Kathleen Fisher Program Manager, Information Innovation Office

Similar documents
Multi-Modal Communication

4. Lessons Learned in Introducing MBSE: 2009 to 2012

Service Level Agreements: An Approach to Software Lifecycle Management. CDR Leonard Gaines Naval Supply Systems Command 29 January 2003

Empirically Based Analysis: The DDoS Case

DoD Common Access Card Information Brief. Smart Card Project Managers Group

2013 US State of Cybercrime Survey

Space and Missile Systems Center

Using Model-Theoretic Invariants for Semantic Integration. Michael Gruninger NIST / Institute for Systems Research University of Maryland

FUDSChem. Brian Jordan With the assistance of Deb Walker. Formerly Used Defense Site Chemistry Database. USACE-Albuquerque District.

Technological Advances In Emergency Management

ARINC653 AADL Annex Update

Information, Decision, & Complex Networks AFOSR/RTC Overview

A Review of the 2007 Air Force Inaugural Sustainability Report

Running CyberCIEGE on Linux without Windows

High-Assurance Security/Safety on HPEC Systems: an Oxymoron?

Dana Sinno MIT Lincoln Laboratory 244 Wood Street Lexington, MA phone:

Architecting for Resiliency Army s Common Operating Environment (COE) SERC

COMPUTATIONAL FLUID DYNAMICS (CFD) ANALYSIS AND DEVELOPMENT OF HALON- REPLACEMENT FIRE EXTINGUISHING SYSTEMS (PHASE II)

75th Air Base Wing. Effective Data Stewarding Measures in Support of EESOH-MIS

Vision Protection Army Technology Objective (ATO) Overview for GVSET VIP Day. Sensors from Laser Weapons Date: 17 Jul 09 UNCLASSIFIED

C2-Simulation Interoperability in NATO

Space and Missile Systems Center

Towards a Formal Pedigree Ontology for Level-One Sensor Fusion

Exploring the Query Expansion Methods for Concept Based Representation

A Distributed Parallel Processing System for Command and Control Imagery

Concept of Operations Discussion Summary

Wireless Connectivity of Swarms in Presence of Obstacles

ASSESSMENT OF A BAYESIAN MODEL AND TEST VALIDATION METHOD

Energy Security: A Global Challenge

Current Threat Environment

Topology Control from Bottom to Top

ENVIRONMENTAL MANAGEMENT SYSTEM WEB SITE (EMSWeb)

Using Templates to Support Crisis Action Mission Planning

73rd MORSS CD Cover Page UNCLASSIFIED DISCLOSURE FORM CD Presentation

Use of the Polarized Radiance Distribution Camera System in the RADYO Program

Dr. Stuart Dickinson Dr. Donald H. Steinbrecher Naval Undersea Warfare Center, Newport, RI May 10, 2011

Washington University

SURVIVABILITY ENHANCED RUN-FLAT

Data Warehousing. HCAT Program Review Park City, UT July Keith Legg,

73rd MORSS CD Cover Page UNCLASSIFIED DISCLOSURE FORM CD Presentation

Components and Considerations in Building an Insider Threat Program

Directed Energy Using High-Power Microwave Technology

Corrosion Prevention and Control Database. Bob Barbin 07 February 2011 ASETSDefense 2011

Web Site update. 21st HCAT Program Review Toronto, September 26, Keith Legg

MODELING AND SIMULATION OF LIQUID MOLDING PROCESSES. Pavel Simacek Center for Composite Materials University of Delaware

Setting the Standard for Real-Time Digital Signal Processing Pentek Seminar Series. Digital IF Standardization

U.S. Army Research, Development and Engineering Command (IDAS) Briefer: Jason Morse ARMED Team Leader Ground System Survivability, TARDEC

