software, security, and resiliency spin london · 11/17/2011 · 9 software, security, and...

© 2011 Carnegie Mellon University

Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Jay Douglass November 17, 2011

Software, Security, and Resiliency

SPIN London

2


Jay Douglass, November 17, 2011

© 20111Carnegie Mellon University

Overview

Complexity, Software and Process

Security and risk

Resiliency and continuity

The Smart Grid

Summary

3




Software and Complexity

4




Complex Systems

What I’m going to talk about today:

• How complex systems are woven tightly into our everyday lives

• How failing to understand them, their risks, and their management challenges poses a 21st-century hazard

5




The Rise of Complexity

• Scale

• Interconnectedness

• Autonomy

• Time criticality

• Security

• Safety

• Regulation

6




An Interconnected Society

The Internet, 1969

The Internet, Today

7




Autonomous Systems

8




Human System Interaction

9




Complex Systems at the SEI

The SEI is at the nexus of systems and complexity:

• We study them side-by-side

• For 25 years, we’ve been helping engineers design and manage software systems

• It’s our job to “ring the bell” on the importance of managing complexity

We also appreciate risk and the importance of managing it

• Continuous risk management

• Mosaic suite of risk management tools

• Multi-view models

• Mission Success in Complex Environments

10




Software is Everywhere

11




Software is Important

Manufacturing Finance

Space Engineering

12




Software is Increasingly Complex

13




Software Connects Us

14




Software is Becoming More Personal

15




How to Handle Complexity

Models

Process

Architecture

Risk assessment

Resiliency

Evolution

People

16




Security and Risk

17




Poor Coding = Vulnerabilities (1)

Reacting to vulnerabilities in

existing systems is not working

18




Vulnerabilities (2)

19




Secure Coding Roadmap

20




CERT Secure Coding Standards

Establish coding guidelines for commonly used programming languages that can be used to improve the security of software systems under development

Based on documented standard language versions as defined by official or de facto standards organizations

Secure coding standards are completed or under development for:

• C programming language

• C++ programming language

• Java Platform

21




Quality attributes include

• performance

• availability

• interoperability

• modifiability

• evolvability

• usability

• security

• etc.

•Address security in a particular application

•Are often ignored in the requirements elicitation process

•Incur high costs when incorporated later

•Must be addressed early -SQUARE.

Security as a Quality Attribute

22




Insider Threat Issues (1)

Who is a “malicious insider?”

A current or former employee, contractor, or other business partner who

• has or had authorized access to an organization’s network, system or data and

• intentionally exceeded or misused that access in a manner that

• negatively affected the confidentiality, integrity, or availability of the organization’s information or information systems.

23




What are the threats?

• Insider IT sabotage

• Insider theft of intellectual property (IP)

• Insider fraud

Insider Threat Issues (2)

24




CERT’s Insider Threat Center Objective

25




Malware: Big and Getting Bigger

Malware ( some facts and figures)

• Software that runs without user’s consent/ knowledge, typically to conduct illicit and criminal activities.

• Malware includes viruses, Trojan horses, rootkits, backdoors, spyware, and adware.

• Malware can steal identities, take control of computers, send spam; also, harvest information, steal credentials

Recent Pandalabs Analysis of Malware, Viruses in Circulation

26




Cyber Crime

Some criminals are being caught:

2007

• Max Butler, 35, of San Francisco (AKA Max Vision, AKA Iceman) was indicted by a federal grand jury in Pittsburgh on three counts of wire fraud and two counts of transferring stolen identify information. www.theregister.co.uk

2008

• The 27-count indictment … charges Maksym Yastremskiy of Kharkov, Ukraine, and Aleksandr Suvorov from Estonia with conspiracy to commit wire fraud, wire fraud, aggravated identity theft, and conspiracy to commit computer fraud …. Authorities say the alleged hackers obtained more than 52 million customer credit card numbers. www.newsfeedresearcher.com

2009

• Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal more than 130 million credit and debit card numbers …. www.newsfeedresearcher.com

http://www.theregister.co.uk/

http://www.newsfeedresearcher.com/

http://www.newsfeedresearcher.com/

27




Resiliency and Continuity

28




Key Principles of Resiliency (1)

Resilience is the ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation.

• security “built in”

• failure scenarios understood, planned for

• redundancy is provided for in key areas

• capability remains available under adverse conditions

At SEI, both organizational and software:

• Resilience Maturity Model (RMM)

• Security Quality Requirements Engineering (SQUARE)

• Current blog series topic (http://blog.sei.cmu.edu/)

resilience

29




Organizationally:

• develop deploy institutionalize

• tools techniques methods and training

… that advance organizational capabilities for

governing and managing operational resiliency

and risk for critical assets (such as information

and infrastructure) and services

Key Principles of Resiliency (2)

30




Continuity

A key aim of resiliency (and managing operational risk)

Business Functions:

• Developing and executing continuity plans, recovery plans, and restoration plans

IT Function:

• Developing, implementing, and managing processes to deliver IT services and manage IT infrastructures

31




Resiliency Maturity Model (1)

What is CERT-RMM?

