Add to collection(s) Add to saved
  1. Business
  2. Management

HSARPA Cyber Security Program Review

advertisement 
Dept. of Homeland Security Science & Technology Directorate
Innovation Partnerhsip Models
with the Finance Sector
NCDI Workshop
BITS, Washington, DC
October 29, 2009
Douglas Maughan, Ph.D.
Branch Chief / Program Mgr.
douglas.maughan@dhs.gov
202-254-6145 / 202-360-3170
10/29/2009
1
Science and Technology (S&T) Mission
Conduct, stimulate,
and enable research,
development, test,
evaluation and
timely transition of
homeland security
capabilities to federal,
state and local
operational end-users.
10/29/2009
2
Examples of Partnership Models








LOGIIC – Linking Oil and Gas Industry to Improve
Cybersecurity
PPISC-ES – Payment Processing Information Sharing Council
– Enhance Security Working Group
DECIDE – Distributed Exercises
TCIP – Trustworthy Cyber Infrastructure for Power
S2ERC – Security and Software Engineering Research Center
I3P – Institute for Information Infrastructure Protection
SIF – System Integrator Forum
ITSEF – IT Security Entrepreneur Forum
10/29/2009
3
History




ChevronTexaco approached DHS in March 2004
about possible opportunities to secure O&G cyber
infrastructure
Ensuing discussions determined that this should be
done sector-wide
Convened workshop in July 2004 in Washington, DC
Outcome of meeting was to determine if it was
possible for government and industry to work
together to (a) establish a SCADA testbed and (b)
determine a working model for future research and
development activities.
10/29/2009
4
History (cont’d)

Industry partners agreed on technical project focus
 April


2005
Project officially started July 1, 2005
Invited technology providers to show capabilities
 Aug-Sept


2005
Industry selected winning candidates
Project presented to O&G industry - Sept. 11, 2006
 Captured
in LOGIIC DVD
10/29/2009
5
Partnership

Project LOGIIC is a model for
government-industry technology
integration and demonstration efforts to
address critical R&D needs

Industry contributes




Requirements and operational expertise
Project management
Product vendor channels
DHS S&T contributes




National Security Perspective on threats
Access to long term security research
Independent researchers with technical expertise
Testing facilities
10/29/2009
6
Overview
Opportunity: Reduce vulnerabilities
of oil & gas process control
environments by correlating and
analyzing abnormal events to identify
and prevent cyber security threats
 Approach:
 Identify new types of security
sensors for process control
networks
 Adapt a best-of-breed correlation
engine to this environment
 Integrate in testbed and
demonstrate
 Transfer technology to industry

External
Events
Attack
Indications
and
Warnings
LOGIIC
Correlation
Engine
Business
Network
Process
Control
Network
10/29/2009
7
Project Execution
Technology Integration Model (TIM)
Integration
Definition
Phase
Req’s
Specification
Oil & Gas
Members
id1
id3
Value Req’s
id5 Inputid6
Prop
Pu
b
id7 lish
id8
Vendors
Integration
Execution
Phase
Evaluation
ie2
Standards
Activity
Certification
Initiated
by
Vendor
Submissions
Cyber
Security
SMEs
Cyber
Security
SMEs
id2
Tech. Inventory &
Small Business Insertion id4
Tech. Inventory &
Vendor List
RFP
Threat
Analysis
Req’s Doc
C
G II
LO date
p
U
LOGIIC
ie1
Project
Team
Certification
Technology
ie3
Selection
sa1
Certified
Products
Vendor / Lab
Integration
ie4
Integration
Validation
Phase
Solution
Identification
Phase
Standards
LOGIIC Member
Solution
Implementation
Technology
Demonstration
ie5
Open Source
Documents
sa2
iv1
Not a LOGIIC
Activity
si1
si2
si3
10/29/2009
8
Project Execution
Technology Advancement Model (TAM)
Advancement
Req’s
ad1
Definition Oil & Gas Specification
Phase Members Tech. Inventory &
ad3
Vendor List
Definition
Doc’s
ad5
ad6
Advancement
Execution
Phase
Progress Preporting
Cyber
Security
ad4
Tech. Inventory &
SMEs
Small Business Insertion
ad7
Value Req’s
Prop Input
LOGIIC
Project
Team
Publish
Vendors
ae1
Certification
Initiated
by
Vendor
Feedback Loop
Partner
Small
Business
Threat
Analysis
ad2
C
G II
LO date
p
U
Vendor
Activity
Standards
Activity
Standards
sa1
Vendor
Development
Certification
ae2
Advancement
Validation
Phase
Vendor
Demos
Certified
Products
av1
Product
Evaluations
av3
av2
Solution
Definition
Phase
sd1
Open Source
Documents sd2
Not a LOGIIC
Activity
10/29/2009
9
LOGIIC Consortium - NOW
DHS S&T
ISA Automation
Federation (AF)
CRADA
Oil & Gas Sector
DHS PCII
Participating Companies
Project #N
Project #4
Project #3
Project #2
Project #1
Labs
Vendors
Researchers
10/29/2009
10
DECIDE (Distributed Environment for Critical Infrastructure
Decision-making Exercises)


Enable enterprise decision-makers to think through responses to
operational disruptions of market-based transactions across networks Sector(s), Market(s), Institution(s)
Provide a dedicated exercise capability for several critical
infrastructures in the U.S.



Enterprises will be able to initiate their own large-scale exercises, define their
own scenarios, protect their proprietary data, and learn vital lessons to enhance
business continuity, all from their desktops
The concept has been reviewed by and developed with input from
experts at ChicagoFIRST, the Options Clearing Corporation, ABNAMRO, Eurex, Archipelago, Bank of New York, and CitiBank.
The Financial Services Sector Coordinating Council R&D Committee
has organized a user-group of subject matter experts (SMART team)
paid by their respective financial institutions to support the project over
the next three years.
10/29/2009
11
Current TCIP Scale of Effort


$1.5 M per year for 5 years
Funded by National Science Foundation


4 universities, 20 senior investigators






With additional support from Department Of Energy, Department
of Homeland Security
University of Illinois at Urbana-Champaign
Washington State University
Cornell University
Dartmouth University
35 Graduate and Undergraduate Students
Industry advisory board (35 owners, operators, vendors)
10/29/2009
12
10/29/2009
13
Questions that need Answers

What do you really want to do?








More formally organize information sharing and someone own it?
Known technology exploration and evaluation?
New R&D to support finance sector? FSSCC R&D Agenda
What do you really think the government’s role is (depends on
the answer to the first question)?
What “formal agreements” do you have and do you believe
you need others?
Are all of the “stakeholders” present? If not, do they need to
be? If they’re not, can you still succeed?
Do you plan to put money on the table to accomplish what you
want? Will everyone contribute equally?
Tons of others – anti-trust, liability, IPR, etc.
10/29/2009
14
Related documents
Reengineering Vendor Fees
Reengineering Vendor Fees
GREEN SHEET 101
GREEN SHEET 101
tennessee society of gastroenterology nurses and
tennessee society of gastroenterology nurses and
I am consultant working for company A who is Government body
I am consultant working for company A who is Government body
Multidisciplinary Senior Design
Multidisciplinary Senior Design
display
display
Multidisciplinary Senior Design
Multidisciplinary Senior Design
MM025 - UCT Administrative Forms
MM025 - UCT Administrative Forms
Download
advertisement