Accuracy of Computed Water Surface Profiles

Cyber Threat Prioritization

SINOVIA An open approach for heterogeneous ISR systems inter-operability

Approaches to Improving Transmon Qubits

LARGE AREA, REAL TIME INSPECTION OF ROCKET MOTORS USING A NOVEL HANDHELD ULTRASOUND CAMERA

Basing a Modeling Environment on a General Purpose Theorem Prover

Shallow Ocean Bottom BRDF Prediction, Modeling, and Inversion via Simulation with Surface/Volume Data Derived from X-Ray Tomography

US Army Industry Day Conference Boeing SBIR/STTR Program Overview

The C2 Workstation and Data Replication over Disadvantaged Tactical Communication Links

Defense Hotline Allegations Concerning Contractor-Invoiced Travel for U.S. Army Corps of Engineers' Contracts W912DY-10-D-0014 and W912DY-10-D-0024

BUPT at TREC 2009: Entity Track

ASPECTS OF USE OF CFD FOR UAV CONFIGURATION DESIGN

AFRL-ML-WP-TM

Automation Middleware and Algorithms for Robotic Underwater Sensor Networks

Introducing I 3 CON. The Information Interpretation and Integration Conference

PEO C4I Remarks for NPS Acquisition Research Symposium

Secure FAST: Security Enhancement in the NATO Time Sensitive Targeting Tool

Distributed Real-Time Embedded Video Processing

32nd Annual Precise Time and Time Interval (PTTI) Meeting. Ed Butterline Symmetricom San Jose, CA, USA. Abstract

Preventing Insider Sabotage: Lessons Learned From Actual Attacks

QuanTM Architecture for Web Services

DoD M&S Project: Standardized Documentation for Verification, Validation, and Accreditation

DEVELOPMENT OF A NOVEL MICROWAVE RADAR SYSTEM USING ANGULAR CORRELATION FOR THE DETECTION OF BURIED OBJECTS IN SANDY SOILS

ATCCIS Replication Mechanism (ARM)

CENTER FOR ADVANCED ENERGY SYSTEM Rutgers University. Field Management for Industrial Assessment Centers Appointed By USDOE

Office of Global Maritime Situational Awareness

WAITING ON MORE THAN 64 HANDLES

NEW FINITE ELEMENT / MULTIBODY SYSTEM ALGORITHM FOR MODELING FLEXIBLE TRACKED VEHICLES

David W. Hyde US Army Engineer Waterways Experiment Station Vicksburg, Mississippi ABSTRACT

NATO-IST-124 Experimentation Instructions

Headquarters U.S. Air Force. EMS Play-by-Play: Using Air Force Playbooks to Standardize EMS

Monte Carlo Techniques for Estimating Power in Aircraft T&E Tests. Todd Remund Dr. William Kitto EDWARDS AFB, CA. July 2011

Requirements for Scalable Application Specific Processing in Commercial HPEC

Speaker Verification Using SVM

SNUMedinfo at TREC CDS track 2014: Medical case-based retrieval task

Ross Lazarus MB,BS MPH

2011 NNI Environment, Health, and Safety Research Strategy

Advanced Numerical Methods for Numerical Weather Prediction

Computer Aided Munitions Storage Planning

Better Contextual Suggestions in ClueWeb12 Using Domain Knowledge Inferred from The Open Web

Advanced Numerical Methods for Numerical Weather Prediction

INTEGRATING LOCAL AND GLOBAL NAVIGATION IN UNMANNED GROUND VEHICLES

An Efficient Architecture for Ultra Long FFTs in FPGAs and ASICs

Increased Underwater Optical Imaging Performance Via Multiple Autonomous Underwater Vehicles

An Update on CORBA Performance for HPEC Algorithms. Bill Beckwith Objective Interface Systems, Inc.

