1 / 5

Michael Oehler

Michael Oehler. This is Hard. We are an equal opportunity intrusion detector. Alerts occur irrespective of the mission impact. We are still incident focused We respond to today’s worm, virus, botNet And not on the (big) structured threat. This is Easy (Well, these are hard too).

cais
Download Presentation

Michael Oehler

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Michael Oehler

  2. This is Hard • We are an equal opportunity intrusion detector. • Alerts occur irrespective of the mission impact. • We are still incident focused • We respond to today’s worm, virus, botNet And not on the (big) structured threat.

  3. This is Easy (Well, these are hard too) • Extrapolate security into Real Time Systems • Absolutely necessary but not sufficient for the criticality of these systems. • Security Services (CIA, APAIN, ICAA, …) • and the Classical/corresponding security matrix • Availability and Integrity • Defense in Depth • Protect, Detect, Respond, & Restore • People, Processes, & Technology • 8 Disciplines of Information Assurance Continued…

  4. Security Domains for RT Sys • System Evaluation, accreditation, and certification • Vulnerability Assessments: • Risk = Threat  Vulnerability  Value - Counter Measures • Battle Damage Assessments • Recovery, restoration, Continuity Operations • Code Validation, Security Engineering, formal methods, security fault analysis • Physical Security for PCS and SCADA • Emanation and caustic resilience • Communications Security and secure management • Attack sensing and warning, IDS, IPS • Fault tolerance and graceful failures • Interconnectivity policies & Interdependency models !

  5. The endClassical Security Quotations • Hard and crunchy on the outside soft and chewy on the inside. • Don’t let this be the design philosophy driving your design. • Defense in Depth! • “Security is a process, not a product.” • Bruce Schneier • “There is no securitythrough obscurity.” • If I own your machine and you patch it, I still own your machine. • Corollary: A popped box patched is popped Myth: ostriches do not bury their heads in the sand!

More Related