College Park, MD October 30, 2014

Lablet Researchers meet at Maryland, share current research and ideas about Science of Security

The SoS quarterly Science of Security Lablet meeting, sponsored by NSA, was hosted by the Lablet at the University of Maryland (UMD) on October 28 and October 29, 2014. Quarterly meetings are held to provide research sharing and coordination, to present interim findings, and to stimulate thought and discussion about the Science of Security. Jonathan Katz, Principal Investigator at UMD, organized the series of talks and discussions about both the technical and behavioral aspects of cybersecurity. Kathy Bogner, Intelligence Community Coordinator for Cybersecurity Research, welcomed the group and described the “excitement” of the government at the efforts they are making. She challenged them to continue to address cybersecurity using strong scientific principles and methods and to share the fruits of their work.

The keynote was presented by John Pescatore of SANS Institute. His provocative talk described the current “sea change” in security engendered by the rapid development and deployment in sensors and actuators, massive new data sources, and in huge increases in M2M (machine to machine) communication-- the Internet of Things. New hacks are occurring in areas traditionally left alone, including hotel door systems, point of sale devices, HVAC systems, medical machinery, ATMs and kiosks. Automobiles are now sensor-laden and are each now generating a terabyte of data a year. With consumer fads driving the tech cycle, the life cycle of computing and data is shifting from every two to three years to a life cycle ranging from as little as two months to as much as twenty years. This shift, said Pescatore, increases the demand for basic computer “hygiene”, offers an opportunity to avoid the mistakes of the past, and can drive suppliers and developers to build in higher quality security in their products and services.

Individual researchers and their teams presented materials from their ongoing work and a demonstration of updates to the Cyber-Physical Systems Virtual Organization (CPS-VO) web site. Research in progress that was presented included several briefs on human elements in cybersecurity and a review of Carnegie-Mellon’s Security Behavior Observatory, the development of security metrics, a spirited discussion about the twin goals of composability and security, promising approaches to networked systems, resilience, and policy governed secure collaboration.

A special presentation about the challenges of teaching cybersecurity skills concluded the formal offerings. One of the unique features of the Lablets is that, in addition to research, they are charged with providing an educational and informational element to their work.

The next quarterly meeting will be held January 27 and 28, 2015 at North Carolina State University.

(ID#:14-2625)

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.