Research talk I gave at Semiconductor Research Corporation workshop in September 2017. Here I set research goals to create a new type of security technology to protect autonomous systems.
Will Future Vehicles Be Secure?
There is active work within the automotive community to build security into the future connected and highly autonomous vehicles and several organizations are working on cybersecurity standards. Is it going to be enough to secure future vehicles?
Join me to explore the intricacies of securing cyber-physical systems. Challenge the notion that today's tools and best practices are enough to protect connected vehicles and transportation infrastructure. Finally, discover what the industry can do to take security research to the next level and ensure a safe, secure future of transportation.
In the last few years there have been increasing interest in security of modern vehicles with several high profile demonstrations of controlling breaking and steering of a vehicle remotely across large distances. A modern vehicle already consists of up to 100 ECUs and has 100 million lines of code and the complexity is only expected to increase. There have already been suggestions that we will see 300 million lines of code in a vehicle in 5 years. With the growth in complexity we will also see growth of the attack surface. Comparing to other digital or digitized industries such as datacenters, PC, mobile, Industrial Control Systems, automobiles have not yet been actively exploited, however vulnerabilities already have bene demonstrated by security researchers and when that happens such vulnerabilities quickly get weaponized opening door to consistent exploits. With the vehicles that weigh several tons and move such proposition is very scary and there is pressing need to advance security technology to prevent malicious actors from endangering human life.
Learning Outcomes:
Understand vehicle ECU and network architecture and challenges securing Highly Automated and Connected Vehicles
Describe modern end-to-end security architecture for connected vehicles
Understand evolution of the future security technologies
High dependability of the automated systemsAlan Tatourian
This is the second research talk I gave at the Semiconductor Research Corporation (SRC) in September. Here I bring to attention the need to solve problems of SW maintainability and of the self-adaptable but still reliable architectures. State of the art in the industry now is ‘fail-operational’ which is based on redundancy. We can build a better technology which will optimize itself based on some global minimum function and will be able to adapt both to external changes in the environment and internal operating conditions.
Functional Safety and Security process alignmentAlan Tatourian
This document discusses security and safety requirements for Intel systems. It describes performing threat analysis and risk assessment (TARA) along with hazard analysis and risk assessment (HARA) to define security and safety goals. Additionally, it proposes adding security mechanisms such as checking for file tampering and application trust when monitoring graphics systems to protect against threats.
Systems architecture with the functional safety/security emphasisAlan Tatourian
Systems Architecture with the Functional Safety-Security emphasis
I was asked to give a talk on the unification of Functional Safety (FuSa) and Security for which I replied that two disciplines cannot be viewed separately from Systems Engineering. Instead of talking about safety/security interop, I explained how to build complex systems and how these systems fail. Only when you understand that we do not know how to build absolutely reliable systems and that eventually anything you create fails, you can understand how to add reliability and security mechanisms to your solutions. The summary of the presentation is:
Envision how your solution will be operated
Design for maintainability
Add safety concept
Add security mechanisms
Build for failure
Securing future connected vehicles and infrastructureAlan Tatourian
Slides from a keynote I gave at AZ Infragard. Since this was a keynote, I tried to dazzle the audience by talking more about technology and portraying security only as part of the underlying architecture of cognitive autonomous systems.
This document provides an overview of key topics in automotive software and security:
1. Cars now contain over 1 gigabyte of software code due to increasing automation, connectivity and data analytics capabilities.
2. As vehicles become more connected and automated, software complexity and security risks will continue growing substantially over the next 10-20 years.
3. Developing highly reliable and secure automotive software requires addressing challenges across computing, embedded systems, and functional safety.
Security Architecture for Cyber Physical SystemsAlan Tatourian
The document discusses considerations for automotive cybersecurity. It begins with two quotes about trust and progresses through discussing technological advances, architecture goals, security goals, advanced design concepts, and concludes with an agenda. The document covers a wide range of topics related to automotive cybersecurity including hardware security, software security, safety and reliability, cryptography, and system architecture.
1) Autonomous vehicles require balancing supercomputing complexity, real-time performance, and functional safety.
2) Cyber-physical systems rely on four pillars: connectivity, monitoring, prediction, and self-optimization.
3) Ultra-reliable systems require qualities like self-healing, where the system can autonomously change its structure to maintain behavior despite failures.
Will Future Vehicles Be Secure?
There is active work within the automotive community to build security into the future connected and highly autonomous vehicles and several organizations are working on cybersecurity standards. Is it going to be enough to secure future vehicles?
Join me to explore the intricacies of securing cyber-physical systems. Challenge the notion that today's tools and best practices are enough to protect connected vehicles and transportation infrastructure. Finally, discover what the industry can do to take security research to the next level and ensure a safe, secure future of transportation.
In the last few years there have been increasing interest in security of modern vehicles with several high profile demonstrations of controlling breaking and steering of a vehicle remotely across large distances. A modern vehicle already consists of up to 100 ECUs and has 100 million lines of code and the complexity is only expected to increase. There have already been suggestions that we will see 300 million lines of code in a vehicle in 5 years. With the growth in complexity we will also see growth of the attack surface. Comparing to other digital or digitized industries such as datacenters, PC, mobile, Industrial Control Systems, automobiles have not yet been actively exploited, however vulnerabilities already have bene demonstrated by security researchers and when that happens such vulnerabilities quickly get weaponized opening door to consistent exploits. With the vehicles that weigh several tons and move such proposition is very scary and there is pressing need to advance security technology to prevent malicious actors from endangering human life.
Learning Outcomes:
Understand vehicle ECU and network architecture and challenges securing Highly Automated and Connected Vehicles
Describe modern end-to-end security architecture for connected vehicles
Understand evolution of the future security technologies
High dependability of the automated systemsAlan Tatourian
This is the second research talk I gave at the Semiconductor Research Corporation (SRC) in September. Here I bring to attention the need to solve problems of SW maintainability and of the self-adaptable but still reliable architectures. State of the art in the industry now is ‘fail-operational’ which is based on redundancy. We can build a better technology which will optimize itself based on some global minimum function and will be able to adapt both to external changes in the environment and internal operating conditions.
Functional Safety and Security process alignmentAlan Tatourian
This document discusses security and safety requirements for Intel systems. It describes performing threat analysis and risk assessment (TARA) along with hazard analysis and risk assessment (HARA) to define security and safety goals. Additionally, it proposes adding security mechanisms such as checking for file tampering and application trust when monitoring graphics systems to protect against threats.
