Upload
fergal
View
17
Download
0
Embed Size (px)
DESCRIPTION
Dept. of Homeland Security Science & Technology Directorate. Innovation Partnerhsip Models with the Finance Sector. NCDI Workshop BITS, Washington, DC October 29, 2009. Douglas Maughan, Ph.D. Branch Chief / Program Mgr. [email protected] 202-254-6145 / 202-360-3170. - PowerPoint PPT Presentation
Citation preview
10/29/2009 1
Innovation Partnerhsip Models with the Finance Sector
Dept. of Homeland Security Science & Technology Directorate
Douglas Maughan, Ph.D.
Branch Chief / Program Mgr.
202-254-6145 / 202-360-3170
NCDI WorkshopBITS, Washington, DCOctober 29, 2009
10/29/2009 2
Science and Technology (S&T) Mission
Conduct, stimulate, and enable research, development, test, evaluation and timely transition of homeland security capabilities to federal, state and local operational end-users.
10/29/2009 3
Examples of Partnership Models LOGIIC – Linking Oil and Gas Industry to Improve
Cybersecurity PPISC-ES – Payment Processing Information Sharing Council
– Enhance Security Working Group DECIDE – Distributed Exercises TCIP – Trustworthy Cyber Infrastructure for Power S2ERC – Security and Software Engineering Research Center I3P – Institute for Information Infrastructure Protection
SIF – System Integrator Forum ITSEF – IT Security Entrepreneur Forum
10/29/2009 4
History ChevronTexaco approached DHS in March 2004
about possible opportunities to secure O&G cyber infrastructure
Ensuing discussions determined that this should be done sector-wide
Convened workshop in July 2004 in Washington, DC Outcome of meeting was to determine if it was
possible for government and industry to work together to (a) establish a SCADA testbed and (b) determine a working model for future research and development activities.
10/29/2009 5
History (cont’d)
Industry partners agreed on technical project focus April 2005
Project officially started July 1, 2005 Invited technology providers to show capabilities
Aug-Sept 2005
Industry selected winning candidates Project presented to O&G industry - Sept. 11, 2006
Captured in LOGIIC DVD
10/29/2009 6
Partnership Project LOGIIC is a model for
government-industry technology integration and demonstration efforts to address critical R&D needs
Industry contributes Requirements and operational expertise Project management Product vendor channels
DHS S&T contributes National Security Perspective on threats Access to long term security research Independent researchers with technical expertise Testing facilities
10/29/2009 7
OverviewOpportunity: Reduce vulnerabilities
of oil & gas process control environments by correlating and analyzing abnormal events to identify and prevent cyber security threats
Approach: Identify new types of security
sensors for process control networks
Adapt a best-of-breed correlation engine to this environment
Integrate in testbed and demonstrate
Transfer technology to industry
BusinessNetwork
ProcessControlNetwork
LOGIICCorrelationEngine
ExternalEvents
AttackIndicationsandWarnings
10/29/2009 8
Project Execution Technology Integration Model (TIM)
IntegrationExecution
Phase
IntegrationValidation
Phase
SolutionIdentificatio
nPhase
IntegrationDefinition
Phase
Req’s DocTech. Inventory &
Vendor List
Req’s Specification
ThreatAnalysis Cyber
Security SMEs
Oil & GasMembers Tech. Inventory &
Small Business Insertion
Standards Activity
Not a LOGIIC Activity
Vendors
ValueProp
Req’sInput
Certification
Standards
CertifiedProducts
RFP
Submissions
Evaluation
Cyber Security SMEs
LOGIICProjectTeam
Technology Demonstration
Vendor / Lab Integration
CertificationInitiated
byVendor
Technology Selection
Open Source Documents
Solution Implementation
LOGIIC Member
id1 id2
id3
id4
id5 id6id7
id8
ie1
ie2
ie3
ie4
ie5
iv1si1
si2
si3
sa1
sa2
10/29/2009 9
Project Execution Technology Advancement Model (TAM)
Advancement
ExecutionPhase
Advancement
ValidationPhase
SolutionDefinition
Phase
DefinitionDoc’s
Tech. Inventory & Vendor List
Req’s Specification
ThreatAnalysis Cyber
Security SMEs
Oil & GasMembers Tech. Inventory &
Small Business Insertion
LOGIICProjectTeam
Vendor Activity
VendorDevelopment
Standards Activity
Not a LOGIIC Activity
Vendors
Req’sInput
Publish
SmallBusiness
Partner
Certification
Standards
CertifiedProducts
Progress Preporting
Feedback Loop
ValueProp
Product Evaluations
Open Source Documents
VendorDemos
LOGIIC
Update
CertificationInitiated
byVendor
ad1 ad2
ad3
ad4
ad5 ad6 ad7
av1
av2
av3
sd1
sd2
sa1
ae1
ae2
Advancement
DefinitionPhase
10/29/2009 10
LOGIIC Consortium - NOW
CRADA
Oil & Gas SectorParticipating Companies
Pro
ject #
1
Pro
ject #
2
Pro
ject #
3
Pro
ject #
4
Pro
ject #
N
Researchers
Vendors
Labs
Com
petitive
DHS S&TISA Automation Federation (AF)
DHS PCII
10/29/2009 11
DECIDE (Distributed Environment for Critical Infrastructure Decision-making Exercises) Enable enterprise decision-makers to think through responses to
operational disruptions of market-based transactions across networks - Sector(s), Market(s), Institution(s)
Provide a dedicated exercise capability for several critical infrastructures in the U.S. Enterprises will be able to initiate their own large-scale exercises, define their
own scenarios, protect their proprietary data, and learn vital lessons to enhance business continuity, all from their desktops
The concept has been reviewed by and developed with input from experts at ChicagoFIRST, the Options Clearing Corporation, ABN-AMRO, Eurex, Archipelago, Bank of New York, and CitiBank.
The Financial Services Sector Coordinating Council R&D Committee has organized a user-group of subject matter experts (SMART team) paid by their respective financial institutions to support the project over the next three years.
10/29/2009 12
Current TCIP Scale of Effort $1.5 M per year for 5 years Funded by National Science Foundation
With additional support from Department Of Energy, Department of Homeland Security
4 universities, 20 senior investigators University of Illinois at Urbana-Champaign Washington State University Cornell University Dartmouth University
35 Graduate and Undergraduate Students Industry advisory board (35 owners, operators, vendors)
10/29/2009 13
10/29/2009 14
Questions that need Answers What do you really want to do?
More formally organize information sharing and someone own it? Known technology exploration and evaluation? New R&D to support finance sector? FSSCC R&D Agenda
What do you really think the government’s role is (depends on the answer to the first question)?
What “formal agreements” do you have and do you believe you need others?
Are all of the “stakeholders” present? If not, do they need to be? If they’re not, can you still succeed?
Do you plan to put money on the table to accomplish what you want? Will everyone contribute equally?
Tons of others – anti-trust, liability, IPR, etc.