Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview FAA IT & ISS R&D: Security Today Security Tomorrow Marshall Potter Chief Scientist for Information Technology Federal Aviation Administration.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Overview FAA IT & ISS R&D: Security Today Security Tomorrow Marshall Potter Chief Scientist for Information Technology Federal Aviation Administration."— Presentation transcript:

1 Overview FAA IT & ISS R&D: Security Today Security Tomorrow Marshall Potter Chief Scientist for Information Technology Federal Aviation Administration AIO-4 (202) 267-9878 marshall.potter@faa.gov

2 Three FAA Mission Goals* Safety: Reduce fatal aviation accident rates by 80 percent in ten years Security: Prevent security incidents in the aviation system System Efficiency: Provide an aerospace transportation system that meets the needs of users and is efficient in applying resources * FAA Strategic Plan

3 3 Military Airlines Flight Data Specialists Traffic Flow Management Air Traffic Controllers Certification/Regulation Systems System Specialists Center Weather Service Unit Department of Homeland Security Ubiquitous Availability of Information Common Situation Awareness Administrative Systems General Aviation Flying Public

4 4 The CIO wants the ability to: Know how well our assets are protected Know the effort/cost of providing security Know how well we are maintaining our security Identify the “observables” of pending attacks Reduce the attack surface Know that we are investigating the most appropriate R&D areas to improve our processes?

5 5 The CEO wants to know: How secure am I? Am I better off today than last year? Am I spending enough on security? What has my money accomplished? What’s the value of my investment? What trends are we seeing? If I gave you $x, how would you invest it?

6 6 FAA’s 5 Layers of System Protection Public Key Infrastructure Biometrics ISS Architecture Analytical Tool Sets Encryption Smart Cards Authentication Access Control Confidentiality Integrity Availability Architecture & Engineering Personnel Security Physical Security Cyber Hardening Elements Compartmentalization Redundancy

7 FAA R&D Initiatives Safety FAA Operational Goals R&D Focus Areas Technology Needs Security Efficiency Real Time Intrusion Protect, Detect, Response & Recovery Integrity and Confidentiality in the Mobile Environment Trustworthy Systems from Untrustworthy Components with Untrustworthy Actors Cyber Panel Incident classify & characterize Indicators and Warnings Intrusion Detect/Isolate Incident Response/Recovery ---------------- Adaptive Survivable Infrastructure Cryptography (PKI, VPN) Identification & Authentication Malicious code protection Situational understanding Vulnerability Assessments ------------------- Infrastructure: Adapt/Survive Boundary Protection Composable Trust Cryptography (PKI, VPN) Identification & Authentication Malicious code protection Situational understanding Models of Trust Vulnerability Assessments

8 8 Summary FAA goals address safety, security and efficiency, but safety is always a preeminent concern Our approach attempts to address security in depth with a layered model Three focus areas were proposed in the past, are these the ones we should be working on or are changes necessary? Today, findings and results of on-going efforts will be presented, tomorrow, breakout groups will propose future efforts, out-briefs on Thursday

Download ppt "Overview FAA IT & ISS R&D: Security Today Security Tomorrow Marshall Potter Chief Scientist for Information Technology Federal Aviation Administration."

Similar presentations

Systems Security Engineering An Updated Paradigm INCOSE Enchantment Chapter November 8, 2006 John W. Wirsbinski.

Systems Security Engineering An Updated Paradigm INCOSE Enchantment Chapter November 8, 2006 John W. Wirsbinski.
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
CUBIC DEFENSE APPLICATIONS Security Summit Discussions Jeff Snyder Vice President, Cyber Programs Cubic Defense Applications.

CUBIC DEFENSE APPLICATIONS Security Summit Discussions Jeff Snyder Vice President, Cyber Programs Cubic Defense Applications.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Information Visualization Solutions March 15-16, 2007 Information Visualization Solutions Team Overview & Analysis ~ Michael Hardy.

Information Visualization Solutions March 15-16, 2007 Information Visualization Solutions Team Overview & Analysis ~ Michael Hardy.
Security Controls – What Works

Security Controls – What Works
Building a Successful Security Infrastructure

Building a Successful Security Infrastructure
May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.
THE IMPACT OF COTS COMPONENTS ON BUILDING TRUSTWORTHY SYSTEMS Arthur Pyster Deputy Assistant Administrator for Information Services and Deputy Chief Information.

THE IMPACT OF COTS COMPONENTS ON BUILDING TRUSTWORTHY SYSTEMS Arthur Pyster Deputy Assistant Administrator for Information Services and Deputy Chief Information.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Asia Pacific Economic Cooperation Transportation Working Group ITS Experts Group Chicago, Illinois September 2002 Walter Kulyk, P.E. Director, Office of.

Asia Pacific Economic Cooperation Transportation Working Group ITS Experts Group Chicago, Illinois September 2002 Walter Kulyk, P.E. Director, Office of.
IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.

IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
NETWORK SECURITY.

NETWORK SECURITY.
Presented to: MPAR Working Group By: William Benner, Weather Processors Team Manager (AJP-1820), FAA Technical Center Date: 19 March 2007 Federal Aviation.

Presented to: MPAR Working Group By: William Benner, Weather Processors Team Manager (AJP-1820), FAA Technical Center Date: 19 March 2007 Federal Aviation.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Creating a Security Architecture Kim Milford, J.D., CISSP Information Security Manager University of Wisconsin Copyright Kim.

Creating a Security Architecture Kim Milford, J.D., CISSP Information Security Manager University of Wisconsin Copyright Kim.

Similar presentations

Ads by Google