1 / 12

Visual Analytics in Support of Secure Cyber-Physical Systems

Visual Analytics in Support of Secure Cyber-Physical Systems. David Dittrich PARVAC / VACCINE http://parvac.washington.edu/ University of Washington. DHS Workshop on Future Directions in Cyber-Physical Systems Security, July 22-24, 2009. Overview. VACCINE Basic Issues in Securing CPS

knox-browning
Download Presentation

Visual Analytics in Support of Secure Cyber-Physical Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Visual Analytics in Support of Secure Cyber-Physical Systems David Dittrich PARVAC / VACCINEhttp://parvac.washington.edu/University of Washington DHS Workshop on Future Directions in Cyber-Physical Systems Security, July 22-24, 2009

  2. Overview • VACCINE • Basic Issues in Securing CPS • Viewing CPS in Multiple Dimensions • Holistic View of Security of CPS

  3. Collaborative Decision-making and Communication for Crisis Management Maintenance Situational Awareness Risk Assessment/Mitigation Preparedness Capacity to meet new demand level Losses due to downtime Capacity (Sector N) Disruption Time  Recovery Response

  4. Collaborative Decision-making and Communication for Crisis Management • Multiple agencies • Multiple missions • Multiple jurisdictions • Multiple business processes • Multiple systems • Multiple terminologies • Multiple cultures It is difficult to fully understand the processes that this community employs to enhance regional safety and security, but mapping and analyzing these processes is a prerequisite to improving them.

  5. Themes in CPS security (NERC) • CPS devices originally designed for isolated environments • Insufficient separation from other systems • Insufficient monitoring of access and use • Need for better coordination, education/training, and workforce enhancement Do we build systems simply to function, or with the understanding they will be attacked?

  6. HMI Display Example

  7. Border Monitoring and Sensing

  8. Levels of Networks • Physical (ethernet, WiFi, Bluetooth, etc.) • Logical (Windows Domain, LAN, shared accounts) • Political (individual, department, school/company, collaborative federation)All connections involve trust, which an attacker (“insider” or remote) can exploit.

  9. Attacking Trust Relationships

  10. A new way of thinking about CPS security • Secure overlay network for isolation and trusted foundation • Integrated access control, command and control hardening, and monitoring • Visualization and analytics for improved oversight • Integrated Ops, SecOps, R&D, and E&TStrategic Framework

  11. Dynamic Preparedness System (DPS) & Information Framework Dashboard (IFD)

  12. Contact David DittrichAffiliate Researcher Affiliate Principal ScientistPARVAC / VACCINE Applied Physics Laboratorydittrich(at)u.washington.eduhttp://staff.washington.edu/dittrich/

More Related