Presentation is loading. Please wait.

Presentation is loading. Please wait.

Integrated Program Protection Vision

Published byÁkos Dobos Modified over 5 years ago

Similar presentations

Presentation on theme: "Integrated Program Protection Vision"— Presentation transcript:

1 Integrated Program Protection Vision
11/2018 Acquisition Community Steve Kern, Cyber Warfare Chief Engineer Senior Scientific Technical Manager (SSTM)

2 Vision An integrated Program Protection Process to protect
advanced technology, safety of flight, mission critical functions, and components throughout the acquisition lifecycle, apply countermeasures and protections from malicious adversarial intent, illuminate and balance cyber risk and maximize resilience in a cyber contested environment.

3 Program Protection Instructions
Slide from DASD(SE) Melinda Reed briefing to NDIA on 25 Oct 2017 TSN/CA CYBERSAFE AT/CPI RMF

4 Observations Process and organizational structure has been developed to address the individual program protection instructions. There are redundancies and overlaps in tasks among the processes. There is an imbalance of Program Office effort across the processes. RMF and CPI/AT receive significant emphasis TSN/CA and the “cyber part” of SCRM receive less emphasis An integrated Program Protection Process will identify opportunities to include technical and procedural security measures at the beginning of Systems Engineering and throughout the lifecycle during updates and engineering changes, as opposed to selecting controls after susceptibilities have been designed into the system. One of the first steps in many processes is to decompose the mission of the platform/system into critical systems that are required to execute that mission. RMF from the data protection perspective (if NIST Control RA-3 is selected) CRA Step 1 is to “Decompose Mission Essential Functions” CPI Steps 1 & 2 are “Identify Mission Capability” and “Decompose System into components“ TSN/CA Step 1 process is “ID principle mission threads and mission system functions” CYBERSAFE is to implement TSN/CA and is based on “Mission Essential Functions”

5 Observations (cont.) The second (or third/fourth) step in many of the processes is to conduct some sort of criticality analysis/judgement of the identified subcomponents RMF Step 2 is to “Select Controls” – judge criticality of the data CRA Step 3 is to “Develop Attack Surface/ Attack Trees” CPI Step 3 process is to “Evaluate Criticality of each component (at least 3 levels)” TSN/CA Step 4 process is to “Assign criticality failure levels (I, II, III, IV) to components” An adversarial-based assessment is required by all of the processes RMF does NOT require a Threat Assessment but NIST control RA-3 could be implemented and is part of a Common Control Package (CCP) CRA’s require an intelligence-driven Threat Assessment CPI requires a intelligence (and Counter-Intelligence) driven Threat Assessment TSN/CA requires a (vendor) supply chain assessment (and CI assessment) for sources for components that are deemed critical level I/II components (not an adversarial based Threat Assessment ) We can do better

6 Integrated Program Protection Vision
SYSTEMS ENGINEERING PROCESS | Step Step 3 Step Step 9 Step | System Requirements High-Level Design | H/W S/W Development | System Validation | Changes/Upgrades FUNCTIONAL ANALYSIS AND ALLOCATION | DESIGN SYNTHESIS | VERIFICATION | DEPLOYMENT CRA Viewpoint 1 RMF Step 1 Intel Threat Assessment AT Step 1 CPI Assessment T&E Cybersecurity Requirements Analysis CRA Viewpoint 2 RMF Step 2 CTT CPI Assessment AT Steps 2 Intel Threat Assessment T&E Attack Surface Characterization CRA Viewpoint 3 RMF Step 2/3 AT Steps 3 & 4 TSN/Criticality Analysis SCRM Illumination Intel Threat Assessment CYBERSAFE Planning T&E Cooperative Vulnerability Identification CRA Viewpoint 4 RMF Step 4/5 SCRM Assessment Developmental Testing CYBERSAFE OQE & Risk Review Board OT CVPA OT Adversarial Assessment RMF Continuous Monitoring CYBERSAFE continuous Monitoring PROCESS STEP Cyber Attack Trees Cyber Risk Cube Categorization Letter PM Signature CPI Memo Intel Production Requests Threat Model Cyber VOLT Cyber T&E Strategy Cyber Attack Trees Cyber Risk Cube Initial RMF Control Selection & Security Assessment Plan AT Mission Essential Function AT Level of Protection Requirement AT Letter of Concurrence CYBERSAFE Mission Criticality Critical Intelligence Parameters Intel Production Requests Threat Model Cyber Attack Trees Cyber Risk Cube RMF Control Selection & Control Design Plan Initial/ Final AT Plan AT Attack Trees Critical ICT Components SCRM-TAC Request DT Test Plan CYBERSAFE EDRAP Intel Production Requests Threat Model Critical Component CVI Reports Cyber Attack Trees Cyber Risk Cube RMF Risk Assessment Report, Security Assessment Report, FSCA Endorsement & Authorization to Operate SCRM Supply Chain AT Implemented DT Test Report OT Test Report FINTEL CYBERSAFE Certification OUTPUTS

Download ppt "Integrated Program Protection Vision"

Similar presentations

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.

Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.
KDP-1: Integrate supply chain knowledge into secure solutions concepts Evaluate supply chain threats with respect to the set of possible solutions under.

KDP-1: Integrate supply chain knowledge into secure solutions concepts Evaluate supply chain threats with respect to the set of possible solutions under.
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]

National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
Information Assurance (IA) - Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication,

Information Assurance (IA) - Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication,
National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.

National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.
CYBERSAFE Overview AFCEA C4ISR Symposium 28 April 2015

CYBERSAFE Overview AFCEA C4ISR Symposium 28 April 2015
By: Ashwin Vignesh Madhu

By: Ashwin Vignesh Madhu
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Risk Management Framework

Risk Management Framework
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Actionable Process Steps and Focused Mitigation Strategies

Actionable Process Steps and Focused Mitigation Strategies
Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.

Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.

Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
Information Technology Audit

Information Technology Audit
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Justice Information Network Strategic Plan Development Justice Information Network Board March 18, 2008 Mo West, JIN Program Manager.

Justice Information Network Strategic Plan Development Justice Information Network Board March 18, 2008 Mo West, JIN Program Manager.
NDIA SE Division Meeting February 13, 2013 1 Developmental Test and Evaluation Committee Beth Wilson, Raytheon Steve Scukanec, Northrop Grumman Industry.

NDIA SE Division Meeting February 13, Developmental Test and Evaluation Committee Beth Wilson, Raytheon Steve Scukanec, Northrop Grumman Industry.

Similar presentations

Ads by Google