31 december 2013 cipher study stage an enterprise architecture approach to options analysis in large...
TRANSCRIPT
10 A
pril
202 3
CIPHER Study Stage
An Enterprise Architecture Approach to Options Analysis in Large Acquisition Programmes
2
10 A
pril
202 3
INTRODUCTION
Mr E. Fintan HANBURY – Thales CIPHER Team - Capability Director
3
10 A
pril
202 3
Programme Overview
The Programme – CIPHER Assessment Phase
The Thales CIPHER team (Thales, BT, Fujitsu) is one of two consortium conducting a competitive assessment of a full range of Options for delivery commencing in 2010
CIPHER is not just a technology project - the Options being assessed include varying degrees of business change, outsourcing, service-orientation and potential paradigm shifts in the technology used for information assurance
The CIPHER Programme, encompasses 3 Projects MOD’s Future Crypto Programme (FCP) MOD’s Interoperable Electronic Key Distribution Project (IKED) CESG’s Security Management Infrastructure (SMI) project
4
10 A
pril
202 3
Security Classification
Some aspects of the CIPHER Programme are classified up to TOP SECRET (STRAP)
This presentation is limited to UNCLASSIFIED material and therefore there may be areas of interest that cannot be covered and questions that cannot be answered
5
10 A
pril
202 3
Scope of CIPHER
CIPHER Single Statement of User Need (SSUN):
A capability that provides a management infrastructure for all grades of devices to meet the needs of UK MOD and wider government, and high grade cryptographic devices for UK MOD to meet the communication, confidentiality, availability, interoperability and data integrity needs of UK MOD for NEC, Defence Business and Operations
This means CIPHER must provide:
All High Grade cryptographic services for UK MoD
IA Service levels to meet the needs of the UK MoD for Defence Business & Operations
A pan-Government Security Management Infrastructure that will allow future IA components (e.g. firewalls, cryptographic functions and authentication services) to be initialised, configured, updated, and managed in a trusted & secure way
6
10 A
pril
202 3
INTRODUCTION
Mr Mike DUFFY – Thales CIPHER Team – Methods & Tools Manager
7
10 A
pril
202 3
Thales View of CIPHER
.
VISION: A single information assured architecture
MISSION: To deliver assurance to a secure and coherent information infrastructure at minimum whole-life cost while maintaining continuity of service to other CIPHER stakeholders
8
10 A
pril
202 3
An Integrated Reference Model of Information Assurance
IA comprises Components of Capability
IA Capability is more than just technical products assembled according to System Engineering principles.
It is about a Life-cycle that continuously
integrates all Enterprise Components to match levels of assurance to the value of the information being protected
No distinction between High-grade and Baseline IA as both levels encompass all IA Components of Capability.
Only difference is the relative mix of Service and Enterprise Components to achieve the required level of Assurance
Information State
Components
Service C
omponents
Enterpris
e Level
Counterm
easure C
omponents
Non-Repudiatio
n
Authenticatio
nAvaila
bility
Integrity
Processing
Transmission
Confidentia
lity
Po
licy &
Pro
ces
s/Pra
ctice
Tec
hn
olo
gy
Pe
op
le (train
ing
& e
du
cation
)
Storage
9
10 A
pril
202 3
The Starting Point - The Options Space to be explored
Phase A – Defines and Assesses 12 Options Phase B – Defines 4 Refined Options ( Rank + ‘Blend’ + ‘Distil’) Phase C – Assesses 4 Refined Options
Outsourcing – Extent of outsourcing and which aspects of solution option are appropriate to be outsourced
Performance – Degree to which the solution option meets the requirement
Translation Plan & Through Life Growth PlanRate at which new technology and processes will be fielded and updated
High
Medium
Low
High
High
As-Is
Options Space defined by
27 Point Options
10
10 A
pril
202 3
Dealing with Complexity
Given the complexity and multi-disciplinary nature of defining, assessing and comparing diverse options requires an innovative but structured approach to Options Assessment
The Thales Concept of Analysis employs: Reference Models covering all aspects of IA to ensure consistency
between Options
Enterprise Architecture to help structure and analyse Options using: MODAF rules for developing EA products to represent Options TOGAF to provide robust EA development environment
