i1 s i2 s ij Other ASRR 10/11 October

27 System Aware Security System Scoring Matrix RelaDve Value Weights k 1 k 2 k 3 k 4 k 5 k 6 k j Value Factors Security Services Diversity (s 1 ) Hopping (s 2 ) Data ConAnuity Checking (s 3 ) TacAcal Forensics (s 4 ) Deterrence Real Time Defense Collateral System Impacts RestoraDon ImplementaDon Cost Life Cycle Cost s 11 s 12 s 1j s 21 s 22 j= 1 s 2j s ij = Assurance Level of s 31 s 32 the ith service as s 3j related to the jth value factor s ij = QuanAzed Assurance Level = 0 M s 41 s p n 42 s 4j Security = k j s ij Score j= 1 i= 1 Other (s i ) s i1 s i2 Max Possible Score = n x M s ij p k j = 1 Other ASRR 10/11 October

28 Example Facility Defense Scoring Matrix RelaDve Value Weights K 1 =0.30 K 2 = 0.20 k 3 =0.10 K 4 = 0.20 K 5 = 0.05 K 6 = 0.15 Value Factors Security Services Diversity (s 1 ) Hopping (s 2 ) Data ConAnuity Checking (s 3 ) TacAcal Forensics (s 4 ) Deterrence Real Time Defense Collateral System Impacts RestoraDon ImplementaDon Cost Max Possible Score = 20 Facility Defense Score = 11.5 Life Cycle Cost Strongest Area is RestoraAon Weakest Area is Life Cycle Cost 28

29 On Going ExploraAon A pracacal methodology for determining Assurance Level Values Methodology for addressing uncertainty in assigning Assurance Level Values Methodology for ualizing RelaAve Value Weights Tradeoffs between scoring simplicity and transparency of results ASRR 10/11 October

30 Structured Arguments for System Scoring Builds upon the legacy of work developed for safety and informaaon assurance case evaluaaons UAlizes Goal Structuring NotaAon (GSN) for communicaang arguments to support assigned scores in a repeatable and clear manner System Aware security scoring arguments for a paracular system architecture include: Context supplied by the system owner and includes an available risk analysis for the system being protected and scoring guidelines System supplier provides the list of security services to be applied and characterizes the purposes expected of security services that are deemed as most peranent to reducing risk Specific claims about value factors and the anacipated effects of security services on these factors ExplanaAons of how each security service is anacipated to impact specific value factor claims, including explicitly dividing each service into policy, process, and technology components with corresponding explanaaons of value 30

31 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (1) Architectural Deterrence Claim Assigned suitable scores for deterrence Service SelecDon Strategy Decompose the Architecture to isolate, for the purposes of scoring, security services that address deterrence Data ConDnuity Service Claim Improves deterrence Diversity Service Claim See later slide Context Risk analysis and scoring guidelines Scoring Assignment Strategy UAlize experts to score service claims with accompanying raaonale Forensics Service Claim Hopping Service Claim 31

32 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (2) Data ConDnuity Service Claim (1) ExploitaAon design requires distributed exploit designers Data ConDnuity Service Claim Improves deterrence Data ConDnuity Service Claim (2) ExploitaAon design requires designers with deep systems knowledge.. Data ConDnuity Service Claim (n) 32

33 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (3) Data ConDnuity Service Claim (1) ExploitaAon design requires distributed exploit designers Red Team Evidence Document Data ConDnuity Service Claim Improves deterrence System Design Team Evidence Document Intelligence Analysis Evidence Document 33

34 Simplified DiagrammaAc RepresentaAon of a Structured Argument for Deterrence Scoring (4) Data ConDnuity Service Claim Improves deterrence Data ConDnuity Service Claim (2) ExploitaAon design requires designers with deep systems knowledge System Design Team Evidence Document 34

System Aware Cyber Security

System Aware Cyber Security System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology to the Cyber Security of Physical Systems Barry M. Horowitz, Kate Pierce University of Virginia April, 2012

More information

This chapter introduces you to Microso2 Office Access 2013. The chapter focuses on what a database is, the components of a database, what a database

This chapter introduces you to Microso2 Office Access 2013. The chapter focuses on what a database is, the components of a database, what a database This chapter introduces you to Microso2 Office Access 2013. The chapter focuses on what a database is, the components of a database, what a database can do and how to create a database. 1 The objecaves

More information

A System-Aware Cyber Security Architecture

A System-Aware Cyber Security Architecture A System-Aware Cyber Security Architecture Rick A. Jones and Barry Horowitz* Regular Paper Systems and Information Engineering, University of Virginia, Charlottesville, VA 22904 A SYSTEM-AWARE CYBER SECURITY

More information

IOmark Suite. Benchmarking Storage with Applica4on Workloads August, 2013. 2013 Evaluator Group, Inc.

