A Systems Approach to Protecting the U.S. Air Traffic Control System Against Cyber-Terrorism



Similar documents
Bellevue University Cybersecurity Programs & Courses

Cisco Advanced Services for Network Security

Cloud Computing Technologies Achieving Greater Trustworthiness and Resilience

Compliance Risk Management IT Governance Assurance

Federal Aviation Administration

MEMORANDUM. Date: October 28, Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

NHTSA S AUTOMOTIVE CYBERSECURITY RESEARCH. Arthur Carter, Frank Barickman, NHTSA

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

National Airspace System Security Cyber Architecture

THE FUTURE OF SMART GRID COMMUNICATIONS

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

Designing a security policy to protect your automation solution

Compliance and Unified Communication

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

The Protection Mission a constant endeavor

Basics of Internet Security

Update On Smart Grid Cyber Security

The STAGEnet Security Model

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Network/Cyber Security

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

University of Central Florida Class Specification Administrative and Professional. Information Security Officer

Cyber Security Risk Management: A New and Holistic Approach

FIVE PRACTICAL STEPS

Security Transcends Technology

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

Cybersecurity: Mission integration to protect your assets

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Industrial Control Systems Security Guide

Critical Infrastructure Security and Resilience

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

System Security Plan University of Texas Health Science Center School of Public Health

Cyber Security Risk Mitigation Checklist

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz , ICSG 2014

How To Secure Your System From Cyber Attacks

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4

SANS Top 20 Critical Controls for Effective Cyber Defense

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Civil Aviation and CyberSecurity Dr. Daniel P. Johnson Honeywell Aerospace Advanced Technology

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper

FISMA Implementation Project

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

NRC Cyber Security Policy &

Network Security Administrator

John Essner, CISO Office of Information Technology State of New Jersey

Appendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises

Remote Services. Managing Open Systems with Remote Services

DeltaV System Cyber-Security

Managing Security and Privacy Risk in Healthcare Applications

Dealer Member Cyber-security

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Secure networks are crucial for IT systems and their

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Cybersecurity Enhancement Account. FY 2017 President s Budget

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Cyber Security Survey

UIIPA - Security Risk Management. June 2015

Lessons from Defending Cyberspace

Cyber Security Solutions Integrated. Proactive. Resilient.

Cisco Security Optimization Service

Enterprise Cybersecurity: Building an Effective Defense

Intel Security Certified Product Specialist Data Loss Prevention Endpoint (DLPe)

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Table of Contents. Introduction. Audience. At Course Completion

University of Pittsburgh Security Assessment Questionnaire (v1.5)

Advanced Threats: The New World Order

Protecting Your Organisation from Targeted Cyber Intrusion

CYBER SECURITY, A GROWING CIO PRIORITY

KeyLock Solutions Security and Privacy Protection Practices

National Information Assurance and Cyber Security Strategy (NIACSS) Jordan s Approach to National CS&IA

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered.

Securing Active Directory Presented by Michael Ivy

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Birst Security and Reliability

National Infrastructure Protection Center

A HELPING HAND TO PROTECT YOUR REPUTATION

Payment Card Industry Data Security Standard

Recommended IP Telephony Architecture

Table of Contents. Introduction. Audience. At Course Completion

Injazat s Managed Services Portfolio

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Transcription:

A Systems Approach to Protecting the U.S. Air Traffic Control System Against Cyber-Terrorism Arthur Pyster Deputy Assistant Administrator for Information Services and Deputy Chief Information Officer arthur.pyster@faa.gov

The FAA s Job Each day, manage 30,000 commercial flights to safely move 2,000,000 passengers and 60,000 tons of cargo ~ 500 FAA Managed Air Traffic Control Towers ~ 180 Terminal Radar Control Centers (low altitude) 20 Enroute Centers (high altitude) ~ 60 Flight Service Stations (general aviation) ~ 40,000 Radars, Navigational Aids, Radios, INCOSE 2

The Threat It is important to concentrate on the destruction of the American economy Osama bin Laden If there had been a cyber-attack at the same time [September 11] that prevented them [air traffic controllers] from doing that [bringing down the aircraft], the magnitude of the event could have been much greater. Ron Ross, Director of the National Information Assurance Partnership The event I fear most is a physical attack in conjunction with a successful cyber-attack on the responders 911 system or on the power grid. Ron Dick, Director of FBI National Infrastructure Protection Center INCOSE 3

FAA s Systems Approach Establish strategy, policy, and guidance Systematically and continually examine threats and vulnerabilities Create an information systems security architecture that responds to those threats and vulnerabilities Implement information systems and networks consistent with the architecture Establish, institutionalize, and continuously improve processes Deploy security measures incrementally Monitor compliance and measure progress Manage risks proactively at each major decision point INCOSE 4

FAA s Cyber Defense Strategy Harden individual system and network elements Make it difficult to knock out individual elements, but recognize that successful attacks may occur Isolate elements to avoid viral spread Build on the FAA infrastructure that is already designed to tolerate independent failure of system and network elements Recognize that cyber attacks can be viral in nature, impacting a swath of elements Create firebreaks within the network to minimize viral spread Monitor networks to detect attacks and impose additional containment Back up key elements to avoid service disruption Build on the fact that redundancy is already integral to achieving safety and performance with the FAA infrastructure Develop recovery and restoration procedures that include cyber events INCOSE 5

FAA s 5 Layer Enterprise Model Personnel Architecture and Engineering Physical Cyber Hardening of System and Network Elements Compartmentalization Awareness and Execution Redundancy INCOSE 6

Awareness and Execution Perspective Policy Personnel Education Physical Procedures Boundary Protection Cyber Hardening of System and Network Elements Certification & Authorization Compartmentalization Incident Response Capability Awareness & Execution Redundancy INCOSE 7

Awareness and Execution Actions Check background; identify key positions; train all for awareness; train security personnel with specialized skills; Personnel Physical Physical Cyber Hardening of System and Network Elements Compartmentalization Lock up key systems assets; Certify and authorize all new systems and on a prioritized basis legacy systems; take into account personnel and physical security practices and status; Tightly manage internet access points; operate 24x7 cyber response center; run operational and administrative systems on separate networks; deploy anti-viral software enterprise-wide; periodically test for policy compliance; Redundancy Apply same techniques traditionally used to accommodate occasional component failure INCOSE 8

Architecture & Engineering Perspective Personnel Physical Authentication Access Control ISS Architecture Smart Cards Cyber Hardening Elements Compartmentalization Redundancy Confidentiality Integrity Encryption Analytical Tool Sets Biometrics Availability Public Key Infrastructure Architecture & Engineering INCOSE 9

Architecture & Engineering Actions Create specialized FAA training; Define smart card architecture and deployment strategy; Allocate ISS requirements to each element; develop Common Criteria templates; tailor NIACAP; infuse security engineers into projects; define enterprise-wide PKI architecture; integrate safety and security techniques; Define multiple domains with different security policies; define standards for VPNs, firewalls, etc.; research how to reduce data volume from intrusion detection; find ways to non-intrusively, continuously test network for policy compliance; develop analytic tools; operate test lab for new technologies; Rely on fact that system is already engineered to accommodate occasional component failure Personnel Physical Physical Cyber Hardening of System and Network Elements Compartmentalization Redundancy INCOSE 10

Conclusion Because of the size and complexity of the Air Traffic Control System, only a systems approach can provide adequate defense The fundamental strategy guiding cyber defense is: Harden individual system and network elements Isolate elements to avoid viral spread Back up elements to avoid service disruption Our systems approach implements this strategy INCOSE 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information