Soft Systems Methodology to provide Conceptual Frameworks to aid understanding of the problem space
COEIA based approach to determine Cost-Benefit ranking of Options and to support CIPHER Main Gate Business Case
11
10 A
pril
202 3
Reference Models to Define, Tune & Assess Options
Co
nce
ptu
al M
od
els
(IA
Sec
tor,
IA D
eliv
ery,
Def
ence
& O
GD
)
Op
tio
n ‘C
ub
e’
Ris
k
Co
st
Sa
fety
Pro
gra
mm
e
Mg
t
Bu
sin
es
s T
x
Assess Option
Option Benefit Assessment - Level of IA Capability
Capability Contribution
Capability Contribution
Capability Contribution
Capability Contribution
Option Assessment
Governance Reference
Model
Option Setting
Solution Figure of
Merit
IA Development
Reference Model
IA Service Management
Ref Model
IA Service Support
Reference Model
Use
r R
equ
ire
men
t D
ocu
men
t Capability
Contribution
Functional Elements
Axes
Mix
ing
Dec
k
Ref
eren
ce M
od
el ‘C
on
tro
l Set
tin
gs’
Shape Option Tune Option
Design Option
12
10 A
pril
202 3
A Generic Enterprise Capability Reference Model
Strategy, Polilcy & Objectives(Concepts & Doctrine)
Capability
Technical Standards
Organisational UnitActivity
Trained Competence
DriveDeliver
Pro
ject
s
ThreatServices
Data
Information
Systems Infrastructure
Depends on
Conducts
Decomposes
Uses Creates
Produces Consumes
Maps to
Produces ConsumesDeployed
on
To use
Has
Dep
loye
d a
t
Su
pp
ort
s
Go
vern
s
Go
vern
s
Go
vern
s
Go
vern
s
Capability (i.e. Desired Outcome or Effect)
Sustainment(Through-life)
Req
uirem
ents
The Ente
rpris
e Boundar
y
Location
Lo
cate
d a
t
EA Development Environment (TOGAF)EA Product Environment (MODAF Views)
Architecture Vision
Business Architecture
Information Systems
Architecture
Architecture Change
Management
Migration Planning
Technology Architecture
Prelim:Framework
& Principles
Technical Architecture
System & Application Architecture
Information & Data
Architecture
Business Architecture
EA REQUIREMENTS
Implementation Governance
Opportunities&
Solutions
13
10 A
pril
202 3
Use of MODAF Views in CIPHER Assessment Phase
Phase A avoids solutioneering by generating logical Views of Options
Phase C to produce Views required for Delivery & Through-Life Support
All Views (AV1 – AV2)
Strategic View(StV1 – StV6)
Operational Views(OV1 – OV7)
Service Views(SOV1 – SOV5
System Views(SV1- SV12)
Technical Views(TV1 – TV2)
Acquisition Views(AcV1 – AcV2)
MODAF Stack
Phase A Assessments
Requirements Engineering Enterprise Architecture
12 Options
Phase B
Rank + Distil + Blend
Phase C Assessments
Systems Engineering Business Change/
Restructure
4 Options
URD
Costed SRD
INPUTS
CONEMP
As-Is
ASSESSMENT PHASES A + B+ C OUTPUTS
Supporting EA Views
Conceptual & Logical Views Solution Related Views
14
10 A
pril
202 3
Soft Systems Methodology – Conceptual Enterprise Model
SSM uses a Generic Enterprise Reference Model and a set of Root Definitions (i.e. Statements of Purpose) as the basis for developing a Conceptual Activity Model of WHAT an Enterprise should be doing
Thales regards SSM Root Definition = MODAF StV-1 (Enterprise Vision)
P, M & C(Planning, monitoring and Control Activies)
L(Linking
activities)
S(Supportactivities)
Control actions
Environment
Enterprise Boundary
T(Transformation)
15
10 A
pril
202 3
CIPHER Phase A - Sources of Thales Generated EA Views
EA View
View Name Source of EA View
AV-1 Overview Thales IA Blueprint – Eco System View (strategic depiction of the IA environment)
StV-1 Enterprise Vision Statement of Purpose (SSM Root Definition)
StV-4 Capability Dependencies
Sub-system relationships (4 x SSM Conceptual Models)‘Interaction’ Model relationship of 4 x Conceptual Models
OV-2 Operational Node Relationship
Sub-systems within 4 x SSM Conceptual Models Analysis of CIPHER ‘Interaction’ Model
OV-5 Operational Activity Model
Activities within 4 x SSM Conceptual Models Activities logically derived by SME analysis using Thales Reference Models (4 in number)
OV-6c Operational Event Trace
Sub-system dependencies with 4 x SSM Conceptual Models Analysis of Authorities ‘Interaction’ Model
16
10 A
pril
202 3
AV-1 – Overview and Summary Information
MODAF (v1.2): AV-1 is usually a structured text that should provide executive-level summary information including assumptions, constraints, and limitations that may affect any architecture-based work programme.
