Upload File

society of american military engineers a new way of ......society of american military engineers a...

  • Home
  • Documents
  • Society of American Military Engineers A New Way of ......Society of American Military Engineers A New Way of Thinking: Consequence-driven, Adversary -tolerant Lifecycle Engineering
27
Society of American Military Engineers A New Way of Thinking: Consequence- driven, Adversary-tolerant Lifecycle Engineering Arlington, Texas 2 February 2018 Daniel J. Ragsdale, Ph.D. Director, Texas A&M Cybersecurity Center Professor of Practice, Computer Science and Engineering

Upload: others

Post on 16-Feb-2021

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • Society of American Military Engineers

    A New Way of Thinking: Consequence-driven, Adversary-tolerant Lifecycle

    Engineering

    Arlington, Texas 2 February 2018

    Daniel J. Ragsdale, Ph.D. Director, Texas A&M Cybersecurity Center

    Professor of Practice, Computer Science and Engineering

  • Texas A&M Cybersecurity Center (TAMC2) Mission:

    Make outsized contributions to social good by: – Producing highly skilled cyber leader-scholars

    – Facilitating the conduct of ground-breaking, basic

    and applied cybersecurity research – Developing novel and innovative methods for

    cybersecurity education and work force development

    – Building mutually beneficial partnerships with

    commercial, governmental, and academic partners

  • Inquiring Minds...

    • Are we increasingly dependent on cyber systems?

    • Are we disproportionately dependent on cyber systems

    • Are we losing ground?

    • Why?

  • Fill in the Blank...

    • ______ Infrastructure • ______ Cites • ______ Roads • ______ Bridges • ______ Power Plants • ______ Cars • ______ Homes • ______ Thermostats • ______ Crock Pots • ______ Engineers

    https://gcn.com/~/media/GIG/GCN/Redesign/Articles/2017/January/smartinfrastructure.png

    https://gcn.com/%7E/media/GIG/GCN/Redesign/Articles/2017/January/smartinfrastructure.pnghttps://gcn.com/%7E/media/GIG/GCN/Redesign/Articles/2017/January/smartinfrastructure.png

  • Obligatory Einstein Quote

    http://www.stridentconservative.com/wp-content/uploads/2016/11/Albert-Einstein-Insanity.jpg

    http://www.stridentconservative.com/wp-content/uploads/2016/11/Albert-Einstein-Insanity.jpghttp://www.stridentconservative.com/wp-content/uploads/2016/11/Albert-Einstein-Insanity.jpghttp://www.stridentconservative.com/wp-content/uploads/2016/11/Albert-Einstein-Insanity.jpg

  • Obligatory Lincoln Quote

    https://dragonscanbebeaten.files.wordpress.com/2015/11/the-problem-with-quotes-on-the-internet.jpg

    https://dragonscanbebeaten.files.wordpress.com/2015/11/the-problem-with-quotes-on-the-internet.jpghttps://dragonscanbebeaten.files.wordpress.com/2015/11/the-problem-with-quotes-on-the-internet.jpg

  • What we've been reading…

    • "Unless we start to think more creatively, more inclusively, and have cross-functional thinking ...we’re going to stay with a very old-fashioned [security] model ..."

    • "[We don't] have the luxury of banking on probabilities...even a minor attack ... could further erode public confidence."

    "Hacking Nuclear Systems Is The Ultimate Cyber Threat. Are We Prepared" ~The Verge, 23 Jan 2018

    https://www.theverge.com/2018/1/23/16920062/hacking-nuclear-systems-cyberattackhttps://www.theverge.com/2018/1/23/16920062/hacking-nuclear-systems-cyberattack

  • What we've been reading…

    • "A San Francisco-based cybersecurity expert claims he has hacked and taken control of hundreds of highly automated rooms at a five-star Shenzhen hotel"

    • "I'm an ethical hacker... explaining why he didn't immediately plunge the entire hotel into darkness or switch every television to the same channel."

