Gov innovate nov 2015 davies steel day 2
-
Upload
mike-davies -
Category
Technology
-
view
211 -
download
0
Transcript of Gov innovate nov 2015 davies steel day 2
v
Innovative Solutions to ICT Supply Chain Insecurity 26 November 2015
Dr Mike Davies Research Leader, Cyber Assurance
and Operations
Defence Science & Technology Group
Dr Jodi Steel Director – Cyber Security Business
Team (Government & Defence)
Data61, CSIRO
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Structure
• Cyber security dilemma and challenge
• DST Group and Data 61 perspectives
• ICT supply chain security
• High assurance ICT requirements
• Innovative solutions through partnership
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 3
Cyber Security Challenges
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Defenders are
losing (or at best
playing catch-up),
attackers are
winning (or at least
calling the shots)
We develop new
measures through
advancing our
concepts, tools and
techniques
But ,however, so
do the threat
actors!
Introduction
Cyber Security Dilemma
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
A Challenge
How can we decrease the chance of just making incremental improvements which get outpaced?
And increase the chance of producing a sustainable game-changer?
What qualities do we need from the Australian R&D community?...
Defence
Threat
Defence
Threat
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Australian Cyber Security
R&D Community Qualities
• In-government, academia and industry
• Relevant and enduring
• Focused: Builds national world-class S&T capability in selected areas
• Differentiation between in-government, academia and industry R&D
• Strong relationships
• Resourced for sustainability and high impact
• Partnerships
• Integrated/aligned
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 7
DST Group and Data 61 Perspectives
on Cyber Security
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Cyber 2020 Vision:
DSTO Cyber Science
and Technology Plan;
2014
Available online at
www.dsto.defence.gov.au
02 8
DST Group Perspective
A strategic S&T plan
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 02 9
Foundational research themes
DST Group Perspective
10
Modus Operandi in DST Group Cyber Assurance and Operations S&T
We develop techniques to discover and counter their presence
We develop tools and techniques to discover vulnerabilities and fix predispositions
We pursue autonomous cyber defence solutions
We develop and use advanced cryptologic techniques
We develop solutions for resilient and trustworthy ICT
We forecast and prototype advanced forms of adversarial software and hardware.
We demonstrate their likely appearance and effect
We focus above mainstream
We have impact and raise the bar…
and repeat BEFORE this!!
We demonstrate robust risk-based pervasive security policy and architectures
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Investment Emphases
Rebalance
Shift investment from intrusion detection to discovering and fixing vulnerabilities
Emphasis on security-at-design-and-build; forecasting and prototyping advanced threats (threat anticipation) plus:
Back two potential game changers
Trustworthy ICT and Autonomous Cyber Defence (HINDER)
All of which will fall short without operational and research partnerships
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Data61 Perspective
Multi-disciplinary approach to cyber security
– Applying different lenses to problems/challenges
– Including user experience and cognitive science
Holistic view across people, process, technology and usability
Research and application partnerships
Merging NICTA and CSIRO Digital Productivity
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Data61 Perspective
Data-driven Defences
Leveraging insights from empirical measurements to establish contextual and
situational awareness
Data-driven Security
Development of new techniques and tools to enable businesses as well as
consumers to protect their data in untrustworthy environments
Secure Software Design, Development and Deployment
Trustworthy systems
Security at design and build software, development environment and software
supply chain
Reducing Friction – Usable Security
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 14
ICT Supply Chain Security
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
The Australian Perspective
Australia sources all integrated circuits from overseas
Lack of resources for:
– designing
– fabricating
– testing chips
Majority of suppliers: Vendor Foundry Location 2014
Revenue 2014 Market Share
(%) TSMC Taiwan 25,175 53.7 UMC Taiwan 4,621 9.9 Globalfoundries U.S. 4,400 9.4 Samsung South Korea 2,412 5.1 SMIC China 1,970 4.2
Gartner report "Market Share: Semiconductor Foundry, Worldwide, 2014."
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Threat: Hardware Trojans
Intentional modification of COTS electronic circuitry
– Penetration into our networks
– Undetectable by current methods
– Triggered at will by adversary
– Compromise operation and security of infected electronics systems
– Outcomes – Leak or Modify Information
– Reduce Effectiveness
» Kill switch
» Denial of service, degradation of service, integrity attacks, etc.