The Eco System View: AV-1 should also provide a depiction of the IA environment Thales believes is best achieved by including a structured
model of that environment
17
10 A
pril
202 3
AV-1: Thales IA Blueprint – Pan Government Eco System
SUPPLIERDOMAIN
(Supplier Eco-system)
US + 5 Eyes
Collaboration Domains
NEC Links
Other USA
US DoD
Coalition Partners
NHS
SecureRegional
DWP HMRC
SecureNon-
Government
SOCA
Police Forces
UK Border Agencies
Network Providers
Solution/Hosting Providers
Crypto Provider
Innovation & Reach-back
SkyNet
DFTS
Battle Space Platforms
GCPD
CO
GCHQFCO
GCB
Critical National
Infrastructure
The Citizen
DIIDEC
(Def Elect Commerce)HF
Demanders (Defence/ High Threat Club Collaboration Domain) FCN Coverage & NEC Links
Demanders (UK Pan-Government &
UK plc Collaboration Domain)
OCEAN/PSN Coverage
CIPHERIA
IA Governance
CIPHER Services
DfId
18
10 A
pril
202 3
Eco System provides for Dynamic Communities of Interest
SUPPLIERDOMAIN
(Supplier Eco-system)
US + 5 Eyes
Collaboration Domains
NEC Links
Other USA
US DoD
Coalition Partners
NHS
SecureRegional
DWP HMRC
SecureNon-
Government
SOCA
Police Forces
UK Border Agencies
Network Providers
Solution/Hosting Providers
Crypto Provider
Innovation & Reach-back
SkyNet
DFTS
Battle Space Platforms
GCPD
CO
GCHQFCO
GCB
Critical National
Infrastructure
The Citizen
DIIDEC
(Def Elect Commerce)HF
Demanders (Defence/ High Threat Club Collaboration Domain) FCN Coverage & NEC Links
Demanders (UK Pan-Government &
UK plc Collaboration Domain)
OCEAN/PSN Coverage
CIPHERIA
IA Governance
CIPHER Services
DfId
CIPHER will generate dynamic Communities
of Interest to match scenario requirements
19
10 A
pril
202 3
StV-1 – Enterprise Vision
MODAF (v1.2): The purpose of an StV-1 is to provide a strategic context for the capabilities described in the Architecture. It also provides a high-level scope for the Architecture which is more general than the scenario-based scope defined in OV-1.
