Gov innovate nov 2015 davies steel day 2

v

Innovative Solutions to ICT Supply Chain Insecurity 26 November 2015

Dr Mike Davies Research Leader, Cyber Assurance

and Operations

Defence Science & Technology Group

Dr Jodi Steel Director – Cyber Security Business

Team (Government & Defence)

Data61, CSIRO

DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity

Structure

• Cyber security dilemma and challenge

• DST Group and Data 61 perspectives

• ICT supply chain security

• High assurance ICT requirements

• Innovative solutions through partnership

DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 3

Cyber Security Challenges


Defenders are

losing (or at best

playing catch-up),

attackers are

winning (or at least

calling the shots)

We develop new

measures through

advancing our

concepts, tools and

techniques

But ,however, so

do the threat

actors!

Introduction

Cyber Security Dilemma


A Challenge

How can we decrease the chance of just making incremental improvements which get outpaced?

And increase the chance of producing a sustainable game-changer?

What qualities do we need from the Australian R&D community?...

Defence

Threat

Defence

Threat


Australian Cyber Security

R&D Community Qualities

• In-government, academia and industry

• Relevant and enduring

• Focused: Builds national world-class S&T capability in selected areas

• Differentiation between in-government, academia and industry R&D

• Strong relationships

• Resourced for sustainability and high impact

• Partnerships

• Integrated/aligned


DST Group and Data 61 Perspectives

on Cyber Security


Cyber 2020 Vision:

DSTO Cyber Science

and Technology Plan;

2014

Available online at

www.dsto.defence.gov.au

02 8

DST Group Perspective

A strategic S&T plan

DST Group / Data61 – Innovative Solutions to ICT Supply Chain Insecurity 02 9

Foundational research themes

DST Group Perspective

10

Modus Operandi in DST Group Cyber Assurance and Operations S&T

We develop techniques to discover and counter their presence

We develop tools and techniques to discover vulnerabilities and fix predispositions

We pursue autonomous cyber defence solutions

We develop and use advanced cryptologic techniques

We develop solutions for resilient and trustworthy ICT

We forecast and prototype advanced forms of adversarial software and hardware.

We demonstrate their likely appearance and effect

We focus above mainstream

We have impact and raise the bar…

and repeat BEFORE this!!

We demonstrate robust risk-based pervasive security policy and architectures


Investment Emphases

Rebalance

Shift investment from intrusion detection to discovering and fixing vulnerabilities

Emphasis on security-at-design-and-build; forecasting and prototyping advanced threats (threat anticipation) plus:

Back two potential game changers

Trustworthy ICT and Autonomous Cyber Defence (HINDER)

All of which will fall short without operational and research partnerships


Data61 Perspective

Multi-disciplinary approach to cyber security

– Applying different lenses to problems/challenges

– Including user experience and cognitive science

Holistic view across people, process, technology and usability

Research and application partnerships

Merging NICTA and CSIRO Digital Productivity


Data61 Perspective

Data-driven Defences

Leveraging insights from empirical measurements to establish contextual and

situational awareness

Data-driven Security

Development of new techniques and tools to enable businesses as well as

consumers to protect their data in untrustworthy environments

Secure Software Design, Development and Deployment

Trustworthy systems

Security at design and build software, development environment and software

supply chain

Reducing Friction – Usable Security


ICT Supply Chain Security


The Australian Perspective

Australia sources all integrated circuits from overseas

Lack of resources for:

– designing

– fabricating

– testing chips

Majority of suppliers: Vendor Foundry Location 2014

Revenue 2014 Market Share

(%) TSMC Taiwan 25,175 53.7 UMC Taiwan 4,621 9.9 Globalfoundries U.S. 4,400 9.4 Samsung South Korea 2,412 5.1 SMIC China 1,970 4.2

Gartner report "Market Share: Semiconductor Foundry, Worldwide, 2014."


Threat: Hardware Trojans

Intentional modification of COTS electronic circuitry

– Penetration into our networks

– Undetectable by current methods

– Triggered at will by adversary

– Compromise operation and security of infected electronics systems

– Outcomes – Leak or Modify Information

– Reduce Effectiveness

» Kill switch

» Denial of service, degradation of service, integrity attacks, etc.

– Modify function

– Scale effects, e.g., broad spectrum network degradation across all Government networks

–


Threat Illustrations

State-sponsored (US Embassy Moscow, 1976 – 1984)

– Implant characterised data and transmitted to a local listening post

– Undetected for 8 years; many man weeks and thousands of X-Rays to find, despite tip-off


Threat Illustrations

Organised crime (UK 2008)

– ATM machines opened, tampered with and perfectly resealed at supply

– Electronics operated as normal, but also remotely captured and forwarded credit card details

– Only fortuitously discovered

Previously only a nation state's

intelligence service would have been

capable of pulling off this type of operation.

