High Assurance Cyber Military Systems (HACMS)
|
|
- Emory Mason
- 5 years ago
- Views:
Transcription
1 High Assurance Cyber Military Systems (HACMS) Ray Richards, I2O Program Manager November 19, /19/2018 Distribution Statement A - Approved for Public Release, Distribution Unlimited 1
2 Many Remote Attack Vectors Physical Short-Range Wireless Long-Range Wireless Entertainment SCADA Systems Source: Laing O Rourke Source: Dept. of Energy Pcdgraphics.com Hornlockandkey.com Pcdgraphics.com Medical Devices clker.com harborfreight.com Informationweek.com psd.fanextra.com Source: www. seekinglpha.com Source: www. medtechbusiness.com bing-gallery.com Computer Peripherals Source: HP Source: Source: all-free-download.com Distribution Statement A - Approved for Public Release, Distribution Unlimited 2
3 Securing Cyber-Physical Systems Control Systems Air gaps & obscurity Forget the myth of the air gap the control system that is completely isolated is history. -- Stefan Woronka, 2011 Siemens Director of Industrial Security Services Trying to adopt cyber approaches, but technology is not a good fit: Resource constraints, real-time deadlines Extreme cost pressures Patches may have to go through lengthy verification & validation processes Patches could require recalls Cyber Systems Anti-virus scanning, intrusion detection systems, patching infrastructure This approach cannot solve the problem. Not convergent with the threat Focused on known vulnerabilities; can miss zero-day exploits Can introduce new vulnerabilities and privilege escalation UNCLASSIFIED opportunities Additional security layers often create vulnerabilities October 2010 Vulnerability Watchlist Vulnerability Title Fix Avail? Date Added!"#$%&' ( )#( *&+, #-), **( )&. )( /&0 ( -1, )2&3), -, 4, *&!, 4/*&3)"5"*( 6( &784/*/9, #&: $*#( )/; "*"-<& 0, & =>?@>?ABA& C( D&E /-&: F GH &H, D$*( &GG!&+, ##( 49, #&F ( #"/*&, I&G( )5"4( &: $*#( )/; "*"-<& J ( 8& =>?K>?ABA& 3E 3&L"; /8( M6( #M"DNOL&P$#49, #&, QR; <R, #( &S$Q( )&T 5( )U, 1 &: $*#( )/; "*"-<& 0, & =>?A>?ABA& V#-( )#( -&7%W*, )( )&=&L-, G-/94E XH!NOL&E XH!&G/#"9Y/9, #&S<W/88&Z ( /2#( 88& 0, & =>B=>?ABA& H "4), 8, [ &Z "#D, 1 8&' ( ); ( ), 8&L3/88&X\ ( &X"42( -L&C( W*/<&G( 4$)"-<&S<W/88&: $*#( )/; "*"-< & 0, & =>B] >?ABA& +"84, &^ #"_( D&Z ")( *( 88&0 ( -1, )2&N^ Z 0 O&H $*9W*( &G( 4$)"-<&: $*#( )/; "*"9( 8& J ( 8& =>B` >?ABA& +, a W$-( )&. 88, 4"/-( 8&T #( 5"( 1 &H, #"-, )&LD, G/5( bc8wl&c( a, -( &+, D( &7%( 4$9, #&: $*#( )/; "*"-<& 0, & =>B` >?ABA& T W( #GG!&L88*dM6( -M2( <M( %4\ /#6( NOL&^ 8( R. [ ( )RP)( ( &H ( a, )<&+, ))$W9, #&: $*#( )/; "*"-<& 0, & =>B?>?ABA&. D, ; ( &. 4), ; /-&/#D&C( /D( )&P, #-&3/)8"#6&C( a, -( &+, D( &7%( 4$9, #&: $*#( )/; "*"-<& 0, & =>BA>?ABA& We need a fundamentally different approach T W( #T e 4( &Va W)( 88&P"*( &H $*9W*( &S$Q( )&T 5( )U, 1 &: $*#( )/; "*"9( 8& 0, & =>BA>?ABA& 1/3 of the vulnerabilities are in security software!!"#$%&' ( )#( *&3. RCVG+&L*( Db4L&G-/42&S$Q( )&T 5( )U, 1 &: $*#( )/; "*"-<& J ( 8& =>Af >?ABA& : %Z, )28&F ( ; $66"#6&G( )5"4( &G( 4$)"-<RS<W/88&: $*#( )/; "*"-<& 0, & =>A` >?ABA& : %Z, )28&H $*9W*( &G( 4$)"-<&: $*#( )/; "*"9( 8& 0, & =>A@>?ABA& H "4), 8, [ &V#-( )#( -&7%W*, )( )&P)/a ( &S, )D( )&3), W( )-<&S$Q( )&T 5( )U, 1 &: $*#( )/; "*"-<& 0, & ] >?f >?ABA& G<a /#-( 4&. #95")$8&+, )W, )/-( &7Db&. *( )-&H /#/6( a ( #-&G( )5"4( &C( a, -( &3)"5"*( 6( &784/*/9, #&: $*#( )/; "*"-<& 0, & ] >?=>?ABA& H "4), 8, [ &T $-*,, 2&Z ( ; &. 44( 88&I, )&7%4\ /#6( &G( )5( )&?AAd&+), 88&G"-( &C( g$( 8- &P, )6( )<&: $*#( )/; "*"-<& 0, & ] >?` >?ABA& H "4), 8, [ &F ")( 4-h&F ")( 4-3*/<&H $*9W*( &F ( #"/*&T I&G( )5"4( &: $*#( )/; "*"9( 8& 0, & ] >??>?ABA& 11/19/2018 Distribution Statement A - Approved for Public Release, Distribution Unlimited DISTRIBUTION F - Further dissemination only as directed by DARPA Public Release Center or higher DoD authority UNCLASSIFIED 3 6
