1 / 28

Approach to Secure IP Platforms

Approach to Secure IP Platforms. Clarence Pape March 12, 2011. Challenge. Aircraft Platforms are incredibly complex Systems and networks degrade in quality and security over time Controlled point testing does not replicate real-world scenarios No room/budget for carrying emergency SMEs

cyrah
Download Presentation

Approach to Secure IP Platforms

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Approach to Secure IP Platforms Clarence Pape March 12, 2011

  2. Challenge • Aircraft Platforms are incredibly complex • Systems and networks degrade in quality and security over time • Controlled point testing does not replicate real-world scenarios • No room/budget for carrying emergency SMEs • Shift in systems and networks to IP-based = changes in quality + security? • Agile test system that is configurable to meet high demands • Modular software approach to reduce weight and increase capabilities • Leverage expert COTS tools with mission-focused workflows • Generate actionable data in real time • Collect detailed data for SME trend analysis Solution

  3. Stuxnet WormIranian Nuclear Attack • Infected over 45,000 machines • Waited for the right conditions • Targeted highly specific electronically controlled systems • IP Addresses in Iran • Presence of key technologies that indicate the system is installed in a vulnerable power plant • Forces the industrial process to self-destruct

  4. Overview of the Solution The power of enterprise-class tools, without the cost of SMEs. • ID Optimize • Advanced Policy Engine • Leverages the power of COTS tools • Provides a customized interface that can be designed to represent the exact data necessary • Detailed logs are created for analysis and policy updates

  5. ID Optimize -> DISA Air Mobility Test Suite • ID Optimize is a COTS tool developed by ID • DISA saw the potential • Custom workflows based on agency and mission • Ability to be run by non-IT professionals • Ability to provide simple summaries for users and after-action reports • Ability to return highly granular data for trend analysis

  6. What is IDOptimize A flexible development framework that combines multiple COTS products for easy to use, integrated testing and reporting • Flexible – Integrate with COTS, GOTS or custom built systems • Modules designed for specific purposes = low training + high success rate • Modules shared across different platforms • Automation • - Reduces human error • - Increases productivity • - Run more tests and test often • - Compare results with previous test runs and platform baselines quickly • Systematic testing leads to predictable and repeatable results

  7. ANALOG MODULE

  8. Comm Testing • Comm Test Module • Collect subjective data and objective meta-data variables about tone quality andencryption success for end to end network segment mapping • Systematically generate 3-10tones at different human audible pitches • Record the generated tones 250KH • Provide actionable feedback • Benefits • Focused on the end user quality • True end-to-end system quality test, "through the demark” • Track over 50 different variables for quality control as a workflow • Plug and play • After action reports • Centralized database with full 250kHz data capture • Logistical data integration

  9. REPORTING MODULE

  10. Reporting • All information can be uploaded to central Control Centers and Reporting Engines instantly or in a batch process • The IDOptimize Test Suite Reporting Engine can also be used for mash-ups and deep dive analysis • Client-side mash-up technologies preserves user authentication through to primary databases • Reports can include local information, as well as global information

  11. Calls by GEP geo-coded and graphed by Altitude– success/failure FOUO

  12. Calls by GEP geo-coded and graphed by CCSD – success/failure FOUO

  13. Calls by GEP geo-coded and graphed by weather – success/failure FOUO

  14. SECURITY MODULE

  15. Data Scanning Data Feeds Policies Summary Reports Network Status Indicator

  16. Data Scanning

  17. Data Feeds

  18. Policies

  19. Summary Reports

  20. Network Status Indicator

  21. IP Type Casting • Core Systems – Mission critical systems that are permanently attached to the plane for years at a time. These controls should have very tight policies. • Crew – Mission support systems that are carried on the plane for the mission. A wider variety of configurations may be acceptable here. • Guest – These systems may be of widely varying levels of civilian, commercial, or military security and may be removed from the network in cases where they can not be remediated due to lack of control/timing constraints. • Other – This is a general designation open to interpretation based on the requirements of particular work flows.

  22. Proposed Scan Policies 4 Degrees of Control Risk Level 0-3 Risk Level 3-6 FDCC Violations IAVA Violations CatI Cat II Cat III Risk Level 6-9

  23. Summary • Avoid SME Costs (IP Security, Signals Analysts, etc) • Security of IP Networks in disconnected/semi-connected state • Communication quality shift and drift over time • Systematic approach to root cause analysis • Increase use of software and virtualization • Agile solutions approach is quickly extendable to meet demands • Software Development • Acquisition • Relevant data integration • Centralized data • Mash-ups maintain security

More Related