development, analysis and evaluation of ......setting the scene … m the world is quickly embracing...

Development, Analysis and Evaluationof Cyber Resilience Strategies

Development, Analysis and Evaluationof Cyber Resilience Strategies

Lehmann/Helmbrecht ICT Resilience Erice 2016

Prof. Dr. Axel LehmannProf. Dr. Udo Helmbrecht

Institut für Technische Informatik, Universität der Bundeswehr München, Germany

European Union Agency for Network &Information Security, Greece

Development, Analysis and Evaluation ofCyber Resilience Strategies



m Outline

q Expected Trends and Opportunities of the Cyber Worldq Cyber Resilience:

Requirements, Methods, Challenges

q Objectives & Tasks of the Proposed Project No 12

Setting the scene …Setting the scene …

m The world is quickly embracing digital in every part of our life. m e-banking, e-health, e- commerce, e- education, e-everything are

all now totally dependent on an open, safe and secure cyberspace.

m We are witnessing the development and deployment of smart manufacturing, the Internet of Things and computer controlled critical infrastructures.

m Digital is challenging the delivery of old business models, while at the same time providing opportunities for the new world.

m We have to ensure the trust of its citizens and industry to have the necessary confidence to work and live in the digital world.


6technologiesarerevolutionizingITmarkets…

SOURCE: Gartner,MGI,Teamanalysis,CAGR=compound annualgrowthrate

Descriptionoftechnology Growthtrend

Bigdata• Global 33%CAGR2011-

2015• Ability torun complex

calculations on bigamounts ofdatainameaningful timeframe

Cloudcomputing

• Global 27%CAGR inpublic cloud servicesrevenues

• Hosting ofsoftware oncentralizedserverswith high-speed accessthrough theInternet

Mobiletechnology

• Massive increase ofmobilecomputing power, storage, andbandwidth

Naturaluserinterfaces

• 30%reduction inpagevisits per click

• Creationof newkinds ofinterfaces thatallow formoreintuitive handling ofITsystems

Computation,storage,andnetworks

• Global 15%CAGR inenterprise storagemarket

• Possibility tostorelargeamountsofdataand transferthedatawithhigh bandwidth between computers

Sensorsandactuators

• Potential $4-11economic impactestimated in2025

• Introduction of cheapsensors andactuatorstocollect hugeamountsofdata

• Global 27%CAGR inmobile-to-mobile communicationsrevenues

Lehmann/Helmbrecht ICTResilience Erice2016

5Gmobilecommunication


Opportunity1:SmartGrids

From:http://cleantechnica.com/2014/02/19/global-smart-grid-investment-grows-china-leads-us-falls-behind


Opportunity2:SmartHomes

Image: http://www.refitsmarthomes.org/index.php/about/


Opportunity3:eHealth

Image: http://www.solutions-magazine.com/le-health-bruxellois-se-developpe/


Challenges

Complexnetworksandservices

Lowqualitysoftware&hardware

Asymmetricthreatsallowingremoteattacks

Increasingorganisedcybercrimeandindustrialespionage

Lackofinternationalagreementsandregimes


Automated Driving – tesla Autopilot

WhyCyberSecurityisaPlanetaryEmergency

> Learn from:




m Outline

q Expected Trends and Opportunities of the Cyber World

q Cyber Resilience:

Requirements, Methods, Challengesq Objectives & Tasks of the Proposed Project No 12

Definition: Resilience of a System Definition: Resilience of a System


“… the ability of an organization or asystem to continue to carry out itsmission during a disruptive event andthen return to normal operations once thestress of the disruption is relieved”

(US Dep. of Homeland Security)

Resilience Analysis …..Resilience Analysis …..