Systems architecture with the functional safety/security emphasisAlan Tatourian
Systems Architecture with the Functional Safety-Security emphasis
I was asked to give a talk on the unification of Functional Safety (FuSa) and Security for which I replied that two disciplines cannot be viewed separately from Systems Engineering. Instead of talking about safety/security interop, I explained how to build complex systems and how these systems fail. Only when you understand that we do not know how to build absolutely reliable systems and that eventually anything you create fails, you can understand how to add reliability and security mechanisms to your solutions. The summary of the presentation is:
Envision how your solution will be operated
Design for maintainability
Add safety concept
Add security mechanisms
Build for failure
Securing future connected vehicles and infrastructureAlan Tatourian
Slides from a keynote I gave at AZ Infragard. Since this was a keynote, I tried to dazzle the audience by talking more about technology and portraying security only as part of the underlying architecture of cognitive autonomous systems.
This document provides an overview of key topics in automotive software and security:
1. Cars now contain over 1 gigabyte of software code due to increasing automation, connectivity and data analytics capabilities.
2. As vehicles become more connected and automated, software complexity and security risks will continue growing substantially over the next 10-20 years.
3. Developing highly reliable and secure automotive software requires addressing challenges across computing, embedded systems, and functional safety.
Security Architecture for Cyber Physical SystemsAlan Tatourian
The document discusses considerations for automotive cybersecurity. It begins with two quotes about trust and progresses through discussing technological advances, architecture goals, security goals, advanced design concepts, and concludes with an agenda. The document covers a wide range of topics related to automotive cybersecurity including hardware security, software security, safety and reliability, cryptography, and system architecture.
1) Autonomous vehicles require balancing supercomputing complexity, real-time performance, and functional safety.
2) Cyber-physical systems rely on four pillars: connectivity, monitoring, prediction, and self-optimization.
3) Ultra-reliable systems require qualities like self-healing, where the system can autonomously change its structure to maintain behavior despite failures.
This document provides an overview of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS), including fundamentals, evolution over time, vulnerabilities, security frameworks, good practices, and resources. It defines SCADA/ICS, describes how they have become more interconnected, lists vulnerabilities like outdated systems and remote access, outlines security standards like NIST and NERC, recommends practices like segmentation and patching, and provides example frameworks and resources.
Cybersecurity for modern industrial systemsItex Solutions
The document discusses cybersecurity for modern industrial systems. It outlines the history of control systems from early humans to modern technology. It notes current risks and threats that exploit weaknesses in these systems. The rapid growth of internet-connected devices poses challenges to ensuring stability. While virtually all cyber assets are vulnerable, cybersecurity expertise is in short supply. Achieving reliable safety requires standards, regulations, best practices, visibility of systems and sharing knowledge across industries and nations.
This document provides an overview of SCADA (Supervisory Control and Data Acquisition) security challenges and strategies. It describes common SCADA system components and functionality. It then discusses increasing cyber threats to SCADA systems from sources like hostile governments and employees. The document outlines various physical and cyber vulnerabilities in SCADA systems and components. It recommends security standards from organizations like NIST, ISA, and NERC to help mitigate risks. The document also provides guidelines on physical asset security and cybersecurity strategies.
Cyber & Process Attack Scenarios for ICSJim Gilsinn
Presented at the OPC Foundation's "The Information Revolution 2014" in Redmond, WA August 5-6, 2014
This presentation discusses the modes and methodologies an attacker may use against an industrial control system in order to create a complex process attack. The presentation then discusses some specific examples, both real and hypothetical. The presentation finishes with a description of some common ways in which an organization could defend itself against these types of attacks.
Industrial Control Cyber Security Europe 2015 James Nesbitt
The Industrial Control Cybersecurity conference consists of presentations and debate from some of the energy industry’s leading end users from Operational and IT backgrounds, Government influencers, leading cybersecurity authorities and some of the world’s most influential solution providers.
Key topics of discussion will pivot on convergence of operational and information technology transformation, design, implementation, integration and risks associated with enterprise facing architecture.
Further review includes the development of policy, operational and cultural considerations, maturity models, public and private information sharing and the adoption of cybersecurity controls.
2015 will provide further insight into how industry can further develop organisational priorities, effective methodologies, benchmark return on investment for cybersecurity procurement, supplier relationships and how to effectively deploy defense in-depth strategies.
We will introduce discussion on the latest attacks and hear from those who are responsible for identifying them. The conference will further address penetration testing, the art of detection and threat monitoring, incident response and recovery.
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
This talk is about how to get into ICS security, whether you’re a control system engineer or an IT security analyst. It will cover the basic paths you can take to get involved, including some helpful resources and standards to help get you started. The ICS Security industry needs more people to help protect Critical Infrastructure!
Presentation on findings of the annual survey of ICS Security professionals. Includes participant demographics, greatest ICS security threats, and security initiatives.
This document provides guidance for securing industrial control systems such as SCADA and DCS. It identifies threats and vulnerabilities to these systems and recommends security countermeasures. ICSs often control critical infrastructure systems and face risks due to increased network connectivity and standardized protocols. The document outlines developing a security program including assessing risks, deploying controls, and network segmentation best practices to isolate control systems from other networks.
The document discusses whether patching control systems is an effective security practice given the challenges of securing industrial control systems. It makes three key points:
1. Patching insecure-by-design devices provides minimal risk reduction since attackers can achieve their goals by exploiting legitimate system features rather than vulnerabilities.
2. Most industrial control systems operate within an insecure-by-design zone, so patching may not prevent attacks since attackers do not need to exploit systems to cause damage.
3. Many control system components have low impact even if compromised, so patching provides little benefit given the effort. Prioritizing patching for systems directly accessible from untrusted networks is recommended over broadly patching everything.
The document discusses cyber security issues related to industrial control systems (ICS) and critical infrastructures. It notes the increasing interdependence between critical infrastructures and the potential for cyber threats to cause disruptions. The document outlines the heterogeneous nature of ICS/SCADA environments and some historical reasons they were considered secure. However, technological changes like increased connectivity now expose these systems to threats. The document advocates a "defense-in-depth" approach to secure ICS, including segregating networks, controlling remote access, and adopting security practices from frameworks. Failure to properly secure ICS could allow threats to cause availability issues, data loss or corruption, and operational disruptions impacting public safety.
This document discusses an investor opportunity involving auditing industrial control systems (ICS) for security compliance based on the NIST SP 800-82 framework. It highlights the standard's 16 sections for assessing ICS security and provides brief explanations of requirements under sections like planning/policy/procedures, administrative controls, access control, and network architecture. The document promotes CyberDNA as a trusted partner that can help organizations meet the various technical and policy requirements for securely auditing and protecting their ICS environments.
