TRUSTTeam for Research in Ubiquitous Secure Technologies

TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview Shankar Sastry (Berkeley), Ruzena Bajcsy (Berkeley), Sigurd Meldal (SJSU), Mike Reiter (CMU), Fred Schneider (Cornell), Steve Wicker (Cornell), John Mitchell (Stanford), Janos Sztipanovits (Vanderbilt) June 26-28, 2005 All Hands Meeting Attacks are growing in sophistication Serious hackers 2 TRUST All Hands Meeting June 26-28 2005 Attack Incidents [Reports to CERT/CC] 3 TRUST All Hands Meeting June 26-28 2005 The Internet in 1980 4 TRUST All Hands Meeting June 26-28 2005 The Internet Today http://cm.bell-labs.com/who/ches/map/gallery/index.html 5 TRUST All Hands Meeting June 26-28 2005 Bad Code + Big Networks = Problems Geographic spread of Sapphire worm 30 minutes after release Source: http://www.caida.org  CodeRed worm (Summer 2001) – Infected 360,000 hosts in 10 hours (CRv2) 90% of Internet scanned in <10mins TRUST All Hands Meeting June 26-28 2005 6  Sapphire/Slammer worm (Spring 2003) – Technology Generations of Information Assurance 1st Generation (Prevent Intrusions) Trusted Computing Base Access Control & Physical Security Multiple Levels of Security Cryptography Intrusions will Occur 2nd Generation (Detect Intrusions, Limit Damage) Some Attacks will Succeed Firewalls Intrusion Detection Systems Boundary Controllers PKI VPNs 7 3rd Generation (Operate Through Attacks) Intrusion Tolerance Graceful Degradation Big Board View of Attacks Real-Time Situation Awareness & Response Hardened Performance Core Functionality TRUST All Hands Meeting June 26-28 2005 TRUSTed Systems and Software TRUST is more than resistance to information attack:  Today’s systems and networks are fragile, difficult-tocompose and maintain: – Non-robust – Non-adaptive – Untrustworthy  Point failures bring down systems  Difficult, costly-to-compose useful systems from multiple components  Poor or nonexistent means for building reliable systems from necessarily unreliable components  Poor understanding of vulnerabilities of networks, performance under – and uncharacterized attacks  No clear history, pedigree on data, code TRUST All Hands Meeting June 26-28 2005 8 TRUST worthy Systems   More than an Information Technology issue Complicated interdependencies and composition issues – – – – Spans security, systems, and social, legal and economic sciences Cyber security for computer networks Critical infrastructure protection Economic policy, privacy   TRUST: “holistic” interdisciplinary systems view of security, software technology, analysis of complex interacting systems, economic, legal, and public policy issues Goals: – – – 9 Composition and computer security for component technologies Integrate and evaluate on testbeds Address societal objectives for stakeholders in real systems TRUST All Hands Meeting June 26-28 2005 Management Plan         11 Director Sastry, Berkeley Exec Director Raghavan, Berkeley Chief Scientist Schneider, Cornell Education Co-Directors: Sztipanovits, Vanderbilt and Meldal, SJSU Outreach Director: Bajcsy, Berkeley (staff lead: Humphreys) Financial and Project Manager: Sprinkle (Berkeley) Knowledge Transfer Coordinator: Birman (Cornell) Executive Committee: Sastry+ Mitchell (Stanford) +Reiter (CMU) +Sztipanovits+ Wicker (Cornell)+ Exec Dir +Chief Scientist+Ed Dir + Outreach Dir TRUST All Hands Meeting June 26-28 2005 Org Chart TRUST Director S. Sastry Program Manager Sprinkle Executive Committee Bajcsy, Meldal, Mitchell, Reiter, Schneider,Sztipanovits, Wicker External Advisory Committee Chief Scientist Fred Schneider Executive Director Raghavan Security Technology Coordinator Schneider Education Program Coordinator Sztipanovits & Meldal Systems Science Coordinator Schmidt Diversity & Outreach Coordinator Bajcsy Social Science Coordinator Samuelson Knowledge Transfer Coordinator Birman &Raghavan 12 Integrative Projects Coordinator Sztipanovits TRUST All Hands Meeting June 26-28 2005 Key Management Issues        13  Financial Planning and Decision Making External Advisory Board and Reviews Coordination and Strategic Plan Development Succession Plan for personnel moves: By-Laws for Ex Comm operation Enhancing Diversity on Ex Comm Outreach and Diversity: target setting, recruitment, monitoring, exit-tracking Intellectual Property Policy Ethics Policy TRUST All Hands Meeting June 26-28 2005 Strategic Financial Plan     14 Student Support $2.2 – 2.45 M – 30-40 students $ 2 – 2.25 M – 200K$ per research challenge area (3-5 students) – Outreach students $200K (6-10 undergrads, -5 grad students) Faculty Support $ 500 K – Release Time for key faculty – Summer Salary Center Staff, Travel, Meetings and Admin Support $ 750 K – Exec Dir., Prog Mgrs., Outreach, Education coordinators $ 500K – Travel, retreats $ 250K Outreach Activities $ 400 – 500K – School – Faculty Research Grants – Faculty training – Immersion Institute – Townhall meetings TRUST All Hands Meeting June 26-28 2005 Intellectual Property Policy     15 Vision:It is the intention of TRUST