Presentation is loading. Please wait.

Presentation is loading. Please wait.

The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.

Published byJob Robbins Modified over 9 years ago

Similar presentations

Presentation on theme: "The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International."— Presentation transcript:

1 The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International

2 Presentation Outline About LOGIIC LOGIIC Projects o Correlation Project o SIS Project o Host Protection Project Summary 2

3 Presenter 3 Zach Tudor is a Program Director in the Computer Science Laboratory at SRI International, supporting operational and R&D cyber security programs including the DHS Cyber Security Research and Development Center (CSRDC). For CSRDC he provides technical support, subject matter expertise, and project management for projects including LOGIIC and the Industrial Control System Joint Working Group (ICSJWG) R&D working group. Prior to his work at SRI, he led a team of cyber security engineers and analysts directly supporting the Control Systems Security Program (CSSP) at DHS.

4 LOGIIC Value Proposition (Need and Approach) In 2004, Chevron and DHS S&T identified a need for a framework to enable collaborative, pre- competitive cybersecurity R&D in the Oil and Gas sector The approach selected was to establish a government/private partnership, leveraging national laboratories, the research community, security technology providers, and automation vendors.

5 LOGIIC Value Proposition (Benefits and Alternatives) Benefits to O&G include accelerated security improvements in critical networks: o 5:1 ROI on R&D investment o Access to leading R&D, facilities for technology integration, test, and evaluation o Unified voice to vendors. DHS S&T benefits from a proactive, cooperative engagement with industry to promote security in critical infrastructure systems Security technology providers have an opportunity to evaluate solutions in what may be for them new market environments Vendors have access to leading technology and new market opportunities LOGIIC differs from other O&G associations and consortia in its unique ability to fund RDT&E and enable cooperation among stakeholder communities

6 The LOGIIC Model of Government & Industry Partnership Linking the Oil and Gas Industry to Improve Cyber Security LOGIIC is an ongoing collaboration of oil and natural gas companies and the U.S. Department of Homeland Security, Science and Technology Directorate. LOGIIC facilitates cooperative research, development, testing, and evaluation procedures to improve cybersecurity in petroleum industry digital control systems. LOGIIC undertakes collaborative research and development projects to improve the level of cybersecurity LOGIIC promotes the interests of the sector while maintaining impartiality, the independence of the participants, and vendor neutrality

7 LOGIIC Broke New Ground in Consortium Governance for Collaborative R&D The Automation Federation (AF) serves as the LOGIIC host organization o Members approved a participation agreement with AF o Each project is covered by a Project Addendum to this agreement Member companies contribute financially and technically, provide personnel who meet regularly to define projects of common interest, and provide staff to serve on the LOGIIC Executive Committee. Current members of LOGIIC include BP, Chevron, Shell, Total, and other large oil and gas companies that operate significant global energy infrastructure. The U.S. Department of Homeland Security, Science and Technology Directorate has contracted with the scientific research organization SRI International to provide scientific and technical guidance as well as project management for LOGIIC.

8 LOGIIC Model Adds Major Value to the Oil & Gas Industry Industry gains access to Government-funded experts and labs they would otherwise not have easy access to. Participant commitment is key. This kind of partnership is not a spectator sport – the first LOGIIC project was a success because time and resources were invested and people were committed to doing great work. The LOGIIC Correlation Project resulted in a real and validated solution, not just a paper product. o Chevron Pipeline deployed the solution with some of these benefits: Monitor events in real-time instead of weekly Reduce investigation time for events by at least 85% Provide forensic evidence o Many vendors are now developing their products; some are already available in the market.

9 LOGIIC: A Win for All Government wins: o Contributing to security of the critical infrastructure networks of the nation o Cooperative partnership with O&G sector Oil and gas industry wins: o Improvements to the protection of their networks o Proactive engagement with government o Leveraged ROI from modest R&D investment o Unified voice in defining system security requirements o Rationale for influencing vendor product offerings Vendor wins: o Access to cutting-edge research o Vendors share ideas and build relationships with other IT security vendors, control system vendors, research institutions and labs, and industry participants o Access to new markets, future programs and opportunities

10 The LOGIIC Correlation Project (2005-2006) Industry contributed o Requirements and operational expertise o Project management o Product vendor channels DHS S&T contributed o National Security Perspective on threats o Access to long term security research o Independent researchers with technical expertise o Testing facilities

11 The LOGIIC Correlation Project Opportunity: Reduce vulnerabilities of oil & gas process control environments by correlating and analyzing abnormal events to identify and prevent cyber security threats Approach: o Identify new types of security sensors for process control networks o Adapt a best-of-breed correlation engine to this environment o Integrate in testbed and demonstrate o Transfer technology to industry Business Network Process Control Network LOGIIC Correlation Engine External Events Attack Indications and Warnings