The document discusses the use of Trusted Platform Modules (TPMs) to provide hardware-based security functions for automotive applications. It describes how TPMs can establish a root of trust to securely store keys, authenticate software, and provide a hardware-protected security environment. The document also outlines how TPMs integrate with software stacks and can help defend against threats to vehicles by providing features like encrypted storage, secure boot, and attestation of software integrity.
The document discusses secure embedded systems as a requirement for cyber physical systems and the internet of things. It begins by providing examples of attacks on modern embedded systems like cars, industrial control systems, smart grids, and medical devices. It then discusses trends increasing security risks for embedded systems like network connectivity and standardization. Finally, it outlines requirements for future secure embedded systems and describes techniques like hardware security modules, secure elements, physical unclonable functions, and trusted operating systems to provide security in embedded systems going forward.
The Industrial Internet is an internet of - things, machines, computers and people, enabling intelligent industrial operations using advanced data analytics for transformational business outcomes.
Industrial domain is expected to be largest consumer of IoT devices and systems in terms of value
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
This document provides information about the Industrial Control Cybersecurity conference to be held on October 13-14, 2015 in Sacramento, California. The conference will address key topics such as vulnerability detection and mitigation in critical infrastructure sectors like energy, oil, gas, electric and water. It will feature presentations from industry and government leaders as well as cybersecurity experts. The goal is to enhance public-private collaboration and information sharing to improve security of national infrastructure systems.
Cybersecurity Implementation and Certification in Practice for IoT EquipmentOnward Security
This document discusses implementing and certifying IoT equipment for security standards. It begins by outlining five notices for adopting IoT security standards, including explicitly defining relevant standards, determining which standards are needed, investments required, cooperation needed, and benefits of certification. It then provides FAQs and suggestions about adopting standards. Use cases of adopting standards for IoT devices and industrial IoT development processes are presented. The conclusion suggests that adopting standards can help conform to customer requirements, enhance competitiveness, build corporate image, and increase revenue. It invites any remaining questions.
Robust Cyber Security for Power UtilitiesNir Cohen
The security of critical networks is at the center of attention of industry and government regulators alike. Check Point and RAD offer a joint end-to-end cyber security solution that protects any utility operational technology (OT) network by eliminating RTU and SCADA equipment vulnerabilities, as well as defends against cyber-attacks on the network’s control and data planes. This solution brief explains how the joint solution enables compliance with NERC-CIP directives, provides deep visibility and control of ICS/SCADA communications, and allows secure remote access into OT networks.
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
This webinar will help you get more informed on PenTesting in SCADA and also best practices and methods used on risk assessment. Learning about the criticality in industry, makes you more flexible to boost the skills.
Main points covered:
• The SCADA ICS function in critical infrastructure industry
• Risk exposure of IT vs. SCADA ICS from Cyber Security Perspective
• Do's and don’ts of Vulnerability Assessment and Penetration Testing in SCADA ICS Environment
Presenter:
This webinar was presented by Pedro Putu Wirya, an IT and ICS Security Consultant with an extensive experience in ISMS, and PECB Certified Trainer.
Link of the recorded session published on YouTube: https://youtu.be/icq-RTwusZ8
1) The document discusses securing IoT devices and infrastructure through X.509 certificate-based identity and attestation, TLS-based encryption, and secure provisioning and management.
2) It describes securing the cloud infrastructure with Azure Security Center, Azure Active Directory, Key Vault, and policy-based access controls.
3) The document promotes building security into devices and infrastructure from the start through standards-based and custom secure hardware modules.
This document provides an overview of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS), including fundamentals, evolution over time, vulnerabilities, security frameworks, good practices, and resources. It defines SCADA/ICS, describes how they have become more interconnected, lists vulnerabilities like outdated systems and remote access, outlines security standards like NIST and NERC, recommends practices like segmentation and patching, and provides example frameworks and resources.
Cybersecurity for modern industrial systemsItex Solutions
The document discusses cybersecurity for modern industrial systems. It outlines the history of control systems from early humans to modern technology. It notes current risks and threats that exploit weaknesses in these systems. The rapid growth of internet-connected devices poses challenges to ensuring stability. While virtually all cyber assets are vulnerable, cybersecurity expertise is in short supply. Achieving reliable safety requires standards, regulations, best practices, visibility of systems and sharing knowledge across industries and nations.
This document provides an overview of SCADA (Supervisory Control and Data Acquisition) security challenges and strategies. It describes common SCADA system components and functionality. It then discusses increasing cyber threats to SCADA systems from sources like hostile governments and employees. The document outlines various physical and cyber vulnerabilities in SCADA systems and components. It recommends security standards from organizations like NIST, ISA, and NERC to help mitigate risks. The document also provides guidelines on physical asset security and cybersecurity strategies.
Cyber & Process Attack Scenarios for ICSJim Gilsinn
Presented at the OPC Foundation's "The Information Revolution 2014" in Redmond, WA August 5-6, 2014
This presentation discusses the modes and methodologies an attacker may use against an industrial control system in order to create a complex process attack. The presentation then discusses some specific examples, both real and hypothetical. The presentation finishes with a description of some common ways in which an organization could defend itself against these types of attacks.
Industrial Control Cyber Security Europe 2015 James Nesbitt
The Industrial Control Cybersecurity conference consists of presentations and debate from some of the energy industry’s leading end users from Operational and IT backgrounds, Government influencers, leading cybersecurity authorities and some of the world’s most influential solution providers.
Key topics of discussion will pivot on convergence of operational and information technology transformation, design, implementation, integration and risks associated with enterprise facing architecture.
Further review includes the development of policy, operational and cultural considerations, maturity models, public and private information sharing and the adoption of cybersecurity controls.
2015 will provide further insight into how industry can further develop organisational priorities, effective methodologies, benchmark return on investment for cybersecurity procurement, supplier relationships and how to effectively deploy defense in-depth strategies.
We will introduce discussion on the latest attacks and hear from those who are responsible for identifying them. The conference will further address penetration testing, the art of detection and threat monitoring, incident response and recovery.
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
This talk is about how to get into ICS security, whether you’re a control system engineer or an IT security analyst. It will cover the basic paths you can take to get involved, including some helpful resources and standards to help get you started. The ICS Security industry needs more people to help protect Critical Infrastructure!
Presentation on findings of the annual survey of ICS Security professionals. Includes participant demographics, greatest ICS security threats, and security initiatives.
This document provides guidance for securing industrial control systems such as SCADA and DCS. It identifies threats and vulnerabilities to these systems and recommends security countermeasures. ICSs often control critical infrastructure systems and face risks due to increased network connectivity and standardized protocols. The document outlines developing a security program including assessing risks, deploying controls, and network segmentation best practices to isolate control systems from other networks.
