Presentation is loading. Please wait.

Presentation is loading. Please wait.

Slide 1 Science meets cybersecurity Trustworthy Computational Science Von Welch Director, CACR Indiana University 2015 Campus Cyberinfrastructure PI Workshop.

Published byEvelyn Elliott Modified over 8 years ago

Similar presentations

Presentation on theme: "Slide 1 Science meets cybersecurity Trustworthy Computational Science Von Welch Director, CACR Indiana University 2015 Campus Cyberinfrastructure PI Workshop."— Presentation transcript:

1 Slide 1 Science meets cybersecurity Trustworthy Computational Science Von Welch Director, CACR Indiana University 2015 Campus Cyberinfrastructure PI Workshop September 29 th, 2015

2 Slide 2 Interdisciplinary, holistic, risk-based approach to cybersecurity. Bridge cybersecurity research and practice. Externally facing, with projects funded by NSF, DOE, DHS, …

3 Slide 3 TrustedCI.org Advance the NSF community’s understanding and implementation of cybersecurity for science. Three-year project funded by NSF ACI. 3

4 Slide 4 My talk: Cybersecurity and Science The rise of scientific computing. Cybersecurity as risk management. What are the risks to science? What can science teach cybersecurity? Putting it all together. How put this into practice?

5 Slide 5 The “Good Old Days” Scientists were employees or students, physically co-located. Image credit: Wikipedia Image credit: Lester Welch

6 Slide 6 Then remote access… Scientists start being remote from the computers. But still affiliated with computing centers. Image credit: All About Apple Museum Creative Commons Attribution-Share Alike 2.5 Italy

7 Slide 7 Growth of the scientific collaboration Number of scientists, institutions, resources. Large, expensive, rare/unique instruments. Increasing amounts of data. Image credit: Ian Bird/CERN

8 Slide 8 Cybersecurity Historically Firewalls, IDS, encryption, logs, passwords, etc. Not inspirational to the science community.

9 Slide 9 Contemporary Cybersecurity Cybersecurity supports the organization’s mission by managing risks to science.

10 Slide 10 Maximizing Trustworthy Science Trustworthy Science Output No security: Untrustworthy science, Constantly hacked computers Ultimate security: Computer in safe at bottom of ocean Ideal Risk Management

11 Slide 11 What are the risks to Science? ?

12 Slide 12 Integrity of Results Integrity of data and computation are critical to maintaining the trust of scientists and the public in CI. Perception of integrity is often just as important as reality.

13 Slide 13 Do No Harm Cyberinfrastructure represents some impressive cyber-facilities. Being used as a tool to harm others would be very damaging to one’s reputation.

14 Slide 14 Collaboration is key to science. Trust is key to collaboration.

15 Slide 15 Managing the collaboration Scott Koranda/LIGO - Oct’11

16 Slide 16 Specific Concerns Many science domains, communities, and projects have particular concerns. The risks related to confidentiality, integrity, and availability vary greatly, and go by their own nomenclature.

17 Slide 17 Cyberinfrastructure Scientific Community Universities and/or Research Orgs Regional R&E and Commercial Services, InCommon R&S Regional R&E and Commercial Services, InCommon R&S Open Source and Scientific Software R&E Networks, IRNCs, Science DMZs R&E Networks, IRNCs, Science DMZs … How do we manage these Risks?

18 Slide 18 Risk Management Prevention: Firewalls, authentication, authorization, awareness, training, etc. Detection: Bro, IDS, honeypots, darknet, etc. Response: Dynamic blocking, auditing, exercise, etc. Mitigate/transfer: Isolation, insure, encrypt, etc. Accept.

