slide1
Download
Skip this Video
Download Presentation
THE IMPACT OF COTS COMPONENTS ON BUILDING TRUSTWORTHY SYSTEMS Arthur Pyster

Loading in 2 Seconds...

play fullscreen
1 / 19

THE IMPACT OF COTS COMPONENTS ON BUILDING TRUSTWORTHY SYSTEMS Arthur Pyster - PowerPoint PPT Presentation


  • 74 Views
  • Uploaded on

THE IMPACT OF COTS COMPONENTS ON BUILDING TRUSTWORTHY SYSTEMS Arthur Pyster Deputy Assistant Administrator for Information Services and Deputy Chief Information Officer. February 7, 2001. The FAA’s Job.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' THE IMPACT OF COTS COMPONENTS ON BUILDING TRUSTWORTHY SYSTEMS Arthur Pyster' - arabela-eddery


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

THE IMPACT OF

COTS COMPONENTS ON BUILDING TRUSTWORTHY SYSTEMS

Arthur Pyster

Deputy Assistant Administrator for Information Services and

Deputy Chief Information Officer

February 7, 2001

the faa s job
The FAA’s Job

Each day at 1000 staffed facilities, the FAA manages 30,000 commercial flights, using 40,000 major pieces of equipment, by 48,000 FAA employees, to safely move 2,000,000 passengers.

national airspace system
National Airspace System
  • ~ 500 FAA Managed Air Traffic Control Towers
  • ~ 180 Terminal Radar Control Centers
  • 20 Enroute Centers
  • ~ 60 Flight Service Stations
  • ~ 40,000 Radars, VORs, Radios, …
cio s security mission
CIO’s Security Mission

Protect the FAA’s information infrastructure and help the aviation industry reduce security risks through leadership in innovative information assurance initiatives

  • Establish and lead a comprehensive program to minimize information systems security risks
  • Ensure critical systems are certified as secure
  • Ensure all FAA staff and contractors know and do what is required to maintain information systems security
  • Ensure cyber attacks are detected and repelled and that successful attacks have minimal effect
  • Maintain effective outreach to industry, government, and academia
cots use within faa part 1
COTS Use within FAA (Part 1)
  • >$2B annually in IT acquisitions
  • Most recent and planned systems are heavily COTS-based; e.g.
    • FAA Telecommunications Infrastructure
    • National Airspace Systems Information Management System
    • Next generation messaging
    • Rapid movement towards TCP/IP-based networking and Oracle-based DBMS
cots use within faa part 2
COTS Use within FAA (Part 2)
  • Even many “custom” air traffic control systems may be used by air traffic control authorities in many countries
    • CTAS – advise order in which aircraft should land
  • COTS is key to rapid and affordable deployment of new capabilities
  • Almost all heavily proprietary systems are old legacy
    • ARTS – primary system for terminal air traffic control
cots related system vulnerabilities part 1
COTS-related System Vulnerabilities(Part 1)
  • Source code known to many outside FAA, but not to those inside FAA
  • Knowledge of source code not controlled by FAA
  • Security often an “afterthought” in commercial systems – security not often a commercial success criteria
  • New releases of software could introduce new vulnerabilities and invalidate old mitigations
  • Hackers often go after vulnerabilities in COTS components
cots related system vulnerabilities part 2
COTS-related System Vulnerabilities(Part 2)
  • COTS rely heavily on commercial protocols and standards that are widely known, making it easier to exploit vulnerabilities
  • Easily available tools and knowledge mean less sophisticated hackers can exploit many vulnerabilities in COTS components
  • Generality of COTS components makes them more likely to have vulnerabilities and to introduce new vulnerabilities when integrated with other components.
  • Built-in COTS security features can be widely implemented, reducing vulnerability!
faa s 5 layers of system protection

Personnel

Security

Physical

Security

Compartmentalization/

Information Systems Security

Awareness and Execution

Site Specific Adaptation

Architecture and Engineering

Redundancy

FAA’s 5 Layers of System Protection
and a generic iss service perspective

Access

Control

Authentication

Integrity

Awareness and Execution

Confidentiality

Architecture and Engineering

Availability

… and A Generic ISS Service Perspective
slide12

System Certification

&

Authorization Package

(SCAP)

