SAE 599: Resilient, Cyber Secure Systems - PowerPoint PPT Presentation

About This Presentation
Title:

SAE 599: Resilient, Cyber Secure Systems

Description:

SAE 599: Resilient, Cyber Secure Systems & System-of-Systems University of Southern California Viterbi School of Engineering Systems Architecture & Engineering (SAE) – PowerPoint PPT presentation

Number of Views:74
Avg rating:3.0/5.0
Slides: 20
Provided by: KenCu3
Category:

less

Transcript and Presenter's Notes

Title: SAE 599: Resilient, Cyber Secure Systems


1
SAE 599Resilient, Cyber SecureSystems
System-of-Systems University of Southern
CaliforniaViterbi School of EngineeringSystems
Architecture Engineering (SAE)
  • Ken Cureton
  • November 2014
  • cureton_at_usc.edu

2
SAE 599 General Objective
  • Part of Systems Architecting Engineering (SAE)
    Series
  • ObjectiveProvide System Engineers and
    Architects with Methods and Tools for the Design
    and Analysis of Current and Future Complex
    Systems and System-of-Systems, with Emphasis on
    Cloud Computing, Cyber Security, and Resiliency.
  • Elective Course in University of Southern
    Californias Masters Program in Systems
    Architecting Engineering
  • New Class Starting in Fall 2014
  • Will be re-numbered and added to the Course
    Catalog when formally approved by the University
  • Supplants SAE 574 Net-Centric Systems
    Architecting Engineering

3
SAE 599 Detailed Learning Objectives
  • To provide students with the ability to develop
    understand requirements and apply the right
    analytical methods when architecting complex
    System-of-Systems
  • To improve the students understanding of the
    role of system architects and their relationship
    to systems engineering of complex
    System-of-Systems
  • To introduce the students to new and advanced
    topics relevant to complex System-of-Systems
    architecting and modeling
  • Emphasis on the Systems Architecting Systems
    Engineering of Cloud Computing, Cyber Security,
    and Resiliency
  • To improve the students ability to generate a
    professional-level research paper, suitable for
    presentation at a systems engineering conference
    or publication in a professional journal

4
SAE 599 Class Format
  • Semester Class, 16 Weeks, One night/week
  • 13 Weekly Lectures, 2 hours 40 minutes each
  • 2 days off (Holiday or Break, Study Days)
  • 1 Final Exam week (scheduled but not used)
  • Distance Learning Format
  • Few (if any) students in the TV Studio, majority
    of students attending remotely via Distance
    Learning
  • Class content webcasted for online/offline
    viewing
  • Webex for real-time interaction E-mail,
    Telephone, and Office Hours for backup
    interaction
  • Class content talking points and illustrations in
    PowerPoint format, hosted on Blackboard Software
    for student preview
  • Blackboard Software used for repository of class
    lecture content, assignment submission grade
    recording, andoff-line discussion Boards

5
SAE 599 Class Grading
  • One Research Paper required of each student
  • In place of a Final Exam, 2/3 of class grade
  • Papers are typically 25 single-spaced pages,
    suitably formatted for publication in a technical
    journal
  • Student materials on How to Write a Research
    Paper
  • Students are encouraged to e-mail Instructor with
    questions, outlines, drafts, etc.
  • Students choose research topic
  • Submit abstract for approval by Instructor
  • Bi-Weekly Homework
  • In place of a Mid-Term Exam, 1/3 of class grade
  • Structured analysis required for paper, homework
  • Specific analyses required in each case to
    demonstrate students ability to apply the class
    fundamentals

6
SAE 599 Lecture 1
  • Syllabus
  • Definitions Characteristics
  • Systems Architecting Systems Engineering
  • Resilient Systems
  • System-of-Systems System-of-Systems Engineering
  • Evolution of Service-Oriented Architectures(leadi
    ng up to Cloud Computing)
  • Networked System Characteristics(fixed/mobile
    networks, fixed/mobile nodes)
  • Cyber Security
  • Net-Enabled Ecosystem, Emergent Behavior
  • Complexity Theory applied to Complex Networked
    Systems (such as Cloud Computing)