IOmark Suite. Benchmarking Storage with Applica4on Workloads August, 2013. 2013 Evaluator Group, Inc. IOmark Suite Benchmarking Storage with Applica4on Workloads August, 2013 1 What is IOmark Suite?! A storage specific benchmark for applicaaon workloads Tests storage only Supports VDI and Virtual Machine

More information

BBM467 Data Intensive ApplicaAons

BBM467 Data Intensive ApplicaAons Hace7epe Üniversitesi Bilgisayar Mühendisliği Bölümü BBM467 Data Intensive ApplicaAons Dr. Fuat Akal akal@hace7epe.edu.tr FoundaAons of Data[base] Clusters Database Clusters Hardware Architectures Data

More information

Data Center Reference Architectures. Manish Karir Merit Network Inc.

Data Center Reference Architectures. Manish Karir Merit Network Inc. Data Center Reference Architectures Manish Karir Merit Network Inc. Outline Background Generalized data center architecture Data center variaaons Factors affecang data design Generalizing scale and workload

More information

How to Develop a Funding Model

How to Develop a Funding Model How to Develop a Funding Model Seri Renkin CEO, ten20 Foundation Caroline Chernov Executive Director, ten20 Foundation Greg Peel CEO & Managing Director, Bendigo Bank Community Sector Banking Jane Vadiveloo

More information

Mobile Device Security Risks and RemediaAon Approaches

Mobile Device Security Risks and RemediaAon Approaches Mobile Device Security Risks and RemediaAon Approaches Raj Chaudhary, Principal, Crowe Horwath LLP In- Depth Seminars D11 CRISC CGEIT CISM CISA Informal Poll What is your Atle/role? Internal Audit IT Audit

More information

TL 9000 Measurements Handbook, Release 5.0

TL 9000 Measurements Handbook, Release 5.0 Logo or heading here TL 9000 Measurements Handbook, Release 5.0 Changes from Release 4.5 Overview Measurements Handbook Changes R4.5 to R 5.0 Input from Sub- teams and IniAaAves tasked with developing

More information

SERC Security. By Jennifer Bayuk

SERC Security. By Jennifer Bayuk SERC Security By Jennifer Bayuk Annual SERC Research Review October 5 6, 2011 University of Maryland MarrioF Inn and ConvenHon Center HyaFsville, MD www.sercuarc.org Annual SERC Research Review, October

More information

Scality RING High performance Storage So7ware for Email pla:orms, StaaS and Cloud ApplicaAons

Scality RING High performance Storage So7ware for Email pla:orms, StaaS and Cloud ApplicaAons Scality RING High performance Storage So7ware for Email pla:orms, StaaS and Cloud ApplicaAons Friday, March 18, 2011 MARKET ExponenAal Storage Demand The Digital Universe: Growing by a factor of 44 in

More information

BBM467 Data Intensive ApplicaAons

BBM467 Data Intensive ApplicaAons Hace7epe Üniversitesi Bilgisayar Mühendisliği Bölümü BBM467 Data Intensive ApplicaAons Dr. Fuat Akal akal@hace7epe.edu.tr Overview What is Cloud CompuAng? VirtualizaAon Service Oriented CompuAng What is

More information

Grid CompuAng AnalyAcs with Splunk Finnbar Cunningham

Grid CompuAng AnalyAcs with Splunk Finnbar Cunningham Copyright 2014 Splunk Inc. Grid CompuAng AnalyAcs with Splunk Finnbar Cunningham Head of Grid CompuAng OperaAons & Support Credit Suisse Disclaimer During the course of this presentaaon, we may make forward-

More information

BBM467 Data Intensive ApplicaAons

BBM467 Data Intensive ApplicaAons Hace7epe Üniversitesi Bilgisayar Mühendisliği Bölümü BBM467 Data Intensive ApplicaAons Dr. Fuat Akal akal@hace7epe.edu.tr Problem How do you scale up applicaaons? Run jobs processing 100 s of terabytes

