1. Term Project Pick a system (discuss choice with me)  Want simple functionality, security issues, whole system (e. g., client and server side) Submit a 1-2 page proposal to management (Dr. Hery) Assess risks, threats, vulnerabilities Develop a security policy Do a high level system security design Present a “preliminary design review” (PDR) to management (include risk analysis, policies, system architecture) Iterate on risk assessment, policy, design Present a final “critical design review” (CDR) to management and the class Write a final report to management on above

2. Example Project Pick a useful system, not an underlying technology Start with a “mission need statement” Describe the CONOPS Make explicit (and probably realistic) assumptions about infrastructure Major project steps:  Thorough risk analysis  Develop security policies  Perform the system security engineering. Use the risk analysis and policy to determine the security functions needed, and then to develop an architecture that has all the security functions and hardware, software components to enforce the security policies Major project deliverables:  Proposal  Preliminary design review (PDR)  Critical design review to class (CDR)  Final report on the design

3. Major DoD Project Design Reviews Systems Requirements Review (SRR)  Usually, a first review before getting too far into the project, well before the PDR. We will combine them.  SRR is a presentation (with supporting documentation) to management and “the customer” to review all the requirements that are used as the basis for the system design and development. All later requirements and design decisions should be traceable back to these requirements.  Management has the right to impose changes on the requirements Preliminary Design Review (PDR)  The PDR is a presentation (with supporting documentation) to management and “the customer” showing the preliminary design, before detailed designs are developed. The purpose is to get the feedback on the design (from outside the design team) before it is too far along and to get “mid course correction”  Management may raise issues that are not addressed properly by the design Critical Design Review (CDR)  A final review of the detailed design before starting development, coding, COTS product selection and acquisition, custom product prototyping, etc.

4. PDR for the Term Project High level requirements  Functional Requirements (what the system should do)  Risk analysis to identify assets that need to be protected  Any legal requirements  Any corporate or organizational security policies not included above  High Level Security Policies System Architecture

5. PDR (Continued) Develop a high level security architecture based on the requirements  What security technologies and processes will be used (firewalls, crypto, IDS, etc.)  Where are they to be used Develop a “Security Compliance Matrix”  List all security requirements, and show what parts of the security technology and processes are used to meet the requirements Do a security requirements traceback  Show how each security technology or process is based on a requirement Present any security “trade studies”

6. Security System Engineering Process for PDR (in blue) Mission Need CONOPS System Arch. Primary Sec Rqmts Legal Rqmnts Assets at Risk Corp/Org Policy Security Arch Threat Analysis Vulner. Analysis System Design Security Design Derived Sec Rqmts Other Rqmts Prelim. Risk Analysis Functional Rqmts Risk Analysis Assess

7. PDR (continued) PDR will be a 30 minute presentation to management The main purpose is to make sure the project is on the right track before you go too far. No grade will be assigned for this, only the completed project. Presentation will be outside of class hours and scheduled during March 17 or March 18. Schedule will be finalized on March 16 Supporting documents may be provided Electronic copies of all materials should be provided Management reserves the right to suggest additional requirements if you make the problem to easy :-) Management also reserves right to suggest a simplification of the problem to save you from yourself.

8. CDR for the term project The CDR will review the PDR material The other SSE tasks will be completed:  Detailed system architecture  Threat and vulnerability analyses  Detailed Security Policies written out  Every policy should have an enforcement mechanism, technical or procedural  Detailed security design giving details such as  What is hardware versus software  Algorithms  Specific products, if appropriate  Trade studies to support choices, where appropriate The CDR will be a presentation to class and a full report (preferably using Word, or as a PDF)