The document discusses whether patching control systems is an effective security practice given the challenges of securing industrial control systems. It makes three key points:
1. Patching insecure-by-design devices provides minimal risk reduction since attackers can achieve their goals by exploiting legitimate system features rather than vulnerabilities.
2. Most industrial control systems operate within an insecure-by-design zone, so patching may not prevent attacks since attackers do not need to exploit systems to cause damage.
3. Many control system components have low impact even if compromised, so patching provides little benefit given the effort. Prioritizing patching for systems directly accessible from untrusted networks is recommended over broadly patching everything.
The document discusses cyber security issues related to industrial control systems (ICS) and critical infrastructures. It notes the increasing interdependence between critical infrastructures and the potential for cyber threats to cause disruptions. The document outlines the heterogeneous nature of ICS/SCADA environments and some historical reasons they were considered secure. However, technological changes like increased connectivity now expose these systems to threats. The document advocates a "defense-in-depth" approach to secure ICS, including segregating networks, controlling remote access, and adopting security practices from frameworks. Failure to properly secure ICS could allow threats to cause availability issues, data loss or corruption, and operational disruptions impacting public safety.
This document discusses an investor opportunity involving auditing industrial control systems (ICS) for security compliance based on the NIST SP 800-82 framework. It highlights the standard's 16 sections for assessing ICS security and provides brief explanations of requirements under sections like planning/policy/procedures, administrative controls, access control, and network architecture. The document promotes CyberDNA as a trusted partner that can help organizations meet the various technical and policy requirements for securely auditing and protecting their ICS environments.
The document discusses the use of Trusted Platform Modules (TPMs) to provide hardware-based security functions for automotive applications. It describes how TPMs can establish a root of trust to securely store keys, authenticate software, and provide a hardware-protected security environment. The document also outlines how TPMs integrate with software stacks and can help defend against threats to vehicles by providing features like encrypted storage, secure boot, and attestation of software integrity.
The document discusses secure embedded systems as a requirement for cyber physical systems and the internet of things. It begins by providing examples of attacks on modern embedded systems like cars, industrial control systems, smart grids, and medical devices. It then discusses trends increasing security risks for embedded systems like network connectivity and standardization. Finally, it outlines requirements for future secure embedded systems and describes techniques like hardware security modules, secure elements, physical unclonable functions, and trusted operating systems to provide security in embedded systems going forward.
The Industrial Internet is an internet of - things, machines, computers and people, enabling intelligent industrial operations using advanced data analytics for transformational business outcomes.
Industrial domain is expected to be largest consumer of IoT devices and systems in terms of value
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
This document provides information about the Industrial Control Cybersecurity conference to be held on October 13-14, 2015 in Sacramento, California. The conference will address key topics such as vulnerability detection and mitigation in critical infrastructure sectors like energy, oil, gas, electric and water. It will feature presentations from industry and government leaders as well as cybersecurity experts. The goal is to enhance public-private collaboration and information sharing to improve security of national infrastructure systems.
Cybersecurity Implementation and Certification in Practice for IoT EquipmentOnward Security
This document discusses implementing and certifying IoT equipment for security standards. It begins by outlining five notices for adopting IoT security standards, including explicitly defining relevant standards, determining which standards are needed, investments required, cooperation needed, and benefits of certification. It then provides FAQs and suggestions about adopting standards. Use cases of adopting standards for IoT devices and industrial IoT development processes are presented. The conclusion suggests that adopting standards can help conform to customer requirements, enhance competitiveness, build corporate image, and increase revenue. It invites any remaining questions.
Robust Cyber Security for Power UtilitiesNir Cohen
The security of critical networks is at the center of attention of industry and government regulators alike. Check Point and RAD offer a joint end-to-end cyber security solution that protects any utility operational technology (OT) network by eliminating RTU and SCADA equipment vulnerabilities, as well as defends against cyber-attacks on the network’s control and data planes. This solution brief explains how the joint solution enables compliance with NERC-CIP directives, provides deep visibility and control of ICS/SCADA communications, and allows secure remote access into OT networks.
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
This webinar will help you get more informed on PenTesting in SCADA and also best practices and methods used on risk assessment. Learning about the criticality in industry, makes you more flexible to boost the skills.
Main points covered:
• The SCADA ICS function in critical infrastructure industry
• Risk exposure of IT vs. SCADA ICS from Cyber Security Perspective
• Do's and don’ts of Vulnerability Assessment and Penetration Testing in SCADA ICS Environment
Presenter:
This webinar was presented by Pedro Putu Wirya, an IT and ICS Security Consultant with an extensive experience in ISMS, and PECB Certified Trainer.
Link of the recorded session published on YouTube: https://youtu.be/icq-RTwusZ8
1) The document discusses securing IoT devices and infrastructure through X.509 certificate-based identity and attestation, TLS-based encryption, and secure provisioning and management.
2) It describes securing the cloud infrastructure with Azure Security Center, Azure Active Directory, Key Vault, and policy-based access controls.
3) The document promotes building security into devices and infrastructure from the start through standards-based and custom secure hardware modules.
Sfa community of practice a natural way of buildingChuck Speicher
A community of practice is natural way of building something through intuitive learning exercises ( lean development methodology) that people lack the knowledge to accomplish on their own.
These barriers to enabling new markets have always existed from ancient times to present day. The "community of practice" bridges technology processes and people to naturally solve what people need to know and learn quickly.
Multilayer security mechanism in computer networks (2)Alexander Decker
This document discusses multilayer security mechanisms in computer networks. It recommends a secure network system that uses security at three layers: application (end-to-end), transport, and network. At each layer, different protocols provide authentication, integrity, confidentiality, and other protections. When combined across layers, vulnerabilities in one layer cannot compromise other layers, strengthening overall security. Popular protocols mentioned for each layer include S/MIME, SSL, and IPSec.
Security for io t apr 29th mentor embedded hangoutmentoresd
The document discusses various topics related to security for Internet of Things (IoT) systems. It begins with an overview of the types of markets and applications that IoT spans. It then discusses secure data storage and transmission, authentication methods like secure boot, and threats faced by IoT devices at boot-time and run-time. Finally, it discusses approaches to enhance security including using ARM TrustZone and virtualization with a hypervisor.
With the advent of IoT and connected devices, there is an urgent need for a security framework that addresses major security goals of embedded devices. Security has to be an exercise built into the product development process instead of adding as an add-on feature.
ICC's unified IP data networking solution also layers into its solution security features with a range of capabilities for the customer to select from. Inclusive of WDS, VLANs, DoS attack prevention, and a host of other capabilities, ICC's icXchange networking solutions are full features without additional licensing for enterprise features.