7
SAE 599 Lecture 2
  • Characteristics of Cloud Computing
    Architectures(from a Systems Architecting/
    Systems Engineering Perspective)
  • Fundamentals of Service-Oriented Architectures
    (SOA)
  • Data-as-a-Service (DaaS)
  • Infrastructure-as-a-Service (IaaS)
  • Platform-as-a-Service (PaaS)
  • Software-as-a-Service (SaaS)
  • Into the Future Everything-as-a-Service?
  • Public/Private (or Hybrid) Clouds
  • Mobile (or Tactical) Clouds
  • Open/Standard Proprietary/Closed Cloud
    Interfaces

8
SAE 599 Lecture 3
  • Benefits Drawbacks of Cloud Computing
  • The Business Case
  • Reduced Cost Development Time
  • Commonality Open Applications
  • Software Development Support Environment
  • Agility to Meet Changing Environment
  • The Risks Drawbacks
  • System Complexity
  • Shared Multi-tenant Environment
  • Internet-facing Services
  • Loss of Some Control
  • Visibility of Governance Policy Adherence
  • Security Trust

9
SAE 599 Lecture 4
  • Sample Application of Cloud Computing
  • Response to a Major Complex Humanitarian Disaster
  • Haiti Earthquake 12 Jan 2010, M7 Earthquake
  • Multi-National Incident Response
  • Dissimilarity of Organizations
  • Military Other Government Organizations,Non-Gov
    ernmental Organizations, Private Entities
  • Lack of Surviving Infrastructure
  • Use of Cloud-Based Services to Coordinate
    activities for
  • Search-And-Rescue, Medical Transportation,
    Logistics of Supply Pickup/Storage/Delivery,
    Peace-Keeping (e.g. looting control), Asset
    Tracking (personnel equipment locations),
    Situational Awareness (e.g. weather, road
    conditions)

10
SAE 599 Lecture 5
  • Resilient Architecture in Cloud Computing
  • BEFORE Phase I of Disruption in Cloud-Based
    Services
  • Allows Anticipation, Design Margins Corrective
    Action to be Considered in an Incident Response
    Plan for Typical Disruptions of Cloud-Based
    Services
  • DURING Phase II of Disruption in Cloud-Based
    Services
  • How the System Survives the Impact of Disruptions
  • Implement Incident Response Plan, Ranging from
    Fail-Operational Down to Manual Methods
  • AFTER Phase III of Disruption in Cloud-Based
    Services
  • How the System Recovers from Disruptions
  • Incident Analysis and Resolution
  • Incident Response Plan Optimization
  • Note that a disruption may be Accidental or
    Deliberate

11
SAE 599 Lecture 6
  • Cyber Security for Cloud Computing (Part
    I)Assuring Availability Fault Tolerance
  • Fundamentals of Fault Tolerance for
    ResiliencyAssured Operation, Inadvertent
    Operation, Intermittent Operation, Generic
    Failures, Fault Containment
  • Impacts on Reliability, Maintainability, Training
  • Typical Hardware Software Steps to Assure
  • Network Availability
  • Data Availability
  • Processing Capability
  • Advantages Disadvantages of Cross-Strapping of
    Redundant Capability

12
SAE 599 Lecture 7
  • Cyber Security for Cloud Computing (Part
    II)Assuring Integrity Trust
  • Fundamentals of Trust for Critical
    Safety-Of-Life Applications
  • Trusted System Concepts (Hardware, People,
    Processes)
  • Trusted Software Concepts Methodologies(includi
    ng Formal Methods)
  • Data Integrity (Checksums, CRC, Hash codes, etc.)
  • Data in Storage (Local in the Cloud)
  • Data in Transit
  • Data in Computation (Local in the Cloud)

13
SAE 599 Lecture 8
  • Cyber Security for Cloud Computing (Part
    III)Handling Accidental Deliberate Threats
  • Cyber Security vs. Information Assurance
    INFOSEC
  • Vulnerabilities, Threat Sources their
    Tools/Methods
  • Trusted Federated Identity Management
  • Confidentiality (PKI, Certificates, IPSEC, TLS,
    PGP)
  • Authentication of Identity (methods for Weak
    Strong)
  • Authorization Access Control
  • Non-Repudiation Audit Trails
  • Network Security Management (Enclaves, Layered
    Security)
  • Security Risk Management
  • Guidance Regarding Cyber Security of Cloud
    Computing
  • Cyber Security Standards Resource Sites

