Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Panel Perspective: Research Directions for Security and Networking in Critical Real-Time and Embedded Systems Helen Gill, Ph.D. CISE/CNS National Science.

Similar presentations


Presentation on theme: "1 Panel Perspective: Research Directions for Security and Networking in Critical Real-Time and Embedded Systems Helen Gill, Ph.D. CISE/CNS National Science."— Presentation transcript:

1 1 Panel Perspective: Research Directions for Security and Networking in Critical Real-Time and Embedded Systems Helen Gill, Ph.D. CISE/CNS National Science Foundation RTAS Workshop, San Jose, CA April 4, 2006

2 2 High Confidence Systems Technical Challenge: "Systems of Embedded Systems" Now: information focus, human-machine interface –Operator skill, “competent human intervention” –System, operator certification Future: open, multi-level closed loop, mixed initiative, autonomous systems and multi-systems Typical domains: –Medical: “plug and play” operating room of the future –Aviation: mixed manned, autonomous flight –Power systems: Future “SCADA-D/PCS” for distributed generation, renewable energy resources –National Security: common operating picture, global information grid, future combat systems

3 3 Networking: An Outsider’s View Traditional networking perspective: Core + Edge –Core: Bulk packet delivery system –Other issues largely delegated to edge networks –Internet technology is pervasive as an enabling technology for enterprise systems but (though used for distributed real-time applications) has not penetrated real-time sensing and control networks (FlexRay, CAN, …) –“Sensor Nets” perspective – just attach sensors and actuators at the edge, provide services in network (sensor grids) Gaps: –Topology control for complex real-time systems with wide-area characteristics (remote surgery; operating room of the future; power grid control) –Do old assumptions (statistical properties of network under multi-path) apply under topology slicing, real-time QoS? –What are the security challenges if these assumptions change (e.g., circuits; map topology to physical resources)? Concerns: –Static “layered view”, little discourse on autonomous vs. application-determined network management, operation

4 4 Cyber Security: An Outsider’s View Traditional cyber security perspective: information assurance –Frameworks for protection (crypto, authentication/authorization, information access control, detection, recovery) –Premise: Data-oriented, rather than process-oriented protection –Simple principles: isolation (e.g., separation kernels), non-interference, subject/object classifications and compartmentalization, (…insider threat?) Gaps: –System-system coordination, reconfiguration, reactive systems, authorization of human information access vs. autonomous cooperative/competitive real- time operation (more than mere delegation of authorized information access) Concerns: –Secondary focus, limited impact of cyber security research on systems research (exceptions: PKI, IDS, VPN), especially for time-critical systems –Disconnect from other QoS issues

5 5 Real-Time Systems An Outsider’s View Traditional real-time sytems perspective: scheduling –Closed, single-system frameworks, persistent scheduling decisions (though growing corpus on dynamic scheduling) –Process scheduling and control perspective, extension to energy management –Hard real-time scheduling for single-system provisioning of cyclic workload, limited dependent task scheduling, best-effort soft real-time –Indirect treatment of concurrency, distributed operation –Loose relationship to changing embedded sensing and control system requirements (need to close loops at higher levels) –Must continue to build above a weak technology base: single-system RTOS x Middleware x RTVM Gaps: –Real-time reconfiguration, real-time coordination, deep integration of networking and security services, preparation for technology diversity and change (e.g., multi-core/multi-threading models) Concerns: –Lack of end-to-end characterization: controlled system dynamics, “discontinuous” security and network interactions, resource models, time-aware trust/”certainty” models

6 6 Worried Observations “Eyes on the trail” phenomenon “My community has the solution” perspective: –Power grid collapse is just a cyber security problem –Power grid collapse is just a real-time problem –Power grid collapse is just a networking/communication problem –Power grid collapse is just a control problem –… (hardware platforms, …) High-level “wisdom” is widely believed to suffice –All we need is “dependability” (please refer to the taxonomy…) –Networked embedded control system design is just an“application problem” –“It’s all software” (unrefined concept), and better software engineering will take care of it

7 7 Some obvious steps forward Break down the stovepipe boundaries –End-to-end, cross-disciplinary systems problems –Closing the loop “sharpens the mind” so consider real “killer apps” (e.g., safety critical), not just cell phones –Move beyond performance, information, enterprise, best-effort –Teams: mixed expertise is necessary Ask: What core research would yield real progress? –NOT system instance by system instance –NOT tunnel vision on isolated, single-discipline solutions Ask: What are some fundamental, shared (and complexity- removing) research questions? Ask: What would a better technology base look like?