19 Slide 19 Leverage services and cybersecurity Research computing, storage, networking, software, etc. And security effort going into those services. Conserve effort for science-specific challenges. Universities and/or Research Orgs Regional R&E and Commercial Services, InCommon R&S Regional R&E and Commercial Services, InCommon R&S Open Source and Scientific Software R&E Networks, IRNCs, Science DMZs R&E Networks, IRNCs, Science DMZs …

20 Slide 20 Commodity IT Use baseline cybersecurity practices from NIST and others. Commodity IT E.g. http://trustedci.org/guide/docs/commodityIT

21 Slide 21 Unique IT/Instruments/Data/ etc. Must understand and manage risk A custom task – can be helped with resources – E.g. http://trustedci.org/guide/ Unique Assets

22 Slide 22 What about the Science itself? The mission we are ultimately supporting. But is that all? Scientific Community

23 Slide 23 Science Risks http://www.nsf.gov/oig/reports/ Biases Errors Fabrications

24 Slide 24 Science Manages Risks as Well http://www.ligo.org/news/blind-injection.php

25 Slide 25 http://cms.web.cern.ch/news/blinding- and-unblinding-analyses https://theoreticalecology.wordpress.com/2012/06/22/statistical- analysis-with-blinded-data-a-way-to-go-for-ecology/ http://undsci.berkeley.edu/article/cold_fusion

26 Slide 26 Maximizing Trustworthy Science: The Ideal Trustworthy Science Output Science Risk Management Cybersecurity Risk Management +

27 Slide 27 Cyberinfrastructure Scientific Community Multiple Universities and/or Research Orgs Regional R&E and Commercial Services, InCommon R&S Regional R&E and Commercial Services, InCommon R&S Open Source and Scientific Software R&E Networks, IRNCs, Science DMZs R&E Networks, IRNCs, Science DMZs … Putting it all together… Leverage science processes, understand mission and risks. Baseline controls, risk management. Leverage services and cybersecurity to conserve effort.

28 Slide 28 How do we put this into practice?

29 Slide 29 http://science.energy.gov/~/media/ascr/ascac/pdf/charges/ASCAC_Workforce_Letter_Report.pdf DOE Advanced Scientific Computing Advisory Committee Workforce Subcommittee Letter “In particular, the findings reveal that: All large DOE national laboratories face workforce recruitment and retention challenges in the fields within Computing Sciences that are relevant to their mission (…), including Algorithms (both numerical and non-numerical); Applied Mathematics; Data Analysis, Management and Visualization; Cybersecurity; Software Engineering and High Performance Software Environments; and High Performance Computer Systems.“

30 Slide 30 http://blog.ted.com/bridging-the-gulf-in-mental-health-care-vikram-patel-at-tedglobal2012/ Maximizing Limited Expertise

31 Slide 31 SUNDAR Simplify the message UNpack the treatment Deliver it where people are Affordable and available human resources Reallocation of specialists to train and supervise

32 Slide 32 CTSC version of SUNDAR Engagements LIGO, SciGAP, IceCube, Pegasus, CC-NIE peer reviews, DKIST, LTERNO, DataONE, SEAD, CyberGIS, HUBzero, Globus, LSST, OOI, NEON, Gemini, AoT. Education and Training Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects, Securing Commodity IT in Scientific CI Projects, Baseline Controls and Best Practices, Training for CI professionals. Leadership Organized 2013, 2014 & 2015 Cybersecurity Summits for Large Facilities and CI, vulnerability awareness, Cybersecurity for Large Facilities Manual.

33 Slide 33 Cybersecurity Program Guide Baseline practices and risk management, tailored for science projects with guidance and templates. http://trustedci.org/guide/

34 Slide 34 In conclusion… Cybersecurity for science is about managing risks for science to maximize trustworthy science. Science itself has much to offer in the process if we can figure out how the worlds of cybersecurity and science interact. By leveraging our specialists for training and maximum impact, we can overcome workforce constraints to make this a reality. More information: vwelch@iu.edu / trustedci.org

35 Slide 35 Acknowledgements Colleagues at CACR, CTSC, XSIM. Mike Corn, Adam Lyon, Marlon Pierce, Anurag Shankar, Scott Teige for discussions and feedback. National Science Foundation (Grant 1234408). Department of Energy Next-Generation Networks for Science (NGNS) program (Grant No. DE-FG02-12ER26111). Uncredited images: http://www.thinkstockphotos.com/ Plug: Join InCommon, release attributes to R&S The views and conclusions contained herein are those of the author and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the sponsors or any organization

Download ppt "Slide 1 Science meets cybersecurity Trustworthy Computational Science Von Welch Director, CACR Indiana University 2015 Campus Cyberinfrastructure PI Workshop."