14
SAE 599 Lecture 9
  • Cyber Security for Cloud Computing (Part IV)Risk
    Management in Cloud Computing
  • Failure Modes Effects with Criticality Analysis
    (FMECA)of Complex Networked Systems
  • Risk Management Framework the Security Life
    Cycle
  • Categorize the Information Systems and the
    Information Processed, Stored, and Transmitted
  • Select an Initial Set of Baseline Security
    Controls
  • Implement the Security Controls
  • Assess the security controls using appropriate
    procedures to determine the extent to which the
    controls are implemented correctly, operating as
    intended, and producing the desired outcome
  • Authorize Information System Operation
  • Monitor and Assess Selected Security Controls
  • Recommended Process for Applying Risk Management
    in Cloud Computing

15
SAE 599 Lecture 10
  • Interoperability Challenges in Cloud
    Computing(System-of-Systems)
  • Interaction of Processes, People, Technology
  • Layers of Interoperability
  • Network Transport
  • Information Services
  • Applications, Processes, and People
  • Application Program Interfaces (APIs)
  • Multiple, Conflicting Standards
  • Cloud Provider-Specific Proprietary Interfaces
  • Cloud Brokerage
  • Methods to
  • Develop Validated Interoperability Requirements
  • Verify Compliance with Interoperability
    Requirements

16
SAE 599 Lecture 11
  • Architecture Modeling for Cloud Computing
  • Goals Objectives of Architecture Modeling
  • Why Model-Based Systems Engineering (MBSE) is a
    recommended approach for Complex Systems SoS
  • Brief Introduction to System-of-Systems Analysis
    Modeling Tools
  • Unified Modeling Language (UML)
  • System Modeling Language (SysML)
  • Enterprise Architecture Frameworks (DoDAF, etc.)
  • Model-Driven Architecture (MDA) Development
  • Use of Executable Models Visualization of
    Scenarios, Validation of Requirements,
    Verifiability of Requirements
  • Recommended Process for Applying Architecture
    Modeling in Cloud Computing

17
SAE 599 Lecture 12
  • Complexity Theory Applied to Cloud Computing
  • Characterization Of Network Types
  • Ranging from Uniform to Highly Heterogeneous
  • Characterize Structure of Networks in Terms of
    Correlation Measures
  • Heterogeneity, Randomness, Modularity
  • Mutual Information, Noise Joint Entropies
  • Network Clustering in Domain of Entropy/Noise
    Space
  • Entropy Measure of Uncertainty
  • Noise Level Measure of Assortativeness
  • Key Properties Include
  • Resilience
  • Constraints on Possible Types of Complex Networks

18
SAE 599 Lecture 13
  • Guest Lecture
  • Topics Pertinent to Systems Architecting and
    Systems Engineering of Complex System and
    System-of-Systems
  • Cloud Computing, Cyber Security, and Resiliency
  • Ranging from Practical Experience to
    State-of-the-Art
  • Emphasis on Tools, Methods, Lessons-Learned

19
SAE 599 Summary
  • Students Exposed to a Broad Range of Cloud
    Computing Architecture Fundamentals
    Implementation Details
  • Students Required to Demonstrate (for their
    chosen topic)
  • Cloud Computing Architecture Characteristics
  • Expected Benefits Drawbacks of the Architecture
  • Resiliency Before, During, and After Disruption
    of Service
  • Assured Availability/Fault Tolerance of the
    Architecture
  • Assured Integrity Trust of the Architecture
  • Handling of Accidental Deliberate Threats
  • Risk Management Assessment of the Architecture
  • Interoperability Characteristics of the
    Architecture
  • Architecture Model
  • Complexity Theory Assessment of the Architecture
  • Objective Train Systems Architects Systems
    Engineers in the application of methods and tools
    for the design and analysis of current and future
    complex systems and system-of-systems, with
    emphasis on Cloud Computing, Cyber Security, and
    Resiliency
Write a Comment
User Comments (0)
About PowerShow.com