An Integrative Framework for Secure and Resilient Mission Assurance

Transcription

1 Sentar Inc 315 Wynn Dr Huntsville, AL An Integrative Framework for Secure and Resilient Mission Assurance 10/18/2010 1

2 What is^ Mission Assurance? DoD Definition: Mission Assurance is a process to ensure that assigned tasks or duties can be performed in accordance with the intended purpose or plan. When an attack evades detection and defeat and disrupts US systems and networks, the defensive priority turns to survival and mission assurance. In this context, MA seeks to ensure that critical MEFs [Mission Essential Functions] fight through and recover from attacks against the underlying cyber infrastructure. (Jabbour, 2010) 10/18/2010 2

3 Understanding Mission Dependencies is Key to MA Mission awareness lies at the heart of situational awareness. Understanding the dependence of missions on specific assets, the interdependence of assets, and the interdependence of missions drives the requirements for SA. (Jabbour, 2010) 10/18/2010 3

4 VIDEO 10/18/2010 4

5 Cyber Mission Resilience (CMR): An achievable objective Current security approaches to protect information systems have focused on preventing attacks from being successful by hardening defenses with authentication, encryption, and a variety of layer violating network devices (i.e., firewalls, network address translators, intrusion detection systems). What is not being captured is the survivability of an entire system to failures or attack. (Yurcik et al, 2000) Achieving high performance requires consistency in results, which necessitates consistency in operations One way to respond well in a crisis is to become more resilient to excel at anticipating and managing disruptions Mission resilience, by improving an agency s ability to operate during routine disruptions, also improves the agency s overall mission effectiveness even if no disaster occurs. (Accenture, 2008) 10/18/2010 5

6 Cyber Mission Resilience Framework Cyber Mission Awareness CMR Conceptual Baseline CMR Engineering Process Objective measure of Cyber Mission Resilience Operational Readiness Operational Assurance Security Quality Assurance of Mission CMR Metrics 10/18/2010 6

7 CMR ENGINEERING 10/18/2010 7

8 Engineering Process / Methodology Systems Engineering V process model ends at transition Truly resilient cyber architectures will anticipate, adapt and respond to threats occurring during operations DAU Systems Engineering Process Integration of operational concerns through iterative development is difficult at best. 10/18/2010 8

9 Cyber Mission Resiliency V System Concept CONOPS Mission Dependency Analysis IA/CND Architecture Critical Component/function Identification / Dependency Determinations Rapid Feedback Loop APT Response System Validation Operations and Sustainment Support Resilience as achieved Metrics Resilience Sustained Metrics System IA / CND Rqmts IA S/W Quality Plan Cyber Resiliency Dependency Mitigations IA /CND Verification Plan IA/CND Allocations HW/SW/ Procedural System Security Requirements and Verification Plan System Security Requirements Allocation E.g. new variant of Malicious Code System Integration Support System Test Support System Verification IA/CND Policies IA/CND Training IA/CND Exit Criteria IA/CND Critical Dependencies Mitigation Verification IA/CND HW/SW Testing Software Integrity (Quality) Testing Model & Simulation V V&A (if applicable)

10 CMR METRICS 10/18/

11 Metrics: Key to the V&V of Resilience The purpose of a metric is to assist with organizationallevel analysis and assessment and are used to facilitate decision making, improve performance/accountability, and determine effectiveness of controls/processes/policies (Bryant, 2007) Confidence and trust can be built through demonstration of reduced variation, improved dependability, consistent performance, and stable reliability Demonstrating these qualities is a matter of repetition and statistical measurement 10/18/

12 Measuring CMR through Metrics 10/18/

13 Achieving CMR: FAA & NORAD MTBF NORAD conducts persistent aerospace warning, aerospace control and maritime warning in the defense of North America. MTBDE MM FI MTBCF/ MTTRF 10/18/

14 Summary Achieving Cyber Mission Resilience requires a new way of structuring our system engineering processes and Cybersecurity Cyber Mission Resilience will be sustained through» An Integrated framework (baseline)» Greater Engineering emphasis on critical dependencies & Operational integration (methodology)» Meaningful Metrics (measures) 10/18/

15 QUESTIONS? /18/