4 Cyber Resilient Embedded Systems The HACMS program created technology for the construction of highassurance cyber-physical systems Cyber-physical systems are relatively easy to remotely take over and reprogram using cyber attacks. Capability Objectives: High-assurance operating systems and control systems Suite of program synthesizers and formal-methods tools Assured-integration tools and analysis workbench Accomplishments: High assurance components ported to ULB and US Army TARDEC Autonomous Mobility Appliqué System Joint Capability Technology Demonstration (AMAS JCTD) Red Team completed end-of-phase III assessments; no security flaws in demonstration platforms after full access to code SAE is developing a Formal Methods Academy to transition HACMS technologies to the automotive industry Distribution Statement A - Approved for Public Release, Distribution Unlimited 4
5 HACMS Program Structure Architectural-Level Rockwell Collins, University of Minnesota Compositional Reasoning Application-Level Software Galois, CMU, Draper Labs, MIT, Oxford, Princeton, SpiralGen, University of Illinois, University of Pennsylvania Generate from Specification, Correct by Construction, Software Verification, Robust Algorithms Low-Level Software Data61 (NICTA), Yale Verified OS Kernels Ground Vehicle HRL Integrate on TARDEC Autonomous Systems Air Vehicle Boeing Integrate on Unmanned Little Bird Penetration Testing AIS Distribution Statement A - Approved for Public Release, Distribution Unlimited 5
6 HACMS cyber retrofit Several prototypes of securing existing systems developed using this approach Host existing software load image in a sel4 virtual machine Study software architecture and partition into a set of virtual machines Determine which virtual machines need guest operating system services Re-implement security critical software components Leveraging proven sel4 protections to maintain integrity of the virtual machines Distribution Statement A - Approved for Public Release, Distribution Unlimited 6
7 sel4 ecosystem SBIR effort Build out the open-source ecosystem of secure software components around the sel4 operating system microkernel Develop US-based expertise in supporting sel4 Develop high assurance components for sel4 Demonstrate prototype sel4-based systems Remove roadblocks form sel4 adoption Distribution Statement A - Approved for Public Release, Distribution Unlimited 7
8 sel4 SBIR highlights Syracuse Assured Boat Loader Executive (SABLE) adapted to sel4 Genode application framework ported to sel4 Real-time profile of DDS ported to sel4 Multi-level secure helmet vision system prototype Formally verified network stack RISC-V (Draper ISP) implementation Distribution Statement A - Approved for Public Release, Distribution Unlimited 8
9 sel4 Community of Excellence Provide stable US-based releases of sel4 system Deliver US-based support to integrators using sel4 Deliver training to sel4 users Manage a sel4 technology roadmap Mimic Linux distribution model. Make sel4 a viable candidate technology for use on high-integrity systems Distribution Statement A - Approved for Public Release, Distribution Unlimited 9
10 11/19/2018 Distribution Statement A - Approved for Public Release, Distribution Unlimited 10
Using Formal Methods Tools to Improve Security in an Autonomous Military Truck
U.S. ARMY TANK AUTOMOTIVE RESEARCH, DEVELOPMENT AND ENGINEERING CENTER Using Formal Methods Tools to Improve Security in an Autonomous Military Truck Dariusz Mikulski, Ph.D. SANS Automotive Cybersecurity
More informationHigh-assurance software for autonomous ground systems
High-assurance software for autonomous ground systems Aleksey Nogin HRL Laboratories, LLC December 15, 2016 Acknowledgment: This material is based upon work supported by the United States Air Force and
More informationUsing Formal Methods to Enable More Secure Vehicles: DARPA's HACMS Program
Using Formal Methods to Enable More Secure Vehicles: DARPA's HACMS Program Kathleen Fisher Tufts University 16 April 2015 (Slides based on original DARPA HACMS slides) Pervasive Vulnerability to Cyber