More information

Lecture on Storage Systems

Lecture on Storage Systems Lecture on Storage Systems Network File Systems André Brinkmann Network File Systems Distributed File Systems NFS AFS Network A

More information

2011 Cyber Security and the Advanced Persistent Threat A Holistic View

2011 Cyber Security and the Advanced Persistent Threat A Holistic View 2011 Cyber and the Advanced Persistent Threat A Holistic View Thomas Varney Cybersecurity & Privacy BM Global Business Services 1 31/10/11 Agenda The Threat We Face A View to Addressing the Four Big Problem

More information

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning Niara Security Analytics Automatically detect attacks on the inside using machine learning Automatically detect attacks on the inside Supercharge analysts capabilities Enhance existing security investments

More information

Unified Security Management

Unified Security Management Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy

More information

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen Mobile Security Wireless Mesh Network Security Sascha Alexander Jopen Overview Introduction Wireless Ad-hoc Networks Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless Mesh Networks

More information

Business Case Development for Credit and Debit Card Fraud Re- Scoring Models

Business Case Development for Credit and Debit Card Fraud Re- Scoring Models Business Case Development for Credit and Debit Card Fraud Re- Scoring Models Kurt Gutzmann Managing Director & Chief ScienAst GCX Advanced Analy.cs LLC www.gcxanalyacs.com October 20, 2011 www.gcxanalyacs.com

More information

Informa4on Security Management at Cer4ficate Authori4es

Informa4on Security Management at Cer4ficate Authori4es Informa4on Security Management at Cer4ficate Authori4es István Zsolt BERTA istvan@berta.hu Public Key Cryptographic Primi4ves 1 PKI lectures 1. Public key cryptography primiaves 2. CerAficates, CerAficate

More information

IBM's Strategic Approach to System- Centric MFT with Sterling Connect:Direct and WebSphere MQ Advanced

IBM's Strategic Approach to System- Centric MFT with Sterling Connect:Direct and WebSphere MQ Advanced IBM's Strategic Approach to System- Centric MFT with Sterling Connect:Direct and WebSphere MQ Advanced Dirk A. Maney Product Line Manager Managed File Transfer and Aspera Please Note IBM s statements regarding

More information

Niara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined

Niara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined Niara Security Intelligence Threat Discovery and Incident Investigation Reimagined Niara enables Compromised user discovery Malicious insider discovery Threat hunting Incident investigation Overview In

More information

Procedia Computer Science

Procedia Computer Science Procedia Computer Science 00 (2012) 000 000 Procedia Computer Science www.elsevier.com/locate/procedia New Challenges in Systems Engineering and Architecting Conference on Systems Engineering Research

More information

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

More information

evm Virtualization Platform for Windows

evm Virtualization Platform for Windows B A C K G R O U N D E R evm Virtualization Platform for Windows Host your Embedded OS and Windows on a Single Hardware Platform using Intel Virtualization Technology April, 2008 TenAsys Corporation 1400

More information

Chapter 16 Objectives

Chapter 16 Objectives 1 Chapter 16 Objectives 1. Determine the number of units and amount of sales revenue needed to break even and to earn a target profit. 2. Determine the number of units and sales revenue needed to earn

More information

Monitoring for network security and management. Cyber Solutions Inc.

Monitoring for network security and management. Cyber Solutions Inc. Monitoring for network security and management Cyber Solutions Inc. Why monitoring? Health check of networked node Usage and load evaluation for optimizing the configuration Illegal access detection for

More information

Agile Contracts The Foundation of Successful Partnering

Agile Contracts The Foundation of Successful Partnering Agile Contracts The Foundation of Successful Partnering Hosts: Alex Brown Christine Hegarty 2011 Scrum Inc. Who We Are Scrum Inc. is the Agile leadership company of Dr. Jeff Sutherland, co-creator of Scrum.