Agile Modeling of Component Connections for Simulation and Design of Complex Vehicle Structures

75 TH MORSS CD Cover Page. If you would like your presentation included in the 75 th MORSS Final Report CD it must :

Chemical, Biological, Radiological & Nuclear Defense Information Analysis Center CBRNIAC

VICTORY VALIDATION AN INTRODUCTION AND TECHNICAL OVERVIEW

Title: An Integrated Design Environment to Evaluate Power/Performance Tradeoffs for Sensor Network Applications 1

UMass at TREC 2006: Enterprise Track

Rockwell Science Center (RSC) Technologies for WDM Components

HEC-FFA Flood Frequency Analysis

Transcription:

Kathleen Fisher Program Manager, Information Innovation Office High Assurance Systems DARPA Cyber Colloquium Arlington, VA November 7, 2011

Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. 1. REPORT DATE 07 NOV 2011 4. TITLE AND SUBTITLE High Assurance Systems 2. REPORT TYPE 3. DATES COVERED 00-00-2011 to 00-00-2011 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT NUMBER 5e. TASK NUMBER 5f. WORK UNIT NUMBER 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) Defense Advanced Research Projects Agency (DARPA),Information Innovation Office,3701 North Fairfax Drive,Arlington,VA,22203-1714 8. PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSOR/MONITOR S ACRONYM(S) 12. DISTRIBUTION/AVAILABILITY STATEMENT Approved for public release; distribution unlimited 11. SPONSOR/MONITOR S REPORT NUMBER(S) 13. SUPPLEMENTARY NOTES Presented at the Colloquium on Future Directions in Cyber Security on November 7, 2011, Arlington, VA. 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT a. REPORT unclassified b. ABSTRACT unclassified c. THIS PAGE unclassified Same as Report (SAR) 18. NUMBER OF PAGES 8 19a. NAME OF RESPONSIBLE PERSON Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std Z39-18

Physical systems vulnerable to cyber attacks Falsified speedometer reading: 140 mph in [P]ark! K. Koscher, et al. "Experimental Security Analysis of a Modern Automobile," in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 16-19, 2010.

Many remote attack vectors Long-range wireless Indirect physical Entertainment Mechanic Short-range wireless Image sources: www.autoblog.com, www.journalofamnangler.com, www.1800pocketpc.com, en.wikipedia.org/wiki/compact_disc www.thedigitalbus.com, coolmaterial.com, www.laptopsarena.com, www.elec-intro.com, mybluetoothearbuds.blogspot.com, www.diytrade.com

Pervasive vulnerability SCADA Systems Computer Peripherals Vehicles Medical Devices Communication Devices Sources: en.wikipedia.org/wiki/file:gas_centrifuge_cascade.jpg, gis-rci.montpellier.cemagref.fr, cyberseecure.com, www.ourestatesale.com, www.eweek.com, pastorron7.wordpress.com, landsat.gsfc.nasa.gov, www.tech2date.com, www.militaryaerospace.com, www.naval-technology.com, www.chinacartimes.com

We need a fundamentally different approach State of the art: Anti-virus scanning, intrusion detection systems, patching infrastructure This approach cannot solve the problem. Focused on known vulnerabilities; can miss zero-day exploits Can introduce new vulnerabilities and privilege escalation opportunities 1/3 of the vulnerabilities are in security software!

Critical Components within Reach of Formal Methods Verified Yet-To-Be-Verified 100000000 Systems Systems 10000000 5M >$120M 12K PY 10M 40M 1000000 Lines of Code 100000 10000 1000 11 PY 9K 200K 100 10 1 *Includes non-security relevant code

High-Assurance Component Factory Cyber Physical Key Challenges Reusable components Composition Increasing automation Scaling Concurrency Cyber-physical integration Sources: en.wikipedia.org/wiki/file:gas_centrifuge_cascade.jpg, gis-rci.montpellier.cemagref.fr, cyberseecure.com, www.ourestatesale.com, www.tech2date.com, www.eweek.com, dronewarsuk.wordpress.com High Assurance: Correctness, Safety, Security

Feedback welcome! Promising research directions? Additional challenges? Other things you think I should know? Contact Information: Kathleen.Fisher@darpa.mil

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback