Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ken Cureton November 2014 cureton@usc.edu SAE 599: Resilient, Cyber Secure Systems & System-of-Systems University of Southern California Viterbi School.

Published byMervin Hart Modified over 8 years ago

Similar presentations

Presentation on theme: "Ken Cureton November 2014 cureton@usc.edu SAE 599: Resilient, Cyber Secure Systems & System-of-Systems University of Southern California Viterbi School."— Presentation transcript:

1 Ken Cureton November 2014 cureton@usc.edu
SAE 599: Resilient, Cyber Secure Systems & System-of-Systems University of Southern California Viterbi School of Engineering Systems Architecture & Engineering (SAE) Ken Cureton November 2014

2 SAE 599 General Objective Part of Systems Architecting & Engineering (SAE) Series Objective: “Provide System Engineers and Architects with Methods and Tools for the Design and Analysis of Current and Future Complex Systems and System-of-Systems, with Emphasis on Cloud Computing, Cyber Security, and Resiliency.” Elective Course in University of Southern California’s Masters Program in Systems Architecting & Engineering New Class Starting in Fall 2014 Will be re-numbered and added to the Course Catalog when formally approved by the University Supplants SAE 574: Net-Centric Systems Architecting & Engineering October 2014 SAE_599_Summary.ppt

3 SAE 599 Detailed Learning Objectives
To provide students with the ability to develop & understand requirements and apply the right analytical methods when architecting complex System-of-Systems To improve the students’ understanding of the role of system architects and their relationship to systems engineering of complex System-of-Systems To introduce the students to new and advanced topics relevant to complex System-of-Systems architecting and modeling Emphasis on the Systems Architecting & Systems Engineering of Cloud Computing, Cyber Security, and Resiliency To improve the students’ ability to generate a professional-level research paper, suitable for presentation at a systems engineering conference or publication in a professional journal October 2014 SAE_599_Summary.ppt

4 SAE 599 Class Format Semester Class, 16 Weeks, One night/week
13 Weekly Lectures, 2 hours 40 minutes each 2 days off (Holiday or Break, Study Days) 1 Final Exam week (scheduled but not used) Distance Learning Format Few (if any) students in the TV Studio, majority of students attending remotely via Distance Learning Class content webcasted for online/offline viewing Webex for real-time interaction; , Telephone, and Office Hours for backup interaction Class content talking points and illustrations in PowerPoint format, hosted on Blackboard Software for student preview Blackboard Software used for repository of class lecture content, assignment submission & grade recording, and off-line discussion Boards October 2014 SAE_599_Summary.ppt

5 SAE 599 Class Grading One Research Paper required of each student
In place of a Final Exam, 2/3 of class grade Papers are typically 25 single-spaced pages, suitably formatted for publication in a technical journal Student materials on “How to Write a Research Paper” Students are encouraged to Instructor with questions, outlines, drafts, etc. Students choose research topic Submit abstract for approval by Instructor Bi-Weekly Homework In place of a Mid-Term Exam, 1/3 of class grade Structured analysis required for paper, homework Specific analyses required in each case to demonstrate student’s ability to apply the class fundamentals October 2014 SAE_599_Summary.ppt

6 SAE 599 Lecture #1 Syllabus Definitions & Characteristics
Systems Architecting & Systems Engineering Resilient Systems System-of-Systems & System-of-Systems Engineering Evolution of Service-Oriented Architectures (leading up to Cloud Computing) Networked System Characteristics (fixed/mobile networks, fixed/mobile nodes) Cyber Security Net-Enabled Ecosystem, Emergent Behavior Complexity Theory applied to Complex Networked Systems (such as Cloud Computing) October 2014 SAE_599_Summary.ppt

7 SAE 599 Lecture #2 Characteristics of Cloud Computing Architectures (from a Systems Architecting/ Systems Engineering Perspective) Fundamentals of Service-Oriented Architectures (SOA) Data-as-a-Service (DaaS) Infrastructure-as-a-Service (IaaS) Platform-as-a-Service (PaaS) Software-as-a-Service (SaaS) Into the Future: Everything-as-a-Service? Public/Private (or Hybrid) Clouds Mobile (or Tactical) Clouds Open/Standard & Proprietary/Closed Cloud Interfaces October 2014 SAE_599_Summary.ppt

8 SAE 599 Lecture #3 Benefits & Drawbacks of Cloud Computing
The Business Case: Reduced Cost & Development Time Commonality & Open Applications Software Development Support Environment Agility to Meet Changing Environment The Risks & Drawbacks: System Complexity Shared Multi-tenant Environment Internet-facing Services Loss of Some Control Visibility of Governance & Policy Adherence Security & Trust October 2014 SAE_599_Summary.ppt

9 SAE 599 Lecture #4 Sample Application of Cloud Computing
Response to a Major Complex Humanitarian Disaster Haiti Earthquake: 12 Jan 2010, M7 Earthquake Multi-National Incident Response Dissimilarity of Organizations Military & Other Government Organizations, Non-Governmental Organizations, Private Entities Lack of Surviving Infrastructure Use of Cloud-Based Services to Coordinate activities for: Search-And-Rescue, Medical Transportation, Logistics of Supply Pickup/Storage/Delivery, Peace-Keeping (e.g. looting control), Asset Tracking (personnel & equipment locations), Situational Awareness (e.g. weather, road conditions) October 2014 SAE_599_Summary.ppt

10 SAE 599 Lecture #5 Resilient Architecture in Cloud Computing
BEFORE: Phase I of Disruption in Cloud-Based Services Allows Anticipation, Design Margins & Corrective Action to be Considered in an Incident Response Plan for Typical Disruptions of Cloud-Based Services DURING: Phase II of Disruption in Cloud-Based Services How the System Survives the Impact of Disruptions Implement Incident Response Plan, Ranging from Fail-Operational Down to Manual Methods AFTER: Phase III of Disruption in Cloud-Based Services How the System Recovers from Disruptions Incident Analysis and Resolution Incident Response Plan Optimization Note that a “disruption” may be Accidental or Deliberate October 2014 SAE_599_Summary.ppt

11 SAE 599 Lecture #6 Cyber Security for Cloud Computing (Part I) Assuring Availability: Fault Tolerance Fundamentals of Fault Tolerance for Resiliency: Assured Operation, Inadvertent Operation, Intermittent Operation, Generic Failures, Fault Containment Impacts on Reliability, Maintainability, Training Typical Hardware & Software Steps to Assure: Network Availability Data Availability Processing Capability Advantages & Disadvantages of Cross-Strapping of Redundant Capability October 2014 SAE_599_Summary.ppt

12 SAE 599 Lecture #7 Cyber Security for Cloud Computing (Part II) Assuring Integrity & Trust Fundamentals of Trust for Critical & Safety-Of-Life Applications Trusted System Concepts (Hardware, People, Processes) Trusted Software Concepts & Methodologies (including Formal Methods) Data Integrity (Checksums, CRC, Hash codes, etc.) Data in Storage (Local & in the Cloud) Data in Transit Data in Computation (Local & in the Cloud) October 2014 SAE_599_Summary.ppt

13 SAE 599 Lecture #8 Cyber Security for Cloud Computing (Part III) Handling Accidental & Deliberate Threats Cyber Security vs. Information Assurance & INFOSEC Vulnerabilities, Threat Sources & their Tools/Methods Trusted Federated Identity Management Confidentiality (PKI, Certificates, IPSEC, TLS, PGP) Authentication of Identity (methods for Weak & Strong) Authorization & Access Control Non-Repudiation & Audit Trails Network Security Management (Enclaves, Layered Security) Security Risk Management Guidance Regarding Cyber Security of Cloud Computing Cyber Security Standards & Resource Sites October 2014 SAE_599_Summary.ppt

14 SAE 599 Lecture #9 Cyber Security for Cloud Computing (Part IV) Risk Management in Cloud Computing Failure Modes & Effects with Criticality Analysis (FMECA) of Complex Networked Systems Risk Management Framework & the Security Life Cycle Categorize the Information Systems and the Information Processed, Stored, and Transmitted Select an Initial Set of Baseline Security Controls Implement the Security Controls Assess the security controls using appropriate procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome Authorize Information System Operation Monitor and Assess Selected Security Controls Recommended Process for Applying Risk Management in Cloud Computing October 2014 SAE_599_Summary.ppt

15 SAE 599 Lecture #10 Interoperability Challenges in Cloud Computing (System-of-Systems) Interaction of Processes, People, & Technology Layers of Interoperability Network Transport Information Services Applications, Processes, and People Application Program Interfaces (APIs) Multiple, Conflicting Standards Cloud Provider-Specific Proprietary Interfaces Cloud Brokerage Methods to: Develop Validated Interoperability Requirements Verify Compliance with Interoperability Requirements October 2014 SAE_599_Summary.ppt