More informationKathleen Fisher Program Manager, Information Innovation Office
Kathleen Fisher Program Manager, Information Innovation Office High Assurance Systems DARPA Cyber Colloquium Arlington, VA November 7, 2011 Report Documentation Page Form Approved OMB No. 0704-0188 Public
More informationHigh-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity
Distribution A: SSC17-V-01 High-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity Daria C. Lane, Enrique S. Leon, Francisco C. Tacliad, Dexter H. Solio, Ian L. Rodney, Dmitriy
More informationCyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies
Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies lwihl@scalable-networks.com 2 The Need OT security particularly in the
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 0400: Research,, Test & Evaluation, Defense-Wide BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationto Address Cyber Physical Systems Security (CPSSEC)
Combating Threats: S&T is Building a Resilient Cyber Ecosystem to Address Cyber Physical Systems Security (CPSSEC) Follow us at dhsscitech CPS Security is Critical Smart cars, grids, medical devices, manufacturing,
More informationConvergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations
Convergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations Agenda Nexus of Safety and Cybersecurity Separation and Connectivity Trends in Aerospace Cybersecurity Isn t Security
More informationAerospace Systems Directorate
Aerospace Systems Directorate Dr. Doug Blake Director Aerospace Systems Directorate Air Force Research Laboratory 2 United States Air Force Mission The Mission of the United States Air Force is to Fly,
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationSafety Assurance in Software Systems From Airplanes to Atoms
Safety Assurance in Software Systems From Airplanes to Atoms MDEP Conference on New Reactor Design Activities Session Digital I&C: Current & Emerging Technical Challenges September 07 Dr. Darren Cofer
More informationCenter for Infrastructure Assurance and Security (CIAS) Joe Sanchez AIA Liaison to CIAS
Center for Infrastructure Assurance and Security (CIAS) Joe Sanchez AIA Liaison to CIAS 1 REPORT DOCUMENTATION PAGE Form Approved OMB No. 074-0188 Public reporting burden for this collection of information
More informationIntegrated C4isr and Cyber Solutions
Integrated C4isr and Cyber Solutions When Performance Matters L3 Communication Systems-East provides solutions in the C4ISR and cyber markets that support mission-critical operations worldwide. With a
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2013 Office of Secretary Of Defense DATE: February 2012 COST ($ in Millions) FY 2011 FY 2012 Base OCO Total FY 2014 FY 2015 FY 2016 FY 2017 Cost To Complete
More informationApplication Security Approach
Technical Approach Page 1 CONTENTS Section Page No. 1. Introduction 3 2. What is Application Security 7 3. Typical Approaches 9 4. Methodology 11 Page 2 1. INTRODUCTION Page 3 It is a Unsafe Cyber world..
More informationRetrofitting Ground Systems to improve Cyber Security
Retrofitting Ground Systems to improve Cyber Security Michael Worden Security Engineer 25 February 2014 Copyright 2014 Raytheon Company. Published by The Aerospace Corporation with permission.. Customer
More informationAC2 CTC Investment Strategy. Capt Brandon Keller, AFRL/RIS Acting CTC Lead
AC2 CTC Investment Strategy Capt Brandon Keller, AFRL/RIS Acting CTC Lead Scope Covers monitor, assess, plan, and execute processes within and across air, space, cyber domains Addresses four key goals:
More informationTest and Evaluation of Autonomous Systems in a Model Based Engineering Context
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context Raytheon Michael Nolan USAF AFRL Aaron Fifarek Jonathan Hoffman 3 March 2016 Copyright 2016. Unpublished Work. Raytheon Company.