More information

Recruitment Process Outsourcing

Recruitment Process Outsourcing Recruitment Process Outsourcing What, When and Why Some ideas to get you thinking about RPO What is Recruitment Process Outsourcing (RPO)? 2 What is Recruitment Process Outsourcing (RPO)? A client- centric

More information

Big Data & Data Visualiza.on: How to mine through the mess, discover what's important and put it to use

Big Data & Data Visualiza.on: How to mine through the mess, discover what's important and put it to use Big Data & Data Visualiza.on: How to mine through the mess, discover what's important and put it to use Erich Heneke Mayo Clinic Supply Chain Management My Team (SC Audit/Controls) Developed after a widespread

More information

Part One: What is an EHR and the Top Ten Reasons to Implement Now

Part One: What is an EHR and the Top Ten Reasons to Implement Now Part One: What is an EHR and the Top Ten Reasons to Implement Now Brian Dimit Director of Industry MarkeAng PointClickCare February 1, 2012 EHR 101: What is EHR, Why Implement Now? We will begin in 5 minutes

More information

Cybersecurity Capacity Assessment of the Republic of Kosovo. Lara Pace Kosovo June 2015

Cybersecurity Capacity Assessment of the Republic of Kosovo. Lara Pace Kosovo June 2015 Cybersecurity Capacity Assessment of the Republic of Kosovo Lara Pace Kosovo June 2015 CMM - Five Dimensions Levels of Maturity Start- up: At this level either nothing exists, or it is very embryonic in

More information

Network Mission Assurance

Network Mission Assurance Network Mission Assurance Michael F. Junod, Patrick A. Muckelbauer, PhD, Todd C. Hughes, PhD, Julius M. Etzl, and James E. Denny Lockheed Martin Advanced Technology Laboratories Camden, NJ 08102 {mjunod,pmuckelb,thughes,jetzl,jdenny}@atl.lmco.com

More information

Above and Beyond Meaningful Use

Above and Beyond Meaningful Use Above and Beyond Meaningful Use Our templates are designed with the user in mind. To increase visibility, we color- coded the appointment statuses. To reduce confusion, we ve added special intervals between

More information

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services Managing Vulnerabilities for PCI Compliance White Paper Christopher S. Harper Managing Director, Agio Security Services PCI STRATEGY Settling on a PCI vulnerability management strategy is sometimes a difficult

More information

Intrusion Tolerance to Mitigate Attacks that Persist

Intrusion Tolerance to Mitigate Attacks that Persist Intrusion Tolerance to Mitigate Attacks that Persist Arun Sood Professor (Computer Science) and Co-Director International Cyber Center George Mason University, Fairfax, VA asood@gmu.edu The variety and

More information

Identity & Access Management: Strategic Roadmap. April 2013

Identity & Access Management: Strategic Roadmap. April 2013 Identity & Access Management: Strategic Roadmap April 2013 What is IAM? Identity & Access Management is the set of policies, process, and technologies used to manage digital identities and their access

More information

Wireless Sensor Networks Chapter 14: Security in WSNs

Wireless Sensor Networks Chapter 14: Security in WSNs Wireless Sensor Networks Chapter 14: Security in WSNs António Grilo Courtesy: see reading list Goals of this chapter To give an understanding of the security vulnerabilities of Wireless Sensor Networks

More information

Minder. simplifying IT. All-in-one solution to monitor Network, Server, Application & Log Data

Minder. simplifying IT. All-in-one solution to monitor Network, Server, Application & Log Data Minder simplifying IT All-in-one solution to monitor Network, Server, Application & Log Data Simplify the Complexity of Managing Your IT Environment... To help you ensure the availability and performance

More information

On Reliability of COTS Hardware

On Reliability of COTS Hardware On Reliability of COTS Hardware Dr. Li Mo Chief Architect, CTO Group Agenda Differences between Telecom Hardware and COTS Hardware Analysis Framework Enhancing ApplicaAon Reliability via Backups TheoreAcal

More information

National Initiative for Cybersecurity Education

National Initiative for Cybersecurity Education THE NICE VISION National Initiative for Cybersecurity Education a national campaign to promote cybersecurity awareness and digital literacy from our boardrooms to our classrooms, and to build a digital

More information

Execu&ve Coaching Program Design Checklist

Execu&ve Coaching Program Design Checklist Execu&ve Coaching Program Design Checklist Anyone responsible for execu1ve coaching in his/her organiza1on will benefit from this checklist. We have compiled all the key ques1ons that must be asked for

