Developing Cyber Resilient Systems A Systems Security Engineering - PowerPoint PPT Presentation

NIST Special Publication 800-160, Volume 2 Developing Cyber Resilient Systems A Systems Security Engineering Approach NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

The Current Landscape… Today's systems are very brittle, rely on a one-dimensional protection strategy of penetration resistance, and are highly susceptible to devastating cyber-attacks. 2 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

The adversaries are relentless. 3 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Exfiltrate information. Preposition malicious code. Bring down capability. Create deception. 4 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

§ Resilient Military Systems and the Advanced Cyber Threat § Cyber Supply Chain § Cyber Deterrence Defense Science Board Reports 5 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Defending cyberspace in 2020 and beyond. 6 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

The Objective… Expand the cyber aperture to a multi- dimensional protection strategy that includes developing damage limiting system architectures and cyber resilient systems. 7 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

A New Paradigm… Cyber resilient systems operate more like the human body than a traditional finite state computing machine. 8 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Cyber Resiliency Engineering An emerging specialty systems engineering discipline, applied in conjunction with resilience engineering and systems security engineering to develop survivable, trustworthy systems. 9 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Cyber Resiliency. The ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources. 10 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Privacy Fault Tolerance Reliability Cyber resiliency relationships with other specialty engineering disciplines. Safety Security Resilience and Survivability 11 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Reducing susceptibility to cyber threats requires a multidimensional strategy. Harden the Limit damage System target to the target First Dimension Second Dimension Make the target resilient Third Dimension NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Cyber Resiliency and Security in the System Life Cycle. § Business or mission analysis § Stakeholder needs and requirements definition § System requirements definition § Architecture definition § Design definition ISO/IEC/IEEE 15288:2015 § System analysis Systems and software engineering § Implementation — System life cycle processes § Integration § Verification NIST § Transition SP 800-160 § Validation Volume 1 § Operation § Maintenance § Disposal 13 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Cyber Resiliency Constructs… • Goals • Objectives • Sub-Objectives Updated Definitions • Techniques SP 800-160 Volume 2 • Approaches • Strategic Design Principles • Structural Design Principles 14 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Bridging Two Communities… Risk Management Framework Systems Security Engineering 15 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

CYBER RESILIENCY SOLUTION GOALS OBJECTIVES Relationship RISK MANAGEMENT Anticipate Understand STRATEGY Withstand Prevent/Avoid Interpret, Among Cyber Organizational Level determine Recover Prepare Programmatic priorities of, Mission/Business Adapt Continue Resiliency Process Level and define Constrain strategies Reconstitute System Level for achieving Transform Constructs… Re-architect Can be further decomposed into Inform selection and prioritization sub-objectives and capabilities. Why What Inform selection and prioritization How STRATEGIC DESIGN Selection, prioritization, and application Linkage of PRINCIPLES informed by programmatic, operational, constructs and technical considerations, including captured in a Inform selection and prioritization threat considerations. series of tables TECHNIQUES APPROACHES STRUCTURAL DESIGN PRINCIPLES Inform selection and prioritization 16 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Coverage Analysis • Provides a mapping of the NSA/CSS Technical Cyber Threat Framework (NTCTF) against the cyber resiliency techniques and approaches. – Each of the 21 NTCTF adversary objectives is mapped against each of the 48 cyber resiliency approaches. – Illustrates how cyber resiliency techniques and approaches can affect threat events using the NTCTF. – Mapping identifies which, if any, of 15 effects on the adversary are applicable. 17 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Sample Coverage Analysis 18 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Use Cases • Provides several cyber resiliency use cases. – Self-driving car — Enterprise IT — Campus micro-grid • Discusses representative situations in which cyber resiliency is considered by systems security engineering. • Shows how cyber resiliency concepts and constructs can be interpreted and applied to that situation. • Illustrates how cyber resiliency solutions can be defined or how specific solutions can be applied. 19 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Real World Example: Ukraine Power Grid Attack For each step of attack, identifies potential cyber resiliency mitigations and representative technologies. 20 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

NIST Special Publication 800-160, Volume 2 Developing Cyber Resilient Systems A Systems Security Engineering Approach Final Public Draft Comment Period: September 4 through November 1 Comments to: sec-cert@nist.gov 21 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

100 Bureau Drive Mailstop 7770 Gaithersburg, MD USA 20899-7770 Email Mobile ron.ross@nist.gov 301.651.5083 LinkedIn Twitter www.linkedin.com/in/ronrossecure @ronrossecure Web Comments csrc.nist.gov sec-cert@nist.gov 22 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY