Visible to the public SoS Musings #8 - Need for Scientifically Backed SecurityConflict Detection Enabled

SoS Musings #8

Need for Scientifically Backed Security

At the request of the National Security Council, the President's National Infrastructure Advisory Council (NIAC) examined how federal authorities and capabilities can best be applied to improve cybersecurity of the most critical infrastructure assets. The report and cover letter sent to the President convey their findings. This appears to be a noble effort to use existing products and techniques to strengthen the infrastructure. In conjunction with this effort there needs to be scientific research which details what are the input assumptions for any product used and supporting evidence for any assurances made. As multiple sets of band aids are applied to the infrastructure it would be easy to unknowingly make it less secure and even more opaque with these efforts. Best in practice techniques are sometimes driven by folklore or proprietary knowledge. With the explosion of the Internet of Things it seems problematic that you could really achieve a separate fully secure infrastructure and give it the up to date capabilities it would require to perform in the way it would be intended.

The University of Illinois Urbana Champaign (UIUC) has been doing scientific research on networks and their work illustrates some of the research and knowledge needed including how to protect a network to make more secure, reliable, and safe. Several examples include:

Researchers are developing the analysis methodology needed to support scientific reasoning about the security of networks, with a particular focus on information and data flow security. The core of this vision is Network Hypothesis Testing Methodology (NetHTM), a set of techniques for performing and integrating security analyses applied at different network layers, in different ways, to pose and rigorously answer quantitative hypotheses about the end-to-end security of a network. To fully realize NetHTM, effective evaluation methodologies for large-scale and complex networked systems are needed. Using advances in scalable evaluation methodology and platform they used virtual-machine-based emulation and parallel simulation and developed DSSNet, and utilized it to evaluate the SDN-based self-healing ability in critical energy systems and study the impact of various cyber-attacks on network behavior.

A prototype design called Plankton that has the capability to predict and verify future behavior of networks including temporal properties has been developed. An APNet'17 paper details this research.

A summary of recent UIUC lablet research is available for review.