Presentation is loading. Please wait.

Presentation is loading. Please wait.

Realizing intrinsically cyber secure large systems

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Realizing intrinsically cyber secure large systems"— Presentation transcript:

1 Realizing intrinsically cyber secure large systems
Massimo Scipioni TRUST Autumn Conference 2011

2 Introduction The problem context The solution Conclusions
Outline Introduction The problem context The solution Development process Users’ processes and procedures Cyber Command & Control Conclusions

3 Introduction

4 Introduction (1/2) “State of the Art” seamless Offer, ranging from Products to Integrated Systems and Solutions. INTEGRATED SYSTEMS HOMELAND PROTECTION DEFENCE SYSTEMS BORDER & TERRITORY PROTECTION CRITICAL INFRASTRUCTURES PROTECTION CRISIS MANAGEMENT MAJOR EVENTS C4ISTAR SYSTEMS NCW INFRASTRUCTURES AIR DEFENCE SYSTEMS BATTLESPACE C4ISTAR SYSTEMS AIRBORNE, SURVEILLANCE & SECURITY SYSTEMS AIRBORNE MISSION SYSTEMS ATC/ATM & AIRPORT SYSTEMS VTMS & MARITIME AWARENESS ADVANCED IT FOR SECURITY, LOGISTICS, AUTOMATION SENSOR COMMAND & CONTROL COMMUNICATIONS AVIONICS (EW, RADAR, EO) NAVAL RADARS & FIRE CONTROL SYSTEMS GROUND RADARS NAVAL COMBAT SYSTEMS INTEGRATION GROUND COMMAND & CONTROL SYSTEMS NAVAL & GROUND AVIONIC CNI PROFESSIONAL TETRA - WiMAX

5 Introduction (2/2) A large system is a system of systems, namely a network of interconnected systems that cooperate to perform common functions, more and more in terms of network enabled capability. FINMECCANICA assigned to SELEX Sistemi Integrati the prime contractor and architect mission role for large systems development. Playing this role the Company is responsible for defining large systems requirements, both functional and non-functional. Security is a crucial non-functional requirements family when developing large systems. Cyber security is the flow down of general security measures to protect against and react to cyber attacks. The Company is therefore approaching the problem to realize large systems intrinsically cyber secure.

6 The problem context

7 General security objectives: availability;
A definition Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, bestpractices, assurance and technologies that can be used to protect the cyber environment, organization and users’ assets. General security objectives: availability; integrity (which may include authenticity and non-repudiation); confidentiality.

8 Objectives and threats
Availability The capability of the system to protect data and processes from the denial of service to the authorized users. Main threat: Distributed Denial of Service. Integrity The capability of the system to protect data and processes from unauthorized changes. Main threats: Exploit, Rootkit. Confidentiality The capability of the system to protect data and processes from unauthorized access. Main threats: Eavesdropping, Keylogging, Data Exfiltration. 8

9 The problem (1/3) Cyber attacks cover a wide range of actions: attacks can affect data, processes and programs, as well as the network environment. Such attacks might involve intrusions into networks for the purpose of compromising data, degrading communications, interrupting commerce, or impairing critical infrastructures (such as transportation or medical and emergency services). Stuxnet taught us a lesson!

10 Realizing intrinsically cyber secure large systems.
The problem (2/3) Besides, the whole is more vulnerable than the composing parts. Integrating diverse and heterogeneous systems a degradation of the derived large system in the cyber security domain emerges. This means that a large system may be affected by vulnerabilities due to its intrinsic complexity. Such vulnerabilities may even not affect the composing systems. How do we fill this gap? Realizing intrinsically cyber secure large systems.

11 How do we develop intrinsically cyber secure large systems?
The problem (3/3) How do we develop intrinsically cyber secure large systems? Not just providing large systems with firewalls, IDSs, etc., in other words not just surrounding the system with a Maginot line but Adopting a cyber security oriented system design and development process. Defining operating processes and procedures to guide system users, at any level, to work in respect of cyber security requirements. Providing large systems with a cyber command & control that analyses, protects and contrasts cyber intrusions.

12 The development process

13 Cyber security oriented life cycle
Attack Patterns – Security Patterns Requirements definition Architectural design Implementation Testing Deployment Vulnerability management Security requirements Threat modeling Secure coding Secure testing Secure deployment Risk analisys Abuse cases Secure code review Penetration testing Operational enabling Security Testing

14 Design and development of artefacts (1/2)
Hardware architecture and network topology are designed to be highly resilient and such that cyber security related non functional requirements are fully satisfied. Software architecture mapping onto the hardware architecture is optimized wrt the cyber security requirements. Functional and non-functional requirements allocation components is cyber security driven.

