Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Jim Basney
jbasney@ncsa.illinois.edu
&
cybersecurity resources
for your campus
Why Cybersecurity Matters: Trusted & Reproducible Science
Center for Trustworthy Scientific Cyberinfrastructure:
The NSF Cybersecurity Center of Excellence
● Mission: Provide the N...
DHS Software Assurance Marketplace (SWAMP)
● A no-cost resource to promote a more stable and secure software ecosystem
● 3...
SWAMP-in-a-Box
● An open source software distribution for
establishing a Continuous Assurance facility
on your campus
● Op...
Software Assurance in the Classroom
● Teaching secure coding practices to undergraduates and graduate students
● Students ...
Software Assurance for Scientific Cyberinfrastructure
● Software is critical to science and
"must be reliable, robust, and...
Cybersecurity Training for Scientists & CI Professionals
● Secure Coding Practices and Automated Assessment Tools (e.g., S...
Operating Secure Scientific Facilities
● CTSC engagements with NSF Large
Facilities: DKIST, Gemini, IceCube,
LIGO, LSST, L...
Cybersecurity for Science Gateways
● CTSC partnership with Science Gateway
Community Institute (SGCI): cybersecurity
educa...
11
Cybersecurity Guides and Tools
● Addressing concerns unique to science
● Policy templates:
Acceptable Use, Access Contr...
CTSC
engagements, guides,
email lists, blog,
annual summit,
monthly webinars,
and training on
cybersecurity for science
SW...
For more info...
https://trustedci.org https://continuousassurance.org
CTSC is funded by NSF award #1547272. SWAMP is fund...
You’ve finished this document.
Download and read it offline.
Upcoming SlideShare
Employer Brand Research powered by Randstad - Synthèse des Randstad Awards 2017
Next
Upcoming SlideShare
Employer Brand Research powered by Randstad - Synthèse des Randstad Awards 2017
Next
Download to read offline and view in fullscreen.

1

Share

CTSC+SWAMP: cybersecurity resources for your campus

Download to read offline

Center for Trustworthy Scientific Cyberinfrastructure (CTSC) and Software Assurance Marketplace (SWAMP): cybersecurity resources for your campus. Presented at the March 2017 CASC Spring Meeting.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

CTSC+SWAMP: cybersecurity resources for your campus

  1. 1. Jim Basney jbasney@ncsa.illinois.edu & cybersecurity resources for your campus
  2. 2. Why Cybersecurity Matters: Trusted & Reproducible Science
  3. 3. Center for Trustworthy Scientific Cyberinfrastructure: The NSF Cybersecurity Center of Excellence ● Mission: Provide the NSF community a coherent understanding of cybersecurity’s role in producing trustworthy science and the information and know-how required to achieve and maintain effective cybersecurity programs. ● Building Community: annual NSF Cybersecurity Summit, monthly webinars, blog, email lists, partnerships, benchmarking surveys ● Sharing Knowledge: alerts, guides, templates, best practices, training ● Collaborative Engagements: tackling cybersecurity challenges for science projects
  4. 4. DHS Software Assurance Marketplace (SWAMP) ● A no-cost resource to promote a more stable and secure software ecosystem ● 30 static analysis tools to check your code for weaknesses ● View results from multiple tools in one place, to identify and address the most important problems in your code ● Continuous Assurance: assess your code throughout the development lifecycle Miron Livny, MIR Jim Basney, NCSA Bart Miller, UW Von Welch, IU
  5. 5. SWAMP-in-a-Box ● An open source software distribution for establishing a Continuous Assurance facility on your campus ● Operate your own local SWAMP on your hardware behind your firewall ● Includes plugins for Eclipse & Jenkins ● Connect with your local AD/LDAP accounts or use CILogon/InCommon ● Try mir-swamp.org then install your own https://github.com/mirswamp/deployment
  6. 6. Software Assurance in the Classroom ● Teaching secure coding practices to undergraduates and graduate students ● Students use mir-swamp.org to analyize and improve their code ● Partnership with Prof. Lethia Jackson at Bowie State University in Maryland ○ https://morgridge.org/story/can-cybersecurity-crack-the-undergraduate-curriculum/
  7. 7. Software Assurance for Scientific Cyberinfrastructure ● Software is critical to science and "must be reliable, robust, and secure" (https://www.nsf.gov/cif21) ● Software Assurance is an important CTSC thrust (training, engagements, best practice guides, situational awareness) ● SWAMP is an important resource for CTSC (e.g., engagements with perfSONAR, SciGaP, OSG/HTCondor) https://trustedci.org/software-assurance/
  8. 8. Cybersecurity Training for Scientists & CI Professionals ● Secure Coding Practices and Automated Assessment Tools (e.g., SWAMP) ● Secure Software Engineering Practices ● Developing Cybersecurity Programs for Science Projects ● Incident Response and Log Analysis ● Federated Identity Management for Research Organizations https://trustedci.org/onlinetraining/ https://trustedci.org/trainingmaterials/
  9. 9. Operating Secure Scientific Facilities ● CTSC engagements with NSF Large Facilities: DKIST, Gemini, IceCube, LIGO, LSST, LTER, NEON, OOI ● NSF Large Facilities Security Working Group (established January 2017) ● Annual NSF Cybersecurity Summit (August 15-17 2017 in Arlington, VA) ● Open Science Cyber Risk Profile (https://trustedci.org/oscrp/) ● CTSC partnership with REN-ISAC for situational awareness
  10. 10. Cybersecurity for Science Gateways ● CTSC partnership with Science Gateway Community Institute (SGCI): cybersecurity education for gateway developers and operators ● CTSC engagement with SciGaP (https://trustedci.org/scigap/)
  11. 11. 11 Cybersecurity Guides and Tools ● Addressing concerns unique to science ● Policy templates: Acceptable Use, Access Control, Asset Management, Disaster Recovery, Incident Response, Inventory, Awareness, Physical Security, ... ● Risk assessment table ● Securing commodity IT ● Self-assessment Tool ● Identity Management Best Practices https://trustedci.org/guide
  12. 12. CTSC engagements, guides, email lists, blog, annual summit, monthly webinars, and training on cybersecurity for science SWAMP continuous assurance via mir-swamp.org and open source SWAMP-in-a-Box software distribution &
  13. 13. For more info... https://trustedci.org https://continuousassurance.org CTSC is funded by NSF award #1547272. SWAMP is funded by DHS award #FA8750-12-2-0289. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the United States Government or any agency thereof.
  • officialmanager

    Aug. 24, 2021

Center for Trustworthy Scientific Cyberinfrastructure (CTSC) and Software Assurance Marketplace (SWAMP): cybersecurity resources for your campus. Presented at the March 2017 CASC Spring Meeting.

Views

Total views

703

On Slideshare

0

From embeds

0

Number of embeds

7

Actions

Downloads

4

Shares

0

Comments

0

Likes

1

×