More information

Leonardo Aniello aniello@dis.uniroma1.it

Leonardo Aniello aniello@dis.uniroma1.it SDCI 2012 HOT TOPICS IN SECURE AND DEPENDABLE COMPUTING FOR CRITICAL INFRASTRUCTURES JANUARY 15 TH 19 TH, CORTINA D AMPEZZO, ITALY COLLABORATIVE EVENT PROCESSING FOR THE PROTECTION OF CRITICAL INFRASTRUCTURES

More information

A Systems of Systems. The Internet of Things. perspective on. Johan Lukkien. Eindhoven University

A Systems of Systems. The Internet of Things. perspective on. Johan Lukkien. Eindhoven University A Systems of Systems perspective on The Internet of Things Johan Lukkien Eindhoven University System applications platform In-vehicle network network Local Control Local Control Local Control Reservations,

More information

4.1 CD 301 - BSc (Hons) Information Technology (Diploma to Degree Upgrade 1.5 Years Part Time)

4.1 CD 301 - BSc (Hons) Information Technology (Diploma to Degree Upgrade 1.5 Years Part Time) 4.1 CD 301 - BSc (Hons) Information Technology (Diploma to Degree Upgrade 1.5 Years Part Time) 1. OBJECTIVES This Programme is geared towards producing computer professionals, with a thorough understanding

More information

Process Solutions. Mitigating Cyber Security Risks in Legacy Process Control Systems. White Paper

Process Solutions. Mitigating Cyber Security Risks in Legacy Process Control Systems. White Paper Process Solutions White Paper Mitigating Cyber Security Risks in Legacy Process Control Executive Summary The term legacy process control system has different connotations for different people. To many,

More information

A Primer on Cyber Threat Intelligence

A Primer on Cyber Threat Intelligence A Primer on Cyber Threat Intelligence AS ADVERTISED 2 BUZZWORD BINGO! 3 TODAY S CYBER SECURITY CHALLENGES CISOs finding it difficult to define security ROI to executives Short shelf life for CISOs Vastly

More information

Agile Cyber Security Security for the Real World, Architectural Approach

Agile Cyber Security Security for the Real World, Architectural Approach Agile Cyber Security Security for the Real World, Architectural Approach Osama Al-Zoubi Senior Manger, Systems Engineering Fahad Aljutaily Senior Solution Architect, Security Market Trends Welcome to the

More information

Large Scale Breach Lessons Learned. September 2013

Large Scale Breach Lessons Learned. September 2013 Large Scale Breach Lessons Learned September 2013 1 A Comprehensive Approach to Advanced Threat Defense The threat landscape has changed Adversaries have the ability to develop customized, targeted, and

More information

Stories from being an agile coach, Scrum developer and ScrumMaster. Companies: 2 startups acquired, one in Workforce, Warehouse & TransportaAon

Stories from being an agile coach, Scrum developer and ScrumMaster. Companies: 2 startups acquired, one in Workforce, Warehouse & TransportaAon Stories from being an agile coach, Scrum developer and ScrumMaster. Companies: 2 startups acquired, one in Workforce, Warehouse & TransportaAon SoBware SoluAons 1 in online booking & payment for tourism

More information

70-646 R3: Windows Server 2008 Administration. Course Overview. Course Outline. Course Length: 4 Day

70-646 R3: Windows Server 2008 Administration. Course Overview. Course Outline. Course Length: 4 Day 70-646 R3: Windows Server 2008 Administration Course Length: 4 Day Course Overview This course will prepare the student for Exam 70-646: Pro: Windows Server 2008, Server Administrator. Topics covered include

More information

A distributed data processing architecture for real time intelligent transport systems

A distributed data processing architecture for real time intelligent transport systems A distributed data processing architecture for real time intelligent transport systems K. Nesenbergs (krisjanis.nesenbergs@edi.lv) L. Selavo (leo.selavo@edi.lv) Institute of Electronics and Computer Science

More information

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments What You Will Learn In many enterprises, physical security departments are making a notable

More information

Assumption Busters Workshop - Cloud Computing

Assumption Busters Workshop - Cloud Computing Assumption Busters Workshop - Cloud Computing Background: In 2011, the U.S. Federal Cyber Research Community conducted a series of four workshops designed to examine key assumptions that underlie current

More information

University of California Compu3ng Services Conference 2009. Campus Web Content Management

University of California Compu3ng Services Conference 2009. Campus Web Content Management University of California Compu3ng Services Conference 2009 Campus Web Content Management Why are you here? What do you want to get out of this session? What areas of emphasis do you want us to focus on?

