Security Engineering – Decision Support Tool
Dr. Barry Horowitz
Dr. Peter Beling
Dr. Cody Fleming
UVA is currently engaged in leading RT-172, a Systems Engineering Research Center (SERC) research project focused on developing design concepts for analysis tools intended to support DoD decisions regarding system resilience requirements related to cyber attacks. Providing resilience requires monitoring the states of a system to detect anomalous events and, when necessary and possible, reconfiguring the system to allow for continuing operation. The System-Aware cybersecurity approach to providing system resilience capabilities employs a highly secured Sentinel(s) to carry out the necessary monitoring and control functions for response to possible cyber attacks. Working collaboratively with ARDEC on RT-172, a specific weapon system has been selected as a use case for evaluating the qualities of the decision support system concepts being considered. Early research results have developed initial design concepts for the desired decision-support tool set and the research team has started to address the methodology that would be used to evaluate the qualities of prototype tools. In order to support sufficiently high fidelity tool set evaluations, a suitably large set of requirement options need to be developed and, for each option, a set of factors that would govern requirements decisions need to be analyzed. The factors to be considered include assessments of the resilience provided, predictions of implementation cost and complexity, and the anticipated deterrence regarding adversarial attack choices. It has been determined that in order to conduct realistic evaluations, including assessments of usability and user confidence in the tool’s outputs, the decision associated data regarding the factors related to resilience requirements need to be credible. In order to achieve the necessary data credibility it has been determined that a Sentinel prototyping effort should be initiated with the objective of utilizing the prototype design and prototype-based experiments to develop the needed quality of input data to the decision support tool evaluation process.
This task is intended to utilize a Sentinel prototyping/experimental activity as the basis for creating the needed decision support tool input data for resilience requirements evaluations related to the ARDEC weapon system under consideration. The research activity will involve determination of:
- The resilience solutions to be considered as potential weapon system requirements. In addition to solutions that have already been developed, additional solution features related to the selected weapon use case will be considered. In particular, the research team will initiate a research activity to address potential system resilience-related requirements for dynamically modifying Sentinel solution derivations based upon immediate situation-awareness considerations. Operator situation awareness could be based upon a variety of non-Sentinel sources such as information provided by mission intelligence sources and mission commander operational guidance.
- The design requirements for the prototype Sentinel so that it can effectively support evaluations of potential decision-support system concepts.
- The most effective way to experimentally select and collect pertinent data regarding system resilience
The results of this effort will be used to help populate the decision support tool effort with the needed data for decision-making. This effort will make use of the SysMl model that is already being developed to help determine cyber attacks that should be considered and measurement points that can be monitored for detecting attacks. In addition, the attack-related databases will be evaluated from the perspective of how well they support anticipation of attacks on physical systems. In addition, recommendations will be provided regarding improving decision support tool capabilities related to data requirements.
- Conference Paper - Cyber-Physical Systems Modeling for Security Using SysML
- Conference Paper - MISSION AWARE : Evidence-Based, Mission-Centric Cybersecurity Analysis
- Conference Paper - A Model-Based Approach to Security Analysis for Cyber-Physical Systems
- Conference Paper - A Systems Approach for Eliciting Mission-Centric Security Requirements
- Presentation - Prioritizing Cybersecurity Solutions for Cyber Physical Systems
- Presentation - Cybersecurity for Highly Automated Physical Systems
- Presentation - Silverfish Prototype Overview & Demo