170 likes | 297 Views
Security WG: Report of the Fall 2013 Meeting. Southwest Research Institute ( SwRI ) San Antonio, TX 31 October, 2013 Howard Weiss NASA/JPL/PARSONS howard.weiss@parsons.com +1-443-430-8089 skype : hsweiss. Meeting Agenda. 28 October 2013 08:30 – 09:30 : CCSDS Plenary
E N D
Security WG:Report of the Fall 2013 Meeting Southwest Research Institute (SwRI)San Antonio, TX 31 October, 2013 Howard Weiss NASA/JPL/PARSONS howard.weiss@parsons.com +1-443-430-8089 skype: hsweiss
Meeting Agenda • 28 October 2013 • 08:30 – 09:30: CCSDS Plenary • 09:30 – 12:30: Systems Engineering Area (SEA) Plenary • 13:30 – 17:00: Security WG • Welcome, introductions, logistics, agenda review • Review results of Spring 2013 (Bordeaux) meeting • Status of documents, action items • Charter review • Key Management Blue Book (Fischer/Aguilar-Sanchez) • KM for SDLS extended procedures • ESA Secure Software Development
Meeting Agenda (cont) • 29 October 2013 (08:30 – 17:00) • Network Layer Security 1st Draft Review (Weiss) • Network layer security over non-IP (Weiss) • Testing (Sheehe) • Threat book re-write (Black/Weiss/Biggerstaff) • Link Layer Security Update (Biggerstaff/Weiss/Aguilar-Sanchez) • AERO algorithm (Weiss) • Other areas of discussion • Proposed new areas of work • 30 October 2013 • 08:30-17:00: Space Data Link Security WG • 31 October 2013 • 08:30-12:30: Space Data Link Security WG • 13:30-17:00: SEA Wrap-up Plenary
Executive Summary • Attendees from UK Space Agency, ESA/ESTEC, ESA/ESOC, DLR, CNES, NASA/JSC, NASA/GRC, and NASA/JPL. Due to sequestration budget issues NASA Goddard representative was unable to travel. • No charter or framework changes were required. • Reviewed action items from Bordeaux. Carrying several forward and all others were completed. • Reviewed draft of 1st revision of Threat GB. Comments & discussions will be folded into 2nd revision. • Reviewed 1st draft of Network Layer Security adaption profile. Section 2 needs to be re-written per comments. NASA/GRC will perform testing and will write the Yellow Book. CNES may also perform testing. • Provided an overview of the AERO (Authenticated Encryption with Replay prOtection) algorithm that might be useful in the future. • ESA did had no updates regarding Key Management but did discuss their effort in developing policies on secure software development. • SDLS: discussed Red-3, extended procedures, and GB.
Summary of Goals and Deliverables • KM Blue/Magenta Book for symmetric KM is progressing. • Reviewed Threat Green Book revisions. • Reviewed network layer security “adaptation” profile draft. Investigate how IPsec could be used over non-IP protocols. NASA/GRC to write Yellow Book and perform testing. CNES may also perform testing. • Reviewed AERO algorithm for possible future use. • Reviewed SDLS progress in SecWG • Discussed ESA secure software standards. • Discussed SDLS progress.
SEA Area MID-TERM REPORT SUMMARY TECHNICAL STATUS • Security WG • Goal: • Working Status: Active _X_ Idle ____ • Summary progress: documents actively being produced: Key Management BB, Threat GB revision, Network Layer BB. All docs green. • Progress since last meeting: threat GB 1st rev, network layer security 1st draft. • Problems and Issues: Resources – Loss of NASA resources (GSFC) is an issue.
Open Issues • None
Resource Problems • Resources had been adequate to perform the current tasks although personnel have only limited time percentage to apply to CCSDS tasks. Recent loss of NASA personnel will hurt unless they can be restored to attend meetings.
Risk Management Update • Must ensure that the current trend of additional resources remains and that resources don’t shrink.
Cross Area WG / BOF Issues • Joint meeting with Space Data Link Security WG • Continued interaction with DTN and Spacecraft Monitoring & Control although no joint meeting in San Antonio.