More information

Center of Academic Excellence Cyber Operations Program 2013 Application

Center of Academic Excellence Cyber Operations Program 2013 Application Center of Academic Excellence Cyber Operations Program 2013 Application Name of Institution: Mailing Address of Institution: Date: Institution s President s Name and Official Email Address: Department

More information

Innova&ve IT Solu&ons. Oracle ACFS / Cloud File System. Unleash your Business- criacal ApplicaAons. Ma#hias Pölzinger Senior Consultant

Innova&ve IT Solu&ons. Oracle ACFS / Cloud File System. Unleash your Business- criacal ApplicaAons. Ma#hias Pölzinger Senior Consultant Oracle ACFS / Cloud File System Unleash your Business- criacal ApplicaAons Ma#hias Pölzinger Senior Consultant Speaker Ma#hias Pölzinger ma#hias.poelzinger@initso.at h#p://kb.initso.at Senior Consultant

More information

ModernizaAon of a SAS AnalyAcs Environment

ModernizaAon of a SAS AnalyAcs Environment ModernizaAon of a SAS AnalyAcs Environment Solving Complicated Refresh Challenges with Oracle SPARC/Solaris VirtualizaAon A Case Study Maureen Chew, ISV Engineering Gary Granito, Oracle SoluAons Center

More information

Network Management and Monitoring Software

Network Management and Monitoring Software Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the

More information

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud The Advanced Attack Challenge Creating a Government Private Threat Intelligence Cloud The Advanced Attack Challenge One of the most prominent and advanced threats to government networks is advanced delivery

More information

Proactive Network Performance Monitoring

Proactive Network Performance Monitoring Proactive Network Performance Monitoring No other tool is as flexible and robust as Goliath Performance Monitor We have been using Goliath Performance Monitor for many years. We have looked at other tools

More information

Proposed Central Corridor Loyalty Program

Proposed Central Corridor Loyalty Program Proposed Central Corridor Loyalty Program 1 Business Problem Retail business will lose revenue in the range of 20% to 60% due to construcaon CCLRT ADer construcaon has started, idenafying current customers

More information

Cyber Security Metrics Dashboards & Analytics

Cyber Security Metrics Dashboards & Analytics Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics

More information

SERVICE SCHEDULE MANAGED HOSTED APPLICATIONS

SERVICE SCHEDULE MANAGED HOSTED APPLICATIONS SERVICE SCHEDULE MANAGED HOSTED APPLICATIONS This is a Service Schedule as defined in the Conditions. Where the Services set out in this Service Schedule form part of the Services to be supplied under

More information

SECURITY. Risk & Compliance Services

SECURITY. Risk & Compliance Services SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize

More information

SAN Conceptual and Design Basics

SAN Conceptual and Design Basics TECHNICAL NOTE VMware Infrastructure 3 SAN Conceptual and Design Basics VMware ESX Server can be used in conjunction with a SAN (storage area network), a specialized high speed network that connects computer

More information

Securing and Accelerating Databases In Minutes using GreenSQL

Securing and Accelerating Databases In Minutes using GreenSQL Securing and Accelerating Databases In Minutes using GreenSQL Unified Database Security All-in-one database security and acceleration solution Simplified management, maintenance, renewals and threat update

More information

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus Information Technology Engineers Examination Information Security Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination

More information

Federal CIO: Cloud Selection Toolkit. Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald

Federal CIO: Cloud Selection Toolkit. Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald Federal CIO: Cloud Selection Toolkit Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald Agenda Project Introduction Agency Cloud Challenges Toolkit Solution Overview Step 1:

More information

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014 Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

CSC 774 Advanced Network Security. Outline. Related Work

CSC 774 Advanced Network Security. Outline. Related Work CC 77 Advanced Network ecurity Topic 6.3 ecure and Resilient Time ynchronization in Wireless ensor Networks 1 Outline Background of Wireless ensor Networks Related Work TinyeRync: ecure and Resilient Time