    "Hacker takes control of hundreds of rooms in hi-tech 5-star Shenzhen hotel" ~South China Morning Post, 29 July 2014

    http://www.scmp.com/news/china/article/1561458/hacker-takes-control-hundreds-rooms-hi-tech-shenzhen-hotelhttp://www.scmp.com/news/china/article/1561458/hacker-takes-control-hundreds-rooms-hi-tech-shenzhen-hotel

  • Definition System Lifecycle

    Includes all phases of system to include:

    – System conception – Design – Development – Production – Operation – Maintenance and support – Retirement – Phase-out and disposal [1]

    [1] Blanchard and Fabric Systems Engineering and Analysis, Fourth Edition. Prentice Hall. 2006, p. 19.

  • Warning: Whiplash Alert!

    https://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpg

    https://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpghttps://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpghttps://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpghttps://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpghttps://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpghttps://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpg

  • Commander/Staff Actions During an "Operation's Lifecycle"

    • Planning and Execution

    • Risk Management – During Planning:

    • MDMP - "Operation Design" – COA Development / Analysis Selection – War gaming

    – During Execution:

    • Continuously monitoring and ongoing assessment of red and blue activities

    • They manage risk, in part, by continuously listening to... ...the voice of the adversary!

  • Definition: Risk

    • "The anticipated [and quantifiable] loss or damage to an asset associated an event"

    Risk Components?

    • P(Event)

    • Impact(Event)

  • Risk Strategies • Accept

    • Avoid

    • Transfer

    • Mitigate

    – Reduce

    • probability (likelihood) and/or

    • consequence (impact)

    https://www.google.com/search?biw=1707&bih=844&tbs=isz

    https://www.google.com/search?biw=1707&bih=844&tbs=isz:l&tbm=isch&sa=1&ei=ZZl0Wsb-F-SMtgWAr5mIDw&q=strategy&oq=strategy&gs_l=psy-ab.3..0l10.3588.7157.0.7978.10.8.1.1.1.0.263.887.2j2j2.6.0....0...1c.1.64.psy-ab..2.8.901...0i67k1j0i10k1.0.4221ALJRqlM%23imgrc=kmb6rPqM4ARzQM:https://www.google.com/search?biw=1707&bih=844&tbs=isz:l&tbm=isch&sa=1&ei=ZZl0Wsb-F-SMtgWAr5mIDw&q=strategy&oq=strategy&gs_l=psy-ab.3..0l10.3588.7157.0.7978.10.8.1.1.1.0.263.887.2j2j2.6.0....0...1c.1.64.psy-ab..2.8.901...0i67k1j0i10k1.0.4221ALJRqlM%23imgrc=kmb6rPqM4ARzQM:

  • Cyber Risk

    "The anticipated quantitative loss or damage to an asset associated with a specific cyber threat event(s)"

    https://www.cybersecurity-insiders.com/wp-content/uploads/2017/12/CYBER-RISK-custom-general-1.jpg

    https://www.cybersecurity-insiders.com/wp-content/uploads/2017/12/CYBER-RISK-custom-general-1.jpghttps://www.cybersecurity-insiders.com/wp-content/uploads/2017/12/CYBER-RISK-custom-general-1.jpghttps://www.cybersecurity-insiders.com/wp-content/uploads/2017/12/CYBER-RISK-custom-general-1.jpg

  • Risk Associated with a Cyber Threat Event (CTE)

    • A Function of: – P(CTE) – Consequence(CTE)

    • Mitigate a cyber risk?