– Modify function
– Scale effects, e.g., broad spectrum network degradation across all Government networks
–
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Threat Illustrations
State-sponsored (US Embassy Moscow, 1976 – 1984)
– Implant characterised data and transmitted to a local listening post
– Undetected for 8 years; many man weeks and thousands of X-Rays to find, despite tip-off
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Threat Illustrations
Organised crime (UK 2008)
– ATM machines opened, tampered with and perfectly resealed at supply
– Electronics operated as normal, but also remotely captured and forwarded credit card details
– Only fortuitously discovered
Previously only a nation state's
intelligence service would have been
capable of pulling off this type of operation.
It's scary
US counterintelligence chief
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
DST Group Approach
Challenge 3 assumptions concerning ICT supply chain security
– Only state-sponsored actors would have the capability
– Trojans are “always on”
– Trojans are physically detectable
Develop deep understanding of issues
– Prototype future threats and demonstrate concepts
Develop complementary countermeasures
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 20
High Assurance ICT Requirements
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
UN
CLA
SS
IFIE
D
FO
UO
PR
OT
EC
TE
D
SE
CR
ET
…
TO
P S
EC
RE
T
High Assurance ICT
Requirements
• Integration across
multi-security levels
• High security and
safety requirements
Grave
consequences
• Strict evaluation and
accreditation
S o f t w a re
H a rd w a r e
100s of millions
of Lines of Code
Complexity
Components
with billions of
transistors
High assurance domains:
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Security versus Usability
Guaranteed Correct
Fails Secure
Works in hostile environment
Agile Solutions
Cost Effective
Timely
Usable
Functional
…
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 23
Innovative Solutions through Partnership
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Opportunity
• We have the opportunity to develop a sovereign Trustworthy
ICT capability
• Building on:
• DST Group: award-winning hardware approaches
• Data 61 (NICTA): seL4 world-class secure software
kernel-based approach
• And establishing new partnerships with Industry and Academia
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
DST Group Credentials
Small peripheral inserted between a host computer and a screen enables trusted video display (eg receive official comms in a foreign internet café)
Prototyping and demonstrating the hardware Trojan threat
A countermeasure: the Digital Video Guard (DVG)
Recognition: South Australian ICT Innovation Award 2014
Trials
Example: Digital Video Guard (DVG)
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Data61 Credentials
Protecting critical mission operations from targeted attacks and latent software vulnerabilities
• Higher assurance cyber-physical system design using formal verification
• Applicable to other systems with mixed levels of trust
Air Team partners: Rockwell Collins, Boeing, Galois, University of Minnesota
Component architecture: functional isolation, enforced by seL4
Example: sel4 in DARPA HACMS program
Successful flight demo: 4 July 2015
DARPA Air Team project: US $18M
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Approach
• Operate safely in the presence of unknown Hardware Trojans
• Combine COTS with a small amount of trustworthy hardware
and logic (a trustworthy computing base (TCB))
• Tradeoff between performance, size, complexity and security
• Combine with smarter architectural choices
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
UN
CLA
SS
IFIE
D
FO
UO
PR
OT
EC
TE
D
SE
CR
ET
…
TO
P S
EC
RE
T
S o f t w a re
H a rd w a r e
100s of millions
of Lines of Code
Complexity
Components
with billions of
transistors
Architectural Approach
TRUSTWORTHY
COMPUTING BASE
~7000 Lines of Code 10,000 Lines of Code
Medium Complex Circuit TCB Circuit
Trusted OS MLS Application
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Example Joint Venture
The Cross Domain Desktop Compositor (CDDC)*
• A cross domain security solution for high-assurance
* Patent pending
• Deep knowledge of
Defence high-assurance
• Trustworthy hardware
• Trustworthy software
• Formally verified
system components
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Vision - Multi-level Converged Desktop Trusted domain switch Trusted active domain label
Trusted window decorations
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
PROTECTED
Vision - Single Multi-Level Secure Email App
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 32
DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity
Conclusion
• We require focused and innovative approaches to Cyber Security
• Hardware-based threats require attention
• Trustworthy ICT is considered a potential game-changer
• Highly assured Government and other systems need to be achieved in a
manner which enables digital transformation
• We have the opportunity to develop a sovereign Trustworthy ICT capability
through in-government, industry and academia partnerships
Thank you! please contact us for more info.
Dr Mike Davies Research Leader, Cyber Assurance
and Operations
Defence Science & Technology Group
Dr Jodi Steel Director – Cyber Security Business
Team (Government & Defence)
Data61, CSIRO