More information

Strategic Plan FY 2014-2016

Strategic Plan FY 2014-2016 Strategic Plan FY 2014-2016 CONTENTS SUMMARY 3 ACADEMIC SERVICES 4 DATA MANAGEMENT & REPORTING 6 COMMUNICATIONS & COLLABORATION 7 IT SERVICES 8 INFRASTRUCTURE 9 SECURITY 10 BRAND BUILDING 11 INITIATION

More information

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved. Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control

More information

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Standard: Data Security Standard (DSS) Requirement: 6.6 Date: February 2008 Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Release date: 2008-04-15 General PCI

More information

Windows Embedded Security and Surveillance Solutions

Windows Embedded Security and Surveillance Solutions Windows Embedded Security and Surveillance Solutions Windows Embedded 2010 Page 1 Copyright The information contained in this document represents the current view of Microsoft Corporation on the issues

More information

University of Greenwich Graduate Internship Programme. Welcome Jerry Allen

University of Greenwich Graduate Internship Programme. Welcome Jerry Allen University of Greenwich Graduate Internship Programme Welcome Jerry Allen th Monday 5 November AdministraAon IntroducAon unal 12.30 12.30-1.30 lunch 1.30-4.30 CompeAtor Analysis AdministraAon Passport/ID

More information

Managing and Maintaining Windows Server 2008 Servers

Managing and Maintaining Windows Server 2008 Servers Managing and Maintaining Windows Server 2008 Servers Course Number: 6430A Length: 5 Day(s) Certification Exam There are no exams associated with this course. Course Overview This five day instructor led

More information

Announcement of a new IAEA Co-ordinated Research Programme (CRP)

Announcement of a new IAEA Co-ordinated Research Programme (CRP) Announcement of a new IAEA Co-ordinated Research Programme (CRP) 1. Title of Co-ordinated Research Programme Design and engineering aspects of the robustness of digital instrumentation and control (I&C)

More information

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

GETTING REAL ABOUT SECURITY MANAGEMENT AND BIG DATA GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA" A Roadmap for "Big Data" in Security Analytics ESSENTIALS This paper examines: Escalating complexity of the security management environment, from threats

More information

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security

More information

Graph Databases What makes them Different?

Graph Databases What makes them Different? www.objectivity.com Graph Databases What makes them Different? Darren Wood Chief Architect, InfiniteGraph NoSQL Data Specialists Everyone specializes Doctors, Lawyers, Bankers, Developers Why was data

More information

University of Sunderland Business Assurance Information Security Policy

University of Sunderland Business Assurance Information Security Policy University of Sunderland Business Assurance Information Security Policy Document Classification: Public Policy Reference Central Register Policy Reference Faculty / Service IG 003 Policy Owner Assistant

More information

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A

More information

GETTING STARTED WITH LABVIEW POINT-BY-POINT VIS

GETTING STARTED WITH LABVIEW POINT-BY-POINT VIS USER GUIDE GETTING STARTED WITH LABVIEW POINT-BY-POINT VIS Contents Using the LabVIEW Point-By-Point VI Libraries... 2 Initializing Point-By-Point VIs... 3 Frequently Asked Questions... 5 What Are the

More information

Improving Cybersecurity and Resilience through Acquisition [DRAFT] IMPLEMENTATION PLAN

Improving Cybersecurity and Resilience through Acquisition [DRAFT] IMPLEMENTATION PLAN Improving Cybersecurity and Resilience through Acquisition [DRAFT] IMPLEMENTATION PLAN Version 1.0 February 2014 Page 1 of 7 Table of Contents Introduction... 3 Purpose... 3 Plan Development Process...

More information

Understand Your SAP HR and Payroll Reporting Options In A Cloud, On-Premise and Hybrid World

Understand Your SAP HR and Payroll Reporting Options In A Cloud, On-Premise and Hybrid World Understand Your SAP HR and Payroll Reporting Options In A Cloud, On-Premise and Hybrid World SpinifexIT Webinar Danielle Larocca, SpinifexIT Copyright 2014 SpinifexIT Pty Ltd. Questions How to submit a

More information

INTERMEDIATE QUALIFICATION

INTERMEDIATE QUALIFICATION PROFESSIONAL QUALIFICATION SCHEME INTERMEDIATE QUALIFICATION SERVICE CAPABILITY PLANNING, PROTECTION AND OPTIMIZATION CERTIFICATE SYLLABUS The Swirl logo is a trade mark of the Cabinet Office ITIL is a

More information

VULNERABILITY ASSESSMENT AND SURVEY PROGRAM. Overview of Assessment Methodology. U.S. Department of Energy Office of Energy Assurance

VULNERABILITY ASSESSMENT AND SURVEY PROGRAM. Overview of Assessment Methodology. U.S. Department of Energy Office of Energy Assurance VULNERABILITY ASSESSMENT AND SURVEY PROGRAM Overview of Assessment Methodology U.S. Department of Energy Office of Energy Assurance September 28, 2001 CONTENTS 1 Introduction... 1 2 Assessment Methodology...