8 8 Thank You for Your Help

9 9 R&D Planning for CIP and High Confidence Systems NSTC Committee structure CT – Committee on Technology –Networking, IT R&D (NITRD) Subcommittee, “blue book” –Infrastructure Subcommittee CIP R&D Planning National CIP R&D Plan CIIP R&D Plan NITRD R&D Planning - High Confidence Software and Systems (HCSS) Coordinating Group Large Scale Networking (LSN) Coordinating Group Cyber Security and Information Assurance (CSIA) Interagency Working Group NSTC CT NITRD LSN CSIA HCSS … Infrastructure H&NS …

10 10 NITRD HCSS Coordinating Group Assessment Actions Backdrop: –NSF/OSTP Critical Infrastructure Protection Workshop, Leesburg, VA, September 2002, http://www.eecs.berkeley.edu/CIP/ http://www.eecs.berkeley.edu/CIP/ –NSF Workshop, on CIP for SCADA, Minneapolis MN, October 2003 http://www.adventiumlabs.org/NSF-SCADA-IT-Workshop/index.html –National Academies’ study: “Sufficient Evidence? Design for Certifiably Dependable Systems”, http://www7.nationalacademies.org/cstb/project_dependable.html http://www7.nationalacademies.org/cstb/project_dependable.html National Coordination Office summary report(s) derived from workshops, industry input sessions, NAS study

11 11 NITRD HCSS Coordinating Group Assessment Actions: Workshops High Confidence Medical Device Software and Systems (HCMDSS), –Planning Workshop, Arlington VA, November 2004, http://www.cis.upenn.edu/hasten/hcmdss-planning/ http://www.cis.upenn.edu/hasten/hcmdss-planning/ –National R&D Road-Mapping Workshop, Philadelphia, Pennsylvania, June 2005, http://www.cis.upenn.edu/hcmdss/ http://www.cis.upenn.edu/hcmdss/ High Confidence Aviation Systems –Planning Workshop on Software for Critical Aviation Systems, Seattle, WA, November 21-22, 2005 –National R&D Road-Mapping Workshop, venue TBD, August 2006

12 12 HCSS Workshops, continued High Confidence Critical Infrastructures: “Beyond SCADA and Distributed Control Systems” –Planning US Planning Workshop, Washington, DC, March 14-15, 2006 EU-US Collaboration Workshop, Framework Programme 7 linkage, March 16-17, 2006 US National R&D Road-Mapping Workshop, October, 2006

13 13 Other Current HCSS Actions: Assessment of Real-Time Operating System (RTOS) Technology Base Starting point: single-system RTOS products, middleware appliqué for distributed systems, rudimentary open sensing and control platforms (incompatible schedulers, single-issue architectural assumptions, weak security services, …) Needed: Clean OS-level support for open, hierarchical control systems, dynamic topology, coordinated action So what are we doing about this? –HCSS RTOS technology assessment, vendor non-disclosure briefings: Integrators: Adventium Laboratory, Boeing, Ford Motor Company, Lockheed Martin, MIT Lincoln Laboratory, Northrop Grumman, Raytheon. Rockwell Collins, MotoTron Technology: Sun Microsystems, IBM, Microsoft, Honeywell, Red Hat, Wind River Systems, Green Hills, LinuxWorks, Real-Time Innovations, Inc., QNX Software Systems, Ltd., BAE Systems, Kestrel Technology, BBN Technologies

14 14 High-Confidence Software and Systems (HCSS) Agencies Air Force Research Laboratories* Army Research Office* Department of Defense/ OSD Defense Advanced Research Projects Agency Department of Energy Federal Aviation Administration* Food and Drug Administration* National Air & Space Administration National Institutes of Health National Institute of Science and Technology National Science Foundation National Security Agency Office of Naval Research* * Cooperating agencies


Download ppt "1 Panel Perspective: Research Directions for Security and Networking in Critical Real-Time and Embedded Systems Helen Gill, Ph.D. CISE/CNS National Science."

Similar presentations


Ads by Google