SAE 599:
Resilient, Cyber Secure
Systems & System-of-Systems
University of Southern California
Viterbi School of Engineering
Systems Architecture & Engineering (SAE)
Ken Cureton
November 2014
cureton@usc.edu
SAE 599 General Objective
• Part of Systems Architecting & Engineering (SAE) Series
– Objective:
“Provide System Engineers and Architects with Methods
and Tools for the Design and Analysis of Current and
Future Complex Systems and System-of-Systems, with
Emphasis on Cloud Computing, Cyber Security, and
Resiliency.”
– Elective Course in University of Southern California’s
Masters Program in Systems Architecting & Engineering
– New Class Starting in Fall 2014
• Will be re-numbered and added to the Course Catalog
when formally approved by the University
– Supplants SAE 574: Net-Centric Systems Architecting &
Engineering
October 2014
SAE_599_Summary.ppt
Page 2
SAE 599 Detailed Learning Objectives
•
To provide students with the ability to develop & understand
requirements and apply the right analytical methods when
architecting complex System-of-Systems
•
To improve the students’ understanding of the role of system
architects and their relationship to systems engineering of
complex System-of-Systems
•
To introduce the students to new and advanced topics relevant to
complex System-of-Systems architecting and modeling
– Emphasis on the Systems Architecting & Systems Engineering
of Cloud Computing, Cyber Security, and Resiliency
•
To improve the students’ ability to generate a professional-level
research paper, suitable for presentation at a systems engineering
conference or publication in a professional journal
October 2014
SAE_599_Summary.ppt
Page 3
SAE 599 Class Format
• Semester Class, 16 Weeks, One night/week
– 13 Weekly Lectures, 2 hours 40 minutes each
– 2 days off (Holiday or Break, Study Days)
– 1 Final Exam week (scheduled but not used)
• Distance Learning Format
– Few (if any) students in the TV Studio, majority of students
attending remotely via Distance Learning
– Class content webcasted for online/offline viewing
• Webex for real-time interaction; E-mail, Telephone, and
Office Hours for backup interaction
– Class content talking points and illustrations in PowerPoint
format, hosted on Blackboard Software for student preview
– Blackboard Software used for repository of class lecture
content, assignment submission & grade recording, and
off-line discussion Boards
October 2014
SAE_599_Summary.ppt
Page 4
SAE 599 Class Grading
• One Research Paper required of each student
– In place of a Final Exam, 2/3 of class grade
– Papers are typically 25 single-spaced pages, suitably
formatted for publication in a technical journal
• Student materials on “How to Write a Research Paper”
– Students are encouraged to e-mail Instructor with
questions, outlines, drafts, etc.
• Students choose research topic
– Submit abstract for approval by Instructor
• Bi-Weekly Homework
‒ In place of a Mid-Term Exam, 1/3 of class grade
• Structured analysis required for paper, homework
– Specific analyses required in each case to demonstrate
student’s ability to apply the class fundamentals
October 2014
SAE_599_Summary.ppt
Page 5
SAE 599 Lecture #1
• Syllabus
• Definitions & Characteristics
– Systems Architecting & Systems Engineering
– Resilient Systems
– System-of-Systems & System-of-Systems Engineering
– Evolution of Service-Oriented Architectures
(leading up to Cloud Computing)
– Networked System Characteristics
(fixed/mobile networks, fixed/mobile nodes)
– Cyber Security
– Net-Enabled Ecosystem, Emergent Behavior
– Complexity Theory applied to Complex Networked
Systems (such as Cloud Computing)
October 2014
SAE_599_Summary.ppt
Page 6
SAE 599 Lecture #2
• Characteristics of Cloud Computing Architectures
(from a Systems Architecting/ Systems Engineering Perspective)
– Fundamentals of Service-Oriented Architectures (SOA)
– Data-as-a-Service (DaaS)
– Infrastructure-as-a-Service (IaaS)
– Platform-as-a-Service (PaaS)
– Software-as-a-Service (SaaS)
– Into the Future: Everything-as-a-Service?
