|
This Tutorial is Postponed until Spring 2011
Due to Presenter Conflict
All registrations for this Tutorial will be refunded.
Please contact: Rodger Oetzel
Please check back to this site for the latest information on rescheduling the Tutorial
- TUTORIAL On -
System Engineering for Secure Systems
Enabling Next Gen Security (Now) with System Thinking, Architecture, ConOps, and Requirements
Tutorial for the Enchantment Chapter of INCOSE
A Full-Day Tutorial with Rick Dove
Friday, TBD, 8:00 a.m. – 5:00 p.m.
Marriott Pyramid North, Albuquerque, NM
NOTES: Registration/Checkin starts at 7:30am.
A continental breakfast,
buffet lunch, and morning and afternoon refreshments will be provided as a part of your registration!
Registration includes printed slides, references, and links for downloading electronic versions.
Abstract
Natural systems are secure first, and only then deal with sustenance,
functionality, and higher order gratification. They are successful with this priority. They innovate and evolve for better fitness in a changing environment. They seek opportunity
and mitigate threat. They are resilient. They are not a complex mystery beyond engineered duplication. The adversarial communities are natural systems that self organize without
central control. If you look at the widening effectiveness gap between security expense and security loss, both on an increasing trend, with security adversaries seemingly on an
unstoppable roll. We spend too much time closing insecure doors and not enough time opening new secure pathways.
Machiavelli looked at political reality and wrote a user manual on how it really is and how to address the system as it really is. Most of it was
tactical in nature, countering adversarial reality with ruthless effectiveness by today’s morals, but appropriate for the times. In contrast, we will look at security reality and
explore strategic implications and strategic principles, and seek harmony with today’s times. This strategic view necessarily deals with System Thinking for ConOps, Requirements,
and Tradeoffs, and with Systems Architecture for enabling effective capability.
This tutorial looks at next generation security as having self-organizing characteristics that can exhibit innovation and evolution on a par with
that exhibited by the adversarial communities. It takes the point of view that Systems Engineering has ultimate responsibility for the security of a system – by fundamental
definition of the job. Security Engineers can only work with what System Engineers concoct. We will explore basic principles and concepts applicable to both cyber security and
physical security. We will lay groundwork for system thinking and architectural concepts affecting ConOps, Requirements, and Tradeoffs. Self organizing security concepts are
already being employed – examples will be explored. Exercises throughout will apply workshop concepts. It is likely that you will be taken outside of your comfort zone.
Key words: tradeoff studies, cognitive biases, decision analysis, problem statement, evaluation criteria, weights of
importance, alternative solutions, evaluation data, scoring functions, scores, combining functions, preferred alternatives, sensitivity analysis.
| Objectives: |
SE responsibility understood as unavoidable; door opened for SysE, SecE, and decision maker collaboration; advantage and methods seen for engineered SO-SoS strategy;
system thinking that features security first in harmony with reality. |
| Audience: |
|
| Take Away: |
|
Course Outline
| 8:00 |
Introductions all around, and agenda. |
| 8:30 |
Session 1: Situational Reality (establishing the needs). |
|
Adversarial patterns, adversary as a natural system, adversary as engineer,
self-organizing security, constant penetration, trust is foolish as a strategy, globalism brings mix of ethics and values, COTS, software/hardware/physical/system hacking,
decision maker values and knowledge.
Example (sample): Afgan corruption reality factors, case study.
Exercise: Reality factors tool application. |
| 9:45 |
Session 2: Architecture for Innovation and Evolution. |
|
Class 1 and Class 2 agile architectures, intro to SAREF, symmetry and common
patterns of natural systems, sustainable-system integrity responsibilities, human multi-agent communities, fallacy of trust and necessity of vigilance, engineering constant
evolution and innovation.
Example (sample): Autonomous agent behavior monitoring, case study.
Exercise: Integrity responsibilities tool application. |
| 11:00 |
Session 3: Dealing with Situational Reality. |
|
Harmony as central issue, SysE enablement role, fostering and predicting
vectors of innovation, understanding decision makers.
Example (sample): Decision making reality, case study.
Exercise: Situational assessment with reality factors tool. |
| 12:00 |
Lunch – with 1 or 2 guest speaker videos. |
| 1:00 |
Session 4: Intro to SAREF Patterns as Communication and Migration Enablement. |
|
Communicating strategy among SysE, SecE, and decision makers; SAREPH pattern
forms, SAREPH pattern examples, developing and applying SAREPH patterns.
Example (sample): Resilient network multi-agent sensing and sense-making, case study.
Exercise: Pattern essence development. |
| 2:15 |
Session 5: Challenges and Hurdles. |
|
Pattern language issues, fears, computational limits, policy limits, inertia, control and
culture, value propositioning.
Example: How to start something now.
Exercise: What you can do now. |
| 3:30 |
Session 6: Take Away review. |
|
Application to ConOps, requirements, tradeoffs; thinking tools; vigilance; training and
learning; communication tools; avoiding increased expense while increasing effectiveness.
Example: TBD.
Exercise: TBD. |
| 4:30 |
Capture results of exercises. |
| 4:45 |
Adjourn and network. |
Tutorial cost includes printed slides, references, and links for downloading electronic versions.
The Presenter
 Rick Dove
built the foundation for, and global interest in, Agile Systems, as co-PI on an OSD/Navy funded project at Lehigh University in the early nineties. He developed agile system
principles and led the broad industry applied research involvement as Strategic Director of the subsequent DARPA/NSF funded Agility Forum at Lehigh University in the mid-nineties.
During the millennium crossing he applied these principles to enterprise-wide IT systems for a semi-conductor foundry in Malaysia, and built strategy for security in an ethically
hostile internal and competitive environment. In the mid 2000’s he was PI on a set of DHS projects that developed new pattern processor technology for security applications. He is
now PI on a DHS project to investigate feasibility and methods for resilient network sensing and sense-making, with sensing modeled on a high fidelity distributed multi-agent
version of the mammalian immune system, and sense-making modeled on hierarchical feed-forward/backward cortical processes. He is chair of the INCOSE Working Group on System
Security Engineering, and leads its project on a pattern language for self organizing security. He is also engaged in early research for behavior recognition and monitoring in
multi-agent autonomous systems. He is author of Response Ability – the Language, Structure and Culture of the Agile Enterprise, and Value Propositioning – Perception and
Misperception in Decision Making, and holds a BSEE from Carnegie Mellon University.
Download the tutorial Signup Sheet.
Meeting Details
Location: Marriott Albuquerque Pyramid North, 5151 San Francisco Rd NE, Albuquerque, NM 87109,
(505)-821-3333, URL: “http://Marriott.com/ABQMC”.
Directions: From Junction of I-40 and I-25 in Albuquerque take I-25 North to exit 232, Paseo Del Norte.
Take a left and cross the freeway to the southbound Frontage Road. Turn right on San Francisco.
Package: The tutorial cost includes notes, and snacks. Acknowledgement of payment receipt will be by e-mail.
Payment: Please submit the registration form and $150 (member) or $200 (non-member) as indicated on the
form. Join or renew membership for just $255, a $50 saving off purchase of separate items – offer good through 11/30.
Registration fee can be paid by check or by credit card through PayPal below. Credit card payments must be made through PayPal
only. Enchantment Chapter cannot accept a direct credit card payment.
If paying through PayPal, please either fill out and send the registration form or email the form to
Rodger Oetzel.
If the credit card is not in the participant's name, please indicate both the name on the credit card and the participant's name.
Register soon as Tutorial registration is filling fast.
Join INCOSE
Renew Lapsed INCOSE Membership
If you need to renew a lapsed membership and do not know your membership number, please email the Membership Chairman.
Note: if you are a non-member, and wish to join INCOSE you can:
- join INCOSE via the online link, then sign up as a member and be reimbursed $50 by check when you come to the tutorial; or
- go to the link above, print out and fill in the sign up form bring that with you to the tutorial, and pay the $255 using the drop down box below or bring a check for $255 to the tutorial.
Two ways to sign up for the Tutorial:
- Download the tutorial Signup sheet and mail with check to
the indicated address, OR
- Pay online and email the Signup sheet to Rodger Oetzel:
This Tutorial has been postponed due to presenter conflict.
It will be rescheduled for next spring.
Please check back for the latest information.
|