It's scary

US counterintelligence chief


DST Group Approach

Challenge 3 assumptions concerning ICT supply chain security

– Only state-sponsored actors would have the capability

– Trojans are “always on”

– Trojans are physically detectable

Develop deep understanding of issues

– Prototype future threats and demonstrate concepts

Develop complementary countermeasures


High Assurance ICT Requirements


UN

CLA

SS

IFIE

D

FO

UO

PR

OT

EC

TE

D

SE

CR

ET

…

TO

P S

EC

RE

T

High Assurance ICT

Requirements

• Integration across

multi-security levels

• High security and

safety requirements

Grave

consequences

• Strict evaluation and

accreditation

S o f t w a re

H a rd w a r e

100s of millions

of Lines of Code

Complexity

Components

with billions of

transistors

High assurance domains:


Security versus Usability

Guaranteed Correct

Fails Secure

Works in hostile environment

Agile Solutions

Cost Effective

Timely

Usable

Functional

…


Innovative Solutions through Partnership


Opportunity

• We have the opportunity to develop a sovereign Trustworthy

ICT capability

• Building on:

• DST Group: award-winning hardware approaches

• Data 61 (NICTA): seL4 world-class secure software

kernel-based approach

• And establishing new partnerships with Industry and Academia


DST Group Credentials

Small peripheral inserted between a host computer and a screen enables trusted video display (eg receive official comms in a foreign internet café)

Prototyping and demonstrating the hardware Trojan threat

A countermeasure: the Digital Video Guard (DVG)

Recognition: South Australian ICT Innovation Award 2014

Trials

Example: Digital Video Guard (DVG)


Data61 Credentials

Protecting critical mission operations from targeted attacks and latent software vulnerabilities

• Higher assurance cyber-physical system design using formal verification

• Applicable to other systems with mixed levels of trust

Air Team partners: Rockwell Collins, Boeing, Galois, University of Minnesota

Component architecture: functional isolation, enforced by seL4

Example: sel4 in DARPA HACMS program

Successful flight demo: 4 July 2015

DARPA Air Team project: US $18M


Approach

• Operate safely in the presence of unknown Hardware Trojans

• Combine COTS with a small amount of trustworthy hardware

and logic (a trustworthy computing base (TCB))

• Tradeoff between performance, size, complexity and security

• Combine with smarter architectural choices


UN

CLA

SS

IFIE

D

FO

UO

PR

OT

EC

TE

D

SE

CR

ET

…

TO

P S

EC

RE

T

S o f t w a re

H a rd w a r e

100s of millions

of Lines of Code

Complexity

Components

with billions of

transistors

Architectural Approach

TRUSTWORTHY

COMPUTING BASE

~7000 Lines of Code 10,000 Lines of Code

Medium Complex Circuit TCB Circuit

Trusted OS MLS Application


Example Joint Venture

The Cross Domain Desktop Compositor (CDDC)*

• A cross domain security solution for high-assurance

* Patent pending

• Deep knowledge of

Defence high-assurance

• Trustworthy hardware

• Trustworthy software

• Formally verified

system components


Vision - Multi-level Converged Desktop Trusted domain switch Trusted active domain label

Trusted window decorations


PROTECTED

Vision - Single Multi-Level Secure Email App

http://www.google.com.au/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=bwn2LEvPUp-BdM&tbnid=0sLCi3d3pfLDzM:&ved=0CAUQjRw&url=http://www.core77.com/blog/ux/studio_monikers_do_not_touch_interactive_video_celebrates_the_pending_demise_of_the_cursor_24744.asp&ei=fmGiU6mXJoyAoQS2tIHgAg&bvm=bv.69411363,d.cGU&psig=AFQjCNEXJnSehXqfIJsiNbdxWRODKCUryQ&ust=1403237106200680


Conclusion

• We require focused and innovative approaches to Cyber Security

• Hardware-based threats require attention

• Trustworthy ICT is considered a potential game-changer

• Highly assured Government and other systems need to be achieved in a

manner which enables digital transformation

• We have the opportunity to develop a sovereign Trustworthy ICT capability

through in-government, industry and academia partnerships

Thank you! please contact us for more info.

[email protected]

[email protected]

Dr Mike Davies Research Leader, Cyber Assurance

and Operations

Defence Science & Technology Group

Dr Jodi Steel Director – Cyber Security Business

Team (Government & Defence)

Data61, CSIRO

Gov innovate nov 2015 davies steel day 2

Technology

Transcript of Gov innovate nov 2015 davies steel day 2