16 SAE 599 Lecture #11 Architecture Modeling for Cloud Computing
Goals & Objectives of Architecture Modeling Why Model-Based Systems Engineering (MBSE) is a recommended approach for Complex Systems & SoS Brief Introduction to System-of-Systems Analysis & Modeling Tools: Unified Modeling Language (UML) System Modeling Language (SysML) Enterprise Architecture Frameworks (DoDAF, etc.) Model-Driven Architecture (MDA) & Development Use of Executable Models: Visualization of Scenarios, Validation of Requirements, Verifiability of Requirements Recommended Process for Applying Architecture Modeling in Cloud Computing October 2014 SAE_599_Summary.ppt

17 SAE 599 Lecture #12 Complexity Theory Applied to Cloud Computing
Characterization Of Network Types Ranging from Uniform to Highly Heterogeneous Characterize Structure of Networks in Terms of Correlation Measures: Heterogeneity, Randomness, Modularity Mutual Information, Noise & Joint Entropies Network Clustering in Domain of Entropy/Noise Space Entropy: Measure of Uncertainty Noise Level: Measure of Assortativeness Key Properties Include: Resilience Constraints on Possible Types of Complex Networks October 2014 SAE_599_Summary.ppt

18 SAE 599 Lecture #13 Guest Lecture
Topics Pertinent to Systems Architecting and Systems Engineering of Complex System and System-of-Systems Cloud Computing, Cyber Security, and Resiliency Ranging from Practical Experience to State-of-the-Art Emphasis on Tools, Methods, Lessons-Learned October 2014 SAE_599_Summary.ppt

19 SAE 599 Summary Students Exposed to a Broad Range of Cloud Computing Architecture Fundamentals & Implementation Details Students Required to Demonstrate (for their chosen topic): Cloud Computing Architecture Characteristics Expected Benefits & Drawbacks of the Architecture Resiliency Before, During, and After Disruption of Service Assured Availability/Fault Tolerance of the Architecture Assured Integrity & Trust of the Architecture Handling of Accidental & Deliberate Threats Risk Management Assessment of the Architecture Interoperability Characteristics of the Architecture Architecture Model Complexity Theory Assessment of the Architecture Objective: Train Systems Architects & Systems Engineers in the application of methods and tools for the design and analysis of current and future complex systems and system-of-systems, with emphasis on Cloud Computing, Cyber Security, and Resiliency October 2014 SAE_599_Summary.ppt

Download ppt "Ken Cureton November 2014 cureton@usc.edu SAE 599: Resilient, Cyber Secure Systems & System-of-Systems University of Southern California Viterbi School."

Similar presentations

Radiopharmaceutical Production

Radiopharmaceutical Production
Unit 1: Introductions and Course Overview Administrative Information  Daily schedule  Restroom locations  Breaks and lunch  Emergency exit routes 

Unit 1: Introductions and Course Overview Administrative Information  Daily schedule  Restroom locations  Breaks and lunch  Emergency exit routes 
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,

Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Security Controls – What Works

Security Controls – What Works
Hardware/Software Integration in System-of-Systems Architecting: The Role of Systems Modeling University of Southern California Viterbi School of Engineering.

Hardware/Software Integration in System-of-Systems Architecting: The Role of Systems Modeling University of Southern California Viterbi School of Engineering.
SE curriculum in CC2001 made by IEEE and ACM: Overview and Ideas for Our Work Katerina Zdravkova Institute of Informatics

SE curriculum in CC2001 made by IEEE and ACM: Overview and Ideas for Our Work Katerina Zdravkova Institute of Informatics
General information CSE 230 : Introduction to Software Engineering

General information CSE 230 : Introduction to Software Engineering
1 CS 425 / CS 625 Software Engineering Fall 2007 Course Syllabus August 27, 2007.

1 CS 425 / CS 625 Software Engineering Fall 2007 Course Syllabus August 27, 2007.
IS 421 Information Systems Management James Nowotarski 16 September 2002.

IS 421 Information Systems Management James Nowotarski 16 September 2002.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
CSE 322: Software Reliability Engineering Topics covered: Course outline and schedule Introduction, Motivation and Basic Concepts.

CSE 322: Software Reliability Engineering Topics covered: Course outline and schedule Introduction, Motivation and Basic Concepts.
CpE 419 / SysEng 419 Network-Centric Systems Architecting and Engineering Dr. Cihan Dagli and Dr. Ann Miller Course Overview 23 August 2005.

CpE 419 / SysEng 419 Network-Centric Systems Architecting and Engineering Dr. Cihan Dagli and Dr. Ann Miller Course Overview 23 August 2005.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Information Technology Service Management

Information Technology Service Management

Similar presentations

Ads by Google