using modern system engineering methods for resilient cyber … · 2018. 3. 9. · cybersecurity...
TRANSCRIPT
![Page 1: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/1.jpg)
Slide 1
ITEA 6TH CYBERSECURITY WORKSHOP (2018)
Using Modern System Engineering
Methods for Resilient Cyber Design
& Test
Frank Alvidrez Spectrum Inc.
![Page 2: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/2.jpg)
Slide 2
BLUF
• The Threat has expanded exponentially
• Cyber-resiliency is like Aircraft Survivability− It is better to be designed in than added later− It’s a new paradigm of software, systems design & testing
• Cyber Requirements are critical for programs success
• Cyber Measures are difficult to define & test for Systems
• Enterprise Architectures & System Engineering (MBSE) are critical to cyber-resiliency design & test
![Page 3: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/3.jpg)
Slide 3
Sun Tzu and Cybersecurity
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle”
• Sun Tzu, Art of War Chapter III, Attack by Stratagem
Sun Tzu and Cyber War – Kenneth Geers NCIS
CCD COE
![Page 4: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/4.jpg)
Slide 4
Cybersecurity MindMap
![Page 5: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/5.jpg)
Slide 5
For This Presentation
• Model Used – MagicDraw 18.5
• Mac OS High Sierra V10.13.2
• Perspective – DoDAF/UAF Architect
• MBSE – SysML 18.5 SP1
• UPDM 3 (w/ Unified Architecture Framework – UAF)
• DARPA J-UCAS Initial Project Description (Public
Knowledge)
• Governance – USG Cybersecurity (Public Knowledge)
• Model Available on Request
• Mind Mapping Software – Mindjet MindManager v10.5
![Page 6: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/6.jpg)
Slide 6
Cybersecurity Domain
![Page 7: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/7.jpg)
Slide 7
Cybersecurity Domain Model
![Page 8: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/8.jpg)
Slide 8
CYBERSECURITY THREAT
DOMAIN
![Page 9: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/9.jpg)
Slide 9
Cyber Threat Types
ADVANCED
PERSISITENT THREAT
![Page 10: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/10.jpg)
Slide 10
CYBERSECURITY
GOVERNANCE DOMAIN
![Page 11: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/11.jpg)
Slide 11
Cybersecurity Domain Model
![Page 12: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/12.jpg)
Slide 12
Governance Domain
![Page 13: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/13.jpg)
Slide 13
Risk Management Framework (RMF)
Process NIST 800-37 rev. 1
Source: Guide for Applying the Risk Management
Framework to Federal Information Systems
![Page 14: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/14.jpg)
Slide 14
Security Control Assessment (RMF)
vs Cyber T&E Guidance (Review)
DoDI
5000.02
AFI 99-103
DoDI
8500.01
DoDI
8510.01
DT & OT Cyber Test
Security Control
Assessment
T&E
DOT&E
Memo,
Aug 2014
Security Control
Assessment (RMF
Efforts)
Source: AFMC Draft T&E Cyber Capability Requirements Course
![Page 15: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/15.jpg)
Slide 15
NDAA FY 2016 – Section 1647
• National Defense Acquisition Act of 2016
• Implements a number of acquisition reforms to enhance cybersecurity
• Section 1647 requires the evaluation of cyber vulnerabilities of all major DoD programs by the end of 2019
• DoD’s priority list for programs to be evaluated and reported on.
Source: DOT&E FY16 Cybersecurity
![Page 16: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/16.jpg)
Slide 16
Operational Cybersecurity Testing
Governance
• For DoD – DOT&E Guidance (Aug 2014)
• Cooperative Vulnerability & Penetration Assessment
• Adversarial Assessment
• Test & Evaluation Master Plans (TEMPS)
• Operation Test Plans
• Test Reports.
“The DOD acquisition process must deliver systems that provide
secure, resilient capabilities in expected operational environment.
