james marsteller and von welch - amazon s3 · proposed to facsec 9/2016 - “ to develop a...
TRANSCRIPT
![Page 1: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/1.jpg)
James Marsteller and Von Welch
NSF Large Facilities Security WGFebruary 23rd 2017
trustedci.org
![Page 2: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/2.jpg)
http://www.nsf.gov/pubs/2015/nsf15549/nsf15549.htm
CTSC began with a 3-year NSF grant in 2012.
Re-funded in 2015 for 3 years by ACI/OAC Cybersecurity Innovation for Cyberinfrastructure (CICI) solicitation.
2
![Page 3: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/3.jpg)
3
http://trustedci.org/who-we-are/
![Page 4: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/4.jpg)
4
![Page 5: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/5.jpg)
Mission
Provide the NSF community a coherent understanding of cybersecurity’s role in producing
trustworthy science and the information and know-how required to achieve and maintain
effective cybersecurity programs.
5
![Page 6: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/6.jpg)
1. For the NSF science community to understand fully the role of cybersecurity in producing trustworthy science.
2. For all NSF projects and facilities to have the information and resources they need to build and maintain effective cybersecurity programs appropriate for their science missions, and responsive to evolving risks and requirements.
3. For all NSF Large Facilities to have highly effective cybersecurity programs.
6
![Page 7: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/7.jpg)
Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects, Identity Management Best Practices, Situational Awareness, Training, OSCRP
NSF Cybersecurity Summit, Monthly Webinars, Blog, Email Lists, Partnerships, Benchmarking Survey
LIGO, SciGaP, IceCube, Pegasus, CC-NIE peer review, DKIST, LTERNO, DataONE, SEAD, CyberGIS, HUBzero, Globus, LSST, NEON, U. Utah, PSU, OOI, Gemini, Array of Things, IBEIS, SciGaP, US Antarctic Program...
7
![Page 8: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/8.jpg)
http://trustedci.org/application
Demand outpaces Supply: apply by March 17th for 2017Q3-4 engagements.
8
![Page 9: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/9.jpg)
9
![Page 10: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/10.jpg)
10
Academic Research Fleet ARFAntarctic Infrastructure Modernization for Science AIMSArecibo Observatory AOAtacama Large Millimeter/submillimeter Array ALMACornell Laboratory for Accelerator-based Science and Education CLASSDaniel K. Inouye Solar Telescope DKISTGemini Observatory GEMINIGeodetic Facilities for Advancement of Geoscience & EarthScope GAGEGreen Bank Observatory GBOIceCube South Pole Neutrino Observatory IceCubeJOIDES Resolution International Ocean Discovery Program JOIDESLarge Hadron Collider LHCLarge Synoptic Survey Telescope LSSTLaser Inferometer Gravitational-Wave Observatory LIGOLong Term Ecological Research Network LTERNational Center for Atmospheric Research NCAR
National Ecological Observatory Network NEONNational Geophysical Observatory for Geoscience NEGONational High Magnetic Field Laboratory NHMFLNational Nanotechnology Coordinated Infrastructure NNCINational Nanotechnology Infrastructure Network NNINNational Optical Astronomy Observatory NOAONational Radio Astronomy Observatory NRAONational Solar Observatory NSONational Superconducting Cyclotron Laboratory NSCLNatural Hazards Engineering Research Infrastructure NHERIOcean Observatories Initiative OOIPolar Facilities and Logistics Seismology Facilities for Advancement of Geoscience & EarthScope SAGE
Orange: CTSC Past Engagee Green: Need to Connect
![Page 11: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/11.jpg)
11
Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the development and implementation of best practices, standards and requirements within the CI community.”
● First meeting on January 26th 2017
○ Attended: Ice Cube, CMS, LIGO, LSST, NHMFL NOAO
○ Established LF Security mailing list
● Monthly calls
● Develop lines of Communication / Build Community
![Page 14: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/14.jpg)
14
USAP NCAR Susan Ramsey
Arecibo NHERI
Academic Fleet NEON
CHESS SAGE
Green Bank GAGE
Gemini Chris Morrison NHMFL Peter Jensen
Ice Cube Steve Barnet NNCIIODP (Joides Resolution) NOAO Steve Grandi
LBO NRAO Patrick Murphy
LHC/ATLAS NSCL
LHC/CMS Mine Altunay NSO Bret Goodrich
LIGO Randy Trudeau OOIJuan jose Villalobos, Ivan Rodero
LSST Alex Withers
![Page 15: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/15.jpg)
● 2016 Summit ○ 98% of respondents selected “Good” or “Excellent.”
○ Lower NSF participation than 2015
○ Best CFP response to date (19 proposals)○ Summit Report published to community on
http://trustedci.org/2016summit
● 2017 Summit○ Dates selected: August 15-17 ○ Program Committee Organizing○ 2018 Summit in Alexandria
15
![Page 16: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/16.jpg)
● Generally: Feedback from Large Facilities to CI development community would be useful.
○ What services would be useful?○ How can they be developed to be most useful?
● Community standards for production software development are lacking, particularly for security.
○ E.g. assurance, patching, testing
● CTSC will convene Large Facilities and software developers (e.g. SI2) to determine reasonable expectations for production software security.
16
![Page 17: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/17.jpg)
Advise NSF CI community about relevant software vulnerabilities and provide guidance on mitigation.
Leverage NIST, US-CERT, XSEDE, REN-ISAC, and other sources of vulnerability information.
Currently eight identified Large Facilities subscribed.
http://trustedci.org/situational-awareness/
17
![Page 18: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/18.jpg)
● NSF Large Facilities Manual currently has no guidance on cybersecurity (Section 5.3)
○ https://www.nsf.gov/bfa/lfo/lfo_documents.jsp
● CTSC drafted guidance based on our engagements with Large Facilities
● Have shared with NSF Large Facilities Office. Will share with Large Facilities Security WG and broader community.
● Guidance is freely available for use by Large Facilities and NSF LFO.
18
![Page 19: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/19.jpg)
trustedci.org/survey
19
![Page 20: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/20.jpg)
⇨
● We were “CTSC” for three years before becoming the NSF Cybersecurity Center of Excellence.
● CTSC is recognized, but does not carry the gravitas as “CCoE”
○ A “Center of Excellence” is nationally recognized
● Will rebrand in 2017 to put Cybersecurity Center for Excellence front and center.
20
![Page 21: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/21.jpg)
Join our email lists for discussions and updates:
http://trustedci.org/ctsc-email-lists/
Blog: http://blog.trustedci.org/
Twitter: @TrustedCI
21
![Page 22: James Marsteller and Von Welch - Amazon S3 · Proposed to FacSec 9/2016 - “ To develop a relationship between those responsible for cybersecurity across the LFs and to advance the](https://reader033.vdocuments.us/reader033/viewer/2022051921/600e3e30468d954a99666955/html5/thumbnails/22.jpg)
Thank You
trustedci.org
We thank the National Science Foundation (grant 1547272) for supporting our work.
The views and conclusions contained herein are those of the author and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the NSF.
22