ICC's security philosophy is based on creating multiple layers of security to make hacking financially unwise. This includes edge devices with built-in firewalls and intrusion detection, controller-based aggregation layers with authentication, encryption, and advanced routing options, and broadband connectivity using military-grade encryption. The solution helps customers maintain PCI compliance by providing wireless scanning, rogue access point detection and mitigation, wireless usage enforcement, and network segmentation.
This document discusses security issues related to the Internet of Things (IoT). It notes that as the number of connected devices grows, so too will cyber attacks targeting IoT devices, as they often contain personal information and have existing vulnerabilities. Common IoT security threats mentioned include denial of service attacks, malware, data breaches, and weakening of security perimeters. The document advocates addressing IoT security across all levels from devices to cloud infrastructure. It presents Intel's IoT security portfolio as providing comprehensive protection from physical attacks and cyber threats, including features like secure boot, whitelisting, encryption, and centralized management of devices and data.
Multilayer security mechanism in computer networksAlexander Decker
This document discusses multilayer security mechanisms in computer networks. It proposes a multilayered security architecture with security at the application layer using techniques like authentication and encryption, security at the transport layer using cryptographic tunnels between nodes, and security at the network IP layer to protect against external attacks. Specifically, it recommends an infrastructure with application layer security for end users, transport layer security for establishing encrypted tunnels, and network layer security to protect the whole system. The goal is for vulnerabilities in one layer not to compromise other layers.
11.multilayer security mechanism in computer networksAlexander Decker
This document discusses multilayer security mechanisms in computer networks. It proposes a multilayered security architecture implemented across three layers: application layer security using techniques like digital signatures and certificates; transport layer security using cryptographic tunnels; and network IP layer security. This layered approach limits the impact of attacks by making the compromise of one layer unable to impact other layers. Application layer security provides end-to-end protection using authentication, signatures, encryption, and hardware tokens. Transport layer security establishes encrypted tunnels between nodes using symmetric cryptography. Network layer security provides bulk protection from external attacks.
Next Generation Embedded Systems Security for IOT: Powered by KasperskyL. Duke Golden
In an increasingly connected world full of new IOT technologies, the security risks are becoming the single biggest challenge as we advance toward a fully tech-enabled society. Kaspersky's security strategy is always - SECURE BY DESIGN.
Next Generation Embedded Security for IOT - Powered by Kaspersky Secure OS. This presentation examines our "Secure by Design" alternative to legacy Microsoft / Linux OS - together with an end-to-end IOT security strategy. This presentation was originally given publicly at the CEBIT 2017 Event in Hannover, Germany.
From IT to IoT: Bridging the Growing Cybersecurity DividePriyanka Aash
With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed.
Learning Objectives:
1: Learn about the top IoT threats.
2: Discover how to address threats using new design process not old IT process.
3: Understand the security lifecycle differences between IT and IoT.
(Source: RSA Conference USA 2018)
The document discusses security challenges for connected and autonomous vehicles. It notes that vehicle systems are becoming more complex with more external connections, making security an increasing risk. It outlines the current and future vehicle architecture and connectivity. The document also summarizes research on automotive security threats over time, responses from the industry, and the need for new approaches to security as systems take on more cyber-physical functions. It argues that absolutely secure systems are impossible and systems should be designed to recover from compromise.
This document discusses network security solutions for Eximbank. It begins with an overview of network security and the need for an integrated defense-in-depth approach using firewalls, intrusion detection systems, antivirus software, vulnerability scanners, and centralized management. It then outlines types of attacks and provides a security blueprint. Specific solutions discussed include the Cisco PIX firewall, CheckPoint firewall, intrusion detection systems, antivirus systems, vulnerability scanners, and identity and policy management solutions. The document concludes with an overview of the proposed security design for Eximbank incorporating these various solutions.
The Security Fabric Alliance is an informal consortium dedicated to the deployment of "designed in security" for embedded systems in critical infrastructure.
It uses the NIST IR 7628 guidelines and the "tailored trustworthy space" as the basis for the Security Fabric Reference Architecture. The SFRA is discussed in detail in the slides herein.
Senior cyber security engineer with over 30 years of experience in technical management, hardware engineering, system and network engineering. Experience monitoring, analyzing, migrating, designing, consulting, deploying, troubleshooting and project/technical management of large network systems. Skilled in evaluating system vulnerabilities, compiling analysis, reporting threats, and recommending security improvements.
SCADA and HMI Security in InduSoft Web StudioAVEVA
The document discusses cybersecurity considerations for SCADA and HMI systems using InduSoft Web Studio. It begins with an agenda that includes enhancing cybersecurity on InduSoft projects and firewalls and other SCADA security considerations. The document then discusses guidelines for improving security on InduSoft projects such as implementing risk management processes, using strong passwords, encrypting sensitive data, and configuring appropriate network, database, file, and project security. It emphasizes the importance of cybersecurity awareness, training and certifications to enhance security.
Similar to Safe and secure autonomous systems (20)
Ever been troubled by the blinking sign and didn’t know what to do?
Here’s a handy guide to dashboard symbols so that you’ll never be confused again!
Save them for later and save the trouble!
Implementing ELDs or Electronic Logging Devices is slowly but surely becoming the norm in fleet management. Why? Well, integrating ELDs and associated connected vehicle solutions like fleet tracking devices lets businesses and their in-house fleet managers reap several benefits. Check out the post below to learn more.
Fleet management these days is next to impossible without connected vehicle solutions. Why? Well, fleet trackers and accompanying connected vehicle management solutions tend to offer quite a few hard-to-ignore benefits to fleet managers and businesses alike. Let’s check them out!
The Octavia range embodies the design trend of the Škoda brand: a fusion of
aesthetics, safety and practicality. Whether you see the car as a whole or step
closer and explore its unique features, the Octavia range radiates with the
harmony of functionality and emotion
What Could Be Behind Your Mercedes Sprinter's Power Loss on Uphill RoadsSprinter Gurus
Unlock the secrets behind your Mercedes Sprinter's uphill power loss with our comprehensive presentation. From fuel filter blockages to turbocharger troubles, we uncover the culprits and empower you to reclaim your vehicle's peak performance. Conquer every ascent with confidence and ensure a thrilling journey every time.
Welcome to ASP Cranes, your trusted partner for crane solutions in Raipur, Chhattisgarh! With years of experience and a commitment to excellence, we offer a comprehensive range of crane services tailored to meet your lifting and material handling needs.