Operational testing must examine system performance in the
presence of a realistic cyber threat.” - Dr. Gilmore, Director DOT&E
![Page 17: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/17.jpg)
Slide 17
CYBERSECURITY RESILIENT
DESIGN & TEST DOMAIN
![Page 18: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/18.jpg)
Slide 18
INCOSE SE – “V”
Cyber Design
![Page 19: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/19.jpg)
Slide 19
Development of a
Cybersecurity Blue Book
• Key planning document to identify the “enterprise” cybersecurity landscape (using UAF, DoDAF, Zachmann, MBSE, etc. toolsets)
• Updated and living document
• Provide background, threat, vision, operation context, and at least the following views:
− CV-1, CV-2, OV-1, OV-2, OV-3, OV-4, OV-5a, OV-5b (with swimlanes) OV-6c, SV-1, SV-2, SV-4, DIV-1, DIV-2, DIV-3 along with selected SysML products (Use Cases, Requirements Diagrams, Test Cases, etc.,)
• Use throughout the acquisition process and testing (DT & OT)
![Page 20: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/20.jpg)
Slide 20
DARPA J-UCAS Example Model
• Source: DARPA Archive J-UCAS public release
• Updated for demonstration purposes only
• Initial Requirements from DARPA “Operationalized” System
• Advanced capabilities in Autonomous Operations
• Initial Program Boeing X-45C & Northrop Grumman X-47B
• Common Operating System
• Carrier Suitable, ISR, SEAD, Penetrating, Persistent UCAV
![Page 21: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/21.jpg)
Slide 21
DARPA J-UCAS OV-1
• Dangerous Missions – Denied Airspace
• Survivable Air Vehicles
• Advanced Sensors & Weapons
• Network-Centric Architecture
• Distributed Command & Control
• Intra-operable Platforms
• Collaborative Operations
• Land or Sea Based System
• Global Operations
![Page 22: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/22.jpg)
Slide 22
J-UCAS OV-2
Cyber Areas of Concern
RF Spectrum
Cyber Test Boundaries
![Page 23: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/23.jpg)
Slide 23
Mission, Hazards and Losses – an
overview
CauseHazardsLossesMEFsMission
UAV Strike
LaunchUnsuccessful
launchUnable to connect
Information
EnrouteLoss of vehicle
Incorrect system state
Information
Unrecoverable lost link
Information
Enter Orbit No orbit entrySATCOM
denialInformation
F2T2EA
No target Rcvd
Lost Comm Information
Cannot track Loss of PNT Information
Unarmed wpn
Lost Comm
Mission is what your
system is designed to do
MEFs are the essential
actions required for
execution
Losses prevent successful
MEF from happening
Hazard is the condition that
drives the loss
You’ll build a model that
will help you determine
what information could
cause your hazards
TEST TO THAT
![Page 24: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/24.jpg)
Slide 24
Failure Mode Analysis - FMEA
![Page 25: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/25.jpg)
Slide 25
OV-5 Activity Hierarchy
Mission Planning
![Page 26: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/26.jpg)
Slide 26
Attributes of a Good Requirement
• Must be verifiable (testable)
• Must be unambiguous
• Must be traced (stakeholders) & traceable (derived from)
• Concise (no additional information is needed)
• Must be complete
− Contain all of the possible conditions
• Expressed in terms of needs vice solution (design independent)
− Address the “who” or “what’ and not “how”
• Must be consistent with other requirements
• Must be at the appropriate level of system hierarchy
![Page 27: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/27.jpg)
Slide 27
Organizing Requirements by Package
![Page 28: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/28.jpg)
Slide 28
Detailed Requirements Diagram
![Page 29: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/29.jpg)
Slide 29
Requirements Derivation Map
![Page 30: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/30.jpg)
Slide 30
Detailed Cyber-Resiliency
Requirements
![Page 31: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/31.jpg)
Slide 31
Detailed Cyber Resiliency Example
BLUE TEAM
RED TEAM
![Page 32: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/32.jpg)
Slide 32
Enterprise Cyber Team & Possible Test
Locations
Test Team – CVPA/AA Possible Test Locations
![Page 33: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/33.jpg)
Slide 33
SUMMARY
• Cybersecurity is a growth industry
− Threats are outpacing the trained workforce
− Not limited to DoD
− Threat Actors are Adapting
− Campaigns are well funded
• Cyber Resiliency needs to be designed in
• Enterprise Architectures and advanced SE techniques are critical to protecting the Enterprise
• Cyber Testing is difficult but doable.
![Page 34: Using Modern System Engineering Methods for Resilient Cyber … · 2018. 3. 9. · Cybersecurity MindMap. Slide 5 For This Presentation • Model Used –MagicDraw 18.5 ... Risk Management](https://reader036.vdocuments.us/reader036/viewer/2022071507/61277e224d61de55183a25be/html5/thumbnails/34.jpg)
Slide 34
Thank You
Thank You