– Public/Private (or Hybrid) Clouds
– Mobile (or Tactical) Clouds
– Open/Standard & Proprietary/Closed Cloud Interfaces
October 2014
SAE_599_Summary.ppt
Page 7
SAE 599 Lecture #3
• Benefits & Drawbacks of Cloud Computing
– The Business Case:
• Reduced Cost & Development Time
• Commonality & Open Applications
• Software Development Support Environment
• Agility to Meet Changing Environment
– The Risks & Drawbacks:
• System Complexity
• Shared Multi-tenant Environment
• Internet-facing Services
• Loss of Some Control
• Visibility of Governance & Policy Adherence
• Security & Trust
October 2014
SAE_599_Summary.ppt
Page 8
SAE 599 Lecture #4
• Sample Application of Cloud Computing
– Response to a Major Complex Humanitarian Disaster
• Haiti Earthquake: 12 Jan 2010, M7 Earthquake
– Multi-National Incident Response
– Dissimilarity of Organizations
• Military & Other Government Organizations,
Non-Governmental Organizations, Private Entities
– Lack of Surviving Infrastructure
– Use of Cloud-Based Services to Coordinate activities for:
• Search-And-Rescue, Medical Transportation, Logistics
of Supply Pickup/Storage/Delivery, Peace-Keeping
(e.g. looting control), Asset Tracking (personnel &
equipment locations), Situational Awareness (e.g.
weather, road conditions)
October 2014
SAE_599_Summary.ppt
Page 9
SAE 599 Lecture #5
• Resilient Architecture in Cloud Computing
– BEFORE: Phase I of Disruption in Cloud-Based Services
• Allows Anticipation, Design Margins & Corrective
Action to be Considered in an Incident Response Plan
for Typical Disruptions of Cloud-Based Services
– DURING: Phase II of Disruption in Cloud-Based Services
• How the System Survives the Impact of Disruptions
• Implement Incident Response Plan, Ranging from
Fail-Operational Down to Manual Methods
– AFTER: Phase III of Disruption in Cloud-Based Services
• How the System Recovers from Disruptions
• Incident Analysis and Resolution
• Incident Response Plan Optimization
– Note that a “disruption” may be Accidental or Deliberate
October 2014
SAE_599_Summary.ppt
Page 10
SAE 599 Lecture #6
• Cyber Security for Cloud Computing (Part I)
Assuring Availability: Fault Tolerance
– Fundamentals of Fault Tolerance for Resiliency:
Assured Operation, Inadvertent Operation, Intermittent
Operation, Generic Failures, Fault Containment
– Impacts on Reliability, Maintainability, Training
– Typical Hardware & Software Steps to Assure:
• Network Availability
• Data Availability
• Processing Capability
– Advantages & Disadvantages of Cross-Strapping of
Redundant Capability
October 2014
SAE_599_Summary.ppt
Page 11
SAE 599 Lecture #7
• Cyber Security for Cloud Computing (Part II)
Assuring Integrity & Trust
– Fundamentals of Trust for Critical & Safety-Of-Life
Applications
– Trusted System Concepts (Hardware, People, Processes)
– Trusted Software Concepts & Methodologies
(including Formal Methods)
– Data Integrity (Checksums, CRC, Hash codes, etc.)
