Download presentation
Presentation is loading. Please wait.
Published byMerryl Higgins Modified over 9 years ago
1
Approach to Secure IP Platforms Clarence Pape March 12, 2011
2
Challenge Aircraft Platforms are incredibly complex Systems and networks degrade in quality and security over time Controlled point testing does not replicate real-world scenarios No room/budget for carrying emergency SMEs Shift in systems and networks to IP-based = changes in quality + security? Agile test system that is configurable to meet high demands Modular software approach to reduce weight and increase capabilities Leverage expert COTS tools with mission-focused workflows Generate actionable data in real time Collect detailed data for SME trend analysis Solution
3
Stuxnet Worm Iranian Nuclear Attack Infected over 45,000 machines Waited for the right conditions Targeted highly specific electronically controlled systems –IP Addresses in Iran –Presence of key technologies that indicate the system is installed in a vulnerable power plant Forces the industrial process to self-destruct
4
Overview of the Solution ID Optimize –Advanced Policy Engine –Leverages the power of COTS tools –Provides a customized interface that can be designed to represent the exact data necessary –Detailed logs are created for analysis and policy updates The power of enterprise-class tools, without the cost of SMEs.
5
ID Optimize -> DISA Air Mobility Test Suite ID Optimize is a COTS tool developed by ID DISA saw the potential –Custom workflows based on agency and mission –Ability to be run by non-IT professionals –Ability to provide simple summaries for users and after-action reports –Ability to return highly granular data for trend analysis
6
What is IDOptimize A flexible development framework that combines multiple COTS products for easy to use, integrated testing and reporting Flexible – Integrate with COTS, GOTS or custom built systems Modules designed for specific purposes = low training + high success rate Modules shared across different platforms Automation - Reduces human error - Increases productivity - Run more tests and test often - Compare results with previous test runs and platform baselines quickly Systematic testing leads to predictable and repeatable results
7
ANALOG MODULE
13
Comm Testing Comm Test Module Collect subjective data and objective meta-data variables about tone quality and encryption success for end to end network segment mapping Systematically generate 3-10 tones at different human audible pitches Record the generated tones 250KH Provide actionable feedback Benefits Focused on the end user quality True end-to-end system quality test, "through the demark” Track over 50 different variables for quality control as a workflow Plug and play After action reports Centralized database with full 250kHz data capture Logistical data integration
14
REPORTING MODULE
15
Reporting All information can be uploaded to central Control Centers and Reporting Engines instantly or in a batch process The IDOptimize Test Suite Reporting Engine can also be used for mash-ups and deep dive analysis Client-side mash-up technologies preserves user authentication through to primary databases Reports can include local information, as well as global information
16
Calls by GEP geo-coded and graphed by Altitude– success/failure FOUO
17
Calls by GEP geo-coded and graphed by CCSD – success/failure FOUO
18
Calls by GEP geo-coded and graphed by weather – success/failure FOUO
19
SECURITY MODULE
20
Data Feeds Policies Summary Reports Data Scanning Network Status Indicator
21
Data Scanning
22
Data Feeds
23
Policies
24
Summary Reports
25
Network Status Indicator
26
IP Type Casting Core Systems – Mission critical systems that are permanently attached to the plane for years at a time. These controls should have very tight policies. Crew – Mission support systems that are carried on the plane for the mission. A wider variety of configurations may be acceptable here. Guest – These systems may be of widely varying levels of civilian, commercial, or military security and may be removed from the network in cases where they can not be remediated due to lack of control/timing constraints. Other – This is a general designation open to interpretation based on the requirements of particular work flows.
27
Proposed Scan Policies 4 Degrees of Control IAVA Violations Risk Level 3-6 Risk Level 0-3 Risk Level 6-9 FDCC Violations Cat III Cat II Cat I
28
Summary Avoid SME Costs (IP Security, Signals Analysts, etc) Security of IP Networks in disconnected/semi-connected state Communication quality shift and drift over time Systematic approach to root cause analysis Increase use of software and virtualization Agile solutions approach is quickly extendable to meet demands Software Development Acquisition Relevant data integration Centralized data Mash-ups maintain security
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.