More informationSecuring the End Node in a Cloud World
Securing the End Node in a Cloud World Approved for Public Release: RY-11-0022, 88 ABW-11-0375 Lt Col Ken Edge, PhD Electronic & Net-Centric Warfare Division Air Force Research Laboratory Of Clouds and
More informationHeavy Vehicle Cybersecurity Update. National Motor Freight Traffic Association, Inc.
Heavy Vehicle Cybersecurity Update National Motor Freight Traffic Association, Inc. National Motor Freight Traffic Association, Inc. (NMFTA) Industry non-profit representing more than 600 companies operating
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationARM Security Solutions and Numonyx Authenticated Flash
ARM Security Solutions and Numonyx Authenticated Flash How to integrate Numonyx Authenticated Flash with ARM TrustZone* for maximum system protection Introduction Through a combination of integrated hardware
More informationSOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE SECURE AIRBORNE CONNECTIVITY: OVERVIEW Gogo Business Aviation realizes the ever-pressing need to be vigilant in staying ahead of potential
More informationSIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC
W I N D R I V E R H E L I X C H A S S I S SIMPLIFYING THE WIND RIVER HELIX CHASSIS Helix Chassis brings together software, technologies, tools, and services to help automotive manufacturers unify, simplify,
More informationAutomated Attack Framework for Test & Evaluation (AAFT)
Automated Attack Framework for Test & Evaluation (AAFT) 34 th International Test and Evaluation Association Symposium October 4, 2017 Mr. Andrew Shaffer The Applied Research Laboratory The Pennsylvania
More informationCreating a Practical Security Architecture Based on sel4
Creating a Practical Security Architecture Based on sel4 Xinming (Simon) Ou University of South Florida (many slides borrowed/adapted from my student Daniel Wang) 1 Questions for sel4 Community Is there
More informationEirene Sceptre Cyber Defense Services
Eirene Sceptre Cyber Defense Services Nick Cohen Cyber Defense Solutions Department 26 February 2019 2019 The Aerospace Corporation Overview Eirene Sceptre (E-Sceptre) Overview E-Sceptre Mission Benefits
More informationUS Army Industry Day Conference Boeing SBIR/STTR Program Overview
US Army Industry Day Conference Boeing SBIR/STTR Program Overview Larry Pionke, DSc Associate Technical Fellow Product Standards - Technology & Services Boeing Research & Technology Ft. Leonard Wood (FLW)
More informationHigh-Assurance Security/Safety on HPEC Systems: an Oxymoron?
High-Assurance Security/Safety on HPEC Systems: an Oxymoron? Bill Beckwith Objective Interface Systems, Inc. Phone: 703-295-6519 Email Address: bill.beckwith@ois.com W. Mark Vanfleet National Security
More informationCyber Security For Business
Cyber Security For Business In today s hostile digital environment, the importance of securing your data and technology cannot be overstated. From customer assurance, liability mitigation, and even your
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationUNCLASSIFIED FY 2016 OCO. FY 2016 Base
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400:,, Test & Evaluation, Defense-Wide / BA 3: Advanced Technology (ATD) COST ($ in Millions)
More informationSecuring the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.