15 Design and development of artefacts (2/2)
A cyber secure operating system is the basement upon which build secure applications. Customization Application Common core Software code artefacts at any architectural level are not affected by defects originating vulnerabilities. Software testing artefacts stress the system to simulate the possible kinds of attack foreseen for the system under test, performing penetration testing, security testing, etc.

16 The users’ processes and procedures

17 Users’ processes and procedures
Users’ and operators’ behaviour is crucial to the cyber security. A set of cyber security oriented processes and procedures to guide users is produced as part of the large system development. This will largely reduce the occurrences of the so called insider threats, namely attacks both volunteer and non-volunteer due to system users and operators. Internal attacks are definitely more dangerous than the external ones. Very often cyber attacks causing significant damages are originated from incautious actions (e.g. infected USB keys). Training programs will be put in place to build the necessary awareness in the personnel who will be using the system. Need to know and responsibility to share policies will be set forth and adopted by the users’ community. Following this approach, the cyber security related human factors become an integrated part of the large system design and development.

18 The Cyber Command & Control

19 Cyber Command & Control (1/4)
A cyber command & control is provided as part of the large system. Such cyber command & control application is the large system cyber security supervisor and embraces the whole large system. It integrates the lower level cyber security applications, embedded in the composing systems, and provides additional functions in order to build an overall protection and to guarantee an improved cyber security capability to the whole large system.

20 Cyber Command & Control (2/4)
Risk analysis Vulnerability assessment Platform application information Cyber Command & Control Systems Open sources (e.g. web) Consolidated information Assurance picture management Open info Malicious activities detection Log Network monitoring Cyber events Attacks prevention and defence Risks and threats dynamic assessment Risk management Patch management CERT interoperability Post attacks restoring support Non open sources (e.g. ISP) Non open info Intelligence and Decision Support Anomaly management Incident management Counter measures Cyber Command & Control Data Base

21 Cyber Command & Control (3/4)
Consolidated information assurance picture management Provide operators with a real time human computer interface to interact with the Cyber Command & Control: Visualize all the node of networks in the domain under control, Visualize the geo-reference of systems, networks, nodes and incidents, Visualize the risk status of all the assets in the domain. Malicious activity detection Collect and correlate information coming from: Network monitoring, Application status monitoring, Access control, in order to detect malicious activity. Attacks prevention and defense Stop or mitigate any detected attack and implement preventive measures to avoid attacks.

22 Cyber Command & Control (4/4)
Risks and threats dynamic assessment Project the current situation into the future, Assess the damage incurred from an attack, Improve the understanding of threats by assessing on-going attacks. Post attacks restoration support Support the composing systems in restoring after an attack has been stopped and the damage has been assessed: Replace compromised systems and information, Take actions with respect to compromised confidentiality of information. Intelligence and decision support Support operations by accessing and exploiting any kind of open and non-open sources relevant to the cyber defence and security situation, Correlate and fuse heterogeneous data coming from diverse sources to support the intelligence processing, Support operators in taking decision as to the best way to manage situations, providing alternative scenarios.

23 Conclusions

24 A cyber command and control embedded in the large system.
Conclusions The development of cyber secure large systems is based on three main pillars: A design, development, integration and deployment process oriented to cyber defence and security; Users’ and operators’ processes and procedures oriented to cyber security; A cyber command and control embedded in the large system. From the architectural perspective, the whole stack, from the hardware platforms up to the application software, are rigorously cyber secure. All the concepts discussed is applied to both the newly developed large systems and the legacy ones. This way a holistic approach is applied to the realization of cyber secure large systems.

25 Thank you for your attention

26 SELEX Sistemi Integrati
Via Tiburtina, Km Roma, Italia T

Download ppt "Realizing intrinsically cyber secure large systems"

Similar presentations

Marc Grégoire, DRDC Ottawa Luc Beaudoin, Bologik Inc.

Marc Grégoire, DRDC Ottawa Luc Beaudoin, Bologik Inc.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
 Cyber Ecosystem & Data Security Subhro Kar CSCE 824, Spring 2013 University of South Carolina, Columbia.

 Cyber Ecosystem & Data Security Subhro Kar CSCE 824, Spring 2013 University of South Carolina, Columbia.
GAMMA Overview. Key Data Grant Agreement n° 312382 Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget: 14.837.981.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.

© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
Introducing Computer and Network Security

Introducing Computer and Network Security
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Introduction to Network Defense

Introduction to Network Defense
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.

Similar presentations

Ads by Google