Security WG:Report of the Spring

2012 MeetingEuropean Space Operations Centre

Darmstadt, Germany19 April, 2012Howard Weiss

NASA/JPL/SPARTAhoward.weiss@sparta.com

+1-443-430-8089skype: hsweiss

Meeting Agenda

• 16 April 2012– 08:45 – 09:45: CCSDS Plenary– 09:45 – 12:30: Systems Engineering Area (SEA) Plenary

• 16 April 2012: – 14:00 – 17:30: Security WG

– Welcome, introductions, logistics, agenda review– Review results of Fall 2011 (Colorado) meeting

– Status of documents, action items– Charter review (if needed)– Security Architecture Status (Black)– SM&C Security Discussion (Fischer)– Algorithm Document RID review (Weiss)– Algorithm Yellow Book review (Weiss)

– Testing Plans (CNES, DLR, ESA)– Algorithm Green Book Review (Weiss)

Meeting Agenda (cont)

• 17 April 2012 (08:45 – 17:30)– SM&C Support (Fischer) (joint mtg @ 09:00)– Key Management Blue Book revisions(Fischer/Aguilar-Sanchez)– Threat book re-write (Black/Weiss/Biggerstaff)– Network Layer Security Update (Weiss)– Cross Support (All) ??– Link Layer Security Update (Biggerstaff/Weiss/Aguilar-Sanchez)– Other areas of discussion– New work areas

• 18 April 2012 – 08:45-17:30: Space Data Link Security WG

• 19 April 2012– 08:45-12:30: Space Data Link Security WG– 14:30-17:30: SEA Wrap-up Plenary

Attendance

Name Organization Email Address

Howard Weiss (Chair) NASA/JPL/SPARTA howard.weiss@sparta.com

Gordon Black UK Space Agency/Logica gordon.black@logica.com

Daniel Fischer ESA/ESOC daniel.fischer@esa.int

Martin Pilgram DLR martin.pilgram@dlr.de

Craig Biggerstaff NASA/JSC/Lockheed craig.biggerstaff-1@nasa.gov

Ignacio Aguilar-Sanchez ESA/ESTEC ignacio.Aguilar.Sanchez@esa.int

Clayton Sigman NASA/GSFC clayton.signman@nasa.gov

Dorothea Richter DLR dorothea.richter@dlr.de

Keith Scott NASA/JPL/MITRE kscott@mitre.org

Yuan Gung BITTT/CNSA yuangang@bitttt.cn

Ed Birrane NASA/JHU/APL Edward.birrane@jhuapl.edu

Julian Airaud CNES Julien.airaud@cnes.fr

Executive Summary Attendees from UK Space Agency, ESA/ESTEC, ESA/ESOC, DLR,

BITTT/CNSA, CNES, NASA/JSC, NASA/GSFC, and NASA/JPL. No attendees from ASI.

Reviewed charter updates as recorded on CWE. Action to restructure into two lists: development work and “revise & maintain” activities.

Reviewed the RID changes to the Security Architecture document – ready for 2nd Agency review.

Dispositioned 53 Algorithm Blue Book RIDs. Document will be revised for 2nd Agency review. Algorithm paper to be presented at SpaceOps.

Reviewed the Algorithm Yellow Book and testing that DLR has already accomplished. A few changes are needed to the document.

Reviewed 1st draft of Algorithm Green Book. Discussed potential directions for Threat Green Book revision. Discussed and met with SM&C regarding security test cases & eventual

integration of Key Management into SM&C. Reviewed good progress of KM Blue Book. SDLS making good progress.

Summary of Goals and Deliverables

1. Action to restructure charter.

2. Final WG review of Security Architecture after update from RIDs.

3. RIDs against Algorithm document dispositioned.

4. 1st draft of Algorithm Green Book reviewed.

5. DLR has already used the Yellow Book to carry out algorithm testing. ESA is also planning to perform testing.

6. KM Blue Book for symmetric KM making good progress.

7. Reviewed & discussed revisions to the Threat Green Book.

8. Joint meeting with SM&C to discuss security test use cases, their authentication design, and key management.

SEA Area MID-TERM REPORTSUMMARY TECHNICAL STATUS

1. Security WG

Goal:

Working Status: Active _X_ Idle ____

Summary progress: documents actively being produced: Glossary, Key Management BB, Algorithms (BB & YB). All docs green.

Progress since last meeting: architecture RIDS done, algorithm RIDS rcvd, glossary in secretariat queue. Other books progressing.

Problems and Issues: Resources – Excellent right now but need to ensure continued participation from all member agencies

status: OK CAUTION PROBLEM

Comment: Working Group is advancing and producing good

products.

Docs OK.

Near-Term ScheduleDeliverable Milestone Date

Charter Update • Update for restructure 06/12

Algorithm Blue Book • Revise wrt RIDs 07/12

Key Management Blue Book

• Continue drafting next revision 10/12

Network Layer Profile

• Outline of document 10/12

Threat Document Revision

• Determine revised format 09/12

Information Security Glossary

• Awaiting CESG review & then RID disposition

12/12

Algorithm Green Book

• Revise 11/12

Near-Term Schedule (cont)

Common Criteria Protection Profiles

Future TBD

Application Layer Security

Future TBD

SW Defined Radio Security

Future TBD

Physical Layer Security (Channel Coding)

Future TBD

Open Issues

Deciding what/how to revise Threat Green Book.

Action ItemsItem Number Action Item: Assigned to: Date Due:

SecWG0412:1 • Update charter Howard Weiss 06/30/12

SecWG0412:2 • Final revisions of Security Architecture & resubmit for 2nd review

Gordon Black 07/15/12

SecWG0412:3 • Update Algorithm Blue Book wrt RIDS Howard Weiss 07/31/12

SecWG0412:4 • Contact Marcus Rueckert to clarify his Algorithm document RID #18

Howard Weiss 05/15/12

SecWG0412:5 • Provide SM&C with security use cases and comments/RIDs for future revisions of SM&C documents

Daniel Fischer 05/31/12

SecWG0412:6 • Update Yellow Book per comments from DLR

Howard Weiss 06/15/12

Action Items (2)SecWG0412:7 • Provide comments on Yellow Book. Dorothea Richter 04/27/12

SecWG0412:8 • Create Threat Document revised document format. Gordon Black, Craig Biggerstaff, Howard Weiss

09/30/12

SecWG0412:9 • Investigate how role-based access in compliance with FIPS 140-2 can be used by flight crypto used.

Craig Biggerstaff 08/15/12

Resource Problems

Resources are adequate to perform the current tasks although personnel have only limited time percentage to apply to CCSDS tasks.

Risk Management Update

Must ensure that the current trend of additional resources remains and that resources don’t shrink.

ASI has not attended for several meetings.

Cross Area WG / BOF Issues

Joint meeting with Space Data Link Security WG Joint meeting with Spacecraft Monitoring & Control

Resolutions to be Sent to CESG and Then to CMC

None

New Working Items, New BOFs, etc.

Network layer security Threat document revision Physical layer security (channel coding for security (based on

Shannon codes)) Security for software defined radios Continue to discuss security additions for SLE and SM&C