Presented October 06, 2016- Presentation Slides
“DoD Perspective on Cyber Security and its Impacts on Installation Energy Management” by Dr. Michael Chipley
In March 2014, the DoD adopted the National Institute of Standards and Technology (NIST) Risk Management Framework and began the arduous task of developing the implementation guidance to migrate from the DoD Information Assurance Certification and Accreditation Process (DIACAP) to the Risk Management Framework (RMF). The application of the RMF to Industrial Control Systems is particularly challenging. This presentation provided an update on the progress made to include the publication of the NIST SP 800-82 R2, incorporation of the new DoD and NIST publications into the DHS CSET tool, integration of the Industrial Control Systems (ICS) overlay and security controls into the electronic Mission Assurance Support System (eMASS), and efforts underway to develop the Continuous Monitoring capability with support from CYBERCOM and DHS.
“Critical Energy Infrastructure Cyber Defense-in-Depth” by Mr. Kevin Jordan
Industrial control systems (ICS) within critical energy infrastructure are vulnerable to nation state actors and subject to advanced persistent threats. Currently, the “Code of Best Practices” approach is being used to defend against ICS intrusion. This presentation includes a discussion of the shortcoming of this approach, and how a fault and intrusion tolerant approach would mitigate the risks associated with even the most sophisticated cyber threats. We are engaged in a public-private partnership sponsored by the ESTCP to demonstrate an approach to secure ICS of an electric utility. Our approach incorporated five technologies in a layered defense from the Internet to the generator. Our demonstration will show how fault and intrusion tolerant systems can ensure greater resiliency and enable critical ICS to continue to function effectively under attack.
“Cyber-Security Integrity for Electric Grid Facilities Management” by Dr. Daniel Quinlan
Software is increasingly being integrated into hardware devices. Most software vendors define a process that includes certificate signing; however, the software (firmware) is routinely updated without any direct validation steps to check its integrity. Software integrated into critical devices is often of unknown origin and is assembled using libraries for which the source code is unavailable. Our demonstration will show how to mitigate risks specific to supply chain management of software embedded within critical infrastructure (both power substations and building automation systems). We will demonstrate how to test the firmware on devices which form critical components of the electric grid infrastructure. We have developed the ROSE framework for building tools specific to software analysis and transformations. We will show how this framework’s binary analysis capabilities can be used for firmware analysis and can be added to existing security assessments and best practices. Our work addresses a growing problem specific to supply chain integrity for modern devices that are increasingly controlled by software on the device in place of mechanical mechanisms. Ultimately, we demonstrated how to mitigate the risk of a cyber attack from software upgrades to both critical electric grid infrastructure and building automations systems.
Dr. Michael Chipley has over 33 years of consulting experience in Program and Project Management in the areas of Cybersecurity, Energy, Environmental and Sustainable Design (LEED, Energy Star and Carbon Footprint); Critical Infrastructure Protection and Analysis; Building Information Modeling (BIM) Technology; and Emergency Management/Disaster Recovery. He is trained as a SANS Global Industrial Control Systems Professional, a Project Management Professional, and a LEED Accredited Professional. Dr. Chipley is an active member in professional societies and teaches seminars and courses on IT and OT, security, and buildings systems convergence. For the past 5 years, he has been providing subject matter expert support to the Energy, Installations and Environment office, liaison to the DHS CSET and DoD CIO eMASS development teams to incorporate control systems into traditional IT processes, and developer/webmaster of the DoD CIO RMF Knowledge Service Portal EI&E Control Systems webpage. Dr. Chipley is the creator and instructor of several National Institute of Building Sciences and DHS workshops including “Introduction and Advanced Cybersecuring Building Control Systems”, “Cybersecuring DoD Control Systems” and “Your Buildings Have Been Hacked, Now What?”. He is also the author of the Whole Building Design Guide Cybersecurity Resource page as well as numerous DHS Building Infrastructure Protection Series (BIPS) publications.
Mr. Kevin B. Jordan (Col, USMC, Retired) has over 30 years of military experience in strategic planning, management, and operation of large command and control architectures. He and his wife, Dr. Dianne H. Jordan, founded Resurgo, LLC, a network engineering services company in 2011. The company has developed a rigorous life cycle methodology of cyber defense experimentation for complex, large scale networks and command and control systems for government and industry. Kevin developed and spearheaded Virtual Secure Enclave strategy, cyber defense-in-depth, and moving target defense concepts resulting in the successful experimentation, operational test, and live network demonstration of numerous advanced cyber defense prototype technologies. Resurgo, LLC is currently partnered with government and industry partners in several programs of research, development, and experimentation for the security of SCADA and industrial control systems. Kevin graduated with a B.A. in psychology from the University of Pennsylvania, and a M.A. in National Security Studies from the U.S. Naval War College.
Dr. Daniel Quinlan is a Research Scientist and leader of the ROSE project in the Center for Advanced Scientific Computing at the Lawrence Livermore National Laboratory. His research is in numerous areas that intersect computer science and mathematics. His research interests include compiler research and development of tools for custom analysis and transformation of source code and binary software. Dr. Quinlan earned his Ph.D. in Computational Mathematics from the University of Colorado.