CERT-RMM is a maturity model for managing and improving operational resilience.

• Guides implementation and management of operational resilience activities

• Converges key operational risk management activities: security, business continuity/disaster recovery, and IT operations

• Defines maturity through capability levels (like CMMI)

• Improves confidence in how an organization responds in times of operational stress

32





Imperatives for Building CERT-RMM

Increasingly complex operational environments where traditional approaches are failing

• Siloed nature of operational risk activities; a lack of convergence

• Lack of common language or taxonomy

• Overreliance on technical approaches

• Lack of means to measure managerial competency

• Inability to confidently predict outcomes, behaviors, and performance under times of stress

33





26 Process Areas in 4 Categories

34




A major power grid transformation is underway

How can utilities

• Develop effective roadmaps?

• Track progress?

• Understand their posture in comparison to peers?

The Smart Grid Maturity Model was developed by utilities to address these concerns

34

35




The Smart Grid Maturity Model is

35

A management tool

that provides a

common language and framework

for defining key elements of

smart grid transformation

and helping utilities develop a

programmatic approach

and track their progress

36




SEI’s Role as Steward of the SGMM

Provide governance working with multiple stakeholders

Enable widespread availability, adoption, and use of the model for the benefit of the community

Evolve the model based on stakeholder needs, market developments, user feedback, and interactions with domain experts

Develop transition mechanisms—education, training, awareness, research collaboration— to support the model

Grow the SGMM community of users worldwide

36

37




5

4

3

2

1

0

SGMM at a glance

SMR Strategy,

Management, &

Regulatory

OS Organization &

Structure

GO Grid Operations

WAM Work & Asset

Management

TECH Technology

CUST Customer

VCI Value Chain

Integration

SE Societal &

Environmental

8 Domains: Logical groupings of smart grid related characteristics

6 Maturity Levels: Defined sets of characteristics and outcomes

175 Characteristics: Features you would expect to see at each stage of the smart grid journey

37

38




Smart Grid Maturity Model – levels

PIONEERING

OPTIMIZING

INTEGRATING

ENABLING

INITIATING

DEFAULT

Breaking new ground; industry-leading innovation

Optimizing smart grid to benefit entire organization; may

reach beyond organization; increased automation

Investing based on clear strategy, implementing first

projects to enable smart grid (may be compartmentalized)

Taking the first steps, exploring options, conducting

experiments, developing smart grid vision

Default level (status quo)

Integrating smart grid deployments across the

organization, realizing measurably improved performance

38

39




Smart Grid Maturity Model – domains

Strategy, Mgmt & Regulatory

SM

R

Vision, planning, governance,

stakeholder collaboration

Organization and Structure

OS

Culture, structure, training,

communications, knowledge mgmt

Grid Operations

GO

Reliability, efficiency, security,

safety, observability, control

Work & Asset Management

WA

M

Asset monitoring, tracking &

maintenance, mobile workforce

Technology

TE

CH

IT architecture, standards,

infrastructure, integration, tools

Customer

CU

ST

Pricing, customer participation &

experience, advanced services

Value Chain Integration

VC

I Demand & supply management,

leveraging market opportunities

Societal & Environmental

SE

Responsibility, sustainability,

critical infrastructure, efficiency

39

40




Model Fully described in the Model

Definition document

Compass

Survey

Questionnaire-based assessment

yields maturity ratings and

comparisons

Navigation

Process

Expert-led workshops to complete

Compass and use results to

develop consensus aspirations

Training Overview Seminar and

SGMM Navigator Course

Partner

Program

License organizations and certify

individuals to deliver Navigation

process

V 1.2 Product Suite

40

41




Summary

Complexity increasing

Software at the heart of systems

Several ways to handle complexity

Security, resiliency increasingly critical

42




Contact Information Slide Format

Jay Douglass

SEI Europe

Telephone: +1 412-268-6834

Email: [email protected]

U.S. Mail

Software Engineering Institute

Customer Relations

4500 Fifth Avenue

Pittsburgh, PA 15213-2612

USA

Web

www.sei.cmu.edu

www.sei.cmu.edu/contact.cfm

Customer Relations

Email: [email protected]

Telephone: +1 412-268-5800

SEI Phone: +1 412-268-5800

SEI Fax: +1 412-268-6257

43




NO WARRANTY

THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.

Use of any trademarks in this presentation is not intended in any way to infringe on the rights of the trademark holder.

This Presentation may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at [email protected].

This work was created in the performance of Federal Government Contract Number FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. The Government of the United States has a royalty-free government-purpose license to use, duplicate, or disclose the work, in whole or in part and in any manner, and to have or permit others to do so, for government purposes pursuant to the copyright license under the clause at 252.227-7013.

mailto:[email protected]

software, security, and resiliency spin london · 11/17/2011 · 9 software, security, and...

Documents