that the fruits of its research be widely and promptly disseminated with the goal of maximizing the impact of the research and its long term benefits to society. Ownership of inventions. Ownership will follow inventorship. Filing of Patents. Decision be made by authorized officials of the owners, taking into account recommendations of the trust Executive Committee. Licensing: Mainly D1, sometimes D2 – D.1 Non-exclusive royalty/fee-free license to all participants in the specific project in which the invention was made, including the payment of a pro-rata share of patent expenses. – D.2 Exclusive or co-exclusive, royalty and/or fee bearing license, including provisions for diligent development. TRUST All Hands Meeting June 26-28 2005 Possible Management Challenges      16   Non performance of research projects Downturn in economy resulting in less industrial support Unwillingness at some institutions to accept new curricula Outreach goals not being met Knowledge transfer goals not being met National or International Competitive Centers Shifts in campus priorities TRUST All Hands Meeting June 26-28 2005 Broad Research Vision Societal Challenges Privacy Critical Infrastructure Computer and Network Security TRUST will address social, economic and legal challenges Integrative Testbeds Network Security Testbed Power Grid Testbed Secure Networked Embedded Systems Testbed Specific systems that represent these social challenges. Software Security Component Technologies Complex Inter Dependency mod. Secure Network Embedded Sys Model -based Security Integration. Secure Info Mgt. Software Tools Econ., Public Pol. Soc. Chall. Forensic and Privacy HCI and Security 17 Network Security Trusted Platforms Applied Crypto graphic Protocols Component technologies that will provide solutions Secure Compo nent platforms TRUST All Hands Meeting June 26-28 2005 Research Implementation Plan  Security Science (Schneider) – – – – Software Security (Mitchell) Trusted Platforms (Boneh) Applied Cryptography Protocols (Wagner) Network Security (Joseph) Interdependency Modeling and Analysis (Anantharam) Secure Network Embedded Systems (Wicker) Model Based Integration of Trusted Components (Sztipanovits) Secure Information Management Tools (Birman) Economics, Public Policy and Societal Challenges (Varian) Digital Forensics and Privacy (Tygar) Human computer Interfaces and Security (Reiter) TRUST All Hands Meeting June 26-28 2005  Systems Science (Schmidt) – – – –  Social, Economic and Legal Considerations (Samuelson) – – – 18 Integration of Research Agenda  Four testbeds chosen to be responsive to national needs: Computer and network security, Critical infrastructure protection, Privacy (Sztipanovits coordinator) – – – – Integration testbed Secure Network Embedded Systems Planet Lab (Culler) Cyber Defense Technology Experimental Research testbed (DETER) (Benzel/Joseph/Sastry)  19  Technical Management Plan through time sensitive internal deliverables of software, systems among team members Exchange of scientific personnel among team TRUST All Hands Meeting June 26-28 2005 members Research Evaluation Objective Scientific Impact Technological Impact Timeliness Metric Publications, Presentations, Recognition Transitions, Industry interest Milestone completion Policy Papers, Legal Policy Freque ncy Annual Annual Semiannual Annual Social Impact 20 TRUST All Hands Meeting June 26-28 2005 Education Program Vision   Security must be consciously engineered into new and legacy critical infrastructure systems Every component level needs rethinking and education: need to build in TRUST: security science, systems science and social, legal, economic considerations into  21   every course in undergrad and grad curricula (“liberal” technologically literate education) Summer school, hallmark of TRUST for hottest new research Repositorying content developed Evaulation of Effectiveness TRUST All Hands Meeting June 26-28 2005 Course Work Development Strategy  Course work to have TRUST built in at all levels--undergrad, grad, advanced seminars. Repositories will be maintained professionally by the Vanderbilt System CAPE/ELM. – – – Security Science: operating systems, programming languages, cryptography, secure networking, … Social Sciences: Bringing policy, social, economic issues to student community: economics of information technology, information management, privacy and security Systems Science: “systems integration using software” curriculum needs to be developed from scratch, capstone design course for undergrads (or 5th year MS) NSA-NSF Cybersecurity Center of Excellence in Information Assurance Education to be developed at San Jose State, on going certification efforts for other Centers of Excellence at CMU TRUST All Hands Meeting June 26-28 2005 22 – Human Resource Development: leveraging our experience      23 Cornell has had partnerships with the Information Assurance Institute at AFRL, Rome CMU students have extensive access to Software Engineering Institute and CERT. Stanford has extensive