12 LOGIIC SIS Project Security of Safety Instrumented Systems SIS objective: bring a process plant to a safe state when an excursion outside pre-established operating parameters occurs SIS increasingly integrate with process control systems o Traditional physical separation between control and safeguarding has been reduced through integration of certain systems components of control systems and safeguarding systems Research Question: Is the technical integrity of our production facilities jeopardized because of Cybersecurity issues under SIS/BPCS integration? Challenges include: o Prevent false trips of SIS caused by corrupted SIS configuration or false signals to SIS o Ensure SIS activates when required o Prevent operator loss of view

13 Summary LOGIIC is a model for government-industry technology integration, evaluation, and demonstration efforts to address critical infrastructure R&D needs LOGIIC enables its members to leverage the collective resources of the industry, government agencies, researchers, and subject matter experts for collaborative cyber-security projects LOGIIC successful first project produced an industry- adopted solution, and validated the collaboration The LOGIIC SIS project delivered its findings to vendors and standards bodies The LOGIIC Consortium is working on new projects and planning on future projects

Download ppt "The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International."

Similar presentations

WV High Quality Standards for Schools

WV High Quality Standards for Schools
Professor Dave Delpy Chief Executive of Engineering and Physical Sciences Research Council Research Councils UK Impact Champion Competition vs. Collaboration:

Professor Dave Delpy Chief Executive of Engineering and Physical Sciences Research Council Research Councils UK Impact Champion Competition vs. Collaboration:
International Civil Aviation Organization Nancy Graham Director - Air Navigation Bureau 28 October 2011 Symposium on RSOOs Meeting Outcomes.

International Civil Aviation Organization Nancy Graham Director - Air Navigation Bureau 28 October 2011 Symposium on RSOOs Meeting Outcomes.
12 August 2004 Strategic Alignment By Maria Rojas.

12 August 2004 Strategic Alignment By Maria Rojas.
GETBA Strategic Plan 2013 – 2016 Prepared for Jane Tongatule By Jo Malcolm and Kate Berry.

GETBA Strategic Plan 2013 – 2016 Prepared for Jane Tongatule By Jo Malcolm and Kate Berry.
Your Technology Is Connected. Are You? Your technology doesn’t exist in a vacuum. Welcome to the networked and interconnected technology ecosystem where.

Your Technology Is Connected. Are You? Your technology doesn’t exist in a vacuum. Welcome to the networked and interconnected technology ecosystem where.
Public Safety Communications Research Program A joint program between NIST’s Communications Technology Laboratory & NTIA’s Institute for Telecommunication.

Public Safety Communications Research Program A joint program between NIST’s Communications Technology Laboratory & NTIA’s Institute for Telecommunication.
Enav.it Session 3 Steps towards the SESAR deployment and the ATM system modernisation.

Enav.it Session 3 Steps towards the SESAR deployment and the ATM system modernisation.
Internet2, CENIC and Merit: Partnering to Deliver Cloud Services to California.

Internet2, CENIC and Merit: Partnering to Deliver Cloud Services to California.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
10/29/20091 Innovation Partnerhsip Models with the Finance Sector Dept. of Homeland Security Science & Technology Directorate Douglas Maughan, Ph.D. Branch.

10/29/20091 Innovation Partnerhsip Models with the Finance Sector Dept. of Homeland Security Science & Technology Directorate Douglas Maughan, Ph.D. Branch.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Public Private Partnerships P3s What the Public Sector Considers When Selecting the Right Private Partner Jose A. Galan - Division Director Miami-Dade.

Public Private Partnerships P3s What the Public Sector Considers When Selecting the Right Private Partner Jose A. Galan - Division Director Miami-Dade.
Update on WITSML deployment in BP - Energistics Public Meeting Houston, 28 May 2009 Dr Julian Pickering Field of the Future Business Deployment.

Update on WITSML deployment in BP - Energistics Public Meeting Houston, 28 May 2009 Dr Julian Pickering Field of the Future Business Deployment.
Viewpoint Consulting – Committed to your success.

Viewpoint Consulting – Committed to your success.
Advancing Government through Collaboration, Education and Action Financial Innovation and Transformation Shared Services Workshop March 17, 2015.

Advancing Government through Collaboration, Education and Action Financial Innovation and Transformation Shared Services Workshop March 17, 2015.
The Ideas Business Building successful think tanks Phil Rourke Executive Director Centre for Trade Policy and Law Carleton University/University of Ottawa.

The Ideas Business Building successful think tanks Phil Rourke Executive Director Centre for Trade Policy and Law Carleton University/University of Ottawa.
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 “Improving Critical Infrastructure Cybersecurity”

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
Providing Practical Solutions Winning the Talent Wars for Recruiting and Retaining 21 st Century Cyber Engineers Jeff Kubik, PMP, CISSP Sr PM, Praxis Engineering.

Providing Practical Solutions Winning the Talent Wars for Recruiting and Retaining 21 st Century Cyber Engineers Jeff Kubik, PMP, CISSP Sr PM, Praxis Engineering.

Similar presentations

Ads by Google