Security Engineering – Design Patterns and Operational Concepts

Dr. Peter Beling
Co-Principal Investigators:
Also referred to as “Systems Aware Cybersecurity”
Objectives: This effort has been in progress since 2011 and is currently focusing on four cybersecurity topics:
- Development of a prototype security system for securely monitoring an autonomous surveillance system on board an unmanned aerial vehicle for possible cyber attacks (emphasis on advanced persistent threats including supply chain and insider initiated attacks). Serves as an initial use case for a secure Sentinel-based architecture focused on monitoring and when needed, reconfiguring systems in response to cyber attacks at the system level (weapons systems, sensor systems, physical infrastructure systems).
- Exploring decision support methodologies for determining on a mission basis the most critical system functions to secure. Employing attack tree tools as well as SysML/UML tools to support the decision process.
- Developing cybersecurity CONOPS for operation of UAV’s that are possibly under attack. Simulation experiments are planned for Creech AFB and at UVA to gain an initial understanding of user issues and managing operator confidence in decision-making in situations where cyber support systems are thought to be under attack.
- Exploring the opportunity to apply private Cloud capabilities as a Sentinel for monitoring ground-based systems so as be able to readily employ moving target and diversity solutions to secure the Sentinel. In addition, exploring the use of tools to monitor Cloud performance related to latencies as a means for detecting out-of-norm situations that can be related to possible cyber attacks.
Approach: The project emphasizes the use of rapid prototyping to gain early visibility and understanding of the unique issues that cyber defense brings with it in parallel with longer term more basic research efforts that discover fundamental ways to improve upon the earlier work. Each of the topics described above is developing initial prototype applications, with emphasis on applications that are inter-related.
Application: The benefit of this project is the basis it establishes for introducing the System-Aware Security concept and the accompanying evaluation system into practice.
- SERC-2012-TR-028-1-Security Engineering
- SERC-2012-TR-028-2-Security Engineering
- SERC-2013-TR-036-2-Security Engineering: System Aware Cyber Security for an Autonomous Surveillance System On Board an Unmanned Arial Vehicle
- SERC-2014-TR-036-3-Security Engineering Project: System Aware Cyber Security for an Autonomous Surveillance System On Board an Unmanned Arial Vehicle
- SERC-2013-TR-036-1-Security Engineering Pilot
- SERC-2016-TR-156-Transition of System-Aware Technology into Practice (Task 1) and Mission-Level Cybersecurity and Solution & the Selection of Decision Support Tools (Task 2)
- SERC-2017-TR-114-Security Engineering – FY17 Systems Aware Cybersecurity
- SERC-2019-TR-002-Model-based Engineering for Functional Risk Assessment and Design of Cyber Resilient Systems
- SERC-2015-TR-110-System Aware Cybersecurity A Multi-Sentinel Scheme To Protect a Weapons Research Lab