Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

Transcription

1 Panel on Emerging Cyber Security Technologies Robert F. Brammer, Ph.D., VP and CTO Northrop Grumman Information Systems Panel Moderator 27 May 2010

2 Panel on Emerging Cyber Security Technologies Robert F. Brammer, Panel Moderator Introduction Good morning. My name is Bob Brammer, and I am the VP and Chief Technology Officer for Northrop Grumman s Information Systems Sector. It is my pleasure to be the moderator for this Panel on Emerging Cyber Security Technologies. This is clearly an important and timely subject. Given all of the threats and challenges that we have been discussing at this Cyberspace Symposium, we certainly need significant new technology developments to help to meet the objective of this symposium Ensuring Commander s Freedom of Action in Cyberspace. We have a strong panel to discuss this topic this morning, with representation from government, academia, and industry. Each of our panel members works with advanced developments in cybersecurity technology every day. We have organized this session so that each panel member will have about 10 minutes for prepared remarks on their work with emerging cybersecurity technologies. Then we will open the floor for questions from the audience for about 20 minutes. There should be enough insight from the panel members to help us all understand which emerging technologies will be significant in meeting our objective, distinguishing these technologies from others, unsuccessful, that may be described as submerging technologies. The technologies that we will discuss this morning are not only computer hardware, software, and networking, but also architectural concepts, mathematical algorithms, and psychological and economic models. Considered fully, cybersecurity is a multidisciplinary field that requires a broad range of expertise to advance. You will find that diversity in the members of this panel, whose expertise includes research in military cyber systems and operations, realtime cybersecurity, biologically inspired cybersecurity, social aspects of computing, and many other areas. Emerging Cyber Security Technologies Cybersecurity has become a national priority. In May of last year, President Obama, in announcing the results of the White House Cyberspace Review, said it's now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation.

3 It's also clear that we're not as prepared as we should be, as a government or as a country. In recent years, some progress has been made at the federal level. But just as we failed in the past to invest in our physical infrastructure -- our roads, our bridges and rails -- we've failed to invest in the security of our digital infrastructure. Consistent with this national priority, cybersecurity is a major priority in Northrop Grumman s research program. To build the program, we use information gathered from a wide variety of sources. These sources include our customers and their operations, cyber threat analyses performed by external and internal sources, major global IT and telecommunications firms, niche and start-up technology companies, research universities, venture capital organizations, and industry analysts. In some cases, we establish cooperative R&D agreements, in others we work on contract R&D projects, and we fund joint projects with leading research universities. Our research investments include a portfolio of short-term, mid-term, and longterm projects. We work closely with our customers in cybersecurity research. We have worked for years with many US government agencies on the development of state of the art cybersecurity systems. These customers include defense, intelligence, and civil federal agency customers in both large-scale operations and in advanced research. In particular, we have had the privilege of working with Mike VanPutte at DARPA, who is on our panel today, on some of his projects, including the National Cyber Range and the Dynamic Quarantine of Worms. Northrop Grumman has also been very active in the OSTP-sponsored National Cyber Leap Year Summit and the follow-on activities. The National Cyber Leap Year event in August 2009 addressed point #9 in the President s announcement by focusing on stimulating activities to develop leap ahead technologies to solve our cybersecurity challenges. Northrop Grumman has made significant research investments to address these challenges. For example, last year we established our Northrop Grumman Cybersecurity Research Consortium including Carnegie Mellon, MIT, and Purdue to help us develop some of these leap-ahead technologies. Our research in this consortium spans many areas of cybersecurity, defined as protection of information and information systems on networks. These areas include hardware and software security, privacy, simulation of cyber attacks and defenses, protection of critical national infrastructures, and others. We have initiated ten projects at the universities with complementary research projects at NGC. We conduct this research in consortium labs across the US. The three university members of this panel are all principal investigators or research directors in the Northrop Grumman Cybersecurity Research Consortium.