Securing the Smart Grid Understanding the BIG Picture The Power Grid The electric power system is the most capital-intensive infrastructure in North America. The system is undergoing tremendous change
More informationJOINT MISSION ENVIRONMENT TEST CAPABILITY (JMETC)
JOINT MISSION ENVIRONMENT TEST CAPABILITY (JMETC) Cyber T&E Initiatives AJ Pathmanathan JMETC Deputy PM for Engineering NCR Technical Director November 14, 2013 GET CONNECTED to LEARN, SHARE, and ADVANCE
More informationUNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Data to Decisions Advanced Technology FY 2012 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2012 Office of Secretary Of Defense DATE: February 2011 BA 3: Advanced Development (ATD) COST ($ in Millions) FY 2010 FY 2011 Base OCO Total FY 2013 FY
More information13W-AutoSPIN Automotive Cybersecurity
13W-AutoSPIN Automotive Cybersecurity Challenges and opportunities Alessandro Farsaci (CNH industrial) Cosimo Senni (Magneti Marelli) Milan, Italy November 12th, 2015 Agenda Automotive Cybersecurity Overview
More informationImproving SCADA System Security
Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September
More informationCybersecurity and Communications Based Train Control
Cybersecurity and Communications Based Train Control RAHEEL QURESHI CYBERSECURITY AUTHORITY URBAN RAIL SIGNALLING (URS) 2016 Thales Canada, Transportation Solutions. All rights reserved. Passing on or
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationProtect Your Organization from Cyber Attacks
Protect Your Organization from Cyber Attacks Leverage the advanced skills of our consultants to uncover vulnerabilities our competitors overlook. READY FOR MORE THAN A VA SCAN? Cyber Attacks by the Numbers
More informationCybersecurity in Acquisition
Kristen J. Baldwin Acting Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) Federal Cybersecurity Summit September 15, 2016 Sep 15, 2016 Page-1 Acquisition program activities must
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationNew Horizons. Dr. Bryant Wysocki Chief Engineer AFRL Information Directorate. 13 March 2017
New Horizons Dr. Bryant Wysocki Chief Engineer AFRL Information Directorate 13 March 2017 Air Force Research Laboratory 2 Information Technologies....Touch Every Other AFRL Directorate C 4+1 I Command,
More informationSEGRID storyline. Workshop SEGRID November 14 th, 2016, Barcelona, Spain
Workshop SEGRID November 14 th, 2016, Barcelona, Spain SEGRID storyline This project has received funding from the European Union s Seventh Framework Programme for research, technological development and
More informationProgramming Languages for High-Assurance Autonomous Vehicles
Programming Languages for High-Assurance Autonomous Vehicles Lee Pike (speaker), Pat Hickey, James Bielman, Trevor Elliott, John Launchbury, Erlend Hamberg, Thomas DuBuisson S5 June 2014 Embedded Security:
More informationSneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security
Sneak Peak at CIS Critical Security Controls V 7 Release Date: March 2018 2017 Presented by Kelli Tarala Principal Consultant Enclave Security 2 Standards and Frameworks 3 Information Assurance Frameworks
More informationAvionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment
Avionics Cyber T&E Examples Testing Cyber Security Resilience to support Operations in the 3rd Offset Environment 26 January 2017 Presented by: Mr. Chad Miller NAVAIR Cyber T&E What: Replicate Cyber Battlespace
More informationCybersecurity Test and Evaluation Achievable and Defensible Architectures
Cybersecurity Test and Evaluation Achievable and Defensible Architectures October 2015, ITEA Francis Scott Key Chapter Mr. Robert L. Laughman for COL Scott D. Brooks, Director, Survivability Evaluation
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: Applied Research COST ($
More informationSmart Attacks require Smart Defence Moving Target Defence
Smart Attacks require Smart Defence Moving Target Defence Prof. Dr. Gabi Dreo Rodosek Executive Director of the Research Institute CODE 1 Virtual, Connected, Smart World Real World Billions of connected
More informationThe Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA
The Remote Exploitation of Unaltered Passenger Vehicles Revisited 20 th October 2016 Mark Pitchford, Technical Manager, EMEA Today s hot topic A few years ago, Lynx presentations at events such as this
More informationUsing a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles
Safety & Security for the Connected World Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles 16 th June 2015 Mark Pitchford, Technical Manager, EMEA Today
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationAddressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1
Addressing Future Challenges in the Development of Safe and Secure Software Components 2016 The MathWorks, Inc. 1 Cybersecurity Emerging Topic in the Auto Industry Vehicle-to-Infrastructure Wifi Hotspot
More informationCisco Secure Ops Solution
Brochure Cisco Secure Ops Solution Cisco Secure Ops Solution supports cyber-security risk management and compliance for industrial automation environments. It is a combination of on premise technology,
More informationCyber Perspectives. Science and Technology Roadmap
Cyber Perspectives Science and Technology Roadmap NDIA S&T Conference 14 April 2010 Pat Sullivan SSC Pacific Cyber Warfare Capabilities, Opportunities and Challenges Capabilities: Global, 24x7 Network
More informationForecast to Industry 2016
Forecast to Industry 2016 Cyber Portfolio COL Brian Lyttle Program Executive Officer, Cyber 17 November 2016 UNCLASSIFIED 1 Our Mission Develop, integrate, and assure cyber capabilities in order to enable
More informationTHE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS
THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS By Bill Graham and Michael Weinstein WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Driven by the convergence of cloud technology, rapidly
More informationUNCLASSIFIED R-1 ITEM NOMENCLATURE. FY 2014 FY 2014 OCO ## Total FY 2015 FY 2016 FY 2017 FY 2018
Exhibit R-2, RDT&E Budget Item Justification: PB 2014 Office of Secretary Of Defense DATE: April 2013 BA 3: Advanced (ATD) COST ($ in Millions) All Prior Years FY 2012 FY 2013 # Base OCO ## Total FY 2015
More informationWill you be PCI DSS Compliant by September 2010?