• Data in Storage (Local & in the Cloud)
• Data in Transit
• Data in Computation (Local & in the Cloud)
October 2014
SAE_599_Summary.ppt
Page 12
SAE 599 Lecture #8
• Cyber Security for Cloud Computing (Part III)
Handling Accidental & Deliberate Threats
–
–
–
–
–
–
–
–
–
–
–
Cyber Security vs. Information Assurance & INFOSEC
Vulnerabilities, Threat Sources & their Tools/Methods
Trusted Federated Identity Management
Confidentiality (PKI, Certificates, IPSEC, TLS, PGP)
Authentication of Identity (methods for Weak & Strong)
Authorization & Access Control
Non-Repudiation & Audit Trails
Network Security Management (Enclaves, Layered Security)
Security Risk Management
Guidance Regarding Cyber Security of Cloud Computing
Cyber Security Standards & Resource Sites
October 2014
SAE_599_Summary.ppt
Page 13
SAE 599 Lecture #9
• Cyber Security for Cloud Computing (Part IV)
Risk Management in Cloud Computing
– Failure Modes & Effects with Criticality Analysis (FMECA)
of Complex Networked Systems
– Risk Management Framework & the Security Life Cycle
1) Categorize the Information Systems and the
Information Processed, Stored, and Transmitted
2) Select an Initial Set of Baseline Security Controls
3) Implement the Security Controls
4) Assess the security controls using appropriate
procedures to determine the extent to which the
controls are implemented correctly, operating as
intended, and producing the desired outcome
5) Authorize Information System Operation
6) Monitor and Assess Selected Security Controls
– Recommended Process for Applying Risk Management in
Cloud Computing
October 2014
SAE_599_Summary.ppt
Page 14
SAE 599 Lecture #10
• Interoperability Challenges in Cloud Computing
(System-of-Systems)
– Interaction of Processes, People, & Technology
– Layers of Interoperability
• Network Transport
• Information Services
• Applications, Processes, and People
– Application Program Interfaces (APIs)
• Multiple, Conflicting Standards
• Cloud Provider-Specific Proprietary Interfaces
• Cloud Brokerage
– Methods to:
• Develop Validated Interoperability Requirements
• Verify Compliance with Interoperability Requirements
October 2014
SAE_599_Summary.ppt
Page 15
SAE 599 Lecture #11
• Architecture Modeling for Cloud Computing
– Goals & Objectives of Architecture Modeling
• Why Model-Based Systems Engineering (MBSE) is a
recommended approach for Complex Systems & SoS
– Brief Introduction to System-of-Systems Analysis &
Modeling Tools:
• Unified Modeling Language (UML)
• System Modeling Language (SysML)
• Enterprise Architecture Frameworks (DoDAF, etc.)
• Model-Driven Architecture (MDA) & Development
• Use of Executable Models: Visualization of Scenarios,
Validation of Requirements, Verifiability of
Requirements
– Recommended Process for Applying Architecture
Modeling in Cloud Computing
October 2014
SAE_599_Summary.ppt
Page 16
SAE 599 Lecture #12
• Complexity Theory Applied to Cloud Computing
– Characterization Of Network Types
• Ranging from Uniform to Highly Heterogeneous
– Characterize Structure of Networks in Terms of
Correlation Measures:
• Heterogeneity, Randomness, Modularity
• Mutual Information, Noise & Joint Entropies
– Network Clustering in Domain of Entropy/Noise Space
• Entropy: Measure of Uncertainty
• Noise Level: Measure of Assortativeness
– Key Properties Include:
• Resilience
• Constraints on Possible Types of Complex Networks
October 2014
SAE_599_Summary.ppt
Page 17
SAE 599 Lecture #13
• Guest Lecture
– Topics Pertinent to Systems Architecting and Systems
Engineering of Complex System and System-of-Systems
• Cloud Computing, Cyber Security, and Resiliency
– Ranging from Practical Experience to State-of-the-Art
– Emphasis on Tools, Methods, Lessons-Learned
October 2014
SAE_599_Summary.ppt
Page 18
SAE 599 Summary
• Students Exposed to a Broad Range of Cloud Computing
Architecture Fundamentals & Implementation Details
• Students Required to Demonstrate (for their chosen topic):
–
–
–
–
–
–
–
–
–
–
Cloud Computing Architecture Characteristics
Expected Benefits & Drawbacks of the Architecture
Resiliency Before, During, and After Disruption of Service
Assured Availability/Fault Tolerance of the Architecture
Assured Integrity & Trust of the Architecture
Handling of Accidental & Deliberate Threats
Risk Management Assessment of the Architecture
Interoperability Characteristics of the Architecture
Architecture Model
Complexity Theory Assessment of the Architecture
• Objective: Train Systems Architects & Systems Engineers in
the application of methods and tools for the design and
analysis of current and future complex systems and systemof-systems, with emphasis on Cloud Computing, Cyber
Security, and Resiliency
October 2014
SAE_599_Summary.ppt
Page 19