…. requires to consider 4 stages of event management to maintain system resilience:

- Plan/prepare (w.r.t. malfunction, failures, attack, etc.)- Absorb (isolating disruption)- Recover (return to pre-event functionality, performance)- Adapt (implement lessons learned)

(National Academy of Sciences)

Resilience of a System in Cyber Space …..Resilience of a System in Cyber Space …..


m … has to consider …

- > ubiquitous, pervasive, mostly invisible computing

- > interconnectivity between (sub-)systems -> “System-of-Systems”

-> global connectivity through internet -> “hyperconnectivity” (World Economic Forum)

Resilience

ThreatAgentDomain

Threats Means

Metrics (ref)isExpressedBy


For Resilience of Critical Infrastructures …For Resilience of Critical Infrastructures …


- ….. 5 strategic layers have to be considered:- Global layer- Enterprise / Private layer- Information layer- Technology layer- Physical layer

- Simulation-based analyses of propagation of disruptive events through the layered system architecture (dependency graphs; SATURN: Self-Organizing Adaptive Technology Underlaying Resilient Networks)

( Creese, Goldsmith, Adetoye, IEEE,2011)

Important Factors of ICT- / Cyber-Resilience EngineeringImportant Factors of ICT- / Cyber-Resilience Engineering


m Minimizing risks caused by faults, errors, failures, misuse, attacks, accidents or disasters in ICT-systems:

ICT-Risk = Threats * Vulnerabilities * Assets

m IT- / Cyber Resilience Engineering requires:q Identification of key IT assets

q Controls to protect those assets from harmq Ability of those systems to operate under stress and recover

from disruptive eventsq Processes for … protection and sustainment activities

q Development of appropriate metrics and measures

Expected Major Trends of ICTs ….Expected Major Trends of ICTs ….


m … technological innovations, e.g.:q Low-energy-consuming Micro-… to …High-Performance-

Computers (Exabyte)

q “More Moore” & “More than Moore” on a chip ->

-> Cost-effective sensors /actors

-> Cyber physical systems



… organization / computing principles, e.g.:q Organic computing: self-x-properties,

(x = adapting, organizing, repair)q Neural computing (artificial neural nets)

q Artificial Intelligence applications



…. lead to major chances & risks:q Increasing interconnectivity between components & systems

q Evolutionary “System of Systems” development-> Increasing size of a system´s state space

-> Emergent system behaviour !!!

q Key challenge w.r.t. cyber resilience :-> “Mastering” System-State-Space-Complexity of

ICT-systems /-applications !!??

Major Problem ofUbiquitous Computing & Communication ....Major Problem ofUbiquitous Computing & Communication ....

§ ... is „System State Space Explosion“:

q Simple functional analysis requires:Ø reachability analysis for each state in state spaceØ feasible for state space size ≤ 10100 !!

n Numerical Analyses (of non-functional parameters, e.g. performance / reliability)

n for state space: ≤ 108 (approx. < 1/2 day on a PC)≤ 109 (still computable on a PC)≤ 1010 (on a PC Cluster)

⇒ Full state space exploration is practically impossible:⇒ result in emergent system behaviour !!


ConclusionsConclusions


m Summaryq Key Challenge: How can we master the (system state space)

complexity of ubiquitous ICT-systems !?m Conclusion

q Need to better understand / analyse emergent systems

behaviour ( by mathem. modelling & simulation )q Intelligent control for protection and self-adaptation

q Policies (principles)q Standards & Guidelines

q Tests for validation 6 certification




m Outline

q Expected Trends and Opportunities of the Cyber World

q Cyber Resilience:

Requirements, Methods, Challenges

q Objectives & Tasks of the Proposed Project No 12

Development, Analysis and Evaluation ofCyber Resilience StrategiesDevelopment, Analysis and Evaluation ofCyber Resilience Strategies


Proposed Project:

Ø Efficient concepts and algorithms for system state space exploration (e.g. by model checking)

Ø Identification of major sources of ICT vulnerabilities and risks

Ø Development of efficient mathematical and logical modeling methods (e.g. Markovian models, reasoning methods)

Ø Simulation experiments (e.g. data farming) for risk and vulnerability analysis

Ø Analyses and evaluation of resilience strategies

Thank you very muchfor your interestand attention!



EuropeanUnionAgencyforNetwork&InformationSecurity

POBox1309,71001Heraklion,Greece

Tel:+302814409710

[email protected]

www.enisa.europa.eu

UniversitätderBundeswehrMünchenInstitutfürTechnische InformatikFakultätfürInformatik

D-85577Neubiberg,Bavaria,Germany

Tel:+498960042648

[email protected]

www.unibw.de

development, analysis and evaluation of ......setting the scene … m the world is quickly embracing...

Documents