4 With some of the university research projects, we want to take a longer-range view. In particular, we are working to develop a deeper understanding of cyberspace. There has been some discussion in this Symposium about how cyberspace is the fifth domain of military operations, complementing land, ocean, air, and space. Because of the significance of the assets in cyberspace, it is clear that there are many reasons for a major military presence in cyberspace. However, cyberspace is very different from the other four domains in important respects. In particular, physical laws, of which we have some significant understanding, govern the other four domains. Cyberspace is synthetic, and we do not yet have a theory of the physics of cyberspace. We do not yet have the analogs of Newton and Einstein who can develop a significant theoretical framework for cyberspace developments. However, in the meantime, we are doing some very important cyberspace research, while we are working to build a general theory of cyberspace and cybersecurity. To organize our cybersecurity research, Northrop Grumman has developed a research agenda that includes a broad range of relevant topics. We will continue to extend this agenda as we do the research and perform large-scale cybersecurity operations for our customers and our own network. Northrop Grumman s Research Agenda Using the information that we gather from all of the above sources, we have developed a detailed cybersecurity research agenda. This research agenda contains eight major categories. Each category has several subcategories, leading to 75 categories in all. We invest in many of these areas and track developments in all of them through our research projects and our Strategic Technology Partnership Program. The eight major cybersecurity investment areas in our research agenda are: 1. Foundations for Cybersecurity e.g., secure hardware, firmware, and software engineering, massive information management and analytics, multilevel-security and cross-domain solutions, cyberspace situational awareness at multiple organizational levels, 2. Cyber Security and Information Assurance Characterization and Assessment - - e.g., certification and accreditation, quality assessment, security metrics, 3. Cybersecurity for Internet and Control System Infrastructure e.g., secure networking protocols, telecom and SCADA security, 4. Functional Cybersecurity supply chain management, identity management, security operations center management, real-time forensics,

5 5. Domain-Specific Cybersecurity -- Part of these domains are not connected to the Internet, but there are significant cybersecurity issues to be addressed notwithstanding tactical and airborne military networks, power grid, health information systems and privacy, 6. Cyberattack and Cyberexploitation e.g., technology and operational issues, 7. Next-Generation Systems and Architectures e.g., moving target architectures, tagged architectures, converged network, storage, and server protocols and operations, secure green IT, quantum computing, 8. Social Dimensions of Cyber Security cybersecurity economics, ethics and trust on the Internet, international law and policies, We see some promising emerging technologies in many of these areas. However, substantial work by government, industry, and academia is needed to realize the potential of these technologies for large-scale implementations that will have national impact. Our panelists this morning will describe some specific examples of these emerging technologies. Panel Members I will introduce the panel members in alphabetical order. The first panel member is Dr. David Brumley. David is a professor in Carnegie Mellon s Department of Electrical and Computer Engineering. His research includes the automatic analysis of binary code for security vulnerabilities. David has multiple patents and best paper awards for his research in computer security. The second panel member is Dr. Tom Knight. Tom is a Senior Research Scientist in MIT s Computer Science and Artificial Intelligence Laboratory. Tom is working on the development of computing technology based on biological concepts, which is a very active research area for new concepts in cybersecurity. Tom has been nominated by the Institute of Engineering and Technology as one of the Top 25 most influential people in engineering and technology today. He is also a Fellow of the American Association for the Advancement of Science. The third panel member is Dr. Eugene Spafford. Spaf is a professor of Computer Science at Purdue University and Director of Purdue s Center for Research in Information

6 Assurance and Security (CERIAS). Under his leadership, CERIAS has become the largest academic cybersecurity research center, graduating more than 25% percent of the cybersecurity PH.D s in the last ten years. His current research includes many issues in computer and network security, including computer crime and ethics, and the social impacts of computing. He has received many awards, including the Meritorious Civilian Service Award from the USAF for his work on the Air Force Scientific Advisory Board, the IEEE Computer Society Award for excellence in information security education, and the President s Award from the Association for Computing Machinery. The fourth panel member is Dr. Michael VanPutte. Mike is a Program Manager in DARPA s Strategic Technology Office. Dr. VanPutte manages the DARPA Cyber Defense Program responsible for conceptualizing and managing a diverse portfolio of high risk and high payoff computer security and cyber warfare programs that include the National Cyber Range, Dynamic Quarantine of Worms, Scalable Network Monitoring, and the Cyber Genome Program focused on revolutionizing cyber security and cyber scientific experimentation. Before joining DARPA, Mike was a career Army officer and had many significant assignments, including being the Deputy Director of the Joint Task Force on Global Network Operations and the Chief of the Knowledge Engineering Group at the Army War College. Northrop Grumman s Information Systems Sector is a $10B information systems integration organization and one of the largest providers of security systems and services to the US public sector. As the CTO, I am responsible for the technology strategy and the internal research program. Cybersecurity is a major priority in our research program, and we are investing significantly in many of the areas that our panelists describe in this panel discussion.