interactions with USPS, Secret Service, and brings the Center for Strategic and International Studies for policy matters Vanderbilt runs the Institute for Software Integrated Systems and Institute for Public Policy Studies At Berkeley, we have the Center for Information Technology Research in the Interest of Society (CITRIS), aimed at bringing innovative technologies to societal scale systems TRUST All Hands Meeting June 26-28 2005 Education Implementation Plan Education Co-Directors: Sigurd Meldal, SJSU (undergraduate) and Janos Sztipanovits (graduate, summer school and other specialized training). supported by the Chief Scientist, Director, and Executive Director of the Center. K-12 High School Outreach material: Crutchfield and Humphreys (UC Berkeley)  Undergraduate Programs and Courses: Meldal (SJSU)  Graduate Programs and Courses: Sztipanovits (Vanderbilt)  Summer School: Schneider (Cornell)  Normative Assessment of Teaching Materials: Sztipanovits (Vanderbilt)  Textbooks and TRUST series of monographs: Schneider, Birman (Cornell) and Tygar (UC Berkeley)  TRUST All Hands Meeting June 26-28 2005 24 Education Implementation Plan (Sample) Details Year 1  Security Technology: Assess modules developed at Cornell and develop TRUST modules for use by all partner campuses in undergraduate courses Integrative Systems Science: plan new undergraduate and graduate course offerings Develop courses offered by the Cyber Law clinic with a special accent on privacy Seminar Style courses on Economic Incentives for Cybersecurity Develop graduate experimental courses in network defense including worm defense  Set up repository modules using Escher support. 25 TRUST All Hands Meeting June 26-28 2005 Workforce Training  Undergrad and Grad Student mentorship and development features – – – Exchanging students and postdocs REU activities at partner campuses Student Entrepreneurship clubs (Vertex, Bases)   Workshops, Summits in research challenge areas with infrastructure holders, industry partners Summer and Winter Educational Institutes and Retreats for TRUST – – 26 In-depth discussion of research challenge areas Testbed and integrative activities TRUST All Hands Meeting June 26-28 2005 Education Evaluation Metrics Goal K-12 Education Objective K-6 education Metrics School visits, Educational material, Teacher education Science fairs, Trust lectures, University visits Education Materials, Repository, Classroom testing Education Materials, Repository, Classroom testing Education Materials, Repository, Classroom testing, Cyber Clinic usage Education Materials, Repository, Classroom testing Frequency Bi-annual 6-12 education Bi-annual Undergrad Education Security Modules Annual Security Course Annual Capstone Course Annual 27 Graduate Education Security Course Annual Seminar Courses TRUST All Hands Meeting Respository Bi-annual June 26-28 2005 Outreach Vision and Goals It is an oft quoted adage that security is as strong as the weakesl link. Our aim is to have no weak links left in the education of our society about the technical, compositional, privacy, economic and legal aspects of trusted information systems. We will begin locally but spread our outreach as far as we can along as many diverse axes as we can. Current outreach and diversity efforts are piecemeal. We have a comprehensive solution K-6, 6-12 school outreach Summer research for HBCU/HSIfaculty Curriculum development for HBCU/HSIfaculty Undergrad Research Opportunities Grad Research Opportunities Summer Immersion Institute for women Community Outreach TRUST All Hands Meeting        28 June 26-28 2005 Outreach Strategy     29 K-12 Outreach: Berkeley Foundation for Opportunities in IT (BFOIT) for Oakland/Bay Area secondary schools Summer Research in Information Assurance for HBCU faculty: CMU as a Center of Academic Excellence in Information Assurance education has worked with Howard, Morgan State, UTEP, Hampton, Texas A&M, Corpus Christi, Cal State Fullerton: emphasizes both teaching and research at CyLab Curriculum Development for Hispanic Serving Institutions: NSA/NSF Center at SJSU in Information Assurance education Summer Internship for HBCU faculty in Systems Science (SIPHER): California Community Colleges, Fisk, Tennessee State, UAB, Morehouse, Spelman, Tuskegee, … TRUST All Hands Meeting June 26-28 2005 Outreach Strategy    Summer Undergraduate Program in Engineering Research at Berkeley (SUPERB). Undergrad research for students from institutions serving under-represented groups. Overwhelming demand for TRUST. Women’s Colleges: Summer Immersion Institute for students from Colleges like Mills, Smith with co-sponsorship of CRA-W Community Outreach: public “town hall” style forums about privacy and security, economic and legislative issues for secure systems. Engagement with local and state authorities, media and first responders. 30 TRUST All Hands Meeting June 26-28 2005 Outreach Implementation Plan Outreach Director Ruzena Bajcsy will be supported by Dr. Sheila Humphreys, who has had a long career supporting diversity and outreach activities.  