Will you be PCI DSS Compliant by September 2010? Michael D Sa, Visa Canada Presentation to OWASP Toronto Chapter Toronto, ON 19 August 2009 Security Environment As PCI DSS compliance rates rise, new compromise
More informationSECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM
1 SRIFY: A COMPOSITIONAL APPROACH OF BUILDING SRITY VERIFIED SYSTEM Liu Yang, Associate Professor, NTU SG-CRC 2018 28 March 2018 2 Securify Approach Compositional Security Reasoning with Untrusted Components
More informationUNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: Applied Research COST ($ in Millions)
More informationNext Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration
Next Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration EPIC Workshop Fresno California November 09, 2018 Southern California Edison Background (Innovation
More informationUNCLASSIFIED FY 2016 OCO. FY 2016 Base
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 3: Advanced Technology Development
More informationTactical Microgrid Standardization Update to the EGSA Government Relations Committee
Tactical Microgrid Standards Consortium Tactical Microgrid Standardization Update to the EGSA Government Relations Committee Current as of 15 September 2017 US Army Engineer R&D Center (ERDC) US Army Communications-Electronics
More informationBrochure. Security. Fortify on Demand Dynamic Application Security Testing
Brochure Security Fortify on Demand Dynamic Application Security Testing Brochure Fortify on Demand Application Security as a Service Dynamic Application Security Testing Fortify on Demand delivers application
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationCybersecurity Metrics: A Red Team Perspective
UNCLASSIFIED Cybersecurity Metrics: A Red Team Perspective Distribution Statement A Distribution: Approved for public release; distribution is unlimited. Bradley R. Horton CISSP-ISSMP, CEH, CISA Chief,
More informationSYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS
SYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS David Murotake, (SCA Technica, Inc. Nashua NH, USA; david.murotak@scatechnica.com) Antonio Martin (SCA Technica, Inc., Nashua NH, USA;
More informationWireless e-business Security. Lothar Vigelandzoon
Wireless e-business Security Lothar Vigelandzoon E-business evolution Increased business drivers for cost efficiency & market penetration Increased Importance of brand reputation Distance between IT and
More informationOpenFog Reference Architecture. Presented by Dr. Maria Gorlatova OpenFog Consortium Communications Working Group Co-chair, Technical Committee Member
OpenFog Reference Architecture Presented by Dr. Maria Gorlatova OpenFog Consortium Communications Working Group Co-chair, Technical Committee Member My background Associate Research Scholar at Princeton
More informationSGS CYBER SECURITY GROWTH OPPORTUNITIES
SGS CYBER SECURITY GROWTH OPPORTUNITIES Eric Krzyzosiak GENERAL MANAGER DIGITAL Jeffrey Mc Donald Executive Vice President CERTIFICATION & BUSINESS ENHANCEMENT Eric Lee WIRELESS & CONSUMER RETAIL CYBER
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationCourse Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture
About this Course This course will best position your organization to analyse threats and detect anomalies that could indicate cybercriminal behaviour. The payoff for this new proactive approach would
More informationUNCLASSIFIED. R-1 Program Element (Number/Name) PE D8Z / Software Engineering Institute (SEI) Applied Research. Prior Years FY 2013 FY 2014
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior Years
More informationApplying MILS to multicore avionics systems
Applying MILS to multicore avionics systems Eur Ing Paul Parkinson FIET Principal Systems Architect, A&D EuroMILS Workshop, Prague, 19 th January 2016 2016 Wind River. All Rights Reserved. Agenda A Brief
More informationThe Need for Operational and Cyber Resilience in Transportation Systems
The Need for Operational and Cyber Resilience in Transportation Systems January 14, 2016 Dr. Nader Mehravari, MBCP, MBCI Cyber Risk and Resilience Management Software Engineering Institute Software Carnegie
More informationMachine-Based Penetration Testing