SSM Root Definition: A structured, Enterprise-level statement of purpose that contains the following explicit components: Customer or beneficiary of Enterprise endeavour Actors who undertake processes within the Enterprise Transformation – the Enterprise’s primary input/output process Perceptions of purpose likely to shape the Enterprise Owner – the wider system decision-maker (or Chief Exec) Environmental factors likely to constrain the Enterprise
20
10 A
pril
202 3
StV-4 – Capability Dependencies
MODAF (V1.2) – The purpose of StV-4 is to describe the dependencies between planned capabilities and defines logical groupings of capabilities (Capability Clusters)
SSM Enterprise Model (conceptual) - comprises a set of interdependent sub-systems where each sub-system: Is made up of a group of interdependent activities Represents a component of Enterprise Capability Has a boundary determined by control system theory
21
10 A
pril
202 3
IA Sector Enterprise Dependency Model (StV-4)
StV-4 = SSM derived Model presented at sub-system level
Activity aspect within sub-systems provides basis for OV-5 Views
Sub-systems also form basis for MODAF enterprise nodes (OV-2)
There are currently 5 of these Reference Models: IA Authority IA Sector (producer) IA Delivery Defence (User) OGD (Generic User)
2. Information Assets
Requirement
7. Development Plan
Formulations
11. Development Plan
Execution
15. Knowledge base management
16. Auditing
17. Reporting
18. Overall performance control
5. Constraint
management
Sec
tor
Org
ani
satio
ns
Cu
rren
t ch
ann
el
avai
labi
lity
Political & business changes
Vul
nera
bili
ty &
ris
k a
war
ene
ss
Req
uire
me
nts
Plans
Cha
nge
pro
gra
mm
es
App
lica
tion
s
En
viro
nmen
tal
chan
ges
Practices
Pra
ctic
es
Allocated resources
Resource requirements
Less
ons
Adaptation
Data Data
Control A
ction Performance Into
Reduced degrees of freedom
External constraints
Audits Reports
Unified IA Sector Enterprise Reference Model (St-V4)
3.Threat/Risk/Opportunity
Management
Responses
External influences
OGD Classifications
Available Services
Requirements
8.Best practice management
Developments in technology 9.
Technology exploitation
4. Environmental
changes
1. IA Sector Definition
(Scope & Membership)
Government Departments
13. Best practice
promotion
Lessons
Info
rmat
ion
Req
uire
men
ts
Sup
port
In
form
atio
n
Pla
nn
ing
Ser
vice
s &
P
rod
uct
sR
eso
urc
ing
Lea
rnin
g &
Kn
ow
led
ge
Go
vern
ance
14. Learning management
Pro
du
ct
Dev
elo
pm
ent
IA S
ec
tor
Va
lue
Ch
ain
Co
nfo
rman
ce
Go
vern
ance
Op
erat
ion
al P
erfo
rman
ce G
ove
rnan
ceD
irec
tio
nal
G
ove
rnan
ceP
rod
uct
s &
Ser
vice
s
Use
rs o
f IA
Cap
abil
ty
Del
iver
ers
of
IA C
ap
abilt
y
6. IA Infrastructure
Availability
IA A
uth
ori
ty
Sector Organisations
Policy & Standards Adoption Mechanisms
Developm
ents
in practice
Policy &Standards
Requirements
12. HR Management10. Physical Resource Management
1
5
5
22
10 A
pril
202 3
CIPHER ‘Interdependency’ Model
The following 4 x Conceptual Activity Models support the analysis of a version of the MOD’s CIPHER ‘Interdependency’ Model: IA Sector IA Delivery MOD Generic Government Department (OGD)
End User Department Model(MOD & OGD Models)
IA Delivery ModelUK IA Sector Model
IA Integrators
Influencers
Owner
Suppliers Demanders
Owner Owner
Co
nfo
rman
ce
Go
vern
an
ce
Op
era
tio
nal
Go
vern
ance
Dir
ecti
on
al
Go
vern
an
ce
IA Capability Value ChainProduce & supply IA
Components of CapabilityDelivery of IA
CapabilityOrder & Use IA
Capability
Go
vern
ance
Axi
s
23
10 A
pril
202 3
Benefits identified in using an EA based approach
Identifies relationships between business, information, system and technical aspects of various Options
Supports URD (WHAT) analysis and SRD (HOW) development Supports Impact Analysis of IA driven Business Transformation Encourages diverse Stakeholder engagement at all stages Enables rapid ‘WHAT-IF’ re-scoping of programme boundaries Better understanding of dependencies and environmental
constraints Supports a structured and disciplined analysis environment Facilitates coherency & consistency across design and analysis
activities Multi-disciplinary communication channel within the team Initiates development of a referencable Through-Life repository Provides an audit trail and supports configuration management
BUT…. EA and Reference Models are only tools to support design and analysis – they are NOT a substitute for expertise