    – Reduce the probability (likelihood) AND/OR – Reduce the impact (consequence)

    https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784

    https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784https://image.slidesharecdn.com/g33-150517065629-lva1-app6891/95/how-to-improve-your-risk-assessments-with-attackercentric-threat-modeling-16-638.jpg?cb=1511644784

  • Warning: Whiplash Alert!

    https://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpg

    https://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpghttps://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpghttps://cdn1.medicalnewstoday.com/content/images/articles/174/174605/whiplash-anatomy-diagram.jpg

  • Risk Associated with a Cyber Threat Event (CTE)

    Risk(CTE) = P(CTE) * Consequence(CTE)

    • Consequence(CTE) is influence by: – Plan/Design – Operational Decisions

    • I.e., an "operation's

    lifecycle"

    • P(CTE) is a function of – P(The vulnerabilities

    associated with a CTE are present)

    – P(Threat has the capability and intentionality to cause a CTE)

    – P (Threat has access to the vulnerabilities that are associated with a CTE)

  • Risk Perspectives

    Consequences Vulnerabilities Accessibility

    Capability and Intentionality

    Threats Assets

    Inward Looking Outward Looking Inward and Outward Looking

  • How does these cyber risk considerations relate to design?

  • Why Do Systems Fail? • Bad design!

    • What contributes to

    bad design? – Invalid assumptions – Lack of knowledge – Sole focus on

    functionality • In cyberspace, failure to

    understand and adequately consider vulnerabilities, threats, and consequences

    https://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpg

    https://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpghttps://static.seattletimes.com/wp-content/uploads/2015/11/eedc84cc-84e0-11e5-b53b-a576789c5b7f-780x605.jpg

  • Elements of Design

    Fundamental elements of the design process:

    – Establishment of objectives and criteria

    • Assumptions • Constraints

    – Synthesis – Analysis – Construction – Testing and evaluation

    [ABET]

    http://www2.mae.ufl.edu/designlab/Lab%20Assignments/EML2322L-Design%20Process.pdf

  • The Root Cause of the Cybersecurity Problem...

    • The most serious of all invalid design assumptions and famous last words:

    – "No one would ever..." – "That can't happen..."

  • So how can we do better?

  • Tolerance for Failures

    • Fault Tolerance: – The ability to continue to function

    correctly in the presence of component failures caused by random events

    • Adversary Tolerance: – The ability to continue to function

    correctly in the presence of component failures caused by [purposeful and ongoing] adversary activities

  • Continuous Cyber Consequence Analysis

    • Identify set of negative consequences

    • Determine the adversary actions that could produce the consequence – Requires knowledge of adversary cyber

    tactics, techniques, and procedures (TTPs) • Aka Kill chain, plays, etc.

  • Consequence-driven Adversary Tolerant Life Cycle Design

    • Focus on consequences

    • Always include an adversarial perspective – "Voice of the Threat"

    • Conduct continuous formal and Informal "War gaming"

    • Analyze EVERY lifecycle decision, in all phases, to

    determine the degree to which the decision influences risk

    • More broadly, perform continuous risk assessment throughout a system lifecycle taking into account: – Consequences – Threats – Accessibility – Vulnerabilities

  • Questions?

    ���Society of American Military Engineers��A New Way of Thinking: Consequence-driven, Adversary-tolerant Lifecycle Engineering � �Arlington, Texas�2 February 2018��� �Texas A&M Cybersecurity Center (TAMC2) Mission: Inquiring Minds...Fill in the Blank...Obligatory Einstein QuoteObligatory Lincoln QuoteWhat we've been reading…What we've been reading…Definition System Lifecycle Warning: Whiplash Alert!Commander/Staff Actions During an "Operation's Lifecycle"Definition: Risk Risk StrategiesCyber Risk Risk Associated with a Cyber Threat Event(CTE)Warning: Whiplash Alert!Risk Associated with a Cyber Threat Event(CTE)Risk Perspectives Slide Number 19Why Do Systems Fail?Elements of DesignThe Root Cause of the Cybersecurity Problem...Slide Number 23Tolerance for Failures Continuous Cyber Consequence AnalysisConsequence-driven Adversary Tolerant Life Cycle DesignSlide Number 27


CALIFORNIA’S HIGH-SPEED RAIL SYSTEM Society of American Military Engineers S.A.M.E. May 26, 2011