Always in Control CyBot Suite Machine-Based Penetration Testing www.cronus-cyber.com - April 2016 CyBot PRODUCT SUITE Unique, patented Machine-based Penetration Testing Software with Global Attack Path
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system
More informationArchitecting for Resiliency Army s Common Operating Environment (COE) SERC
Architecting for Resiliency Army s Common Operating Environment (COE) SERC 5 October 2011 Mr. Terry Edwards Director, ASA(ALT) Office of the Chief Systems Engineer (OCSE) (703) 614-4540 terry.edwards@us.army.mil
More informationCSE 544 Advanced Systems Security
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CSE 544 Advanced Systems
More informationCyBot Suite. Machine-based Penetration Testing
CyBot Suite Machine-based Penetration Testing CYBOT PRODUCT SUITE Unique, patented Machine-based Penetration Testing Software with Global Attack Path Scenarios (APS) product suite: CyBot Pro CyBot Enterprise
More informationCLOUD GOVERNANCE SPECIALIST Certification
CLOUD GOVERNANCE SPECIALIST Certification The Cloud Professional (CCP) program from Arcitura is dedicated to excellence in the fields of cloud computing technology, mechanisms, platforms, architecture,
More informationMark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services
Mark Littlejohn June 23, 2016 DON T GO IT ALONE Achieving Cyber Security using Managed Services Speaker: Mark Littlejohn 1 Mark is an industrial technology professional with over 30 years of experience
More informationDepartment of Defense Fiscal Year (FY) 2014 IT President's Budget Request Defense Advanced Research Projects Agency Overview
Mission Area Business System Breakout Appropriation BMA 0.027 Total 35.003 Defense Business Systems 0.027 All Other Resources 34.976 EIEMA 34.976 FY 2014 ($M) FY 2014 ($M) 35.003 FY 2014 ($M) FY13 to FY14
More information2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat
2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat Faye Francy Aviation ISAC February 2015 Company Organization Corporate Defense, Space & Security Boeing Capital Corporation
More informationMission Aware Cybersecurity
Mission Aware Cybersecurity Cody Fleming (UVA) Scott Lucero (OSD) Peter Beling, Barry Horowitz (UVA), Calk Elks (VCU) October 2016 1 Systems Engineering Research Center (SERC) Overview DoD and the Intelligence
More informationSWIFT 7.2 & Customer Security. Providing choice, flexibility & control.
SWIFT 7.2 & Customer Security Providing choice, flexibility & control. 0 SWIFT 7.2 UPGRADE: WHAT DO YOU NEED TO KNOW? DECEMBER 6, 2017 Patricia Hines, CTP Senior Analyst, Corporate Banking Celent SWIFT
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationCyber Security on Commercial Airplanes
Cyber Security on Commercial Airplanes John Craig Chief Engineer Cabin and Network Systems The Boeing Company October 2014 1 Top ten tips Richard A. Clarke 1. Don t be in denial 2. Don t underestimate
More informationTowards Effective Cybersecurity for Modular, Open Architecture Satellite Systems
SSC16-IV-6 Towards Effective Cybersecurity for Modular, Open Architecture Satellite Systems Presented to: 30 th Annual AIAA/USU Conference on Small Satellites August 2016 Presented by: Geancarlo Palavicini
More informationCSP 2017 Network Virtualisation and Security Scott McKinnon
CSP 2017 Network Virtualisation and Security Scott McKinnon smckinnon@vmware.com Security Lead, Northern EMEA Network & Security, VMware Disclaimer This presentation may contain product features that are
More informationPreemptive PREventivE Methodology and Tools to protect utilities
Preemptive PREventivE Methodology and Tools to protect utilities 2014 2017 With the financial support of FP7 Seventh Framework Programme Grant agreement no: 607093 1 Preemptive description Project objectives
More informationSpace Cyber: An Aerospace Perspective
Space Cyber: An Aerospace Perspective USAF Cyber Vision 2025 AFSPC 19-21 March 2012 Frank Belz and Joe Betser The Aerospace Corporation Computers and Software Division 20 March 2012 frank.belz@aero.org
More informationCSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague
Brmlab, hackerspace Prague Lightning talks, November 2016 in general in general WTF is an? in general WTF is an? Computer Security in general WTF is an? Computer Security Incident Response in general WTF
More information