Package

Prepare

SCAP

Conduct Risk &

Vulnerability

Assessments

Threat

Vulnerabilities

Likelihood

Impact

Sys Developer

or Owner

ISS

Certifier

C&A

Statements

  • Risk Management Plan
    • VA Report
  • IS Security Plan
  • ISS Test Plan & Summary Results
  • Protection Profile
  • Certification Statement

CIO

Certification

Agent

  • Certification Statement
  • Authorization Statement
  • Executive Summary

to

DAA

Deploy

Comprehensive Certification Process

integrated facility security

Shared Networks

Private Networks

Phone lines

Electronic

Barrier

Authenticated

& Authorized

Traffic

Service A

Service B

DSR

HOST

HOST

DARC

Manual

Service C

Secure

Facility

Boundary

Electronic

Barrier

Personnel

and Physical

Barrier

Integrated Facility Security
airport traffic control tower and airport surface movement

Current -2002

2003-2005

ATCT

TDW

SMA

)

(Air Traffic Display

Legend

AMASS/ASDE

Local

Wx

AWOS/

ASOS, ITWS)

Core INFOSEC

Core INFOSEC

Requirements

Requirements,

including Risk-driven

O-D

VPN

Wx

(Supervisor

NW

AC

Workstation)

TDLS-R WS

NAS Ops Data

Virtual

Network Access

Private Network

Control

E-IDS WS

Voice

Voice

(Airport Status

S

Switch

& Control)

Network

Screening

Strong

Service

Auth

of

ATCT (Local Info. Services

NW Users

and LAN Control)

Encrypted Interface

X

Plaintext

Interface

INFOSEC

Admin &

Management

Common Network Security Interface

X

O-D

X

NW

S

Removal of

Extranet

VPN

AC

Server

Malicious

Traffic from NW

Software Updates

Remote

O-D

Maintenance

VPN

WAN

O-D

VPN

ASDE

•Other FAA

Facs

O-D

TDWR

•AWOS/ASOS

VPN

Target Data from

TRACON/STARS to

TDW

ITWS

•ACARS DL

Airport Traffic Control Tower and Airport Surface Movement
selected ctas security measures
Selected CTAS Security Measures
  • Enable basic security measures in operating system
  • Shut off unused Internet protocols
  • Audit system use to detect unauthorized access or operation
  • Banners warn users about penalties for misuse
  • Virtual Private Network for secure communication
selected fti security requirements
Selected FTI Security Requirements
  • Basic Security Services
    • Confidentiality, Integrity, Availability
  • Optional Enhanced Security Services
    • Strong Authentication, Firewalls, Extranets, VPNs, Enhanced confidentiality and integrity, Closed user groups, Enhanced remote access
oracle8 i security features
Oracle8i Security Features
  • User Authentication
    • DB, external, OS, network, global, N-Tier
  • Password Management
    • Account locking, password aging, history and complexity checking
  • Fine Grained Access Control
    • Views, PL/SQL API, Virtual Private Database
  • Advanced Security Option
    • Data Privacy, Data Integrity, Authentication and Single Sign On, Authorization
certifying cots components
Certifying COTS Components
  • ISO Protection Profiles establish standard security requirements for classes of systems such as firewalls, databases, operating systems, and even for a generic information system
  • COTS components can be “certified” for compliance with Protection Profiles by an official body such as the National Information Assurance Partnership.
  • Custom components can use tailored versions of COTS-oriented Protection Profiles.
closing thoughts
Closing Thoughts
  • COTS present new security challenges daily, but use of COTS is key to rapidly and affordably delivering new services.
  • The 5-layers of FAA security implemented through a comprehensive certification process to achieve integrated facility security ensure the National Airspace System remains protected.
  • Greatest COTS research challenges:
    • Testing the security characteristics of black-box COTS components
    • Understanding the security properties of composed COTS components
    • Architecting COTS-based systems for security
ad