For Immediate Release
Cyber Security Research Alliance and NIST Publish Cyber-Physical Systems
Research Findings from Recent Professional Workshop
Wakefield, Mass. – Nov. 20, 2013 – The Cyber Security Research Alliance (CSRA) today released a 60-page report and findings from industry, government and academic cyber security researchers derived from a recent two-day "Designed-in Cyber Security for Cyber-Physical Systems" workshop held jointly between CSRA and the National Institute of Standards and Technology (NIST). The findings lay out a logical roadmap for designing security into varied IP-based systems and platforms increasingly targeted by cyber attackers.
Cyber Physical Systems (CPS) includes, but is not limited to, the following: industrial controls, data communications, and other IT systems that support critical infrastructure operations such as utilities and communications. To ensure trustworthy critical infrastructure operations, these recommendations were outlined in the report:
- Understand the field of CPS by creating taxonomy
- Develop a notion of valid and optimal CPS architectures
- Develop more resilient and responsive CPS
- Establish approaches to security and trust composition for coherent in-domain and cross-domain operations
- Establish metrics and assessment models
- Establish new methodologies to study CPS supply chain and provisioning
- Collect and streamline best practices
- Define standards for greater uniformity of security functions and better interoperability
- Define economic and business incentives for secure CPS
- Establish cyber physical curricula for studying CPS to ensure supply of skills and expertise
"The collaboration among cyber security researchers and stakeholders was critical as it created a framework for securing cyber-physical systems, a small step in the right direction to protect our nation's critical infrastructure," said Lee Holcomb, president of the Cyber Security Research Alliance and director of Transformation Integration, Lockheed Martin Information Systems & Global Solutions. "We have already begun our next step, which is to pursue specific research topics identified in the report with some of the nation's leading researchers," he added.
Researchers explored cyber security issues related to addressing vulnerabilities in the global IT supply chain, government-industry information sharing on cyber-attacks and CPS vulnerabilities, and approaches to CPS product assurance and trustworthy operational readiness.
"Cyber-physical systems can and will be found in such diverse industries as aerospace, automotive, energy, healthcare, manufacturing, infrastructure, consumer electronics, and communications," said Chuck Romine, Director of NIST's Information Technology Laboratory. "Everyday life is increasingly dependent on these systems -- in some cases with dramatic improvements. Seeing that these systems are designed to be secure from the very beginning is essential and this workshop is a first step. We were happy to partner with CRSA and look forward to continuing this valuable collaboration."
CSRA is currently working on specific research topics associated with the report. Institutions and individual researchers interested in learning more about research opportunities may contact the CSRA via the CSRA website.
About the CSRA: The CSRA is a private, non-profit research consortium formed in response to the growing need for increased public-private collaboration to address complex problems in cyber security. The founding members of the CSRA are Advanced Micro Devices (AMD), Honeywell, Intel Corporation, Lockheed Martin, and RSA/EMC. CSRA seeks to achieve coordinated industry participation to address national cyber security research and development (R&D) imperatives and bridge the gap between government funded R&D and commercially available products and solutions in cyber security.
To learn more about CSRA, please visit our website at www.cybersecurityresearch.org.
Mary Phillips, Lockheed Martin, (240) 252-9425 or Ryan Zimmerman, Edelman, (202) 336-7962