Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 IA&S IA&S Roadmap and ITS Direction Dr. Jay Lala ITS Program Manager 23 February, 2000.

Published byBelinda Baker Modified over 8 years ago

Similar presentations

Presentation on theme: "1 IA&S IA&S Roadmap and ITS Direction Dr. Jay Lala ITS Program Manager 23 February, 2000."— Presentation transcript:

1 1 IA&S IA&S Roadmap and ITS Direction Dr. Jay Lala ITS Program Manager 23 February, 2000

2 IA&S Problem Space Maliciou s Code Multi- Domain/ Multi-Level Security Situational Understanding Modeling/ Simulation Semantic Assurance Formalized Design & Assessment Intrusion Detection IA Sensors Adaptive Survivable Network Infrastructures Physical Security Autonomic Response Policy Course of Action Projection Auto Forensics Adaptive Survivable Architectures Dynamic Coalition Law Enforcemen t Policy Protective Mechanisms Crypto Dynamic Policy Cyber Sensor Exploitation The known core is a fraction of whole IA problem space IA&S is illuminating key portions of the dark space Significant identified & unknown problems exist in the dark space Intrusion Assessment Cyber Strategy Lifecycle Attacks Insider Attacks ? ? ? ? Security of Mobile Agents Composable Trust

3 IA&S Problem Space Maliciou s Code Multi- Domain/ Multi-Level Security Situational Understanding Modeling/ Simulation Semantic Assurance Formalized Design & Assessment Intrusion Detection IA Sensors Adaptive Survivable Network Infrastructures Physical Security Policy Course of Action Projection Auto Forensics Adaptive Survivable Architectures Dynamic Coalition Law Enforcemen t Policy Protective Mechanisms Crypto Dynamic Policy Cyber Sensor Exploitation The known core is a fraction of whole IA problem space IA&S is illuminating key portions of the dark space Significant identified & unknown problems exist in the dark space Intrusion Assessment Cyber Strategy Lifecycle Attacks Insider Attacks ? ? ? ? Security of Mobile Agents Autonomic Response Composable Trust

4 4 IA&S Information Assurance and Survivability Experimentation Dynamic Coalitions Coalition Policy Mechanisms Doug Maughan dmaughan@darpa.mil Fault Tolerant Networks Tolerant Mechanisms Doug Maughan dmaughan@darpa.mil Intrusion Tolerant Systems Tolerant Systems Jay Lala jlala@darpa.mil Strategic Intrusion Assessment Attack Recognition & Correlation Sami Saydjari ssaydjari@darpa.mil IA Science & Engineering Tools Design Tools & Models Michael Skroch mskroch@darpa.mil Autonomic Information Assurance Dynamic Reflexive Systems Brian Witten bwitten@darpa.mil Information Assurance Composable Trust Sami Saydjari ssaydjari@darpa.mil Cyber Command & Control Human Directed Strategy Catherine McCollum cmccollum@darpa.mil Integration http://dtsn.darpa.mil/iso/

5 Program Core Areas in the IA&S Problem Space Maliciou s Code Multi- Domain/ Multi-Level Security Situational Understanding Modeling/ Simulation Semantic Assurance Formalized Design & Assessment Intrusion Detection IA Sensors Adaptive Survivable Network Infrastructures Physical Security Policy Course of Action Projection Auto Forensics Adaptive Survivable Architectures Dynamic Coalition Law Enforcemen t Policy Protective Mechanisms Crypto Dynamic Policy Cyber Sensor Exploitation IA and IS did initial exploration of the space IA&S is attacking high leverage problems in newly known parts of the space Intrusion Assessment Cyber Strategy Lifecycle Attacks Insider Attacks ? ? ? ? Security of Mobile Agents Autonomic Response AIA Composable Trust CC2 DC SIA CC2 FTN IA ITS IASET Small, early explores continuing into dimly glimpsed areas not yet ready for concentrated effort

6 6 IA&S 20-Year Vision: Program Investments Grey Shading indicates level of investment Thermometer shows expected relative progress in 5 years

7 7 IA&S Intrusion Tolerant Systems Premise  Attacks will happen; some will be successful  Attacks may be coordinated across multiple sites Hypothesis  Attacks can be detected, contained, and tolerated, enabling continued correct progress of mission critical applications ITS Program Goals  To conceive, design, develop, implement, demonstrate, and validate tools and techniques that would allow fielding of intrusion tolerant systems. An intrusion tolerant system is one that can continue to function correctly and provide the intended services to the user in a timely manner even in the face of an attack.

