DoD Software Protection Initiative - HPEC 23 Sep 2003 Jeff Hughes AT-SPI Technology Office AFRL/SN 2241 Avionics Circle WPAFB, OH 45433-7320 (937) 477-3089.

Slides:

Advertisements

Similar presentations

Trusted Computing in Government Networks May 16, 2007 Richard C. (Dick) Schaeffer, Jr. Information Assurance Director National Security Agency.

Advertisements

1 Susan Alexander Chief Technology Officer for Information and Identity Assurance Office of the Assistant Secretary of Defense, Networks and Information.

Copyright (C) The Open Group 2014 Securing Global IT Supply Chains and IT Products by Working with Open Trusted Technology Provider™ Accredited Companies.

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety “September 11th.

INFORMATION SYSTEMS SECURITY ENGINEERING: A CRITICAL COMPONENT OF THE SYSTEMS ENGINEERING LIFECYCLE Kevin Behr SE 516 – Technical Article Presentation.

I n t e g r i t y - S e r v i c e - E x c e l l e n c e Headquarters U.S. Air Force Air Force 2013 “Big Ticket Items” for Live, Virtual and Constructive.

S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.

Building Secure Business for Industry & Government.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.

1 An Overview of Computer Security computer security.

Situation Aware Mobile Computing (SAMC) CPSC 608 Project Spring 2002 Project Members: Brent Dinkle Hemant Mahawar Marco Morales Sreekanth R. Sambavaram.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Controls for Information Security

Distinctions Between Computing Disciplines

Army Doctrine Publication (ADP) 3-37; and Army

Key Action II - Objectives Support the development and adoption of novel IST solutions for eCommerce & eWork aimed at enhancing: Support the development.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Patricia A. Muoio Chief National Information Assurance Research Lab.

CORPORATE SERVICES Empowering Students For A Lifetime Of Success.

© The Aerospace Corporation 2009 Addressing The Needs of Real-Time Embedded Software A Case for Software Systems Engineering Rob Pettit Flight Software.

What is Enterprise Architecture?

Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.

UNCLASSIFIED Tim Bacon [BaconBit Jupiter] YD-3, Special Project Officer Joint Forces Command, J9.

Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.

Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.

Software engineering. What is software engineering? Software engineering is an engineering discipline which is concerned with all aspects of software.

Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or.

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Unclassified DoD ESI & The Joint Information Environment (JIE) July 20,

CYBERSIM Dec Client: Information Assurance Center Advisor: Dr. Doug Jacobson Group Members: Ryan ApplegateCprE Saddam KhattakCprE Dan NguyenCprE/JLMC.

The Changing World of Endpoint Protection

Command & Control Capabilities

Tools and Technology Development Hardware-in-the-Loop Dennis Culley NASA Glenn Research Center Collaboration Forum Ohio Aerospace Institute August 25,

V&V of COTS RTOS for Space Flight Projects The 1st Annual NASA Office of Safety and Mission Assurance (OSMA) Software Assurance Symposium (SAS) Michael.

AFRL Nuclear S&T Investment Strategy Dr. David Hardy SES Associate Director for Space Technology Air Force Research Laboratory 27 August 2010.

Chapter 5 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.

Ames Research CenterDivision 1 Information Power Grid (IPG) Overview Anthony Lisotta Computer Sciences Corporation NASA Ames May 2,

March 2004 At A Glance NASA’s GSFC GMSEC architecture provides a scalable, extensible ground and flight system approach for future missions. Benefits Simplifies.

Last Updated 1/17/02 1 Business Drivers Guiding Portal Evolution Portals Integrate web-based systems to increase productivity and reduce.

A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.

SPACE SHUTTLE PROGRAM Space Shuttle Business Office NASA Johnson Space Center, Houston, Texas Presenter Date Page 1 Space Shuttle Program Flight and Ground.

Microsoft and Symantec

CONTROLLING INFORMATION SYSTEMS

Digital Data Collections ARL, CNI, CLIR, and DLF Forum October 28, 2005 Washington DC Chris Greer Program Director National Science Foundation.

ESA Harwell Robotics & Autonomy Facility Study Workshop Autonomous Software Verification Presented By: Rick Blake.

19 October 2004Enterprise Architecture in WSRP Portal 1 Foreword: Building Enterprise Architecture Through WSRP in Sample EPA Regional Portal FEA Goals:

June 2007Office of Federal Environmental Executive Symposium a data standard for use with construction specifications Bill Brodt Facilities Engineering.

Coast Guard Cyber Command

Activu-Powered Video Wall Prominently Featured during President Obama’s Visit to the National Cybersecurity and Communications Integration Center On January.

© 2013 VCE Company, LLC. All rights reserved. Nigel Moulton : Office of the CTO EMEA Focus on Business not infrastructure.

Network Security Basics: Malware and Attacks

Trade-offs to establish an integrated, comprehensive protection scheme

SE and SSE Trade-Off Analyses

Frequently asked questions about software engineering

Software Assurance Security Issues

Shanghai Jiao Tong University

National Defense Industrial Association

Office 365 and Microsoft Project Integrations for HULAK Project Management Software Enable Teams to Remain Productive and Within Budget OFFICE 365 APP.

Cybersecurity ATD technical

Quality Assurance for Component-Based Software Development

CYBERSECURITY IS A Business Issue

Presentation transcript:

DoD Software Protection Initiative - HPEC 23 Sep 2003 Jeff Hughes AT-SPI Technology Office AFRL/SN 2241 Avionics Circle WPAFB, OH (937)

2 Software Protection Initiative Direction - Dec 13, 2001: USD(AT&L) memo formally kick-starts the DoD Software Protection Initiative Mission - Prevent the unauthorized distribution and exploitation of application software critical to national security Vision - Establish the Software Protection Initiative as an integral layer of the defense-in-depth concept for information assurance - Complement existing information assurance efforts in network security and operating systems access controls with an application-centric approach to protecting critical DoD intellectual property Science & Engineering/ Modeling & Simulation Software Mission Support Software running on COTS Enterprise Software

3 What’s at Stake? Comprehensive collection efforts are underway to steal critical technologies - Application software is a high-value target The examples below illustrate the difficulties in protecting critical technology Use of SPI technology will allow us to : - Maintain operational superiority - Ensure our ability to dominate the battlespace - Provide defense-in-depth for U.S. forces 3 ? USAF F-111 (1964) Russian Su-24 (1964) USAF AWACS (1977) Russian A-50 (1980) NASA Space Russian Space Shuttle (1981) Shuttle (1983) AF B-1 (1984) Russian Tu-160 (1987) NASA/USAF X-29 (1989) Russian Su-37 Berkut (1997) USAF F/A-22 (200?) Stealth Fighter (200?) (Sources: Michael Schwartz, The role of espionage in the Soviet atomic bomb project; AFOSI Detachment 709 open source analysis)

4 Software Protection Initiative Protection Technologies Current commercial practices focus on revenue protection and have minimal shelf life Military grade protection must provide robust protection, reliability, and scalability - Current, most robust protection measures involve hardware and software - Hardware is embedded with trust which forms the foundation of the protection technology - Software application talks to the hardware to ensure protected execution PCI Card USB DeviceNetwork Device