Similar presentations

1 US activities and strategy :NSF Ron Perrott. 2 TeraGrid An instrument that delivers high-end IT resources/services –a computational facility – over.

1 US activities and strategy :NSF Ron Perrott. 2 TeraGrid An instrument that delivers high-end IT resources/services –a computational facility – over.
Research CU Boulder Cyberinfrastructure & Data management Thomas Hauser Director Research Computing CU-Boulder

Research CU Boulder Cyberinfrastructure & Data management Thomas Hauser Director Research Computing CU-Boulder
Science Gateway Security Recommendations Jim Basney Von Welch This material is based upon work supported by the.

Science Gateway Security Recommendations Jim Basney Von Welch This material is based upon work supported by the.
Trust Model for eXtreme Scale Identity Management (XSIM) in Scientific Collaborations Bob Cowles, Craig Jackson, Von Welch (PI) VAMP 2013 30 September.

Trust Model for eXtreme Scale Identity Management (XSIM) in Scientific Collaborations Bob Cowles, Craig Jackson, Von Welch (PI) VAMP September.
1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CIF21) NSF-wide Cyberinfrastructure Vision People, Sustainability, Innovation,

1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CIF21) NSF-wide Cyberinfrastructure Vision People, Sustainability, Innovation,
1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) IRNC Kick-Off Workshop July 13, 2010 1.

1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) IRNC Kick-Off Workshop July 13,
ADVANCE Implementation Mentors (AIM) Network Women of Color Survey and Interview Results Funding for this presentation was made possible through the National.

ADVANCE Implementation Mentors (AIM) Network Women of Color Survey and Interview Results Funding for this presentation was made possible through the National.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
April 2009 OSG Grid School - RDU 1 Open Science Grid John McGee – Renaissance Computing Institute University of North Carolina, Chapel.

April 2009 OSG Grid School - RDU 1 Open Science Grid John McGee – Renaissance Computing Institute University of North Carolina, Chapel.
MESA INTERNATIONAL Driving Operations Excellence Being a Board Member at MESA IT’S GOOD FOR YOU ! - AND US !

MESA INTERNATIONAL Driving Operations Excellence Being a Board Member at MESA IT’S GOOD FOR YOU ! - AND US !
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)

“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)
Von Welch (PI) Susan Sons (HUBzero Engagement Lead) Hubbub 2014 30 September 2014 trustedci.org Cybersecurity for Cyberinfrastructure… and Science!

Von Welch (PI) Susan Sons (HUBzero Engagement Lead) Hubbub September 2014 trustedci.org Cybersecurity for Cyberinfrastructure… and Science!
Company LOGO Broader Impacts Sherita Moses-Whitlow 07/09/09.

Company LOGO Broader Impacts Sherita Moses-Whitlow 07/09/09.
Get Ready to Engage Plus 50 Learners February 3, 2010 Minneapolis, MN.

Get Ready to Engage Plus 50 Learners February 3, 2010 Minneapolis, MN.
Research Cyberinfrastructure Alliance Working in partnership to enable computationally intensive, innovative, interdisciplinary research for the 21 st.

Research Cyberinfrastructure Alliance Working in partnership to enable computationally intensive, innovative, interdisciplinary research for the 21 st.
INTERNET2 COLLABORATIVE INNOVATION PROGRAM DEVELOPMENT Florence D. Hudson Senior Vice President and Chief Innovation.

INTERNET2 COLLABORATIVE INNOVATION PROGRAM DEVELOPMENT Florence D. Hudson Senior Vice President and Chief Innovation.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
CI Days: Planning Your Campus Cyberinfrastructure Strategy Russ Hobby, Internet2 Internet2 Member Meeting 9 October 2007.

CI Days: Planning Your Campus Cyberinfrastructure Strategy Russ Hobby, Internet2 Internet2 Member Meeting 9 October 2007.
Supporting the local research data environment via cross-campus collaboration and leveraging of national expertise Hannah F. Norton, Rolando Garcia Milian,

Supporting the local research data environment via cross-campus collaboration and leveraging of national expertise Hannah F. Norton, Rolando Garcia Milian,

Similar presentations

Ads by Google