Security WG Status Review ESA European Space Operations Centre Darmstadt, Germany 16 April 2012 Howard Weiss NASA/JPL/SPARTA skype: hsweiss
Boulder Meeting Agenda 31 October 2011 – 08:45 – 09:45: CCSDS Plenary – 09:45 – 12:00: Systems Engineering Area (SEA) Plenary 1 November 2011 (09:00 – 17:00) – Welcome, opening remarks, logistics, agenda bashing, introductions – Review results of Spring 2011 (Berlin) meeting – Status of documents – Review newly updated CWE entries: charter, programs, schedules – Security Architecture RID Disposition (Black) – Algorithm Document review (Weiss) – Algorithm Yellow Book review (Weiss) – Glossary Review (Weiss)
Meeting Agenda (cont) 2 November 2011 (09:00 – 17:00) – Key Management (Fischer/Aguilar-Sanchez) – Threat book review (All) – Cross Support (All) ?? – SM&C Support (Fischer) ?? – Network Layer Security Update (Weiss) – Link Layer Security Update (Biggerstaff/Weiss/Aguilar-Sanchez) – Other areas of discussion – New work areas 3 November 2011 – 09:00-17:00: Space Data Link Security WG 4 November 2011 – 09:00-12:30: Space Data Link Security WG – 13:00-17:00: SEA Wrap-up Plenary
Attendance NameOrganization Address Howard Weiss Gordon BlackUK Space Daniel Martin Craig Ignacio Clayton Dorothea
Executive Summary Attendees from UK Space Agency, ESA/ESTEC, ESA/ESOC, DLR, NASA/JSC, NASA/GSFC, and NASA/JPL. No attendees from ASI or CNES (CNES says they will attend in the Spring). Reviewed charter updates as recorded on CWE. Need to add Network Layer Blue Book as new work area. Reviewed and dispositioned the 86 RIDS against the Security Architecture document. Reviewed Security Glossary. A few minor changes need to be made and then the document will be submitted to the AD. Reviewed Algorithm Blue Book: a few more minor changes and the document will be submitted to AD. Reviewed the updated version of the Algorithm Yellow Book. Discussed KM Blue Book. Minimal progress since last mtg due to resource constraints. Reviewed network layer security profile – Adaptation Profile BB SDLS making good progress. SDLS papers being submitted to IEEE Aero Conference (Big Sky) + SpaceOps.
Summary of Goals and Deliverables 1. Recent charter update didn’t include network layer security. Change made – some conflict resulted but has been cleared up. 2. Minimal changes to Algorithm document. Yellow Book for testing (2 nd draft) discussed and will be revised with a few changes. ESA, DLR, GSFC potential testing sites. 3. Key Management green book submitted to AD. published 4. KM Blue Book for symmetric KM hit resource constraints. 5. Security glossary needs a few tweaks and then submit. 6. Network layer security for use of IPsec slated to be an “Adaptation Profile” Blue Book. 7. Cross Support & SM&C Security: discussed but no activity. 8. Reviewed & discussed revisions to the Threat Green Book.
Near-Term Schedule DeliverableMilestoneDate Charter Update Update for network layer security11/11 Algorithm Blue Book Incorporate changes per mtg & submit to AD 12/11 Key Management Blue Book Continue drafting next revision04/12 Network Layer Profile Layout of document02/12 Threat Document Revision Determine revision contents02/12 Information Security Glossary Final edits & submit to AD12/11
Near-Term Schedule (cont) Common Criteria Protection Profiles On holdTBD Application Layer Security On holdTBD
Open Issues Deciding what/how to revise Threat Green Book.
Action Items Item NumberAction Item:Assigned to:Date Due:Status SecWG1111:1Update charter for Network Layer Security Howard Weiss11/18/11Complete SecWG1111:2Provide RID disposition feedback and revise Security Architecture document. Gordon Black01/15/12Complete SecWG1111:3Check the meaning of Security Architecture RID #17 with ESA author. Daniel Fischer11/10/11Complete SecWG1111:4Obtain a document number for the Information Security Glossary from the Secretariat Editor Howard Weiss11/10/11CCSDS G SecWG1111:5Update the Information Security Glossary and submit final to AD Howard Weiss12/2/11Complete – submitted Nov 2011 SecWG1111:6Update the Algorithm Blue Book and submit to AD Howard Weiss12/16/11Complete
Action Items (2) SecWG1111:7Update Algorithm Yellow Book per comments. Howard Weiss01/16/12Complete SecWG1111:8Check to ensure that all the Algorithm Yellow Book references are needed and are normative. All01/16/12Complete SecWG1111:9Obtain a number for the Algorithm Yellow Book from the Secretariat Editor Howard Weiss11/10/12CCSDS Y SecWG1111:10Determine SA Lifetimes for the Network Layer Security Profile Howard Weiss01/16/12Default appears to be 1 hour. Cisco allows up to 24 hrs or 10 Mb. SecWG1111:11Coordinate Algorithm testingDorothea Richter, Daniel Fischer, Clayton Sigman 01/16/12 SecWG1111:12Determine if a threat registry exists.Craig Biggerstaff, Howard Weiss 11/10/12None found. closed SecWG1111:13Develop an outline/roadmap for revising the Threat Green Book. Gordon Black, Craig Biggerstaff, Howard Weiss 02/22/12Open
New Working Items, New BOFs, etc. Channel coding for security (based on Shannon codes) Security for software defined radios Continue to discuss security additions for SLE and SM&C.