Upload
others
View
13
Download
0
Embed Size (px)
Citation preview
Autonomous Systems Sensors Fusion
Cyber Security Guidelines
ACAMP seminar
Oct 25th, 2016
Marius Ghinescu
Topics - Focus
• Alberta Innovates Overview• Digital Economies – Autonomous Systems
– From Digital Battlefield to Digital Everything
• Sensor Fusion - Industrial Internet of Things (IIoT) – includes Operational Technology
• Cyber Security Frameworks and References• Cyber Security Guidelines Summary• BACK-UP SLIDES
– Advanced Monitoring Systems Timelines– Data Science, Machine Learning, Artificial Intelligence,– Autonomous Systems for Mobility
Alberta’s Innovation System
The Government of Alberta is consolidating existing agencies (Bio Solutions, Energy and Environment Solutions, Health Solutions and Technology Futures) into one corporation called Alberta Innovates that will fund and drive innovations. A new wholly-owned subsidiary corporation that provides specialized applied research services will also be created. Alberta Innovates offers post-secondary research support, applied research and commercialization services
650 staff $160M budget
7 locationshttp://www.albertainnovates.ca/
Digital Battlefield – Network Centric Operations
OODA Loop – ACT
Autonomous Cyber Defense Systems
• Stanley - the self-driving car that won the 2005 DARPA Grand Challenge
• 2013 - DARPA Launches Competition to Create Autonomous Cyber Defense Systems
• “The Cyber Grand Challenge featured never-before-seen autonomous systems and highly trained experts, many of whom compete regularly on a global “Capture the Flag” tournament circuit. In the end, CGC validated the concept of automated cyber defense,bridging the gap between the best security software and cutting-edge program analysis research.”
• References: http://www.defense.gov/News/Article/Article/907045/darpa-autonomous-bug-hunting-bots-will-lead-to-improved-cybersecurity
DARPA Director Arati Prabhakar speaks during the award ceremony after the world’s first all-machine hacking tournament Aug. 4, 2016, in Las Vegas. Seven teams competed in the capture-the-flag event and three of them won cash prizes. DoD photo by Cheryl Pellerin
The winning computer system, dubbed Mayhem, was created by a team known as ForAllSecure
Hype
https://www.iiconsortium.org/IISF.htm Systems engineering primer
Guideline 1 – System Requirements and Use Cases
Digital OilField Graphical Illustration (to be added)
10
Source: Digital Oilfield Outlook Report, Opportunities &Challenges for Digital Oilfield Transformation, JWN Energy/GE/Accenture Oct. 2015
Industrial Internet Security Framework*
*One of many that seems to gain adoption – defined by Industrial Internet Consortium
Should AI sponsor and provide AB based SMEs with access to some IIoT platforms?
Trade off risk assumption – Pay now or pay later; Security “smeared on” to get to market => can you survive making the news?
Example IIoT platforms (e.g. GE Predix, Accelerite, Inductive Automation, Samsung Artik)
Guideline 2: “Baked-in” versus “Bolt-on”
Assurance - IoT Security Testing and Certification Labs
The ICSA Labs Product Assurance Report found the majority of security devices fail to perform as intended*
*Validation vs Verification, Qualification, Certification
Risk Management
*https://www.ncoic.org/images/technology/whitepapers/NCOIC_Cybersecurity_Landscape_WhitePaper_v1.0.pdf
MIP Information Model
The Joint Command, Control and Consultation Information Exchange Data Model (JC3IEDM) is first and foremost an information exchange data model
@MIP Public Home https://mipsite.lsec.dnd.ca/Pages/Default.aspx
• Engage and leverage third party capabilities –time to market, standards based certifications– For example: GrammaTech Inc. (a developer of software
assurance tools and advanced cybersecurity solutions)
• Leverage modeling, simulations, training and certification capacity within AB (incl campus AB)
• Conduct Sensor Fusion Interoperability testing– Leverage Nano/Micro Centre – ACAMP plus partners
• Should Alberta Innovates provide AB SMEs with access to an interoperability lab and/or program?
Guideline 3: Solution assurance
Sensor Fusion for Autonomous Systems Cyber Security Summary
1. Elicit requirements at the system level:a) Appropriate system design trade offs and deployment scenarios
b) align to Customers/Market operational requirements
2. “Bake-in” development approach: a) Structure system development to include cyber security expertize and
timely inclusion
b) Procurement process to include cyber security reviews of components, open-source and sub-systems;
3. Solution assurance: a) Validation and Verification using sector specific cyber security frameworks
with clear Measures of Effectiveness (MoE)
Truth leads to enlightenment,which compels action
Bliss fosters naiveté,
which leads to status quo
23
Cyber Security – Reality Check