8 8 IA&S ITS FUNCTIONS & CAPABILITIES DESIGN VALIDATION MOBILE CODE/DATA INTEGRITY MALICIOUS CODE CONFINEMENT ERROR DETECTION/ TOLERANCE TRIGGERS ERROR COMPENSATION/ RESPONSE/ RECOVERY Detect design faults; plug exploitable code vulnerabilities; Validate key intrusion tolerant properties Rapidly distinguish intact & corrupted entities before execution Monitor software executables Value & Time Domain Detectors; Comparison & Voting; Acceptance Checks Survivable Architectures; Graceful Degradation; QoS Trade- OffsSpatial, temporal, design, analytical redundancies; Dynamic reconfiguration

9 9 IA&S Capabilities and Enabling Technologies Avoid faults. Detect design faults. Plug exploitable code vulnerabilities.  Assurance & preservation of software dependability properties via program analysis, annotation and manipulation tools (Scherlis). Validate intrusion tolerance. Validate key security properties of intrusion tolerant architectures.  Ontology of intrusion tolerance (Stavridou).  Analytical modeling & simulation. Assure mobile code / data integrity. Rapidly distinguish intact & corrupted entities before execution.  Language-based security: Language-independent PCC safety policy (Appel); Scalable PCC certifying compiler, prover, & checker (Appel); Provably-secure mobile code format (Franz); Self-enforcing object code using in-lined reference monitors (Schneider). Confine malicious mobile code and malicious host. Monitor software executables. Protect mobile code.  Sandbox individual active scripts (Ghosh); Mutate mobile code to protect from malicious host (Badger); Wrap programs and mediate all interfaces (Balzer); Monitor COTS s/w via internal binary agents (Agarwal).

10 10 IA&S Capabilities and Enabling Technologies Detect errors. Detect errors in outputs of applications, utilities, system software.  Redundant systems - Rearguards (Schneider).  Application-based error detection. Process errors. Provide forward or backward error recovery. Provide error compensation via redundancy. Recover & respond. Perform QoS trade-offs and graceful degradation to provide continued user services for as many critical functions as possible. Log repair and damages.  Agile objects for rapid reconfiguration & location elusiveness (Chien); Fragmentation redundancy & scattering of objects (Khosla); Digital Semantic Integrity (DSI) mark methods (Rosenthal).  Functional & analytic redundancy; Design diversity; Temporal redundancy; Dynamic reconfiguration & adaptation; Market-based resource allocation; Intrusion-tolerant transaction processing protocols.

Download ppt "1 IA&S IA&S Roadmap and ITS Direction Dr. Jay Lala ITS Program Manager 23 February, 2000."

Similar presentations

Trusted Computing in Government Networks May 16, 2007 Richard C. (Dick) Schaeffer, Jr. Information Assurance Director National Security Agency.

Trusted Computing in Government Networks May 16, 2007 Richard C. (Dick) Schaeffer, Jr. Information Assurance Director National Security Agency.
A Binary Agent Technology for COTS Software Integrity Richard Schooler Anant Agarwal InCert Software.

A Binary Agent Technology for COTS Software Integrity Richard Schooler Anant Agarwal InCert Software.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.
Strategic Control Chapter 13

Strategic Control Chapter 13
1 Independent Verification and Validation Current Status, Challenges, and Research Opportunities Dan McCaugherty IV&V Program Manager Titan Systems Corporation.

1 Independent Verification and Validation Current Status, Challenges, and Research Opportunities Dan McCaugherty IV&V Program Manager Titan Systems Corporation.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Overview FAA IT & ISS R&D: Security Today Security Tomorrow Marshall Potter Chief Scientist for Information Technology Federal Aviation Administration.

Overview FAA IT & ISS R&D: Security Today Security Tomorrow Marshall Potter Chief Scientist for Information Technology Federal Aviation Administration.
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
27 September 1999 Crisis Management William L. Scherlis Carnegie Mellon University School of Computer Science.

27 September 1999 Crisis Management William L. Scherlis Carnegie Mellon University School of Computer Science.
Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.

Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.
Network Enabled Capability Through Innovative Systems Engineering Service Oriented Integration of Systems for Military Capability Duncan Russell, Nik Looker,

Network Enabled Capability Through Innovative Systems Engineering Service Oriented Integration of Systems for Military Capability Duncan Russell, Nik Looker,
1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.

1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Issues and Ideas in Software Reliability for FCS Joe Loyall BBN Technologies.

Issues and Ideas in Software Reliability for FCS Joe Loyall BBN Technologies.

Similar presentations

Ads by Google