At ASP Cranes, we understand the importance of reliable and efficient crane operations in various industries, from construction and manufacturing to logistics and infrastructure development. That's why we strive to deliver top-notch solutions that enhance productivity, safety, and cost-effectiveness for our clients.
Our services include:
Crane Rental: Whether you need a crawler crane for heavy lifting or a hydraulic crane for versatile operations, we have a diverse fleet of well-maintained cranes available for rent. Our rental options are flexible and can be customized to suit your project requirements.
Crane Sales: Looking to invest in a crane for your business? We offer a wide selection of new and used cranes from leading manufacturers, ensuring you find the perfect equipment to match your needs and budget.
Crane Maintenance and Repair: To ensure optimal performance and safety, regular maintenance and timely repairs are essential for cranes. Our team of skilled technicians provides comprehensive maintenance and repair services to keep your equipment running smoothly and minimize downtime.
Crane Operator Training: Proper training is crucial for safe and efficient crane operation. We offer specialized training programs conducted by certified instructors to equip operators with the skills and knowledge they need to handle cranes effectively.
Custom Solutions: We understand that every project is unique, which is why we offer custom crane solutions tailored to your specific requirements. Whether you need modifications, attachments, or specialized equipment, we can design and implement solutions that meet your needs.
At ASP Cranes, customer satisfaction is our top priority. We are dedicated to delivering reliable, cost-effective, and innovative crane solutions that exceed expectations. Contact us today to learn more about our services and how we can support your project in Raipur, Chhattisgarh, and beyond. Let ASP Cranes be your trusted partner for all your crane needs!
1. Safe & Secure Systems
SRC’s Automotive Cybersecurity and Autonomous Vehicles Workshop in Dallas
Wednesday, September 27
by Alan Tatourian
Member of SAE Vehicle Cybersecurity Committee
2. 2
Trustworthiness (NIST 800-160)
• Systems engineering provides the basic foundation for a disciplined
approach to engineering today’s trustworthy systems.
• Trustworthiness, in this context, means simply worthy of being trusted
to fulfill whatever critical requirements may be needed for a particular
component, subsystem, system, network, application, mission,
enterprise, or other entity.
• Trustworthiness requirements can include, for example, attributes of
safety, security, reliability, dependability, performance, resilience, and
survivability under a wide range of potential adversity in the form of
disruptions, hazards, and threats.
• Effective measures of trustworthiness are meaningful only to the extent
that the requirements are sufficiently complete and well-defined, and
can be accurately assessed.
5. 5
Information Security Goals
1. Auditing and logging
2. Authentication and authorization
3. Session management
4. Input validation and output encoding
5. Exception management
6. Cryptography and integrity
7. Data at rest
8. Data in motion
9. Configuration management
10. Incidence response and patching
• Together, these formulate the end-to-end security architecture for the product and thus should be
considered alongside one another—not in isolation. Also, each of the categories has many sub-
topics within it. For example, under authentication and authorization there are aspects of
discretionary access controls and mandatory access controls to consider. Security policies for the
product are an outcome of the implementation decisions made during development across these
nine categories.
6. 6
Main security requirements (per HW module)
• SoC
• Dedicated Security Core (HSM)
• Full cryptographic stack
• Discrete Execution Environments
Common Requirements: SoC, FPGA, ASIC
• Secure and fast boot
• Secure Debug
• Unique Device ID
• Anti-cloning and Tamper Protection
• Remote background ECU firmware update
• Remote Attestation
Customization
• IP protection and customizations
• DRM for Features
AI Security for Autonomous Driving
• Invariant-based IDS
7. 7
Vehicle Reference Security Architecture
4G/5G DSRC
Connectivity
Gateway
(OTA)
Head Unit
Display
SDC ECU
Instrument
Cluster
Display
Central
Gateway
ADAS/AD ECU
Powertrain
DC
Body DC
Chassis DC
EDR
Smart
Charging
Laptop
Tablet
Smart
Phone
Secure off-board communication
Secure on-board communication
Secure boot, storage, cryptographic services
Firewall
Download Manager (OTA)
Intrusion Detection & Prevention System (IDPS)
Secure Monitoring & Logging
Secure Synchronized Time Manager
TCU
8. 8
Defense in Depth
Occupant safety
Surround sensors
Brake control system
Electric power steering
CAN bus
V2X antenna
Mobile Devices
ISP
BS
BSGPS
Electric Chargers
Fast cryptographic performance
Device identification
Isolated execution
(Message) Authentication
Virtualization
Hardware security services that can be used by applications
Platform boot integrity and Chain of Trust
Secure Storage (keys and data)
Secure Communication
Secure Debug
Tamper detection and protection from side channel attacks
Hardware security building blocks
Over-the Air Updates/Background Reflashing
IDPS / Anomaly Detection
Network enforcement, VPN and secure tunnels
Certificate and Key Management
Antimalware and remote monitoring
Biometrics
User/operator authentication and access control
Software and Services
Security features in the silicon, for example Memory Scrambling, Execution
Prevention, etc.
Defense in Depth
HardwareRootofTrust
Analog security monitoring under the CPU
11. 11
Functional Safety & Security Architecture• There are 3 sides of security:
• Automotive SDL (aligned with FuSa)
• System hardening (similar to FuSa, the goal is to ensure there are no single points
of failure)
• Security features (encryption, signatures, etc. – working with FuSa is very
important to prevent false positives)
• All of these have to be considered during system lifecycle from conception
through design and to maintenance while the system is in the wild (for at
least 15 years!!!).
• Security should not be viewed in isolation from the system design and other
inputs including safety, privacy, survivability, etc. (slide with the umbrella).
Product Heterogeneous Architecture
Safety Island
Security Island
(PKCS 11, FIPS 140-2 L2/3)
FuSa (ISO 26262)SDL (ISO 21434)
ASIL Security
Process
Safety/Security
Architecture
Device
Reliability &
Trustworthiness
Process
Platform Hardening for
Safety and Security
Safety & Security
Architecture
FuSa (ISO 26262)
Functional SafetySecurity
Self-Test and Recovery
(STAR)
Safety Island
SDL (ISO 21434)
The principle of least
privilege (POLP)
Security Island
Platform
12. 12
Functional Safety and Security Helping Each-
Other
Security threats
affecting safety
Security measures
helping safety
Safety measures
helping security
Safety measures as
vulnerable points for
security attacks
Attackers can disable/modify or affect
safety critical functions or breach
Freedom from Interference (FFI)
Attackers can activate safety
mechanisms to attack the safety-critical
function (deploy airbags)
Message authentication in a safety-
critical communication
Attacks interpreted as faults and
detected by a safety mechanism.