K-12 outreach: educating teachers of grades K-6, educating kids about cyber security 6-12: Humphreys and Crutchfield  Summer Research in Information Assurance for HBCU/HSI Faculty: Reiter (CMU)  Curriculum Development for HBCU/Hispanic Serving Institutions: Meldal, Mitchell  Summer Internship for HBCU Faculty in TRUSTED Embedded Systems: Robinson  SUPERB-TRUST for undergraduate research: Humphreys  Women Only Universities Research: Bajcsy  Community Outreach: Sastry 31 TRUST All Hands Meeting June 26-28 2005 Outreach Assessment Metrics Minority faculty Research Guided Summer Program Number of faculty Exit Surveys Tracking surveys of alumni Accreditation, Modules transferred to other campuses Every 3 years Curriculum Development NSA certified program in IA modules Every 3 years Immersion Institute Attract more women students to TRUST and related fields Exit surveys, Tracking surveys of alumnae, Module development Exit surveys, Tracking surveys of alumni, Repeat visits Exit surveys, Tracking surveys of alumni, Grad school applications Every 3 years SIPHER-TRUST Research opportunities for minority grad students at non-partner institutions Research opportunities for minority undergrad students at non-partner institutions Every 3 years SUPERB-TRUST 32 Every 3 years TRUST All Hands Meeting June 26-28 2005 Knowledge Transfer Vision: TRUST as a Public Private Partnership  TRUST as trusted intermediary between industry, government, non-profit and academia for answering hard questions: – – – – Who will pay for security Should the Feds play the role of market maker Roadmaps for guiding investment The role of regulation/insurance Publications and software Short courses Public lectures and forums Curriculum development and courses TRUST All Hands Meeting June 26-28 2005  Open dissemination of research: – – 33 – – Key Infrastructures Chosen for Transition    34 Electric Power Infrastructures: SCADA networks and their evolution, wireless sensor network testbed at Oak Ridge, DoE’s DC net Financial Infrastructures: key partnerships with Secret Service and Treasury, USPS and financial institutions DoD’s Global Information Grid (GIG): key partnerships with Air Force (JBI), Command and Control (Constellation) networks TRUST All Hands Meeting June 26-28 2005 Technology Transfer Strategy to Start Ups, Industry and Infrastructure Stakeholders Strategies for improving tech transfer  Economic, Legal and Social Implications of TRUST technology built into technology  Testbeds to demonstrate robustness and scalability  Developing an eco-system with different constituencies by – – 35 – – Focused Workshops Strategic Investment Sessions between stakeholders, industry, government Internships for students in industry and infrastructure sectors Internships for post docs and faculty as entrepreneur incubators at venture partners TRUST All Hands Meeting June 26-28 2005 Knowledge Transfer Implementation Plan The overall Knowledge transfer coordination is Birman (Cornell) reporting in to the Ex Comm through Sztipanovits    Economic, Legal and Social Implications of TRUST technology: Tygar (UC Berkeley) Testbeds: Sztipanovits(Vanderbilt) Managing Relationships between the constituencies: – – – Financial: Mitchell (Stanford), Reiter (CMU), Sastry(UC Berkeley) Power: Sztipanovits(Vanderbilt), Wicker (Cornell) DoD: Birman, Sastry, Schneider (Cornell), Sztipanovits  36 Repository Management for Intellectual Property, Karsai (Vanderbilt) TRUST All Hands Meeting June 26-28 2005 Knowledge Transfer Evaluation Metrics Financial infrastructures Identify generic/unique features of TRUST issues, propose solutions, privacy issues Identify vulnerabilities of SCADA systems, propose secure network embedded systems solutions Stakeholder interest, stakeholder support Annual Electric power demand side infrastructures Stakeholder interest, Stakeholder support Annual Secure Global Information Grid Architectures Examine and critique proposed architectures, propose security architectures and solutions Making available intellectual property generated by the center Stakeholder interest, Stakeholder support Annual 37 Repository Management Industry, stakeholder, academic partner feedback Bi-Annual TRUST All Hands Meeting June 26-28 2005 Leadership and Outreach to other groups        38 EU-IST and US partnerships in dependability and TRUST OSTP/DHS/Treasury/DoE/DoD workshops Workshops for venture partners Special issues of ACM/IEEE/… ESCHER, a non-profit for repositorying TRUST software ACM-SIGBED Partnerships with Singapore (Nanyang) and Taiwan (National Chiao Tong and National Taiwan University) TRUST All Hands Meeting June 26-28 2005 Some Principles for TRUST    Funds go where the work is being done When new sources of funds are brought to the center, we will give some preference to the “finder” of the work and the funds will still go where the work is being done. There are no specific institutional entitlements from year 2 onwards 39 TRUST All Hands Meeting June 26-28 2005