More information

But I m Not a Salesman! Energy Efficiency Contractor Sales Training Success Stories

But I m Not a Salesman! Energy Efficiency Contractor Sales Training Success Stories But I m Not a Salesman! Energy Efficiency Contractor Sales Training Success Stories Elizabeth Stuart / Megan Billingsley Lawrence Berkeley NaDonal Laboratory BECC Conference, Sacramento, CA November 14,

More information

Open Source Software for Cyber Operations:

Open Source Software for Cyber Operations: W H I T E P A P E R Open Source Software for Cyber Operations: Delivering Network Security, Flexibility and Interoperability Introduction For the last decade, the use of open source software (OSS) in corporate

More information

LoRaWAN. What is it? A technical overview of LoRa and LoRaWAN. Technical Marketing Workgroup 1.0

LoRaWAN. What is it? A technical overview of LoRa and LoRaWAN. Technical Marketing Workgroup 1.0 LoRaWAN What is it? A technical overview of LoRa and LoRaWAN Technical Marketing Workgroup 1.0 November 2015 TABLE OF CONTENTS 1. INTRODUCTION... 3 What is LoRa?... 3 Long Range (LoRa )... 3 2. Where does

More information

Presented by Evan Sylvester, CISSP

Presented by Evan Sylvester, CISSP Presented by Evan Sylvester, CISSP Who Am I? Evan Sylvester FAST Information Security Officer MBA, Texas State University BBA in Management Information Systems at the University of Texas Certified Information

More information

The introduction covers the recent changes is security threats and the effect those changes have on how we protect systems.

The introduction covers the recent changes is security threats and the effect those changes have on how we protect systems. 1 Cyber-attacks frequently take advantage of software weaknesses unintentionally created during development. This presentation discusses some ways that improved acquisition practices can reduce the likelihood

More information

LOCAL RADIO STATION MODEL VULNERABILITY ASSESSMENT CHECKLIST. Developed by the Toolkit Working Group for the Media Security and Reliability Council

LOCAL RADIO STATION MODEL VULNERABILITY ASSESSMENT CHECKLIST. Developed by the Toolkit Working Group for the Media Security and Reliability Council LOCAL RADIO STATION MODEL VULNERABILITY ASSESSMENT CHECKLIST Developed by the Toolkit Working Group for the Media Security and Reliability Council November 16, 2004 INDEX A. Introduction...1 1. Scope...1

More information

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191 Interim Techlogy Performance Report 3 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V1 Company Name: The Boeing Company November 19, 2013 1 Interim Techlogy Performance Report 3

More information

NSA/DHS National Centers of Academic Excellence in Information Assurance/Cyber Defense 2014 List of Knowledge Units and Focus Areas

NSA/DHS National Centers of Academic Excellence in Information Assurance/Cyber Defense 2014 List of Knowledge Units and Focus Areas The CAE IA/CD academic requirements are based on meeting defined sets of Knowledge Units (KUs): 1. Core for 2 year programs - technical or applied emphasis 2. Core for 4 year + programs - technical or

More information

Boundless Security Systems, Inc. digital video security systems to deter, intervene and investigate

Boundless Security Systems, Inc. digital video security systems to deter, intervene and investigate Security Systems, Inc. digital video security systems to deter, intervene and investigate Comparison of Video Security System Architectures Comparison Table, 2 Digital Video Recorder (DVR) has centralized

More information

Audit Logging. Overall Goals

Audit Logging. Overall Goals Audit Logging Security Training by Arctec Group (www.arctecgroup.net) 1 Overall Goals Building Visibility In Audit Logging Domain Model 2 1 Authentication, Authorization, and Auditing 3 4 2 5 6 3 Auditing

More information