13. 13
Safety and Security can be at odds
• Safety encourages stable software versions while security encourages
updates, breaking safety certification/qualification.
• While safety implicitly expects that access should be easily possible for
a quick and easy analysis, security would restrict access as strictly as
possible via authentication and authorization mechanisms.
• Security mechanisms add latency, for example fast boot where TPM
initialization (measurement) adds valuable time.
• Another feature of security is the question of how a safe state should
be defined in the event of an error. To meet the protection objectives of
confidentiality and integrity, it is conceivable that operation should be
shut down in the event of an error; however, this immediately causes
conflict with the protection objective of availability.
Cannot isolate security and functional safety
from the system architecture
14. 14
1. Interactive computing.
2. Time sharing.
3. User authentication.
4. File sharing via hierarchical
file systems.
5. Prototypes of ‘computer
utilities’.
Emerging
concerns
1. Access controls
2. Passwords
3. Supervisor state
Security
Technologies
1960s
1. Packet networks
(ARPANET)
2. Local networks (LANs)
3. Communication secrecy
and authentication
4. Object-oriented design
5. Multilevel security
6. Mathematical models of
security
7. Provably secure systems
1. Public key cryptography
2. Cryptographic protocols
3. Cryptographic hashes
4. Security verification
1. Adoption of TCP/IP
protocols for the Internet
2. Exponential growth of
Internet
3. Proliferation of PCs and
workstations
4. Client-server model for
network services
5. Viruses, worms, Trojans,
and other forms of
malware
6. Buffer overflow attacks
1. Malware detection
(antivirus)
2. Intrusion detection
3. Firewalls
1. World Wide Web
2. Browsers
3. Commercial transactions
4. Data repositories and
breaches
5. Portable apps and scripts
6. Internet fraud
7. Web-based attacks
8. Social engineering and
phishing attacks
9. Peer-to-peer (P2P)
Networks
1. Virtual private networks
(VPNs)
2. Public-key infrastructure
(PKI)
3. Secure web connections
(SSL/TLS)
4. Biometrics
5. 2-factor authentication
6. Confinement (virtual
machines, sandboxes)
1. Botnets
2. Denial-of-service attacks
3. Wireless networks
4. Cloud platforms
5. Massive data breaches
6. Ransomware
7. Malicious adware
8. Internet of things
9. Surveillance
10. Cyber warfare
1. Secure coding and
development processes
2. Threat intelligence and
sharing
3. Adware blocking
4. Denial-of-service mitigation
5. WiFi security
1970s 1980s 1990s 2000s
Here’s our final security toolkit, we are good!!!
Any new ideas in the last 20 years?!
15. 15
And after all we’ve done, there is this!
1980 1985 1990 1995 2000 2005
Source: escrypt
Increasing digitalization and
digital integration
Security
Escalation:
Hypothetical vulnerabilities
identified
Security threats become
relevant in practice
Regular security breaches with
severe damages
ICS-CERT
(2008)
20152010 2020
???
CAESS
(2010)
GSM Interface
Exploit (2015)
Stuxnet and Duqu
(2010/11)
German Steel Plant
(2014)
AS/1 Card
Cracking (2009)
IMSI Catcher, NSA
iBanking (2014)
Cabir, Premium
SMS Fraud (2008)
DOS via SMS
DoCaMo (2008)
I Love You
(2010)
Heart Bleed
(2014)
Sasser
(2004)
Melissa
(1999)
Michelangelo
(1992)
Leandro
(1993)
Brain
(1986)
F. Cohen
(1981)
Confliker
(2008)
NSA, PRISM Reign
(2014)
SQL Slammer
(2003)
Code Red
(2001)
Morris Worm
(1988)
Tribe Flood DDOS
(1998)
CCC BTX Hack
(1984)
Creeper
(1971)
16. 16
Cryptography != Security
• Whoever thinks his problem can be solved using cryptography, doesn’t understand his problem and doesn’t understand cryptography.
• – Attributed by Roger Needham and Butler Lampson to each other
Security is much more than cryptography!
Here’s an example of mitigation techniques of vulnerabilities in SW:
Type 0 – Strong Mitigation: End a bug class
Type 1 – Weak Mitigation: End an exploitation technique
Type 2 – Attack Surface Reduction: Remove a set of exposed functionality
Type 3 – Chain Extension: Increase the number of bugs required in an exploit
Cryptography rots, just like food. Every key and every algorithm has shelf time. Some have very short shelf time.
• How long do you need your cryptographic keys or algorithms to be secure? – this is cryptography shelf life (x
years)
• How long will it take to extract secrets out of your system? – this is the end of honeymoon (z years)
• What are your parameters to reduce attack surface and to update keys or algorithms? - (pronounced Xi)
𝐼𝑓 𝑧 < 𝑥 + 𝜉, 𝑖𝑚𝑝𝑟𝑜𝑣𝑒 𝑦𝑜𝑢𝑟 𝑎𝑟𝑐ℎ𝑖𝑡𝑒𝑐𝑡𝑢𝑟𝑒 𝑎𝑛𝑑 𝑖𝑛𝑓𝑟𝑎𝑠𝑡𝑟𝑢𝑐𝑡𝑢𝑟𝑒!
Vulnerabilities: Starts slow,
Then speeds up!
Bugs: Starts fast,
Then slows down
The Honeymoon Effect
17. 17
• What is intelligence?
• Intelligence is a force, or at least it can be modelled as a force, that maximizes future freedom of action either in thermodynamic terms if you
are a statistical physicist or in information terms if you are a computer scientist.
• Intelligent behavior can be defined as a force that tries to climb a gradient landscape and maximize the future freedom of action.
The question of whether Machines Can Think… is about as relevant as the question of
whether Submarines Can Swim.
‒ Edsger W. Dijkstra
Call for Research: AI
1. Develop AI which provides deterministic categorization and decisions (I see a human, and not ‘human: 75%,
horse 3%, I have no clue 1.8%’)
2. Develop AI which can construct contextual explanatory models (I see a human about to cross the road because…)
3. Develop AI causality (A boy threw a ball, a ball may roll to the road, a boy may run after the ball)
4. At a system level, constrain AI to a bounding box to ensure correct behavior of the moving vehicle
18. Call for Research: Self-HealingEmerging
concerns
(New!)Security
Technologies
Attacks against Cyber-Physical Systems (CPS):
1. Autonomous vehicles
2. Smart communities
3. Aviation and transportation
4. Robots
5. Drones
6. Infrastructure
• Self-adaptive Systems which can evaluate and modify their
own behavior to improve efficiency, and which can self-heal.
• Multi-agent Systems, a loosely coupled network of software
agents that interact to solve problems, are resilient and
partition tolerant.
