Presentation is loading. Please wait.

Presentation is loading. Please wait.

What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies

Published byDaniela Palmer Modified over 5 years ago

Similar presentations

Presentation on theme: "What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies"— Presentation transcript:

1 What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies
CYRAIL Final Conference Paris, What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies

2 Cyber Resilience Cyber Resilience as the ability to anticipate, withstand, recover from and adapt to adverse conditions, stresses, attacks, or compromises on cyber resources. Cyber resilience has mission assurance as main goal, that is, it aims to resist sophisticated and evolving adversities while continuing to provide a given functionality or service at all times. -> Definition (goals): anticipate, withstand, recover and adapt -> Main objective: continue to provide or recover quickly a functionality or system during/after a successful attack -> Understand the adversary, Prepare, Prevent / Avoid, Continue, Constrain, Reconstruct, Transform, Re-architect Main references: Cyber Resiliency Design Principles - Selective Use Throughout the Lifecycle and in Conjunction with Related Disciplines Cyber Resiliency Engineering Framework

3 Cyber Resilience Design Principles
Cyber resilience design principles should be applied during in the planning or development phases of systems, architectures and organization’s risk management strategies. Focus on common critical assets Maintain redundancy Support agility and architect for adaptability Make resources location-versatile Reduce attack surfaces Leverage health and status data Assume compromised resources Maintain situational awareness Expect adversaries to evolve Manage resources (risk-) adaptively Limit the need for trust Maximize transience; minimize persistence Control visibility and use Determine ongoing trustworthiness Contain and exclude behaviors Change or disrupt the attack surface Layer and partition defences Make unpredictability and deception user- transparent Plan and manage diversity Cyber resilience design principles should be applied during in the planning or development phases of systems, architectures and organization’s risk management strategies. Their application should be tailored according to the system characteristics, enterprise business decisions, preferences, financial resources, legal and contractual requirements, previous investments, culture, known attacker strategies. Strategic design principles are applied throughout the systems engineering process and can be used guide the selection and application of structural design principles in different parts of the architecture. Structural design principles refer to those that directly affect system architecture and design. They can be applied in more specific areas of the architecture and be tailored according to system necessities

4 Cyber Resilience Techniques
Cyber resilience techniques are used to support the application of the design principles. Adaptive Response Non-Persistence Analytic Monitoring Privilege Restriction Coordinated Defence Realignment Deception Redundancy Diversity Segmentation / Isolation Dynamic Positioning Substantiated Integrity Dynamic Representation Unpredictability Cyber resilience techniques are used to support the application of the design principles. Consequently, they can also be tailored according to the system and environment. Different resilience techniques can achieve the same goal in different systems. Despite some being well known cyber security mechanisms, motivation for using these techniques comes from how to best mitigate or eliminate effects of successful attacks, instead of how to prevent attacks from being successful.

5 Relation between cyber resilience principles, objectives and techniques
Based on MITRE’s reference. S – Supports achieving the objective R – Requires use of cyber resiliency technique (or one or more approaches) to achieve specific effects on adversary U – Can use cyber resiliency technique (or one or more approaches) X – Can be combined with use of cyber resiliency technique (or one or more)

6 CYRAIL Zones and Conduits
Wayside_1 KMC Wayside_2 Control Center Data Signal OnBoard Command-onboard ERTMSBalise Maintain Occupancy JRU Signalling Movement From D3.2 – Security Analysis and Vulnerability List of the Use Cases

7 CYRAIL Zones and Conduits

8 Applying cyber resilience to CYRAIL's zones and conduits
Zones / Conduits Threat Class Cyber Resilience Techniques Adaptive Response Analytic Monitoring Coordinated Defence Deception Diversity Dynamic Positioning Dynamic Representation Non-Persistence Privilege Restriction Realignment Redundancy Segmentation / Isolation Substantiated Integrity Unpredictability Wayside_1 T.IAC + T.UC X T.IAC + T.SI T.IAC + T.RA Wayside_2 Signal Command-onboard T.IAC Maintain JRU Movement KMC T.IAC + T.DC T.DC T.UC Control Center_ Data Onboard ERTMSBalise T.RA Occupancy Signalling An exercise was made to relate a relation between the Cyber Resilience concepts and the Project use case. Thus, a mapping of the cyber resilience techniques to the threats of the zones and conduits has been done. Taking into account which cyber resilience objective is expected to be achieved in each case (zone)

9 Final Thoughts During the state of the art research, limited or non-existing references were found specifically describing how cyber resilience can be integrated into railway cyber systems. Cyber resilience is necessary to effectively protect against sophisticated and evolving adversaries. Cyber resilience design principles should be applied during in the planning or development phases of systems, architectures and organization’s risk management strategies. Cyber resilience techniques are used to support the application of the design principles. Despite some being well known cyber security mechanisms, motivation for using these techniques comes from how to best mitigate or eliminate effects of successful attacks, instead of how to prevent attacks from being successful. The application of both cyber resilience design principles and techniques should be tailored according to the system and its environment (e.g. enterprise business decisions and preferences, known attacker strategies). A guideline for the application of cyber resilience concepts in railway related cyber systems was presented, by associating cyber resilience techniques with the railway zones.

Download ppt "What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies"

Similar presentations

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.
Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.

© QinetiQ North America, Inc QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Health IT Standards Committee Meeting Security Risk Management For Health IT Systems and Networks.

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Health IT Standards Committee Meeting Security Risk Management For Health IT Systems and Networks.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.

What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
TEL2813/IS2820 Security Management

TEL2813/IS2820 Security Management
Foundational Doctrine Guiding Fire Suppression in the Forest Service Product of the Pulaski Conference June 2005.

Foundational Doctrine Guiding Fire Suppression in the Forest Service Product of the Pulaski Conference June 2005.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.

CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.
Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.

Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.
IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015.

IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015.
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Integrated Enterprise-wide Risk Management Protecting Critical Information Assets and Records FIRM Forum.

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Integrated Enterprise-wide Risk Management Protecting Critical Information Assets and Records FIRM Forum.

Similar presentations

Ads by Google