1. 0 CCSDS Systems Engineering Area: Security Working Group Howard Weiss NASA/JPL/SPARTA (a Parsons Company) howard.weiss@sparta.com +1.443.430.8089 15 April 2013

2. 1 The CCSDS Security WG is chartered to: Develop security recommendations: - Encryption, authentication, key management, etc Develop security guides and informative documents: - Security architecture, threat, secure interconnection guide, key management, security glossary of terms, etc Provide advice and guidance to other WGs - E.g., Spacecraft Monitoring & Control, Space Link OVERVIEW 16 Apr, 2012

3. 2 Cleveland (Oct 2012) Progress: - WG approved charter updates which were then posted to CWE Framework. - Three documents published: Algorithms BB, Security Architecture MB, and Information Security Glossary GB. - Reviewed Algorithm Yellow Book: final edits and DLR added testing results as an annex. Document submitted to Secretariat. - WG approved three “new” documents: Algorithms GB (already underway), Network Layer Security adaptation profile BB (IPsec constrained for CCSDS), and an update to the existing Threat GB. - Reviewed Algorithms GB – additional edits and ESA will release Telindus study for additional material. - Key Management BB and SDLS KM continuing to progress - SDLS WG continues making good progress - ESA presentations on AJ codes and crypto period guidance. STATUS 15 Apr, 2013

4. 3 STATUS (cont) Current Progress: - Completed: - Security Architecture Magenta Book - Algorithm Blue Book - Information Security Glossary Green Book - Algorithm Yellow Book - Continuing: - Algorithm Green Book (draft distributed) - Key Management Blue Book - Key Management SDLS Extended Procedures (SDLS WG) - Network Layer Security (not started) - Threat book review/revision (not started) - SM&C security discussions 15 Apr, 2013

5. 4 Key Management Yellow Book Upper Layer Security - (1) Network layer - (2) Application layer Cross Support Issues - E.g., Cross realm identification, authentication, access control - Increased SLE security? - Increased SM&C security? Integrate Individual Documents - possibly tie them together with a mission security Protection Profile (PP) using the Common Criteria FUTURE WORK AREAS 15 Apr, 2013

6. 5 AGENDA 15 April 2013 – 08:30 – 09:30: CCSDS Plenary – 09:30 – 12:30: Systems Engineering Area (SEA) Plenary – 13:30 – 18:30: Security WG – Welcome, introductions, logistics, agenda review – Review results of Fall 2012 (Cleveland) meeting – Status of documents, action items – Charter review (updated per Cleveland mtg) – Algorithm Yellow Book Status andTesting – DLR testing complete & documented (Richter) – Any other testing plans? – Algorithm Green Book Review (Weiss) – Coding performance (Aguilar-Sanchez) 15 Apr, 2013

7. 6 AGENDA (cont) 16 April 2013 (08:30 – 18:30) – Key Management Blue Book (Fischer/Aguilar-Sanchez) » KM for SDLS extended procedures – Threat book re-write (Black/Weiss/Biggerstaff) – Network Layer Security Discussion (Weiss) » Adaptation profile outline » Testing agencies – Link Layer Security Update (Biggerstaff/Weiss/Aguilar-Sanchez) – Physical Layer Security (Aguilar-Sanchez) » Advanced Coding research – Joint security meeting with DTN Working Group – Other areas of discussion – Proposed new areas of work 17 April 2013 – 08:30-18:30: Space Data Link Security WG 18 April 2013 – 08:30-12:30: Space Data Link Security WG – 13:30-18:00: SEA Wrap-up Plenary 15 Apr, 2013

8. 7 Action Items 15 Apr, 2013 Item NumberAction Item:Assigned to:Date Due: SecWG1012:1 Update charter Howard Weiss12/15/12 SecWG1012:2 Update project framework dates & information Howard Weiss12/15/12 SecWG1012:3 Submit resolution to approve new projects: Threat GB revision; adaptation profile of IPSec; Algorithms GB. Howard Weiss10/18/12 SecWG1012:4 Update Yellow Book with hash algorithm for digital signature Howard Weiss10/31/12 SecWG1012:5 Record DLR algorithm testing results in Yellow Book annex Dorothea Richter11/30/12 SecWG1012:6 Attempt to release ESOC algorithm study report. Daniel Fischer11/15/12

9. 8 Action Items (cont) 15 Apr, 2013 SecWG1012:7 Set up intermediate telecon/webex meeting to discuss document status/updates Howard Weiss02/05/13 SecWG1012:8 Create Threat Document revised document format. Gordon Black, Craig Biggerstaff, Howard Weiss 04/01/13 SecWG1012:9 Investigate how role-based access, in compliance with FIPS 140-2, can be used by flight crypto systems. Craig Biggerstaff11/01/12 SecWG1012:10 Investigate options in TM/AOS scenarios to insert extended procedures related information/date. Daniel Fischer01/15/13 SecWG1012:11 DTN Security: discussion with Lee Pitts – investigate how SecWG can/should be involved. Howard Weiss11/30/12 SecWG1012:12 Write white paper on physical layer security as a future work area Ignacio Aguilar Sanchez 04/01/13 SecWG1012:13 Re-open discussions re: security for SLE Howard Weiss03/01/13