• Self-optimizing Systems based on Artificial Intelligence
(Genetic Algorithms?).
From around 2015 through present time
In information technology, self-healing describes any device or system that has the ability to perceive that it is not operating correctly and,
without human intervention, make the necessary adjustments to restore itself to normal operation. IBM, for example, is working on an
autonomic computing initiative that the company defines as providing products that are self-configuring, self-optimizing, and self-
protecting - as well as self-healing. For all of these characteristics together, IBM uses the term "self-managing."
Every 30 years there is a new wave of things that
computers do. Around 1950 they began to model
events in the world (simulation), and around 1980
to connect people (communication). Since 2010
they have begun to engage with the physical
world in a non-trivial way (embodiment – giving
them bodies).
– Butler Lampson, Microsoft Research
Editor's Notes
From Physically Unclonable Functions - Constructions, Properties and Applications
AI: Resilience and Security in Cyber-Physical Systems: Self-Driving Cars and Smart Devices
Karthik Pattabiraman
University of British Columbia
2017
https://youtu.be/O6NKY2oE99M
This is a joint Microsoft/Nvidia research. The first half of the talk is entirely on functional safety and resilience of DNNs, the second describes invariant-based Intrusion Detection System.
Safety and security share the common goal of protecting integrity – meaning, the correct and intended functionality of the system against failures, errors, and mainly external influences. Security usually has more goals and other assets to protect, but in this area one finds the greatest overlap. Towards meeting this objective, both use a similar set of mechanisms, methods and resources, e.g. adding redundancy, monitoring, testing, and verification. Naturally, if applied independently, this often results in conflicts since both disciplines need access to the same set of limited resources: bandwidth of communication, storage space, processing time, access to flash and RAM, and others.
It can be seen that, while the basic goal of preserving ‘Integrity’ remains the same across the disciplines, the methods employed by safety and security may conflict in the actual application. One good example is the ease of access to system resources. While safety implicitly expects that access should be easily possible for a quick and easy analysis, security would restrict access as strictly as possible via authentication and authorization mechanisms. In many cases, this can be resolved by granting authorization specifically to valid safety-monitoring entities at the cost of added (management) overhead. Nevertheless a trade-off needs to be found between allowing access for legitimate and authorized safety features while preventing an attacker from using this access to violate security goals. In order to distinguish a valid safety-mechanism from an attack, a codesign for safety and security mechanisms is necessary with need for compromise on both sides. Some safety mechanisms need re-evaluation, as to whether they can be used in presence of security needs.
]T. Gu, M. Lu, L. Li, Extracting interdependent requirements and resolving conflicted requirements of safety and security for industrial control systems, 1st International Conference on Reliability Systems Engineering (ICRSE), Beijing, China, 2015
Every 30 years there is a new wave of things that computers do. Around 1950 they began to model events in the world (simulation), and around 1980 to connect people (communication). Since 2010 they have begun to engage with the physical world in a non-trivial way (embodiment – giving them bodies).
Butler Lampson, Microsoft Research
Cybersecurity Is Harder Than Building Bridges
References
Anti-Phishing Working Group. 2015. Phishing Activity Trends Report 1st-3rd Quarters 2015: Unifying the Global Response to Cybercrime. https://docs.apwg.org/reports/apwg_trends_report_q1-q3_2015.pdf
American Society of Civil Engineers. 2013. 2013 Report Card for America’s Infrastructure. http://ascelibrary.org/doi/pdf/10.1061/9780784478837 Website:http://www.infrastructurereportcard.org/a/#p/home
Briscoe, B., A. Odlyzko, and B. Tilly. 2006. Metcalfe’s law is wrong. IEEE Spectrum (posted July 1). http://www.spectrum.ieee.org/jul06/4109
Cohen, F. 1985. Computer viruses. PhD dissertation, University of Southern California, 1986. http://all.net/books/Dissertation.pdf
The Center for Strategic and International Studies and McAfee. 2014. Net Losses: Estimating the Global Cost of Cybercrime.http://www.mcafee.com/hk/resources/reports/rp-economic-impact-cybercrime2.pdf
CVE Details. 2015. Top 50 products by total number of “distinct” vulnerabilities in 2015. https://www.cvedetails.com/top-50-products.php?year=2015
Denning, P. J. 2016. Fifty years of operating systems. Communications of the ACM 59(3):30–32.
Howard, M., and S. Lipner. 2006. The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software (Developer Best Practices). Redmond, WA: Microsoft Press.
Jardine, E. 2015. Global Cyberspace Is Safer Than You Think: Real Trends in Cybercrime. Centre for International Governance Innovation and Chatham House.https://www.cigionline.org/sites/default/files/no16_web_1.pdf
Lampson, B. 2015. Perspectives on protection and security. Lecture, SOSP History Day, Monterey, California, October 4, 2015.http://dl.acm.org/citation.cfm?doid=2830903.2830905
Lemos, R. 2015. Pre-installed Android malware raises security risks in supply chain. eWeek September 1. http://www.eweek.com/security/pre-installed-android-malware-raises-security-risks-in-supply-chain.html
Netmarketshare. 2015. Desktop operating system market share. Accessed 1/22/16. https://www.netmarketshare.com/operating-system-market-share.aspx
Olenick, D. 2015. Companies leaving known vulnerabilities unchecked for 120 days: Kenna. SC Magazine September 30.http://www.scmagazine.com/companies-leaving-known-vulnerabilities-unchecked-for-120-days-kenna/article/441746/
Prevoty, Inc. 2015. The Impact of Security on Application Development: 2015 Survey Report. http://info.prevoty.com/impact-of-security-on-agile-development-report
SANS Institute. 2015. CIS Critical Security Controls for Effective Cyber Defense. https://www.sans.org/critical-security-controls/
Shephard, D. 2015. 84 fascinating and scary IT security statistics. Micro Focus March 16. https://www.netiq.com/communities/cool-solutions/netiq-views/84-fascinating-it-security-statistics/
Tehan, R. 2015. Cybersecurity: Data, Statistics, and Glossaries.Congressional Research Service Report R43310.https://www.fas.org/sgp/crs/misc/R43310.pdf
Wilshusen, G. C. 2015. Information security: cyber threats and data breaches illustrate need for stronger controls across federal agencies.Testimony before the Subcommittees on Research and Technology and Oversight, Committee on Science, Space, and Technology, House of Representatives. United States Government Accountability Office, GAO-15-758T. http://www.gao.gov/assets/680/671253.pdf
http://www.americanscientist.org/issues/pub/cybersecurity-is-harder-than-building-bridges/1