August 9, 2006 Society of American Military Engineers San Diego Post 8 July 2009 Society of American Military Engineers San Diego Post 8 July 2009

Society of American Military Engineers Small …samehr.com/images/meeting/040616/mci_east_2016_same_sb_conf_brief...Society of American Military Engineers Small Business Conference

BUILDING STRONG ® 1 US Army Corps of Engineers BUILDING STRONG ® Society of American Military Engineers Kentuckiana Post Industry Day Jacque Gee Deputy

PRESENTATION FOR SOCIETY OF MILITARY ENGINEERS FEDERAL BUSINESS DEVELOPMENT ALAN FREEMAN

Engineering - British Military Engineers

Society of American Military Engineers San Antonio Post, Industry Day Dezso Linbrunner Environmental Remediation Branch U.S. Army Corps of Engineers Omaha

Society of American Military Engineers (SAME) Luncheonsamedcpost.org/docs/Department_of_Energy_Luncheon.pdf · Society of American Military Engineers (SAME) Luncheon John Hale III

Society of American Military Engineers

The Society of American Military Engineers (SAME) The ...sites.nationalacademies.org/cs/groups/depssite/documents/webpag… · The Society of American Military Engineers (SAME) The

Society of American Military Engineers 8 AUGUST 2013

The Society of American Military Engineers - The Society

CHSRA SMALL AND DISADVANTAGED BUSINESS ENTERPRISE PROGRAM Society of American Military Engineers (SAME) Thursday, November 8, 2012

Society of American Military Engineers United States Marine Corps Engineering and Construction Camp Camp LeJeune, NC

Society of American Military Engineers (SAME)

U.S. Army Corps of Engineers Omaha District · Society of American Military Engineers U.S. Army Corps of Engineers Omaha District . October 2011 . US Army Corps of Engineers . BUILDING

Kansas City District Society of American Military Engineers (SAME) Fort Leonard Wood Chapter Fort Leonard Wood Chapter US Army Corps of Engineers, Kansas

Doing Business with U. S. Army Corps of Engineers ... · Owned Business Association, Society of American Military Engineers, etc., Establish teaming agreements, partnerships, mentor

Society of American Military Engineers October 2010 … · Society of American Military Engineers October 2010 Meeting. Society of American Military Engineers ... airplane and into

Society of American Military Engineers (SAME) 28 April 2011 Lance K. Toyofuku

Doing Business with DLA The Society of Military Engineers Fort Belvoir, Virginia

Nuclear Power Update for The Society of American Military Engineers

Construction Management Today and Tomorrow Rock Island Post The Society of American Military Engineers 13 December 2007

Society of American Military Engineers Orange County

Society of American Military Engineers 2014 Award …s3.goeshow.com/same/jetc/2015/Images/Awards_MedalRecipients.pdfSociety of American Military Engineers. 2014 . Award and Medal Recipients

The Society of American Military Engineers Atlanta …sameatlantapost.org/wp-content/uploads/2012/06/Newsletter-12-06R1.pdfThe Society of American Military Engineers Atlanta Post BULLETIN

Joint Training and Education Day (JTED) Tampa Bay Post, Society of American Military Engineers Jacksonville District, US Army Corps of Engineers July 23,

2014 Okinawa Field Chapter, Society of American Military Engineers (SAME) 11/18/20151

2014 Japan Post, Society of American Military Engineers (SAME) 7/3/20151

Society Of American Military Engineers 2009 03 18

1 Sustainability at U.S. Military Facilities Society of American Military Engineers, Savannah Post 13 December 2010

2013 Okinawa Field Chapter, Society of American Military Engineers (SAME)

2014 Japan Post, Society of American Military Engineers (SAME) 9/21/20151

SPRING 2007 - history.navy.mil Reading... · 32 Seabee receives Society of American Military Engineers (SAME) Military Recognition Award 32 NMCb 4 wins Physical Readiness Excellence

2014 Japan Post, Society of American Military Engineers (SAME) 5/18/20151